Info

Example 4-27 shows the configuration for Barbados.

Example 4-27 Barbados' NAT Configuration Evenly Distributes the TCP Load to the Three Identical Servers; Outside Devices See Only a Single Inside Global Address interface EthernetO ip address 192.168.1.1 255.255.255.0 ip nat inside i interface SerialO ip address 207.35.14.82 255.255.255.252 ip nat outside

ip nat pool V-Server 192,168.1.2 192.168,1.4 prefix-length 24 type rotary ip nat inside destination list 1 pool V-Server !

ip route 0.0.0.0 0.0.0.0 Serial0 i access-list 1 permit 199.198.5.1

Instead of translating an IL address as most of the previous case studies have demonstrated, this configuration translates the IG address. The address pool V-Server contains a list of the available IL addresses, and the keywords type rotary cause a round-robin assignment of the pool addresses. The access list, as usual, identifies the address to be translated—in this case, the single destination address 199.198.5.1.

Example 4-28 shows the resulting NAT table after four outside devices have sent TCP traffic to the virtual server. You can observe that the first three connections (reading from the bottom up) were allocated sequentially from the lowest IL address in the pool to the highest. Only three addresses are available in the pool, so the fourth connection is again mapped to the lowest IL address.

Example 4-28 The TCP Connections to the Virtual Server Address 199.198.5.1 Are Balanced Across the Three Real Server Addresses

Barbados#show ip nat translations

Pro Inside global

Inside local

Outside local Outside global

tcp 199.198.5.

.1

:23

192.168

.1 .

2:23

203.1.2.3:11003 203.1.2.3:11003

top 199.198.5.

.1

: 23

192.168

.1 .

4:23

135.88.131.55:11002 135.88.131.55:11002

tcp 199.198.5.

,1

:23

192.168

.1 .

3:23

118.50.47.210:11001 118.50.47.210:11001

tcp 199.198.5.

,1

:23

192.168

.1 .

2:23

191.115.37.2:11000 191.115.37.2:11000

Barbados#

Case Study: Service Distribution

You also can use NAT to create a virtual server in which connections are distributed by TCP or UDP services rather than by TCP connection. The internetwork in Figure 4-27 is very similar to that in Figure 4-26, except that the servers are not identical. Rather, different servers offer different services. From the outside, all three servers appear to be a single server with the address 199.198.5.1.

Figure 4-27 Three Inside Devices That Offer Different Services Appear to Be a Single Server from the Outside / Web server

Figure 4-27 Three Inside Devices That Offer Different Services Appear to Be a Single Server from the Outside / Web server

Mail server

Mail server

Virtual server

Was this article helpful?

0 0
100 SEO Tips

100 SEO Tips

100 SEO Tips EVERY SEO Enthusiast Should Know. This Report 100 SEO Tips will help you to Utilize These Tips to Dominate The Search Engine Today.

Get My Free Ebook


Post a comment