NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ......
Transcript of NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ......
![Page 1: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/1.jpg)
![Page 2: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/2.jpg)
NAT Box-2-Box High Availability feature on
ISRUMA SANKAR MOHANTY
NAT Box-to-Box High-Availability feature on ISR
BRKARC-2033
![Page 3: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/3.jpg)
Agenda
• Redundancy, A Wise Investment
• Box-2-Box High Availability feature
• NAT-HA Solution
• Design Recommendation
• Implementation Topology
• Configuration Design
• Troubleshooting Tips
• Conclusion
![Page 4: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/4.jpg)
![Page 5: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/5.jpg)
Redundancy a Wise Investment…
![Page 6: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/6.jpg)
Box-2‐Box High Availability Feature
![Page 7: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/7.jpg)
• B2B HA feature is used to make IP network more resilient to potential link and router failures.
• The Key Elements
B2B HA Feature :
![Page 8: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/8.jpg)
• The services provided by the RG Infra present in the ISR G2 platforms is used by NAT to implement the HA feature.
• RG Infra defines multiple redundancy groups to which applications can subscribe and function in an Active-Standby mode across different routers.
RG Infra (Redundancy Group Infrastructure) :
![Page 9: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/9.jpg)
• The protocol is responsible for determining the RG active/standby role and triggers switchover.
• Responsible for communicating with the RG Peers.
RG Protocol :
![Page 10: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/10.jpg)
• RG Transport creates the Transport information structure which enables communication channel setup between Active and Standby.
• The Transport information is negotiated over the Control link.
RG Transport :
![Page 11: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/11.jpg)
• Manages the Creation/Deletion of virtual interfaces per RG.
RG Interface :
![Page 12: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/12.jpg)
• Detects the Faults and updates the run time priority.
• Responsible for communicating Control interface status to the RG Protocol.
• Communicates the updated priority to the RG protocol.
RG Fault :
![Page 13: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/13.jpg)
• The configuration related to RG
• Informs the core about new RG groups.
RG Config :
![Page 14: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/14.jpg)
• This is the core infrastructure for High Availability.
• RG state progression & notifications
• Receives new group information from the RG config.
• Receives the Role Information
RG Framework :
![Page 15: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/15.jpg)
NAT- HA Solution
![Page 16: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/16.jpg)
NAT HA Solution :
• NAT-HA feature enables application connectivity to continue unaffected in the event of potential failures around the NAT border.
• Currently the feature is used in a HSRP-Like fashion that means configuration would have Virtual IP Addresses(VIP) and Virtual MAC.
![Page 17: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/17.jpg)
Terminologies & Working
• RG Control Interface
• Dedicated interface used for the exchange of control Information by RG.
• Used for RG protocol negotiation
• Used for RG transport query
• Used for peer reachability detection
![Page 18: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/18.jpg)
Note : The Control & Data Interfaces can be on the same physical interface.
Terminologies & Working• RG Data Interface :
• Dedicated physical interface that will provide connectivity between the twoISR routers.
• Used by the RG Infra for data information exchanges between ISR devices, such as NAT’s session information.
![Page 19: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/19.jpg)
Terminologies & Working
• RG AR(Asymmetric-Routing) Interface
• Dedicated physical interface used for forwarding AR packets from Standby to Active and vice versa; (optional)
![Page 20: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/20.jpg)
INIT
RESET
STANDBY
HOT
ACTIVE
SOLO
ACTIVE STANDBY
RESET ACTIVE
STANDBY PRESENT BULK SYNC
SUCCEEDED
State Transition in B2B HA NAT :
• B2BHA States are Active, Standby Hot, Standby Cold and Init.
• State changes from
Active Init Standby
“or”
Standby Active
• A router with High priority value is given the Active Role. If both router’s have the same priority, then the IP address is used to decide the role. The router with higher control interface IP address would be given the role of Active.
![Page 21: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/21.jpg)
Design Recommendation
![Page 22: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/22.jpg)
Software• Supported from 15.3(2)T and later releases.
Behavior
• HSRP-Like Behavior.
• We need a Virtual IP & VMAC.
Design
• Control and Data interfaces can be on the same physical interface but different logical ones.
Tracking
• Multiple objects could be tracked by the RG and influence the priority of the RG.
• We can use IP SLA or induce it to the RG Fault via “redundancy rii <num> decrement <val>”
Design Consideration :
![Page 23: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/23.jpg)
Failover Triggers
Power loss/reload
Control interface down
Data interface downTracked object failure
Priority of Active goes down below
the Standby
![Page 24: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/24.jpg)
Implementation Topology
![Page 25: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/25.jpg)
B2BHA NAT LAN-LAN Topology
![Page 26: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/26.jpg)
WAN CLOUD
B2BHA NAT WAN-LAN Topology
![Page 27: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/27.jpg)
Configuration Design
![Page 28: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/28.jpg)
Supported NAT Configurations
Simple Static NAT Configuration
Extended Static NAT configurations
Network Static NAT configurations
Dynamic NAT and PAT configurations
NAT Inside source, Nat outside source & NAT inside destination rules
NAT rules for VRF to IP Cases
NAT Rules for VRF to VRF(within same VRF) cases
Configuration Design :
![Page 29: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/29.jpg)
Unsupported NAT Configurations :
NAT Configurations with interface overload options
NAT with MPLS L3VPN
NVI-NAT Feature
Supported ALGs :
The only Supported ALG at this time is FTP.
