Brocade Communications Systems ServerIron ADX 12.4.00 Service Manual Page 133
- Page / 149
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
ServerIron ADX NAT64 Configuration Guide 121
53-1002444-02
IP NAT redundancy
7
DRAFT: BROCADE CONFIDENTIAL
IP NAT redundancy
The ServerIron ADX supports static and dynamic IP NAT in redundant/HA environments using
Hot-Standby mode with switch code, or Sym-Active (Active-Active) mode using VRRP-E with router
code. Further information on VRRP-E can be found in the ServerIron ADX Switch and Router Guide
under section “Configuring VRRP and VRRP-E".
In order to configure IP NAT redundancy with a Hot-Standby deployment, you must specify the
active ServerIron ADX as the owner of the global NAT IP address or pool. Similarly, in Sym-Active
mode, the ServerIron ADX with the higher VRRP-E backup priority must be specified as the NAT IP
address owner. The owner of the NAT IP address is responsible for responding to ARP requests
directed to the redundant public IP address.
Configuring static NAT entry in a HA setup
In a high availability (HA) deployment, the static NAT entry is supported by both of the ServerIron
ADX HA partners.
To configure a static NAT entry, use the ip nat inside source static command with the
<priority-value> parameter as shown in the following example:
ServerIronADX(config)# ip nat inside source static 10.10.10.10 63.32.23.1 2
Syntax: [no] ip nat inside source static <ip-addr1> <ip-addr2> <priority-value>
The <priority-value> is used to determine the owner of the static NAT IP address. A value of either 1
or 2 can be configured with 2 being the higher priority. The ServerIron ADX configured with the
higher priority, is the owner of the NAT IP address as long as it stays up.
Configuring dynamic NAT pool in a HA setup
To configure a dynamic NAT pool which will be supported on a ServerIron ADX pair in HA setup,
enter the ip nat pool command with port-pool-range operand as shown in the following example:
ServerIronADX(config)# ip nat pool pool1 63.23.1.2 63.23.1.4 prefix 24
ServerIronADX(config)# ip nat pool pool1 port-pool-range 2
Syntax: [no] ip nat pool <pool-name> port-pool-range <pool range value>
The port-pool-range <pool range value> parameter is similar to the priority value for static NAT,
except that it also determines the range of source ports allocated for the NAT IP, which prevents
source port collision.
The <pool range value> can be 1 or 2; where 2 has the higher priority. The ServerIron ADX
configured with the higher priority 2 will be the owner of the NAT pool addresses. It also means the
source ports allocated for the NAT IPs are from the higher range.
NOTE
A distribution of port ranges is not required for static NAT, as it does not involve PAT.
Configuring dynamic NAT redundancy in Hot-Standby mode
Follow these steps to enable the minimum required configuration for dynamic NAT in Hot-Standby
mode, as shown in Figure 22.
- ServerIron ADX 1
- Document History 2
- Contents 3
- About This Document 9
- Command syntax conventions 10
- Notice to the reader 11
- Related publications 11
- Getting technical help 11
- NAT64 and NAT46 Overview 13
- Stateless NAT46 translation 14
- Protocol support 15
- NAT64 fragmentation support 17
- References 18
- Stateful NAT64 Configuration 19
- Operation of stateful NAT64 20
- 53-1002444-02 23
- Enabling connection logging 28
- Displaying NAT64 information 31
- Displaying NAT64 translations 32
- Displaying NAT64 statistics 33
- Displaying NAT64 resources 37
- Stateless NAT64 Configuration 39
- Operation of stateless NAT64 40
- High availability for NAT64 52
- Clearing NAT64 information 53
- Stateless NAT46 Configuration 55
- Operation of stateless NAT46 56
- High availability for NAT46 67
- Displaying NAT46 information 68
- Clearing NAT46 information 69
- Access Control Lists 71
- Rule-based ACLs 72
- Default ACL action 74
- ACL IDs and entries 74
- Configuring rule-based ACLs 77
- Modifying rule-based ACLs 85
- Reordering ACLs 86
- Applying ACLs to interfaces 87
- Adding comments to named ACLs 89
- ACL logging 94
- Displaying ACL log entries 95
- Clearing the ACL statistics 97
- Throttling the fragment rate 98
- DRAFT: BROCADE CONFIDENTIAL 100
- Enabling strict TCP mode 101
- Enabling strict UDP mode 102
- ACLs and ICMP 103
- Numbered ACLs 104
- Named ACLs 105
- • Enable the strict TCP mode 107
- IPv6 Access Control Lists 109
- Configuration notes 110
- Processing of IPv6 ACLs 110
- Configuring IPv6 ACLs 111
- IPv6 ACL syntax 114
- Syntax Description 116
- Displaying IPv6 ACLs 118
- Logging IPv6 ACLs 119
- Network Address Translation 121
- Configuring NAT 122
- Configuring static NAT 123
- Configuring dynamic NAT 123
- Enabling IP NAT 124
- NAT configuration examples 125
- IP NAT with VIP overlap 129
- Translation timeouts 130
- Stateless static IP NAT 132
- IP NAT redundancy 133
- Displaying NAT information 144
- Displaying NAT translation 147
- Displaying VRRPE information 148
Related products and manuals for Network switches Brocade Communications Systems ServerIron ADX 12.4.00
(16 pages)
(82 pages)© 2020, manymanuals.com. All rights reserved. | 0.737 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals