aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/nat/nat44-ei/nat44_ei_ha_doc.md
diff options
context:
space:
mode:
authorFilip Varga <fivarga@cisco.com>2020-12-10 15:55:25 +0100
committerOle Tr�an <otroan@employees.org>2021-01-05 14:09:39 +0000
commita210798c407035f09c10c018ebdaf12312161730 (patch)
treec03e68701aaca9c3a4207107bdacb183da8a4a5a /src/plugins/nat/nat44-ei/nat44_ei_ha_doc.md
parent641c6be821c3136cb140b6726e16246f2f1cbd4c (diff)
nat: refactor and split fo EI/ED features
This patch is aimed at moving EI features out of NAT44 plugin & split of EI/ED functions. Type: refactor Change-Id: I63cf70a264ed2512708fe92665d64f04690783d0 Signed-off-by: Filip Varga <fivarga@cisco.com>
Diffstat (limited to 'src/plugins/nat/nat44-ei/nat44_ei_ha_doc.md')
-rw-r--r--src/plugins/nat/nat44-ei/nat44_ei_ha_doc.md70
1 files changed, 70 insertions, 0 deletions
diff --git a/src/plugins/nat/nat44-ei/nat44_ei_ha_doc.md b/src/plugins/nat/nat44-ei/nat44_ei_ha_doc.md
new file mode 100644
index 00000000000..f0ea209e250
--- /dev/null
+++ b/src/plugins/nat/nat44-ei/nat44_ei_ha_doc.md
@@ -0,0 +1,70 @@
+# Active-Passive NAT HA {#nat_ha_doc}
+
+## Introduction
+
+One NAT node actively manages traffic while the other is synchronized and ready to transition to the active state and takes over seamlessly and enforces the same NAT sessions when failure occur. Both nodes share the same configuration settings.
+
+## Configuration
+
+### NAT HA protocol
+Session synchronization traffic is distributed through an IPv4 UDP connection. The active node sends NAT HA protocol events to passive node. To achieve reliable transfer NAT HA protocol uses acknowledgement with re-transmission. This require the passive node to respond with an acknowledgement message as it receives the data. The active node keeps a record of each packet it sends and maintains a timer from when the packet was sent. The active node re-transmits a packet if the timer expires before receiving the acknowledgement.
+
+### Topology
+
+The two NAT nodes have a dedicated link (interface GE0/0/3 on both) to synchronize NAT sessions using NAT HA protocol.
+
+```
+ +-----------------------+
+ | outside network |
+ +-----------------------+
+ / \
+ / \
+ / \
+ / \
+ / \
++---------+ +---------+
+| GE0/0/1 | Active Passive | GE0/0/1 |
+| | | |
+| GE0/0/3|-------------------|GE0/0/3 |
+| | sync network | |
+| GE0/0/0 | | GE0/0/0 |
++---------+ +---------+
+ \ /
+ \ /
+ \ /
+ \ /
+ \ /
+ +-----------------------+
+ | inside network |
+ +-----------------------+
+```
+
+### Active node configuration
+
+```
+set interface ip address GigabitEthernet0/0/1 10.15.7.101/24
+set interface ip address GigabitEthernet0/0/0 172.16.10.101/24
+set interface ip address GigabitEthernet0/0/3 10.0.0.1/24
+set interface state GigabitEthernet0/0/0 up
+set interface state GigabitEthernet0/0/1 up
+set interface state GigabitEthernet0/0/3 up
+set interface nat44 in GigabitEthernet0/0/0 out GigabitEthernet0/0/1
+nat44 add address 10.15.7.100
+nat ha listener 10.0.0.1:1234
+nat ha failover 10.0.0.2:2345
+```
+
+### Passive node configuration
+
+```
+set interface ip address GigabitEthernet0/0/1 10.15.7.102/24
+set interface ip address GigabitEthernet0/0/0 172.16.10.102/24
+set interface ip address GigabitEthernet0/0/3 10.0.0.2/24
+set interface state GigabitEthernet0/0/0 up
+set interface state GigabitEthernet0/0/1 up
+set interface state GigabitEthernet0/0/3 up
+set interface nat44 in GigabitEthernet0/0/0 out GigabitEthernet0/0/1
+nat44 add address 10.15.7.100
+nat ha listener 10.0.0.2:2345
+```
+