RE: standby name and nating

From: Andrew Bruce Caslow (abcaslow@netmasterclass.net)
Date: Wed Nov 22 2006 - 08:36:32 ART

• Next message: Salman Abbas: "WCCP complexity"
• Previous message: Alexei Monastyrnyi: "Re: FR Traffic Shaping Question"
• Maybe in reply to: david robin: "standby name and nating"
• Next in thread: ccie anees: "Re: standby name and nating"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi David,

The HSRP standby name can be used in an enhancement to a standard NAT
implementation. The enhancement is called "stateful network address
translation" or SNAT. I did a quick google search for you on the following
terms "Cisco SNAT HSRP" and came up with the following Cisco white paper
that includes detailed descriptions of configuring stateful NAT with HSRP:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_white_paper0
900aecd8052870b.shtml

Here are the opening sentences of this white paper. It does a good job of
describing SNAT and I think you can see the implicit relationship of SNAT to
HSRP:

"Stateful Network Address Translation is a Cisco IOSR Software feature
allowing two or more network address translators to function as a
translation group. A backup NAT provides translation services in the event
of failure to the active translator. The result is a more resilient IP
network."

Also, Richard Deal's Cisco Press book "Cisco Router Firewall Security" does
a good job in explaining SNAT and its interplay with HSRP:

http://www.amazon.com/Router-Firewall-Security-Networking-Technology/dp/1587
051753

This is an excellent book for preparing for the security portion of the R&S
CCIE Lab. They made a huge blunder in giving the book a title. They put the
word "firewall" in the title. The book has nothing to do with Cisco
"firewalls". It is dedicated entirely to routers. I strongly suggest all
CCIE R&S candidates to purchase the book.

HTH,

-Bruce Caslow CCIE #3139
 NetMasterClass, LLC
 www.netmasterclass.net

> -----Original Message-----
> From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
> david robin
> Sent: Wednesday, November 22, 2006 5:24 AM
> To: Cisco certification
> Subject: standby name and nating
>
> Dear all,
> can any one explain to me the use of standby name command and what is the
> relation between this command and nating, as i didn't understand the
> following example from the configuration guide:
>
> http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hiap
> _c/ch20/haiphsrp.htm
>
>
> interface BVI10
>
> ip address 192.168.5.54 255.255.255.255.0
>
> no ip redirects
>
> ip nat inside
>
> standby 10 ip 192.168.5.30
>
> standby 10 priority 110
>
> standby 10 preempt
>
> standby 10 name sanjose
>
> standby 10 track Ethernet2/1
>
> !
>
> !
>
> ip default-gateway 10.0.18.126
>
> ip nat inside source static 192.168.5.33 10.10.10.5 redundancy sanjose
>
> ip classless
>
> ip route 10.10.10.0 255.255.255.0 Ethernet2/1
>
> ip route 172.22.33.0 255.255.255.0 Ethernet2/1
>
> no ip http server
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Salman Abbas: "WCCP complexity"
• Previous message: Alexei Monastyrnyi: "Re: FR Traffic Shaping Question"
• Maybe in reply to: david robin: "standby name and nating"
• Next in thread: ccie anees: "Re: standby name and nating"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Fri Dec 01 2006 - 08:05:48 ART