Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
650
Views
2
Helpful
2
Replies

static NAT and asymmetric routing

Michal Rzepecki
Level 1
Level 1

‎07-19-2024 02:34 AM

I want to make sure that static NAT (inside source static) can be used on redundant routers (where asymmetric routing occurs) without using any additional features.

It seems that it shouldn't be a problem for static NAT but IOS XE has special chapter on this topic "Inter chassis Asymmetric Routing Support for Zone-Based Firewall and NAT" where we can read: "You can configure asymmetric routing with the following types of NAT configurations—dynamic outside source, static inside and outside source, and Port Address Translation (PAT) inside and outside source translations. ". 

That suggests that feature called asymmetric routing can be also helpful in case of "static inside and outside source" translations. What do you think?

Labels:
0 Helpful
2 Replies 2

paul driver
VIP
VIP

‎07-19-2024 01:13 PM

Hello
Asymmetric routing is not a feature its a routing flow, where by traffic is routed a certain path but the return traffic routes via a different path other then the one it arrived on.

By its self asymmetric routing isnt a problem however it can be for certain applications or if traffic pass through a FW but when the return traffic comes back asymmetrically the fw may not allow it due to it not having any stateful flow record of its origin.

Having nat on dual routers is applicable, Maybe if you elaborate on your current network topology , share a diagram we could assist your further?

In the meantime nat come is various forms depending on what you want to accomplish
a few examples:

IOS - static/stateful nat redundancy (with-without hrsp) or if within a vrf  Inter-vrf NAT
IOS XE -  box-to-box or Vasi NAT would be the equivalent 



Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

MHM Cisco World
VIP
VIP

‎07-20-2024 06:44 AM

inter chassis Meaning connect two ASR router together this link is prevent asymmetric and NAT issue  
https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/118768-config-asr-00.html

MHM

Top