Solved: Re: Static Nat

mhailat · ‎04-03-2022

Hi Guys

I have two edge routers with public IPs suppose it R1(1.1.1.1),R2(2.2.2.2)

and i need to map my local server SRV(192.168.1.200) to both ISPs.

the required: if R1 (intG0/0/0) goes down the R2 take place and serve the request.

paul driver · ‎04-04-2022

Hello
I assume you would require failover not only for static NAT but for dynamic PAT as well?
If so you would also require stateful hsrp failover and depending on what software your rtrs are running would also depend on what nat resiliency feature is applicable to you.

Im mentioning this through past experience as I got burned on this some time back, having implemented stateful nat then never giving it a thought it would be depreciated on a rtr upgrade, but it was and it caused me no end of trouble, service outage etc…!

Static nat hsrp
Stateful nat hsrp
Box -to-Box NAT (B2B wan lan   (successor to static/stateful hsrp)

If you can confirm the above then we should be able to provide you with a viable working solution

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

Jon Marshall · ‎04-04-2022

This a DNS issue not a NAT issue.

If you are using different public IPs for the same server on different routers then you need some way for DNS to work out that the first IP is not working and start responding with the other IP.

This is not a straightforward thing to do and it usually involves some sort of load balancer being placed in front of the web servers and using a VIP.

Jon

View solution in original post

MHM Cisco World · ‎04-03-2022

https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/100658-ios-nat-load-balancing-2isp.html

check this doc.

Flavio Miranda · ‎04-03-2022

Hi

There are some solution for that kind of scenario. The simplest is use HSRP between routers. HSRP provides you an VIP IP to where you are going to point your server. This VIP will be the gateway of your local network and if one router fail, the second will assume the VIP.

Your topology will look like this:

R1 R2

Switch

Server

mhailat · ‎04-03-2022

I already made HSRP for outbound traffic and everything's okay, but for inbound traffic from Internet to local server

request will face two ISP , how he know which routers are active?

R1:  ip nat inside source static [Local-SRV-IP] [EXternal-ISP-1]

R2:  ip nat inside source static [Local-SRV-IP] [EXternal-ISP-2]







LOCAL >> R1 >> ISP-1...…  internet

LOCAL>> R2 >> ISP-2 … internet

balaji.bandi · ‎04-03-2022

You can do NAT with the public to Private IP there is no issue here. but we need to look more into it.

how are external people accessed by IP address or DNS ?

If you looking for failover, then you need to look also out going path for failover right?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

mhailat · ‎04-03-2022

Thank you bro

I need to use DNS, as I understand I need to request three public IP's and make HSRP for the external interfaces.

MHM Cisco World · ‎04-03-2022

SNAT for HSRP
SNAT

stateful NAT

http://www.amarchaudhari.me/stateful-nat-using-hsrp/

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/12-4t/nat-12-4t-book/iadnat-scalability-stateful.html

mhailat · ‎04-03-2022

I really appreciate your kind response, but i think you misunderstand the requirement.

is it allowed to map local server through two different public IP's

example www.google.com with public IP: 1.2.3.4 and 5.6.7.8,

if the first IP died the second IP will serve the request.

this tracking behavior for ISP1 and ISP2 can be done with DNS server?

Jon Marshall · ‎04-04-2022