HADR and network address translation (NAT) support

Network address translation (NAT) is usually used for firewall and security because it hides the server's real address. NAT is supported in HADR environments unless you are also using the Db2® pureScale® Feature.

In an HADR setup, the local and remote host configurations on the primary and standby nodes are cross-checked to ensure that they are correct. In a NAT environment, a host is known to itself by a particular IP address but is known to the other hosts by a different IP address. This behavior causes the HADR host cross-check to fail unless you set the DB2_HADR_NO_IP_CHECK registry variable to ON. Using this setting causes the host cross-check to be bypassed, enabling the primary and standby to connect in a NAT environment.

If you are not running in a NAT environment, use the default setting of OFF for the DB2_HADR_NO_IP_CHECK registry variable. Disabling the cross-check weakens the HADR validation of your configuration.

Multiple HADR standby databases

Normally, with multiple standby databases, on startup, a standby checks that its settings for the hadr_remote_host and hadr_remote_svc configuration parameters are also used for its hadr_target_list parameter. This check is done to ensure that on role switch, the old primary can become a new standby. In NAT scenarios, that check fails unless you set the DB2_HADR_NO_IP_CHECK registry variable to ON. Because this check is bypassed when DB2_HADR_NO_IP_CHECK is set to ON, the standby waits until it connects to the primary to check that the values of the primary's hadr_local_host and hadr_local_svc configuration parameters are used for the standby's hadr_target_list configuration parameter. The check still ensures that role switch can succeed for the standby and primary pair.

Important: If you set the DB2_HADR_NO_IP_CHECK registry variable to ON, the values of the hadr_remote_host and hadr_remote_svc configuration parameters are not automatically updated.

In a multiple standby setup, you should set the DB2_HADR_NO_IP_CHECK registry variable for all databases that might connect to another database across a NAT boundary. If a database will never cross a NAT boundary to connect to another database (that is, if no such link is configured), you should not set this registry variable for that database. If you set the DB2_HADR_NO_IP_CHECK registry variable, it prevents a standby from automatically discovering the new primary after a takeover has occurred, and you must manually reconfigure the standby to have it connect to the new primary.