11-26-2006 06:03 AM - edited 03-05-2019 01:01 PM
Hii,
I have two diff internet links terminating on my 2 separate cisco ethernet routers.Now i have to plan standy(possibly hotstandby protocol) wherein if one of the links goes dn , then the users would still be connected via the other link but with an automatic failover thru the other link router.And also i want this functionality to work with nat overload.can u guys pls post the soln. as this is quite urgent for me, am waiting .
11-26-2006 07:15 AM
HSRP (Hot Standby Routing PRotocol) will probably do what youwant.
Here's a link to configure:
http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d2d21.html
You can get a few pages of other possible HSRP configs by searching the main Cisco site with the keywords "configure HSRP
Good Luck
Scott
11-26-2006 07:22 AM
HSRP will have to be configured for achieving this.
Router A:
interface Ethernet0/0
ip address 10.10.10.1 255.255.0.0
standby 1 priority 110
standby 1 preempt
standby 1 ip 10.10.10.100
standby 1 track 100 decrement 20
Router B:
interface Ethernet0/0
ip address 10.10.10.2 255.255.0.0
standby 1 preempt
standby 1 priority 105
standby 1 ip 10.10.10.100
standby 1 track 100 decrement 20
For tracking whether the serial link goes down you can use the 'track' option for HSRP.
config# track 100 interface serial 0/0 line-protocol
standby 1 track 100 decrement 20 --> this comamnd has been given in the interface configuration and will decreament the priority of the standby group by 20.
--Pls rate if this helps--
11-27-2006 12:41 AM
Hii Zubair,
If i connected the internal ethernet i/f of my 2 routers to a normal switch and then connect the pc's to the switch,then in this case with PAT how would the configuration be??
Hope u will reply.
Thnks.
11-26-2006 08:32 AM
Hi Friend,
You can configure network address translation (NAT) and HSRP on the same router. However, a router that runs NAT holds state information for traffic that is translated through it. If this is the active HSRP router and the HSRP standby takes over, the state information is lost.
However Stateful NAT (SNAT) can make use of HSRP to fail over
http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a008060c61d.html
Static NAT Mapping Support with HSRP for High Availability is another feature which makes NAT and HSRP interact
HTH
Ankur
*Pls rate all helpfull post
11-27-2006 05:17 AM
Hi mate,
Am new here but I hope I can help.
before you decide with path to take, you must know which services and protocols you will need to support over the redundant links. For example Stateful NAT (SNAT) can make use of HSRP to fail over but it will not support some protocols i.e. FTP, TFTP, SIP etc.
And by just tracking the interfaces doesn't mean you get the best link everytime.
You have two options here, u can implement HSRP with enhanced object tracking. You will just track HTTP transact of ref. web site to know the best link and HSRP will switch to that link. Just use the normal nat commands on the two routers. Which ever is the active link, uses it own NAT. this way all commands are supported. note: You might have to upgrade your IOS for enhanced object tracking.
The other option is to implement oer and have the nat commands on the border routers. you can use the two routers you have for this.
11-27-2006 06:02 AM
Hii,
thnsk for support
if u dont mind can u pls post the config for 2 routers alongwith PAT & hsrp to help me out.
Thnks n advance.
11-27-2006 06:38 AM
Assuming u are goin to track http://www.cisco.com, u use this sla command first. This indicate the sla process.
ip sla 1
http get http://www.cisco.com
ip sla schedule 1 life forever start-time now
then u specify how u want it to be tracked.
track 1 rtr 1 reachability
delay down 120 up 60
this are holdtimer,the active link has to be down for 120 secs b4 it will switch to standby, and the active link most be up for 60 secs b4 it will be switch back but HSRP timers usually switch b4 this time.
On the active router, this is the router that has the better of the two links.
u config the internal interface, depending on ur setup there, it can be a vlan.
interface vlan 1
ip address 10.x.x.x 255.255.255.240
ip verify unicast reverse-path
ip nat inside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
standby 1 ip 10.10.10.1
standby 1 priority 110
standby 1 preempt
standby 1 track 1 decrement 20
no shutdow
the track command here is reference to the Ip sla tracking.
And on the other router,
interface FastEthernet0/1
ip address 10.x.x.x 255.255.255.240
ip nat inside
ip route-cache flow
duplex full
speed 100
standby 1 ip 10.10.10.1
standby 1 priority 100
standby 1 preempt
The interface is the inside interface to ur LAN.
so tweak as required.
for ur PAT
ip nat inside source list XXX interface (inside interface) overload
ip nat inside source static 10.10.10.9 2x.1x.1x.1x
You will insert this command for the two routers and the first is for ur PAT and I used an access list for my own implementation. So tweak as appropriate and for the second command, this is required if u have a host (usually a server that need a presence online) if you have e-commerce u use this.
Pls note, the internal interfaces of the two routers must be in the same lan. So consider the Ip addresses and subnet mask.(i guess u shld know wat i mean here)
pls leave a rating
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide