05-04-2007 11:49 AM - edited 03-03-2019 04:50 PM
this should be simple, i have 2 isp's on one router, i have a primary default route and a floating static default route, failover works fine except nat.
int fa0/0
ip nat outside
int dialer0
ip nat outside
int vlan10
ip nat inside
ip route 0.0.0.0 0.0.0.0 dialer0
ip route 0.0.0.0 0.0.0.0 x.x.x.x 10
ip nat sourc inside route-map nat int dialer0 overlad
ip nat source inside route-map nat_backup int fa0/0 overload
so fail over works, nat doesnt unless I manually remove one of the nat statments, then all works fine, shouldn't it just assign nat translations according to outbound interface. I'm missing something simple here.
05-04-2007 12:21 PM
Hello,
When in fail over mode, does dialer0 go down ? Unless it does, that will never work. If it does not go down, you can try ATM OAM PVC, or track object with IP SLA and tie the route to a tracked object.
Also please can you list your route-maps ?
05-04-2007 12:59 PM
you are correct, i am tracking dialer0 for ip routing so that when it loses its dhcp address that static route switches.
ip route 0.0.0.0 0.0.0.0 dialer0 track 1 (forgot about the tracking)
ip route-map nat permit 10
permit list 110
ip route-map nat_backup permit 10
permit list 110
access-list 110 permit 192.168.1.0 0.0.0.255
05-04-2007 01:42 PM
Hi,
so you would need to check the status of track 1 and the corresponding router on failure.
Note, a PBR config must exist for the tracked object, so that packets used for probe are forced to go out via dialer0.
Also note, for simplicity, you can replace "route-map" with "list" in your nat statements.
To show your appreciation for useful answers, please rate posts using the scrollbox below!
05-04-2007 01:49 PM
"Also note, for simplicity, you can replace "route-map" with "list" in your nat statements"
I have seen issues with a using a 'route-map' with NAT in this context and replacing it with 'list' got NAT going. That very well may be the case here provided routing isn't a problem.
HTH
Sundar
05-04-2007 02:07 PM
routing isnt an issue, failover works fine as if I disconnect dialer0, the default route changes to the backup link and pings from the router go out the back up link and when dialer0 comes back up it goes back the other way. I don't know why the list would work instead of a route-map, as they should both work. Note if is disconnect the primary and remove the dialer0 nat statement it works fine out the backup interface, then whey I bring dialer0 back up I have to remove the fa0/0 nat statement and put the dialer0 nat statement back, I am under the impression that it should work with both statements there.
05-04-2007 02:13 PM
I agree it should work with both statements in there. But, that's just my experience I was sharing. Can you try the NAT with the list in place of route-map and test?
HTH
Sundar
05-04-2007 02:49 PM
Ok, so beside trying with "list" instead of "route-map", I would try a "clear ip nat trans *" after producing the failover condition, another thing, would you try the following route map:
route-map nat_backup
match ip address 110
set ip next-hop x.x.x.x
That is a combination of PBR statements in a NAT route-list, haven't tried that myself, but it's worth a try perhaps.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: