We've highlighted the ASR 1000 series router so we wanted to share a step-by-step configuration for Box-to-Box NAT High-Availability (B2B NAT HA) on Cisco IOS-XE devices, such as the Cisco ASR. This is a very useful feature to provide a network in High Availability.
Cisco's Network Address Translation (NAT) Box-to-Box High-Availability Support feature enables network-wide protection by making an IP network resilient to potential link and router failures at the Network Address Translation (NAT) border. It also leverages services provided by the redundancy group (RG) infrastructure present on the device to implement the high-availability functionality.
The RG infrastructure defines multiple RGs to which applications can subscribe to, and function in, an active-standby mode across different devices. In an RG, only one peer is in active mode at a given instance, and the other peer is in standby mode. NAT box-to-box high-availability functionality is achieved when you configure two NAT translators, residing across different devices, to an RG and function as a translation group.
If you run into any issues, have trouble configuring the ASR 1000 series router, or simply need an extra set of hands to help in the configuration, we have a team ready to step in to configure your network through our SmartHands offering.
Some of the common failover triggers are:
We can divide configuration into two major parts. The first part is the basic configuration that enables RG, redundancy protocol, timers, control, and data interfaces in the router. The second part relates to the actual data/traffic interfaces, and its association with RG.
This example tries to achieve B2B NAT HA on the ASR with the far-end server 192.168.5.5 from the LAN 172.16.1.4. These configurations are prepared with STATIC NAT configuration at the moment.
Note: Both the ASRs should be able to reach the public IP address provided by the ISP.
The LAN Facing interface is connected to the distribution switches, which are in turn connected to the hosts.
The ISP Facing interface has this configuration:
The Data and the Control interfaces between the ASRs have been configured as shown in these sections.
Now, let’s configure control interfaces, as shown below:
To wrap up, configure data interfaces on both routers, as shown below:
PivIT Global provides the support you need through infrastructure, maintenance, and professional services. Contact us today to chat more about the ASR 1000 series, its configuration, or how we can support you through our third-party maintenance and professional services offerings.