we want destination nat to work. we have 6509 series swithces running HSRP. we have 2 locations. at these locations proxy servers do the the job of filtering and sending the web traffic. what we want is if the proxy server at location 1 goes down, we shd be able to nat the incoming traffic for proxy sever from user vlan to the proxy server of location b traffic. teh ios version is IOS (tm) MSFC2 Software (C6MSFC2-IS-M), Version 12.1(4)E3,what commands we need to run
Your problem is not going to be so much the nat as how you figure out when the proxy goes down.
The only thing I have seen that can take action based on a external server is to use object tracking and policy routing. I don't think Nat has any ability to do this.
Another solution that you may want to concider if your switches support it is to use server load balancing (SLB) to do this.
There are a number of ways to configure this but it will depend on where your servers are located in relation to the switch. Since this is designed for load balancing first and redundacy second it may not end up being effectient.
Now if you really want to use nat you could use the policy routing with the object track options and route the traffic to either another router or to loopback interfaces. This would be a variation of nat on a stick. In effect you would be rerouting your traffic though NAT interfaces based on availablilty. Both the policy routing track options and nat on a stick are not the most simple things to comfigure. The policy routing with track option is fairly new and I don't know if they have put it in the switch versions of the IOS yet.
i looked at the config example. theres a command to check the availaility for next hop.normally the internet connections are protected behind the firewall. so the internal routers next hop is the firewall. the connectivity between the router and firewall are direct cable connectivity but if the isp fails then this feature may not work for the above scenario.
so doest the next hop has to be actually next hop directly connected or it can be any other hop for e.g 2 hops away.
this feature will be very useful if can be done in this way.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...