[c-nsp] Simple NAT based IOS failover between providers
Robert Boyle
robert at tellurian.com
Mon Sep 26 11:44:34 EDT 2005
At 11:25 AM 9/26/2005, Chris Moore wrote:
>Just as a "general architecture" comment:
>
>First, understand exactly what you are trying to do. For outgoing
Thanks. I do understand what I'm trying to do. Perhaps I haven't expressed
myself clearly enough.
>traffic, it's really easy. You just have two default routes out two
>public interface and tell them both to NAT. Use route metrics to
>determine primary/secondary. That's what your $79 consumer router is
>doing. Really simple.
However, it doesn't work like that with IOS. I need it to fail over from
the primary to the secondary and simply changing the routes doesn't
accomplish that with IOS NAT in the test configs we have used. The $79
consumer router actively monitors the primary link for end to end
connectivity and switches when connectivity is lost. This is what I need
from the IOS based router as well.
>Incoming traffic is a different story. Sure - it's easy enough to have
>two NATing interfaces and just have two sets of NAT mappings. But how
>does "the world" know to go to the other set of addresses? You need DNS
>for that. SO that means doing your own DNS or working with someone who
>will let you run scripts to do DNS updates. Then have a script that goes
>out and changes DNS when one of the links goes down. The script is
>pretty simple - you should be able to find plenty of examples online.
>Some ISPs and other companies (DynDNS.org comes to mind) offer managed
>functionality like this.
I don't need anything inbound. These are remote offices which simply need
to be up 100% of the time.
-Robert
Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com | 888-TELLURIAN | 973-300-9211
"Well done is better than well said." - Benjamin Franklin
More information about the cisco-nsp
mailing list