Currently the IOS does not support NAT & HSRP operating together....
It's not a bug as they do mention it somewhere on CCO (possibly in the NAT
FAQ)
There is both the problem with the standby router not knowing the NAT
translation table of the active router and the fact that NAT won't use the
virtual MAC address but uses the actual physical address....
I've heard that they are working on a enhancement that should address both
issues. Hopefully it will be out in 12.2x.
Bob
-----Original Message-----
From: Jason Fletcher
To: [EMAIL PROTECTED]
Sent: 2/16/01 3:24 PM
Subject: Re: NAT & HSRP Problem
I don't think you can do this? The standby router doesn't have the
translation table of the active router, so when the active router went
down
you will lose your connection.
Jason Fletcher
"Simon Watson" wrote in message ...
><html><DIV>Hi Guys</DIV>
><DIV> </DIV>
><DIV>I've got 2 dual ethernet Cisco 1605 routers connected to each
other
via 2 cascaded hubs.Both sets of interfaces are set up for HSRP.(eth0 of
both routers are in one HSRP group & eth1 are in another HSRP
group). Both routers have also been set up to staically NAT a
device(which
will be called Test PC) on the local network which is connected to
eth
1 of the routers.Also tracking is set on both of the primary router's
interfaces to monitor the other interface.</DIV>
><DIV> </DIV>
><DIV>Eth0 on both routers are connected to a Core router via a hub. In
normal operation, if the test PC sent
continous
PING's to a device hanging on the Core router, it's local IP address is
translated by the HSRP Primary router & routed towards the core
router
& all is well. On inspection of the Core routers ARP cache
shows
the translated IP address of test PC and the virtual MAC- address of the
primary (int eth0) HSRP router as expected.</DIV>
><DIV> </DIV>
><DIV>However if the cable on eth1 of the Primary router is plugged out
to
invoke the Standby router to become active the PING's seemed to be
not
getting through. On inspection of the 2 1600 routers the changover of
the
Standby router from standby to active has taken place, with the Primary
router now in a standby state.</DIV>
><DIV> </DIV>
><DIV>However on inspecting the ARP cache of the core router, instead of
seeing the translated IP address of the test PC with the virtual MAC
address, the translated IP address was seen with the REAL hardware
address
of the now standby interface on the primary router, thus causing the
PING's
not to work.</DIV>
><DIV> </DIV>
><DIV>I've tried this with another set of routers & the same thing
happened. Has Cisco got a bug with HSRP being configured with a router
when
NAT is also configued. Plase let me know your thoughts on this
matter.</DIV>
><DIV> </DIV>
><DIV>Thanks</DIV>
><DIV>Simon CCNP</DIV><br clear=all><hr>Get Your Private, Free E-mail
from
MSN Hotmail at <a
href="http://www.hotmail.com">http://www.hotmail.com</a>.<br></p></html>
>
>_________________________________
>FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
>Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
>
_________________________________
FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
