cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
389
Views
0
Helpful
6
Replies

One static Nat Public IP bind with two Local IP's

ray_stone
Level 1
Level 1

Hi, Is it possible that we cud bind two local IP's with one Static Nat Public IP so that the outside (inbound) Traffic of Public IP to be load balance in both local IP's.

6 Replies 6

Farrukh Haroon
VIP Alumni
VIP Alumni

AFAIK this can be done on both the Cisco IOS and Juniper Netscreen. However this is not possible on the ASA/PIX. You can configure this via policy NAT, but it still won't load balance between the two.

Regards

Farrukh

Thanks!!! Can you post a one example of policy nat and how it would be suffecient. What are the merits and demerits?

As I said it wont be possible on the ASA/PIX. Even if it lets you configure it, it will just use the first entry it sees. This is an example of Policy NAT< but this is the opposite. One Local IP and Two Global/Mapped IPs:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807d2874.shtml

This is a Cisco IOS example tough:

http://www.groupstudy.com/archives/ccielab/200701/msg00894.html

Regards

Farrukh

Well not required this. We have placed two web servers in DMZ Zone having same configuration like as a mirror and both are connected with one DB Server which is placed in Inside Zone. Now the problem is suppose first web server gets down then we change the static local IP of second web server. Now what I want we could make two entries and one will be up and second to be up only when first server Local IP not resolved then all traffic to be divert into second static entry. If you know any way to configure it then please advice. Thanks!!!

Suggest!!

There are multiple ways this can be done. First of all is to get a load-balancer :). If not a hardware loadbalancer like Cisco CSS 115XX, Cisco CSM , F5 , Foundry etc. then you could configure load balancing in software like Cisco IOS SLB (not available on all platforms).

Another way is to do DNS round-robin. Setup two different public IPs corresponding to your application's DNS. Requests will come from both mapped IPs to your real servers (i.e one to one mapping).

If you want more availability, you can get your own subnet from ARIN and then get multiple ISP to advertise this subnet through both ISPs. It all depends on your specific requirements.

Regards

Farrukh

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: