Answer the question
In order to leave comments, you need to log in
P
P
Pavel_Krotov2019-09-27 13:22:42
Pavel_Krotov, 2019-09-27 13:22:42
Cisco Nat load balancing + VRF. How to make ip nat inside destination work on VRF?
We all know very well about the possibility of organizing a simple balancing of tcp sessions using NAT Destanation on a Cisco router.
https://habr.com/en/post/108978/
But it took "Cisco Nat load balancing" to be configured on VRF, and it turns out that there is no VRF parameter in the ip nat inside destination commands ...
How to make Cisco Nat work load balancing + VRF together?
ip access-list extended CISCO-NAT-LB
permit tcp any host 5.5.5.5 eq 80 443 <-Внешние IP
ip nat pool CISCO-NAT-LB 10.1.1.1 10.1.1.2 netmask 255.255.255.0 type rotary <-Внутреннние IP серверов, на кого балансировать.
ip nat inside destination list CISCO-NAT-LB pool CISCO-NAT-LB
interface GigabitEthernet0/0.22
ip vrf forwarding VRF1
ip nat outside
ip address 172.1.1.2 255.255.255.0
interface GigabitEthernet0/0.23
ip vrf forwarding VRF1
ip nat inside
ip address 172.1.2.2 255.255.255.0 2 answer(s)
@vvpoloskin
@iddqda
V
Valentine, 2019-09-27 @vvpoloskin
On classic ios you have to do route leaking (static route to the interface in the right vrf). NAT between vrf works in ios-xe.
But your task must be solved on a separate balancer, this is not the work of the router.
I
iddqda, 2019-09-27 @iddqda
sure it doesn't work?
here you need support for VRF-Aware NAT i.e. several translation tables, the
tsiska knows that if a packet arrives at the interface in VRF1, then it will route and natit according to the corresponding tables. You don't need to write anything in the config for this.
And this is an old feature. for at least 8 years in IOS this has been implemented
what kind of piece of iron?
Similar questions
I
A
S
O
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question