1. Home
  2. Cisco Systems
  3. Static NAT On 2 Routers - Different Public IP's Pointing to Same Private IP?

Static NAT On 2 Routers - Different Public IP's Pointing to Same Private IP?

Hi,

I have a general networking question regarding static NAT. My question is:

Is it possible to have two routers, each connected to a different ISP, with static NAT (aka one-to-one NAT) setup to point to the same internal ip address? If it is possible, will it yield bad performance / packet collisions, or will there be any other unforeseen issues?

My situation is the following:

I am trying to setup a server for network redundancy. I already have

2 similar routers that support static NAT. I would like to give my server a private ip address, say 10.0.1.100. I would then like to setup static NAT on each router as follows:

Router 1 (connected to ISP 1):

(public address) xxx.xxx.xxx.xxx 10.0.1.100 (private address)

Router 2 (connected to ISP 2):

(public address) xxx.xxx.xxx.xxx 10.0.1.100 (private address)

So my logic is the following:

If traffic comes into my server through the public IP address on router 1, it will be translated to the private address and sent to that server.

If traffic comes into the server through the public address on router

2, it will be translated to the private address and sent to that same server.

Will the server be able to send the return packets back out through the correct router? Does the server use its default gateway to determine which router to send the packets to, or does it know to send it back to the router who sent it the traffic originally?

Both routers will be on the same internal network: 10.0.1.0\\24 (I think I did that correctly). So will it not use the default gateway since both routers are on the same network as the server?

Thanks,

Seth

Reply to
s.fenster
Loading thread data ...

The server will send the packet out via the default gateway. So you will have an issue with asynchronous routing. This will lead to issues when you have people trying to connect to the server due how xlate tables work and the TCP handshake. If you need network redundancy you have three options:

  1. Least Expensive, and least redundant. Get a SONE protected line. Dependent on one provider and one POP
  2. Have one ISP that has two POPs several miles apart. Have multiple lines coming from them and setup BGP. Dependent on one Provider.
  3. Have multiple ISPs. For this to work you would have to get your address space directly from IANA. And then setup BGP peering relationships with multiple ISPs. Single point of failure is your single facility.

You could tell the server where to send certain packets in its route table, but this solution would not be reliable and will lead to you having many nights of little sleep.

In summation:

Will the server be able to send the return packets back out through the correct router? NO

Does the server use its default gateway to determine which router to send the packets to, or does it know to send it back to the router who sent it the traffic originally? Default Gateway

So will it not use the default gateway since both routers are on the same network as the server? Default Gateway.

The only time what you propose might work is if you had multiple internal networks that had to connect to the server. With complete knowledge and control of the source and destination addressing you could make this work (I say this form academic reasons, and do not recommend it)

Reply to
heath.parrott

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.