[c-nsp] Simple NAT based IOS failover between providers

Robert Boyle robert at tellurian.com
Tue Sep 27 13:41:54 EDT 2005


At 10:30 AM 9/27/2005, Rodney Dunn wrote:
>On Tue, Sep 27, 2005 at 12:02:26PM +0200, Gert Doering wrote:
> > On Mon, Sep 26, 2005 at 12:32:57PM -0400, Rodney Dunn wrote:
> > > The gotcha I think with this is that any existing flow that
> > > is being NAT'ed will fail until it times out because
> > > a new translation on the new interface will have to be created.
> >
> > Yes - but that's unavoidable anyway, given the fact that "ISP B"
> > won't know to route "ISP A"'s IP addresses back over the link
>
>Yep. Funny is it worked in the lab and then I realized it was
>because my simulation was with two links to the same "ISP" router. :)

:) That's fine. I expect a traffic interruption. I just want it to work a 
minute or two later.

> > For web surfing (-alike) traffic, consisting of lots of short TCP
> > session, this shouldn't be a major problem.
>
>Agree.
>
> >
> > For things like "working over Citrix / remote desktop" this could
> > be fairly annoying...
>
>Agree.

Dropping the connection and reconnecting isn't a big deal compared to being 
down hard.

>I'm working on the timeout problem with the probe. It looks broke
>to me as it doesn't honor the consecutive retries I configured and
>takes the route down immediately. Just a gotha with the configuration
>I gave for now.

Thank you! We are going to try this today in the lab with a NAT config and 
a floating static for the backup and a default to the T1 interface to see 
if the NAT changes from the primary to the backup as expected.

-Robert



Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com | 888-TELLURIAN | 973-300-9211
"Well done is better than well said." - Benjamin Franklin



More information about the cisco-nsp mailing list