Saturday, June 2, 2012

Configuring NAT - NAT Stateful Failover with HSRP

If you work in a high availability environment (largest options exchange in the world) like I do, then you know the value of redundant design. I dislike being caught off-guard and putting out fires. Therefore, I try to make redundancy a part of my design and when "it" hits the fan users aren't breathing down on my neck. And I can actually concentrate on fixing the issue rather than grabbing a bucket of water to put out a house fire. That is the basis for this blogtorial which is how do we configure NAT Stateful Failover with HSRP.

Please read my previous NAT posts if you need a refresher on NAT. At this point, I am assuming you are fairly familiar with NAT and its concepts, so I will get right down to business and spare you the usual 'abc' of NAT'ng. 

Consider this simple topology and let's get started.

Thursday, May 31, 2012

Configuring MPLS VPN - Easiest L3VPN Ever

When I used to hear the term MPLS, it would strike fear through my heart. Why? Natural reaction of humans is to fear the unknown or dislike the unknown. In this blogtorial, I will attempt to simplify MPLS as much as possible. And hopefully after going through this blogtorial you'll feel much more comfortable with MPLS and how to configure it.

I will present a brief overview of the router roles involved in MPLS and create a checklist for 'How to configure MPLS L3VPN'. I have browsed various articles and read numerous books on MPLS and none of which gave me what I was looking for -- a basic checklist that went step by step and configured MPLS. Most of them jumped around and wasn't organized in any fashion I liked. So I created my own and I hope you find it as useful as I did. 

Consider this topology and let's get started. 

Wednesday, May 30, 2012


Imagine you have 2 ISPs coming into a single router and you have a BGP relationship with both ISPs. One is a 100meg connection from AT&T and the other is a slower internet connection from a local ISP. Your manager requests that we should be using the 100meg connection for outgoing and incoming traffic.Well the outgoing traffic is very easy to manipulate using IGP, metric, PBR, route-maps or whatever your heart desires. But how do we control the inbound traffic? There are a few options available to us, however in this blogtorial we will see how we can manipulate inbound traffic using as path-prepend.

Consider this simple topology and let's get started.