![Page 30: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/30.jpg)
B2B NAT-HA Configuration Key Elements :
![Page 31: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/31.jpg)
Step 1 : Configure RG-ID
ISR1(config)#redundancy
ISR1(config-red)#application redundancy
ISR1(config-red-app)#group 1
ISR1(config-red-app-grp)#shutdown
This is the first step where we need to configure RG infra
and ‘shutdown’ it before proceeding further steps.
Currently we support only two RG groups.
Step 2 : Mention the Control & Data interface.
ISR1(config-red-app-grp)#control Ethernet0/1.10
ISR1(config-red-app-grp)#data Ethernet0/1.20
Define both the Control and Data interfaces.
Step 3: Mention the Protocol
ISR1(config-red-app)#protocol 1
Define the RG protocol. Currently we support only 1
protocol (protocol 1)
Step 4 : Mention the Asymmetric-routing interface
(optional)
ISR1(config-red-app-grp)#asymmetric-routing interface
Ethernet0/1.30
The same Interface can be used as of the Data and Control
interface.
Step 5 : Setup Preempt, priority & Group name.(optional)
..app-grp)#name CISCO
…app-grp)#preempt
…app-grp)#priority 150
This set of commands are optional.
Naming the RG group.
Allows the router to become the active router when the
priority is higher.
Redundancy Configurations :
![Page 32: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/32.jpg)
Step 1 : Configure the Redundancy rii.
ISR1(config)#interface GigabitEthernet 0/0/0
ISR1(config-if)#redundancy rii 100
Each interface which is part of RG infra should
be configured with unique number on a device.
Here ‘number’ is a unique identification number
for each interface which is part of RG infra.
Step 2 : Configure RG-id & Virtual IP
ISR1(config-if)#redundancy group 1 ip 10.2.2.20
exclusive decrement 100
Each interface on LAN should be configured
with RG-id & Virtual IP address. This VIP will
only be enabled on device which is in active
redundancy group state. This LAN/WAN
interface should be already assigned with IP
address. And also VIP should be chosen from
same subnet of interface’s address.
Step 3 : Configure NAT inside & outside
interfaces
ISR1(config-if)#ip nat inside/outside
The inside and outside NAT interfaces should be
configured
Interface Configurations :
![Page 33: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/33.jpg)
NAT Configurations :
Step 1 : Configure NAT Statements for RG Infra
ISR1(config)# ip nat inside source list acl_100
pool pool_100 redundancy 1 mapping-id 120
overload
Each NAT statements which are part of RG infra
should be assigned with ‘RG-id’ & ‘map-id’
Make RG to Roll :
Step 1 : Enable RG Infra
ISR1(config)#redundancy
ISR1(config-red)#application redundancy
ISR1(config-red-app)#group 1
ISR1(config-red-app-grp)#no shutdown
ISR1(config-red-app-grp)#
After configuring all NAT rules, make sure similar
NAT configuration is applied on other peer router
as well, and then RG can be enabled to start the
negotiations. After completing NAT config on
both NAT routers, RG should be enabled.
