Has anyone successfully implemented OER w/ NAT? I will have an 1841 with the 4-port EtherSwitch module that will have 3 cable modems connected and utilizing cisco's OER to utilize all 3 links for outbound Internet traffic. However, I am concerned about NAT. The only other interface used on the 1841 will be the connection to the local LAN (inside). I'm thinking this will require a loopback, but I'm not finding anything on CCO to back me up. Is it possible to just let the CMs do NAT? 1 CM is a static IP and the 2 others are DHCP. Anyone out there with any experience on this?
We have a keyword "oer" that was added to the NAT configuration. This allows the active NAT translations to "stick"to their current interfaces instead of PfR moving them to another exit interface. The reason for this keyword addition was to support multiple ISP connections where you might setup overload nat'ing out outside interfaces to two or more different ISPs (1 ISP per outside interface).
The scenario is you have the above topology and configured overload nat'ing for interface S0/0 and S0/1 each with a different ISP/address space.
You also have NOT configured the "oer" keyword within your NAT configuration statements.
If traffic is flowing into Fa0/0 and out S0/0 with an active NAT session (overloaded to S0/0) and PfR decides to move this traffic to interface S0/1 due to an Out of Policy event, this might black hole the traffic if ISP-B is configured to block IP networks which it does not own nor allocate IP address space to customers.
You now configured the "oer" keyword on your nat translations, PfR will not move this traffic until the NAT translation times out.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...