[lug] Cisco 678 and NAT
David L. Anselmi
anselmi at anselmi.us
Tue Jan 3 18:30:18 MST 2006
Ben wrote:
[...]
> But my problem is with NAT. When I do the reset, the cisco resets all its
> NAT tables and all the people using the internet get their connections
> reset.
Rather than cycling wan0, try:
set int wan0 retrain
I've used that when I've had noise problems (though I've never had it
connect at a lower speed). It doesn't clear the NAT table.
[...]
> I've tried adding the line:
>
> set nat entry add 10.0.0.2
This won't work as it sets up a DNAT rule and you're problem is with the
(dynamic) SNAT rules getting cleared. Once they're gone the router has
no idea what port to use to match the remote server. If it guesses
wrong (almost always) the server will send a RST.
[...]
> Any ideas on how to make the best of crummy dsl?
You could use bridging mode and do the NAT on your firewall box (I don't
think you actually need the firewall unless you have machines on the 10/
network). But Nate says bridging will inhibit automatic retrains.
You could get a quote from Comcast and call Qwest and tell them what
result would keep you from switching. And then switch if they don't
provide (there may be a downside to Comcast for you but it won't be
downstream bandwidth).
HTH,
Dave
More information about the LUG
mailing list