[f-nsp] Problem with NAT Foundry Server Iron XL

Ramón Alvarez Rayo ramon.alvarez at alfanumeric.com.ni
Mon Aug 7 15:17:00 EDT 2006 

We won't implement SLB, we will enable only NAT for our networks.


-----Mensaje original-----
De: Tom Samplonius [mailto:tom at uniserve.com] 
Enviado el: Lunes, 07 de Agosto de 2006 12:10 p.m.
Para: Ryan DeBerry
CC: Ramón Alvarez Rayo; foundry-nsp at puck.nether.net
Asunto: Re: [f-nsp] Problem with NAT Foundry Server Iron XL


   Well, NAT and SLB are both forms of address translation.

   But running NAT and SLB at the same time can be problem under heavy
loads. 
The release notes for 7.05.00T12 that you really should use an XL for one
type 
of service at a time.

   That said, I know a site that uses an XL running SLB and NAT.  All the
real 
servers use private IPs, and the XL does NAT for all outgoing connections
from 
the real servers.  And since they have mail relay servers, this is quite a
bit 
of activity.  It is not a recommended configuration, but it works.


Tom


On Mon, 7 Aug 2006, Ryan DeBerry wrote:

> The Server Iron is purpose built for SLB or Server Load Balancing.  Are
you
> replacing this due to performance issues?
>
> On 8/7/06, Ramón Alvarez Rayo <ramon.alvarez at alfanumeric.com.ni> wrote:
>> 
>>  We recently received a Server Iron Switch (16 10/100 + 2 Geth), i
>> configured this switch to do NAT for our networks, but we are
experimenting
>> service instablility when we use as gateway the Server iron, some times
is
>> very show and then few moments later is very fast. We want to replace a
>> Cisco 3845 that is doing NAT translation with this equipment but we can't
>> move to production this equipment.
>> 
>> 
>> 
>> The Software version is 07.5.00T12, and the config related to nat is the
>> following, actually we have only nat in this equipment.  I tried to setup
>> the timeout for nat session and we don't get any changes.
>> 
>> 
>> 
>> What could be cause this issue ?
>> 
>> 
>> 
>> vlan 200 name RED_PUBLICA by port
>> 
>>  untagged ethe 16
>> 
>>   router-interface ve 1
>> 
>> !
>> 
>> vlan 199 name RED_PRIVADA by port
>> 
>>  untagged ethe 15
>> 
>>   router-interface ve 2
>> 
>> !
>> 
>> ip nat inside
>> 
>> ip nat inside source list 10 pool NAT1 overload
>> 
>> ip nat pool NAT1 200.62.80.3 200.62.80.4 prefix-len 29
>> 
>> ip default-gateway 200.62.80.1
>> 
>> ip dns domain-name alfanumeric.com.ni
>> 
>> ip dns server-address 200.62.65.1
>> 
>> 
>> 
>> interface e 15
>> 
>>  speed-duplex 100-full
>> 
>> !
>> 
>> interface e 16
>> 
>>  speed-duplex 100-full
>> 
>> !
>> 
>> 
>> 
>> interface ve 1
>> 
>>  ip address 200.62.80.2 255.255.255.248
>> 
>> !
>> 
>> interface ve 2
>> 
>>  ip address 192.168.4.254 255.255.255.0
>> 
>> !
>> 
>> 
>> 
>> access-list 10 permit 192.168.4.0 0.0.0.255
>> 
>> !
>> 
>> _______________________________________________
>> foundry-nsp mailing list
>> foundry-nsp at puck.nether.net
>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>> 
>> 
>> 
>

More information about the foundry-nsp mailing list