[c-nsp] CPE with tracking redundancy and long lived (UDP) nat sessions
Ivan Pepelnjak
ip at ioshints.info
Mon Jan 25 12:52:58 EST 2010
Just did a few tests with 12.4(24)T. IOS NAT is extra stupid when it comes to clearing NAT translation table. Even though you have NAT rules tied to an interface ("ip nat inside ... interface") they are not cleared when the interface IP address is lost or when the interface is shut down.
So (I guess) the best you can do is to catch changes in tracked object's state with an EEM applet that clears all NAT translations.
Ivan Pepelnjak
blog.ioshints.info / www.ioshints.info
> So what is the bottom line? Is this the best that can be done with
> simple end site redundancy with object tracking and without dynamic
> routing?
More information about the cisco-nsp
mailing list