nat for multihomed network

Nice feature, I wonder what that feature actually costs: Do you know what feature set is needed ?

This makes good sense: OER is a route decision feature, and has nothing to do with NAT. So one may ask yourselfs, does NAT gets proceessed before or after a route decision ? Also : If I what to run NAT with multiple interface, can I the nhave one Nat inside interface along with two "nat outside" ? Then figure out the route map along with NAT.

HTH Martin Bilgrav

So, is the answer that the routing decision is made before the translation? Therefore, if the interface associated with the lowest cost default route goes down, the next available best route and associated nat pool cmd will be used? Remember I don't need pbr, I'm just looking for backup internet/default route(s).

something like this?

ip route 0 0 s0 ip route 0 0 s1 100 ip route 0 0 s2 200

ip nat pool s0 ip nat pool s1 ip nat pool s2

ip nat inside source list lan pool s0 ip nat inside source list lan pool s1 ip nat inside source list lan pool s2

Hi Linguafr,

If you want to do NAT especially with Multiple ISP with No BGP, then the answer is Yes. I have done a similar configuration and it is working perfectly fine with loadbalancing and smooth failover. This is exactly wat I have done in there.

Scenario: I have dual ISP. I have configured Route map to track the default route available in the route table and this route map is used to define the NAT statement. As shown below

Default route configuration:

ip route 0.0.0.0 0.0.0.0 ip route 0.0.0.0 0.0.0.0 50

Route Map Configuration:

access-list 2 permit access-list 3 permit

route-map ISP1 permit 10 match ip next-hop 3 ! route-map ISP1-Fallbac permit 10 match ip next-hop 2 ! route-map ISP2 permit 10 match ip next-hop 2

Nat Configuration:

ip nat inside source route-map ISP1-Fallbac interface overload ip nat inside source route-map ISP1 interface overload ip nat inside source route-map ISP2 interface overload

Hope this fixes your issue

Ganesh

l> So, is the answer that the routing decision is made before the

Hi Ganesh - Thanks for the suggestions. Excuse my ignorance regarding the details. Some questions -

The route-map match clause looks for routes that contain the gateway address? If so, then why are you matching on acl 3 for route-map ISP1 and acl2 for route-map ISP2? And why do you need a third route-map ISP1-Fallback?

Thanks

What IOS image are you running? Is this accomplishing the same thing as is described here..

Ganesh wrote:

Hi Linguafr,

Route Map actually tracks the next hop ip address this is derived from the routing table. Route Map is configured with a Standard ACL to identify the next hop IP based on which the router comes to know which ISP the packet is heading to and does a nat accordingly. the Third Route Map is a fall back from secondary to primary. It is useful in a load balancing scenario. With this, there is a primary to secondary fall back and also from secondary to primary. In our scenario we were routing priviledged users through secondary and in the event of this link going down the users were automatically routed through normal primary line.

We are using IOS 12.4 Mainline and we are achieving exactly what i have described here.

Thanks,

Ganesh

l> Hi Ganesh -

It's routing then NAT. There is a NAT order of operations document on cco.

The NAT issue that you are concerned about is not something to worry about. It all just works nicely.

All the router cares about is:- Is the traffic passing from a nat inside to a nat outside. No - don't do nat. Yes - check for matching "ip nat" statements

Ganesh's example is not doing policy based routing, which you may be implying. The route-maps are being used for a different purpose here. Just to select an appropriate "ip nat inside" statement.

BTW - but don't go there for a couple of years unless you /need/ it: even this has been dispensed with recently.

int x ip nat enable The "ip nat" statement is different too. This does NOT presently support Route Maps.