Re: standby redundancy

foxbatreco · ‎11-26-2006

Hii,

I have two diff internet links terminating on my 2 separate cisco ethernet routers.Now i have to plan standy(possibly hotstandby protocol) wherein if one of the links goes dn , then the users would still be connected via the other link but with an automatic failover thru the other link router.And also i want this functionality to work with nat overload.can u guys pls post the soln. as this is quite urgent for me, am waiting .

scottmac · ‎11-26-2006

HSRP (Hot Standby Routing PRotocol) will probably do what youwant.

Here's a link to configure:

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d2d21.html

You can get a few pages of other possible HSRP configs by searching the main Cisco site with the keywords "configure HSRP "

Good Luck

Scott

zubairjalal · ‎11-26-2006

HSRP will have to be configured for achieving this.

Router A:

interface Ethernet0/0

ip address 10.10.10.1 255.255.0.0

standby 1 priority 110

standby 1 preempt

standby 1 ip 10.10.10.100

standby 1 track 100 decrement 20

Router B:

interface Ethernet0/0

ip address 10.10.10.2 255.255.0.0

standby 1 preempt

standby 1 priority 105

standby 1 ip 10.10.10.100

standby 1 track 100 decrement 20

For tracking whether the serial link goes down you can use the 'track' option for HSRP.

config# track 100 interface serial 0/0 line-protocol

standby 1 track 100 decrement 20 --> this comamnd has been given in the interface configuration and will decreament the priority of the standby group by 20.

--Pls rate if this helps--

foxbatreco · ‎11-27-2006

Hii Zubair,

If i connected the internal ethernet i/f of my 2 routers to a normal switch and then connect the pc's to the switch,then in this case with PAT how would the configuration be??

Hope u will reply.

Thnks.

ankbhasi · ‎11-26-2006

Hi Friend,

You can configure network address translation (NAT) and HSRP on the same router. However, a router that runs NAT holds state information for traffic that is translated through it. If this is the active HSRP router and the HSRP standby takes over, the state information is lost.

However Stateful NAT (SNAT) can make use of HSRP to fail over

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a008060c61d.html

Static NAT Mapping Support with HSRP for High Availability is another feature which makes NAT and HSRP interact

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t4/ftnthsrp.htm#wp1026829

HTH

Ankur

*Pls rate all helpfull post

odegbenga · ‎11-27-2006

Hi mate,

Am new here but I hope I can help.

before you decide with path to take, you must know which services and protocols you will need to support over the redundant links. For example Stateful NAT (SNAT) can make use of HSRP to fail over but it will not support some protocols i.e. FTP, TFTP, SIP etc.

And by just tracking the interfaces doesn't mean you get the best link everytime.

You have two options here, u can implement HSRP with enhanced object tracking. You will just track HTTP transact of ref. web site to know the best link and HSRP will switch to that link. Just use the normal nat commands on the two routers. Which ever is the active link, uses it own NAT. this way all commands are supported. note: You might have to upgrade your IOS for enhanced object tracking.

The other option is to implement oer and have the nat commands on the border routers. you can use the two routers you have for this.

foxbatreco · ‎11-27-2006

Hii,

thnsk for support

if u dont mind can u pls post the config for 2 routers alongwith PAT & hsrp to help me out.

Thnks n advance.

odegbenga · ‎11-27-2006

Assuming u are goin to track http://www.cisco.com, u use this sla command first. This indicate the sla process.

ip sla 1

http get http://www.cisco.com

ip sla schedule 1 life forever start-time now

then u specify how u want it to be tracked.

track 1 rtr 1 reachability

delay down 120 up 60

this are holdtimer,the active link has to be down for 120 secs b4 it will switch to standby, and the active link most be up for 60 secs b4 it will be switch back but HSRP timers usually switch b4 this time.

On the active router, this is the router that has the better of the two links.

u config the internal interface, depending on ur setup there, it can be a vlan.

interface vlan 1

ip address 10.x.x.x 255.255.255.240

ip verify unicast reverse-path

ip nat inside

ip virtual-reassembly

ip route-cache flow

duplex auto

speed auto

standby 1 ip 10.10.10.1

standby 1 priority 110

standby 1 preempt

standby 1 track 1 decrement 20

no shutdow

the track command here is reference to the Ip sla tracking.

And on the other router,

interface FastEthernet0/1

ip address 10.x.x.x 255.255.255.240

ip nat inside

ip route-cache flow

duplex full

speed 100

standby 1 ip 10.10.10.1

standby 1 priority 100

standby 1 preempt

The interface is the inside interface to ur LAN.

so tweak as required.

for ur PAT

ip nat inside source list XXX interface (inside interface) overload

ip nat inside source static 10.10.10.9 2x.1x.1x.1x

You will insert this command for the two routers and the first is for ur PAT and I used an access list for my own implementation. So tweak as appropriate and for the second command, this is required if u have a host (usually a server that need a presence online) if you have e-commerce u use this.

Pls note, the internal interfaces of the two routers must be in the same lan. So consider the Ip addresses and subnet mask.(i guess u shld know wat i mean here)

pls leave a rating