Re: PIM-SM and NAT

From: Gert Doering (gert@greenie.muc.de)
Date: Thu Jul 04 2002 - 09:11:59 EDT


Hi,

some of you might remember this thread (if one can call "me speaking to
myself" a thread)...

I just want to keep you updated what I found out in the mean time.

 - outbound multicast NAT with "overload" does not work (period). I'm
   working with our Cisco gold partner and Cisco to figure out whether
   that's a bug or just "not implemented".

 - outbound multicast NAT *does* work, if you have a configuration that
   maps internal IPs individually to external IPs without overload, like
   this:

   ip nat pool SPACE 195.30.3.197 195.30.3.198 prefix-length 24
   ip nat inside source list 170 pool SPACE

   Just make sure that the IP range in question is properly routed to
   the multicast NAT router (using IPs from a shared ethernet and have
   the NAT router proxy-ARP for them is not going to work).

I hope that this will eventually help someone else who is doing similarily
weird things :-)

(Full-quote appended below for context)

gert

On Fri, Apr 26, 2002 at 01:08:59PM +0200, Gert Doering wrote:
> Hi,
>
> I am currently trying to get a multicast source behind a NATting Cisco
> router to work.
>
> Setup:
>
> - internal network: 172.30.1.0/24
> - external IP: a.b.c.d
>
> - Cisco 1401, IOS 12.1(8) IP Plus
>
> - PIM-SM with an RP at 193.149.44.33 (via ATM0.32)
> - IGMP in the LAN
>
> If I have "receiver only" clients in the LAN, everything works fine
> (like "listening to radio program").
>
> Today I tried to setup vic to generate a video stream, and ran into
> something that is definitely a NAT<->PIM interaction issue:
>
> - Multicast source starts up
>
> - local router generates mroute entry:
>
> (172.30.1.153, 224.2.188.149), 00:18:38/00:02:59, flags: PCFT
> Incoming interface: Ethernet0, RPF nbr 0.0.0.0
> Outgoing interface list: Null
>
> - local router sends register to RP, RP generates entry:
>
> (172.30.1.153, 224.2.188.149), 00:19:09/00:01:14, flags: A
> Incoming interface: FastEthernet0/0, RPF nbr 195.30.3.209
> Outgoing interface list:
> FastEthernet2/0, Forward/Sparse, 00:14:12/00:02:37
>
> ---> oops. As the source address is not NATted, the RP can't generate
> PIM join messages into the proper direction, and thus my multicast
> source isn't heard "outside".
>
>
> This specific situation isn't covered in any documentation I could
> find (so far), so I'm not sure whether this is "impossible to do"
> or whether there is a trick in Cisco NAT to make it happen.
>
> The router configuration in question (not IP relevant parts snipped,
> global IP address changed) is:
>
> ip multicast-routing
> interface Loopback0
> ip address a.b.c.d 255.255.255.255
>
> interface Ethernet0
> ip address 172.30.1.200 255.255.255.0
> ip nat inside
> ip pim sparse-dense-mode
>
> interface ATM0
> ip route-cache flow
> interface ATM0.32 point-to-point
> ip unnumbered Loopback0
> ip nat outside
> ip pim sparse-dense-mode
> pvc 0/32
> ubr 200
> oam-pvc manage
> encapsulation aal5mux ip
> !
> ip route 0.0.0.0 0.0.0.0 ATM0.32
> ip pim rp-address 193.149.44.33
> ip pim accept-rp 193.149.44.33
> !
> ip nat inside source list 170 interface Loopback0 overload
> access-list 170 permit ip 172.30.1.0 0.0.0.255 any
>
> (I have snipped the ip access lists for ATM0.32, but they do not log
> anything, and the register message goes out, so that is not likely to
> be related)
>
> Soooo... any hints?
>
> thanks!
>
> gert
>
> --
> USENET is *not* the non-clickable part of WWW!
> //www.muc.de/~gert/
> Gert Doering - Munich, Germany gert@greenie.muc.de
> fax: +49-89-35655025 gert.doering@physik.tu-muenchen.de

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert@greenie.muc.de
fax: +49-89-35655025                        gert.doering@physik.tu-muenchen.de



This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:49 EDT