I have 2 routers , Router A and Router B, running on HSRP on the FE0/0 (eg. 50.50.50.x/24 serial :172.10.20.x/30). Router A being the active. Now, I have a segment connected to the both FE0/1 with segment 10.10.10.x/24.
Due to some constraint, if any traffic that is intended for 10.10.10.x, I would need to do NAT. Can I configure Router B as the active HSRP for the 10.10.10.x segment. Any advice on that? Which will be the best option for the router to do NAT?
One more thing, if there is a failover on the HSRP, will all the NAT address be affected will all the connection be drop? or will it be transparent. Thanks!!
Also note that the most common failure on a WAN router such as the ones you are configuring will be a loss of the WAN circuit. When one of the circuits goes down, you can still maintain the NAT state by ensuring that the returning traffic through the secondary circuit and router gets passed through to the primary router. You do this by cross-connecting the two routers via a back-to-back serial cable or ethernet cable and configuring a static route to the NAT source address through the cross-connect interface. So, when reply traffic comes back over the secondary WAN circuit, it gets forwarded to the primary router first, where the NAT state is maintained, and then is forwarded onto the ethernet segment it is bound for.
The HSRP configs previously provided are still fine. The ethernet HSRP can still track the serial interfaces so that new outbound traffic uses the secondary router.
Suppose, internal lan is 10.x.x.x and router 1 and router 2 are the gateways with leased lines to internet. 10.x.x.x is NAT ed to 200.x.x.x. router 1 and 2 have HSRP configured via ethernet.
As per your previous note, router 1 and 2 are also connected back to back with a serial cable, with a network 172.x.x.x configured on them. (.1 and .2)
Now, router 1 and 2 are tracking their serial interfaces.
A packet goes from inside to outside. 10.x.x.x is translated to 200.x.x.x. A NAT table entry is made. Now primary leased line fails. R2 becomes active. Now return packet comes through secondary leased line. Now should the static route be as follows.
ip route 200.x.x.x 172.x.x.1
where 172.x.x.1 is the router 1 back to back serial interface ip address.???
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...