Re: NAT HSRP Problem
For the IP redundancy (statefull failover services) feature, see: http://www.cisco.com/warp/public/619/hsrpguide4.shtml#10 It discusses future feature integration with HSRP (including NAT). -dre "Bob Johnson" [EMAIL PROTECTED] wrote in message E97B82F2C364D411935C009027FC3EBC70C175@VANMAIL1">news:E97B82F2C364D411935C009027FC3EBC70C175@VANMAIL1... Currently the IOS does not support NAT HSRP operating together It's not a bug as they do mention it somewhere on CCO (possibly in the NAT FAQ) There is both the problem with the standby router not knowing the NAT translation table of the active router and the fact that NAT won't use the virtual MAC address but uses the actual physical address I've heard that they are working on a enhancement that should address both issues. Hopefully it will be out in 12.2x. Bob -Original Message- From: Jason Fletcher To: [EMAIL PROTECTED] Sent: 2/16/01 3:24 PM Subject: Re: NAT HSRP Problem I don't think you can do this? The standby router doesn't have the translation table of the active router, so when the active router went down you will lose your connection. Jason Fletcher "Simon Watson" wrote in message ... htmlDIVHi Guys/DIV DIVnbsp;/DIV DIVI've got 2 dual ethernet Cisco 1605 routers connected to each other via 2 cascaded hubs.Both sets of interfaces are set up for HSRP.(eth0 of both routers arenbsp;in one HSRP group amp; eth1 are in another HSRP group). Both routers have also been set up to staically NAT a device(which will be called Test PC)nbsp;on the local network which is connected to eth 1 of the routers.Also tracking is set on both of the primary router's interfaces to monitor the other interface./DIV DIVnbsp;/DIV DIVEth0 on both routers are connected to a Core router via a hub. In normal operation,nbsp;ifnbsp;nbsp;the test PCnbsp;nbsp;sent continous PING's to a device hanging on the Core router, it's local IP address is translated by the HSRP Primary router amp; routed towards the core router amp; all is well. On inspection of the Core routersnbsp;ARP cache shows the translated IP address of test PC and the virtual MAC- address of the primary (int eth0) HSRP router as expected./DIV DIVnbsp;/DIV DIVHowever if the cable on eth1 of the Primary router is plugged out to invoke the Standby router to become nbsp;active the PING's seemed to be not getting through. On inspection of the 2 1600 routers the changover of the Standby router from standby to active has taken place, with the Primary router now in a standby state./DIV DIVnbsp;/DIV DIVHowever on inspecting the ARP cache of the core router, instead of seeing the translated IP address of the test PC with the virtual MAC address, the translated IP address was seen with the REAL hardware address of the now standby interface on the primary router, thus causing the PING's not to work./DIV DIVnbsp;/DIV DIVI've tried this with another set of routers amp; the same thing happened. Has Cisco got a bug with HSRP being configured with a router when NAT is also configued. Plase let me know your thoughts on this matter./DIV DIVnbsp;/DIV DIVThanks/DIV DIVSimon CCNP/DIVbr clear=allhrGet Your Private, Free E-mail from MSN Hotmail at a href="http://www.hotmail.com"http://www.hotmail.com/a.br/p/html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
NAT HSRP Problem
htmlDIVHi Guys/DIV DIVnbsp;/DIV DIVI've got 2 dual ethernet Cisco 1605 routers connected to each other via 2 cascaded hubs.Both sets of interfaces are set up for HSRP.(eth0 of both routers arenbsp;in one HSRP group amp; eth1 are in another HSRP group). Both routers have also been set up to staically NAT a device(which will be called Test PC)nbsp;on the local network which is connected to eth 1 of the routers.Also tracking is set on both of the primary router's interfaces to monitor the other interface./DIV DIVnbsp;/DIV DIVEth0 on both routers are connected to a Core router via a hub. In normal operation,nbsp;ifnbsp;nbsp;the test PCnbsp;nbsp;sent continous PING's to a device hanging on the Core router, it's local IP address is translated by the HSRP Primary router amp; routed towards the core router amp; all is well. On inspection of the Core routersnbsp;ARP cache shows the translated IP address of test PC and the virtual MAC- address of the primary (int eth0) HSRP router as expected./DIV DIVnbsp;/DIV DIVHowever if the cable on eth1 of the Primary router is plugged out to invoke the Standby router to become nbsp;active the PING's seemed to be not getting through. On inspection of the 2 1600 routers the changover of the Standby router from standby to active has taken place, with the Primary router now in a standby state./DIV DIVnbsp;/DIV DIVHowever on inspecting the ARP cache of the core router, instead of seeing the translated IP address of the test PC with the virtual MAC address, the translated IP address was seen with the REAL hardware address of the now standby interface on the primary router, thus causing the PING's not to work./DIV DIVnbsp;/DIV DIVI've tried this with another set of routers amp; the same thing happened. Has Cisco got a bug with HSRP being configured with a router when NAT is also configued. Plase let me know your thoughts on this matter./DIV DIVnbsp;/DIV DIVThanks/DIV DIVSimon CCNP/DIVbr clear=allhrGet Your Private, Free E-mail from MSN Hotmail at a href="http://www.hotmail.com"http://www.hotmail.com/a.br/p/html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NAT HSRP Problem
