[j-nsp] NAT Redundancy on Juniper routers
Alex
alex.arseniev at gmail.com
Mon Jan 10 07:43:18 EST 2011
Hello Gokhan Gumus,
AFAIK this is not possible at the moment since flows are not shared between
MSDPCs even inside same MX box let alone different physical boxes.
So if R1 goes down the:
1/ TCP flows need to reestablish starting from 3-way handshake
2/ UDP flows with ALG need to reestablish starting from scratch (every ALG
has different procedures)
3/ non-ALG UDP flows _can_ continue as if nothing happened depending on
protocol, e.g. p2p UDP flows will resume from last xferred piece
4/ ICMP flows continue as if nothing happened
If you need physical-box-redundant NAT I'd suggest to use SRX cluster.
HTH
Rgds
Alex
----- Original Message -----
From: "Gökhan Gümüs" <ggumus at gmail.com>
To: <juniper-nsp at puck.nether.net>
Sent: Monday, January 10, 2011 12:15 PM
Subject: [j-nsp] NAT Redundancy on Juniper routers
> Hi all,
>
> I am trying to achieve redundancy on Juniper routers while performing NAT.
>
> I have two Juniper MX960 router on the backbone with VRRP setup.I am
> configuring NAT on R1 successfull.Same NAT rules are existing on the other
> router but on R2,static route which is pointing sp interface is
> deactivated.Is there anyway to achieve automatic failover capability on
> NAT?In other words if something happened on R1, can R2 handle all NAT
> process without doing anything?
>
> Kind regards,
> Gokhan Gumus
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list