![Page 34: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/34.jpg)
Standby
Active
AR Packets
WAN CLOUD
RG1
AR
RG1
WAN CLOUD
WAN BRII 1
WAN ARII 1
LAN
AR
Asymmetric-Routing Support Enabled
![Page 35: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/35.jpg)
Standby
Active
AR Packets
WAN CLOUD
RG1
AR
RG1
WAN CLOUD
WAN BRII 1
WAN ARII 1
LAN
AR
Asymmetric-Routing Support Enabled
![Page 36: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/36.jpg)
Standby
Active
AR Packets
WAN CLOUD
RG1
AR
RG1
WAN CLOUD
WAN BRII 1
WAN ARII 1
LAN
AR
Asymmetric-Routing Support Enabled
![Page 37: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/37.jpg)
Standby
Active
AR Packets
WAN CLOUD
RG1
AR
RG1
WAN CLOUD
WAN BRII 1
WAN ARII 1
LAN
AR
Asymmetric-Routing Support Enabled
![Page 38: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/38.jpg)
Troubleshooting Tips
![Page 39: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/39.jpg)
show ip nat redundancy <RG-id>
show ip nat translations redundancy <RG-id> [verbose]
show redundancy application group <RG-id>
show redundancy application protocol group <RG-id>
show ip route
show ip cef
show tech-support
Troubleshooting tips :
![Page 40: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/40.jpg)
RG ID: 1 RG Name: RG1
Current State: IPNAT_HA_RG_ST_ACT_BULK_DONE
Previous State: IPNAT_HA_RG_ST_ACTIVE
Recent Events: Curr: IPNAT_HA_RG_EVT_RF_ACT_STBY_HOT
Prev:IPNAT_HA_RG_EVT_RF_ACT_STBY_BULK_START
Statistics :
Static Mappings: 1, Dynamic Mappings: 0
Sync-ed Entries :
NAT Entries: 0, Door Entries: 0
Mapping ID Mismatches: 0
Forwarded Packets: 0, Dropped Packets : 0
Redirected Packets: 0
ISR1#show ip nat redundancy 1
![Page 41: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/41.jpg)
RG ID: 1 RG Name: RG1
Current State: IPNAT_HA_RG_ST_STBY_HOT
Previous State: IPNAT_HA_RG_ST_STBY_COLD
Recent Events: Curr: IPNAT_HA_RG_EVT_RF_STBY_COLD
Prev: IPNAT_HA_RG_EVT_NAT_CFG_REF
Statistics :
Static Mappings: 1, Dynamic Mappings: 0
Sync-ed Entries :
NAT Entries: 0, Door Entries: 0
Mapping ID Mismatches: 0
Forwarded Packets: 0, Dropped Packets : 0
Redirected Packets: 0
ISR2#show ip nat redundancy 1
![Page 42: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/42.jpg)
ISR1#show ip nat translations redundancy 1 verbose
--- 6.6.6.6 5.5.5.5 --- ---
create 00:00:10, use 00:00:10 timeout:0,
flags:
static, created-by-local, use_count: 0, router/rg id: 0/1 ha_entry_num: 0
mapp_id[in/out]: 120/0, entry-id: 1, lc_entries: 0
ISR2#show ip nat translations redundancy 1 verbose
--- 6.6.6.6 5.5.5.5 --- ---
create 00:01:38, use 00:01:38 timeout:0,
flags:
static, created-by-local, use_count: 0, router/rg id: 0/1 ha_entry_num: 0
mapp_id[in/out]: 120/0, entry-id: 1, lc_entries: 0
![Page 43: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/43.jpg)
Common error cases :
debug ip nat redundancy errors
Messages info :
debug ip nat redundancy messages [[detailed] [errors ]]
Packet info :
debug ip nat redundancy packets
Data base info :
debug ip nat redundancy db [errors]
Check pointing Facility :
debug ip nat redundancy cf
Redundancy Framework :
debug ip nat redundancy rf [errors]
Debugs for TAC Analysis :
![Page 44: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/44.jpg)
Conclusion
![Page 45: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/45.jpg)
• RG on active is reloaded with
“redundancy application reload group <rg-number> self”
• RG on active is shut down with the use of these CLI commands in
redundancy config mode:
ISR1(config-red-app)#group 1
ISR1(config-red-app-grp)#shutdown
• clear ip nat translation redundancy <RG-id> *
• clear ip nat translation redundancy <RG-id> forced
Useful Commands :
![Page 46: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/46.jpg)
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/15-mt/nat-15-mt-
book/iadnat-b2b-ha.html
https://supportforums.cisco.com/document/12206251/nat-box-box-high-availability-function-
overview
Useful Links :
![Page 47: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/47.jpg)
• Purpose of Redundancy.
• Redundancy for the NAT Traffic and it’s Importance.
• Key Elements for NAT B2B HA Feature.
• Key Elements
• State Changes
• Design Recommendation.
• Triggers for Failover
• Supported Topologies.
• Supported & Unsupported Config.
• Configuration Design.
• Troubleshooting tips.
Key Takeaways :
![Page 48: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/48.jpg)
“Q & A”
![Page 49: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/49.jpg)
Participate in the “My Favorite Speaker” Contest
• Promote your favorite speaker through Twitter and you could win $200 of Cisco Press products (@CiscoPress)
• Send a tweet and include
• Your favorite speaker’s Twitter handle
• Two hashtags: #CLUS #MyFavoriteSpeaker
• You can submit an entry for more than one of your “favorite” speakers
• Don’t forget to follow @CiscoLive and @CiscoPress
• View the official rules at http://bit.ly/CLUSwin
Promote Your Favorite Speaker and You Could Be a Winner
![Page 50: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/50.jpg)
Complete Your Online Session Evaluation
Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at CiscoLive.com/Online
• Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 Amazon gift card.
• Complete your session surveys though the Cisco Live mobile app or your computer on Cisco Live Connect.
![Page 51: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/51.jpg)
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Table Topics
• Meet the Engineer 1:1 meetings
• Related sessions
![Page 52: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/52.jpg)
Thank you
![Page 53: NAT Box-2-Box High Availability feature on · NAT Box-2-Box High Availability feature on ISR ... •Box-2-Box High Availability feature •NAT-HA Solution ... Dynamic NAT and PAT](https://reader034.fdocuments.in/reader034/viewer/2022052119/5b29fa097f8b9a251e8b6cbd/html5/thumbnails/53.jpg)