I don't think you can do this? The standby router doesn't have the translation table of the active router, so when the active router went down you will lose your connection. Jason Fletcher "Simon Watson" wrote in message ... htmlDIVHi Guys/DIV DIVnbsp;/DIV DIVI've got 2 dual ethernet Cisco 1605 routers connected to each other via 2 cascaded hubs.Both sets of interfaces are set up for HSRP.(eth0 of both routers arenbsp;in one HSRP group amp; eth1 are in another HSRP group). Both routers have also been set up to staically NAT a device(which will be called Test PC)nbsp;on the local network which is connected to eth 1 of the routers.Also tracking is set on both of the primary router's interfaces to monitor the other interface./DIV DIVnbsp;/DIV DIVEth0 on both routers are connected to a Core router via a hub. In normal operation,nbsp;ifnbsp;nbsp;the test PCnbsp;nbsp;sent continous PING's to a device hanging on the Core router, it's local IP address is translated by the HSRP Primary router amp; routed towards the core router amp; all is well. On inspection of the Core routersnbsp;ARP cache shows the translated IP address of test PC and the virtual MAC- address of the primary (int eth0) HSRP router as expected./DIV DIVnbsp;/DIV DIVHowever if the cable on eth1 of the Primary router is plugged out to invoke the Standby router to become nbsp;active the PING's seemed to be not getting through. On inspection of the 2 1600 routers the changover of the Standby router from standby to active has taken place, with the Primary router now in a standby state./DIV DIVnbsp;/DIV DIVHowever on inspecting the ARP cache of the core router, instead of seeing the translated IP address of the test PC with the virtual MAC address, the translated IP address was seen with the REAL hardware address of the now standby interface on the primary router, thus causing the PING's not to work./DIV DIVnbsp;/DIV DIVI've tried this with another set of routers amp; the same thing happened. Has Cisco got a bug with HSRP being configured with a router when NAT is also configued. Plase let me know your thoughts on this matter./DIV DIVnbsp;/DIV DIVThanks/DIV DIVSimon CCNP/DIVbr clear=allhrGet Your Private, Free E-mail from MSN Hotmail at a href="http://www.hotmail.com"http://www.hotmail.com/a.br/p/html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: NAT HSRP Problem
Currently the IOS does not support NAT HSRP operating together It's not a bug as they do mention it somewhere on CCO (possibly in the NAT FAQ) There is both the problem with the standby router not knowing the NAT translation table of the active router and the fact that NAT won't use the virtual MAC address but uses the actual physical address I've heard that they are working on a enhancement that should address both issues. Hopefully it will be out in 12.2x. Bob -Original Message- From: Jason Fletcher To: [EMAIL PROTECTED] Sent: 2/16/01 3:24 PM Subject: Re: NAT HSRP Problem I don't think you can do this? The standby router doesn't have the translation table of the active router, so when the active router went down you will lose your connection. Jason Fletcher "Simon Watson" wrote in message ... htmlDIVHi Guys/DIV DIVnbsp;/DIV DIVI've got 2 dual ethernet Cisco 1605 routers connected to each other via 2 cascaded hubs.Both sets of interfaces are set up for HSRP.(eth0 of both routers arenbsp;in one HSRP group amp; eth1 are in another HSRP group). Both routers have also been set up to staically NAT a device(which will be called Test PC)nbsp;on the local network which is connected to eth 1 of the routers.Also tracking is set on both of the primary router's interfaces to monitor the other interface./DIV DIVnbsp;/DIV DIVEth0 on both routers are connected to a Core router via a hub. In normal operation,nbsp;ifnbsp;nbsp;the test PCnbsp;nbsp;sent continous PING's to a device hanging on the Core router, it's local IP address is translated by the HSRP Primary router amp; routed towards the core router amp; all is well. On inspection of the Core routersnbsp;ARP cache shows the translated IP address of test PC and the virtual MAC- address of the primary (int eth0) HSRP router as expected./DIV DIVnbsp;/DIV DIVHowever if the cable on eth1 of the Primary router is plugged out to invoke the Standby router to become nbsp;active the PING's seemed to be not getting through. On inspection of the 2 1600 routers the changover of the Standby router from standby to active has taken place, with the Primary router now in a standby state./DIV DIVnbsp;/DIV DIVHowever on inspecting the ARP cache of the core router, instead of seeing the translated IP address of the test PC with the virtual MAC address, the translated IP address was seen with the REAL hardware address of the now standby interface on the primary router, thus causing the PING's not to work./DIV DIVnbsp;/DIV DIVI've tried this with another set of routers amp; the same thing happened. Has Cisco got a bug with HSRP being configured with a router when NAT is also configued. Plase let me know your thoughts on this matter./DIV DIVnbsp;/DIV DIVThanks/DIV DIVSimon CCNP/DIVbr clear=allhrGet Your Private, Free E-mail from MSN Hotmail at a href="http://www.hotmail.com"http://www.hotmail.com/a.br/p/html _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
