Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Optimized Edge Routing - NAT?

Has anyone successfully implemented OER w/ NAT? I will have an 1841 with the 4-port EtherSwitch module that will have 3 cable modems connected and utilizing cisco's OER to utilize all 3 links for outbound Internet traffic. However, I am concerned about NAT. The only other interface used on the 1841 will be the connection to the local LAN (inside). I'm thinking this will require a loopback, but I'm not finding anything on CCO to back me up. Is it possible to just let the CMs do NAT? 1 CM is a static IP and the 2 others are DHCP. Anyone out there with any experience on this?


Re: Optimized Edge Routing - NAT?

Here is a document explaining OER in detail along with some example configurations. I believe this would provide you with some information.

New Member

Re: Optimized Edge Routing - NAT?

We have a keyword "oer" that was added to the NAT configuration. This allows the active NAT translations to "stick"to their current interfaces instead of PfR moving them to another exit interface. The reason for this keyword addition was to support multiple ISP connections where you might setup overload nat'ing out outside interfaces to two or more different ISPs (1 ISP per outside interface).

For example

                      ------S0/0 ISP-A


                      ------S0/1 ISP-B

The scenario is you have the above topology and configured overload nat'ing for interface S0/0 and S0/1 each with a different ISP/address space.

You also have NOT configured the "oer" keyword within your NAT configuration statements.

If traffic is flowing into Fa0/0 and out S0/0 with an active NAT session (overloaded to S0/0) and PfR decides to move this traffic to interface S0/1 due to an Out of Policy event, this might black hole the traffic if ISP-B is configured to block IP networks which it does not own nor allocate IP address space to customers.

You now configured the "oer" keyword on your nat translations, PfR will not move this traffic until the NAT translation times out.

Best Regards,

Steve Lyons - Cisco

CreatePlease login to create content