What the heck does the "redundancy HSRP" part of this command mean?
ip nat inside source static 192.168.5.33 188.8.131.52 redundancy HSRP1
I am trying to get a full appreciation for the challenges of running NAT in a redundant environment, such as with HSRP, and I saw the following cryptic statement on a Cisco web page:
When an Address Resolution Protocol (ARP) query is triggered for an address that is configured with Network Address Translation (NAT) static mapping and owned by the router, NAT responds with the BIA MAC address on the interface to which the ARP is pointing. Two routers are acting as HSRP active and standby. Their NAT inside interfaces must be enabled and configured to belong to a group.
Maybe its just me and Im being dense today, but this paragraph seems convoluted. An example to show what they mean would have been nice.
Cisco has some great white paprers and some outstanding explanations for different technologies, but it seems that the white papers for SNAT and NAT with HSRP are not one of them.Maybe its because the technology is relatively new. I also hate it when the grammar is poor and there are egregious punctuation erros in a document. It makes it difficult to read.
Anyway, can anyone clear the cloud from my brain? I mean as far as this is concerned. It would take God and his sister to clear ALL the fog from my head! LOL
I'm not sure if I will be able clear the fog out of your head but I will try to help clear some of it. The redundancy (group) command will basically use the virtual IP address used in the particular HSRP instance. The configurations must be mirrored on each device. I do think that we are referencing the same article in regards to the ARP query, and I do find it quite confusing also. I do believe that HSRP will still work as it normally does by using the standard HSRP MAC address because it does say that "Static mapping support for HSRP allows the option of having only the HSRP active router respond to an incoming ARP for a router configured with a NAT address". That makes me think that all ARP queries will be directed to the HSRP address. Here is the article that I found.
All I guess I am really asking is what the purpose of the "redundant HSRP1" keywords is. A NAT statement is created that says NAT this to that...OK...so what is the rest of that command doing?
I understand that it is part of mechanism to minimize downtime and maybe even prevent the need to have to rebuild the ARP cache on the secondary HSRP router when it has to start forwarding traffic...or maybe Im wrong about what I think I understand....this is what I need clarification on.
What are those keywords there for and how do they achieve their goal -- whatever that gol is?
The command enables the router to respond to ARP queries using BIA MAC if HSRP is configured on the NAT inside interface.The goal is to statefully keep track of the ARP queries between the active and standby routers. The difference between using the virtual IP vs the HSRP redundancy command in the static map is the MAC address that is used. Hope this helps
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...