In this post I would like to demonstrate how NAT works on Cisco IOS router and more particularly what is the order of operation process when using Domain-based NAT vs. Nat Virtual Interface (NVI). As usual, to highlight the different configuration examples throughout this post I will use the following topology:
Let´s imagine that R1 is simulating a virtual PBX (also known as Hosted PBX.) located in the Voice provider network. This VPBX needs access to R5 (which is simulating a Lotus Notes server) in order to synchronize the different information for calendar, contacts, etc. Here are the following requirements from the customer:
- The customer doesn´t want to run any dynamic routing protocols between its network and the Voice provider network
- The customer wants the implementation of the solution to be as transparent as possible.
- The voice provider must only have access to the lotus notes (represented by R5 in this scenario).
- The voice provider must not be aware of any internal networks located at the customer site.
- The Voice provider has installed a tiny software client on each PC located at the customer site on the 192.168.100.0/24 network in order to send information to the VPBX. This software should be able to reach the VPBX (simulated by R1 in this scenario) without having any routing information regarding the Voice provider network.
Continuing with Multicast topics I will talk this time about Anycast RP. Anycast RP is used for RP redundancy. As I explained in my previous posts on multicast it is possible to have RP redundancy with Auto-RP by defining multiple RP servicing the same multicast groups (the RP with the highest IP will be selected as the active RP for a specific group by the MA). PIM BSR can also be used for RP redundancy and the process is the same as with Auto-RP apart from the fact that the BSR router doesn´t elect which RP is active for a specific group. In both cases the failover delay is based on the RP/BSR/MA advertisement intervals which are not fast by default (up to 60 seconds). So the whole point with Anycast RP is that the failover is based on the IGP running in the multicast domain which can be really fast (especially when using Bidirectional Forwarding Detection).
For this post I will use the same topology as the other multicast posts:
Scenario: R4 and R2 will be configured as static RPs sharing the same IP address. An MSDP session will be established between R4 and R2 in order to synchronize source IP information
RPs: R4 and R2 with IP 184.108.40.206
IGP: EIGRP AS 100
Platform/IOS: Cisco 2691/12.4(15)T11 Adv IP services
All the routers in the PIM SM topology are configured with PIM SM. For this post I will only use static RP assignment as it is the most commonly used method for group-to-RP mapping due to its deterministic nature. Auto-RP or PIM BSR could also have been used.
In this post I would like to explore PfR (Cisco Performance Routing) earlier called OER (Optimized Edge Routing). I will start with an introduction by presenting what is PfR and the goals of it and I will finally demonstrate how to configure basic PfR. To illustrate the different configuration examples I will use the following topology:
Side note: As I am using IOS 12.4 (15)T, PfR is configured with OER commands. In this IOS version PfR is not mature. So if you want to use PfR in production you should use IOS 15.0 and up after. The keyword PfR has been introduced in IOS release 15.1(2)T. From simplicity I will use the term PfR instead of OER even if I am configuring PfR in version earlier than 15.1(2)T.
Platform/IOS: Cisco 2691/12.4(15)T11 Adv IP services.
IGP for Spoke site: EIGRP 10
IGP for Hub site: EIGRP 10
Both sites use eBGP to peer with their respective ISP. R2 is running eBGP over the GRE tunnel path and iBGP with R1.
Scenario: The Hub location is hosting a Citrix server and a HTTP server. Citrix traffic should always be routed over the MPLS path via R1 while HTTP traffic should be routed over the GRE tunnel via R2. The Voice traffic between the two locations should be routed over the MPLS path via R1.
- If the voice traffic delay goes over 300 ms, voice traffic should be moved to the GRE tunnel path via R2
- The HTTP traffic should only be routed through the GRE tunnel path as long as this path is up and running
- If the MPLS link utilization goes over 50 % move only the Citrix traffic to the GRE tunnel path via R2
So I am finally ready for the CCIE written exam after 2 months of preparation. I did read 3 times (yes that may sounds a lot but it was necessary for me) the CCIE routing and swithcing guide fourth edition by wendell Odom. I personally think that it is good book as it has lot´s of real examples especially the routing part, QoS and multicast so I recommend it for the CCIE written preparation.