Re: static NAT problem

From: Nick (nick@arc.net.my)
Date: Tue Apr 16 2002 - 05:36:37 EDT

Next message: Gert Doering: "Re: static NAT problem"
Previous message: George Sheng: "Re: [nsp] Cisco vs. Juniper of LSP setup"
In reply to: Gert Doering: "Re: static NAT problem"
Next in thread: Mati Gil: "RE: static NAT problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

Gert,

Missed out a very important piece of information which I excluded for
simplicity sake and placed a static entry to Eth0 instead. We are actually
running OSPF with the customer in a totally stubby configuration -so our
access router sends a 0/0.

The plot thickens. We are also running a backup link on BRI <unnumbered on
the Lo0> and configured for dialer-watch to watch the 0/0 default route from
the access router. Once the OSPF is down, the 0/0 removed, the client side
will dial and run OSPF with our RAS.

router ospf 100
log-adjacency-changes
area 0.0.0.99 stub
network 200.100.233.216 0.0.0.7 area 0.0.0.99
network 200.100.242.160 0.0.0.15 area 0.0.0.99

So checking our route entries on our access router, I only get a /32 for the
200.100.242.161 lo0 interface and not the /28 for the 200.100.242.160.
Obviously *slap on my head*.

Any way to work around this? Will it work if I place a /28 static route
entry in our access router also. However because of the OSPF and the backup
configuration I cannot configure a hard static entry.

Thanks for the advice on 0/0 static routes to interfaces.

-nick/

----- Original Message -----
From: "Gert Doering" <gert@greenie.muc.de>
To: "Nick" <nick@arc.net.my>; <cisco-nsp@puck.nether.net>
Sent: Tuesday, April 16, 2002 4:13 PM
Subject: Re: static NAT problem

> hi,
>
> On Tue, Apr 16, 2002 at 04:15:59PM +0800, Nick wrote:
> > ip nat inside source list 10 interface Loopback0 overload
> > !
> > ! *** static NAT mappings for mail servers ***
> > ip nat inside source static 192.168.100.127 200.100.242.168
> > ip nat inside source static 192.168.100.128 200.100.242.169
>
> This looks fine. It leaves the question whether the 200.100.242.*
> IPs are actually routed to this router - otherwise it can't nat 'em. How
> does a traceroute look like?
>
> > !
> > ip route 0.0.0.0 0.0.0.0 Ethernet0
>
> Don't do this. It means "send out an ARP for every single destination,
> and if some other router happens to do proxy ARP, it will work, but that's
> by chance and pretty inefficient".
>
> Do "ip route 0.0.0.0 0.0.0.0 <next-hop-ip>" or (if you want to force it to
> use Ethernet0) "ip route 0.0.0.0 0.0.0.0 Ethernet0 <next-hop-ip>".
>
> gert
>
> --
> USENET is *not* the non-clickable part of WWW!
>
//www.muc.de/~gert/
> Gert Doering - Munich, Germany
gert@greenie.muc.de
> fax: +49-89-35655025
gert.doering@physik.tu-muenchen.de

Next message: Gert Doering: "Re: static NAT problem"
Previous message: George Sheng: "Re: [nsp] Cisco vs. Juniper of LSP setup"
In reply to: Gert Doering: "Re: static NAT problem"
Next in thread: Mati Gil: "RE: static NAT problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:41 EDT