Code ExchangeSearchRepository
This repository is deprecated; please follow the main search page or use the ‘Related code repos’ widget on the right side of the current page.

aws-csr1kv-nat-ha

Deploy CSR1kv on AWS NAT HA using AWS python SDK (BOTO3).

Prerequisites

Two CSR1000v

IOS-XE 17.3 or higher

Use Case Description

CSR1kv doesn't support the stateful NAT high availability because AWS doesn't support broadcast and multicast.

Using AWS API, CSR1kv NAT HA is deployed:

1) Private routing table is changed when failover.

2) NAT IP pool is transferred when failover.

Re-produce

  1. Use BFD and EEM to detect and activate the python code.
  2. Copy on the guestshell of CSR1kv on both CSR1kv.
  3. Modify the NAT IP pool, route and NIC of AWS.
  4. Install AWS CLI and BOTO3 - AWS python SDK.

Result

When the active CSR1000v is down and BFD down was detected, the standby becomes active.

When becomes active, the python code is executed by EEM.

The python code changes the NAT IP from active to standby and modifies the route of private.

Reference

AWS BOTO3 API: https://boto3.amazonaws.com/v1/documentation/api/latest/index.html

Youtube Video

AWS-CSR1kv-HA-NAT

CSR1000v Configuration

CSR1kv cli command:

!

interface Tunnel1

ip address 192.168.1.1 255.255.255.0

bfd interval 500 min_rx 500 multiplier 3

tunnel source GigabitEthernet1

tunnel destination

!

interface GigabitEthernet1

ip address

ip nat outside

redundancy rii 100

redundancy group 1 decrement 100

!

interface GigabitEthernet2

ip address

ip nat inside

redundancy rii 200

redundancy group 1 ip exclusive decrement 100

!

!

router eigrp 1

bfd interface Tunnel1

network 192.168.1.0

passive-interface GigabitEthernet1

ip nat pool test prefix-length mask-length

ip nat inside source list 10 pool test redundancy 1 mapping-id 1 overload

ip access-list standard 10

10

event manager applet ha

event syslog pattern "RG id 1 role change from Standby to Active"

action 220 cli command "enable"

action 330 cli command "guestshell run sudo python3 /home/guestshell/a010-csr1kv-nat-ha.py.py"

View code on GitHub

  • Owner

    yyamekimsense

  • Contributors

    +1Github contributor

  • Categories

  • Products

    IOS XE

  • Programming Languages

    Python

  • License

    BSD 3-Clause "New" or "Revised" License
Related code repos

    Code Exchange Community

    Get help, share code, and collaborate with other developers in the Code Exchange community.View Community
    Disclaimer:
    Cisco provides Code Exchange for convenience and informational purposes only, with no support of any kind. This page contains information and links from third-party websites that are governed by their own separate terms. Reference to a project or contributor on this page does not imply any affiliation with or endorsement by Cisco.