[c-nsp] IOS NAT, translating source into IP not included in routing table
Dale Shaw
dale.shaw+cisco-nsp at gmail.com
Wed Nov 21 22:33:20 EST 2007
I changed the "ip route .." commands to..
ip route 192.168.20.5 255.255.255.255 Null0 name NAT
.. and it continues to work as expected. This is cleaner, but I'm
still interested in more elegant solutions. I've seen the "add-route"
parameter, but it doesn't appear to support /32s, and only seems to be
available for "ip nat outside .."
cheers,
Dale
On Nov 22, 2007 2:10 PM, a. rahman isnaini r. sutan
<risnaini at speed.net.id> wrote:
>
>
> New to me... never been working by translating internal IP to 'external IP
> which is not directly connected to the router...'
> If this work pretty well, it'd be good and some ideas might come up later...
>
> rgs
> a. rahman isnaini r.sutan
>
> ----- Original Message -----
> From: "Dale Shaw" <dale.shaw+cisco-nsp at gmail.com>
> To: <cisco-nsp at puck.nether.net>
> Sent: Thursday, November 22, 2007 5:39 AM
> Subject: [c-nsp] IOS NAT,translating source into IP not included in routing
> table
>
>
> > Hi,
> >
> > My Google-fu is failing me..
> >
> > Scenario:
> >
> > FastEthernet0 (NAT inside), IP 10.20.20.1/24
> > Tunnel1 (NAT outside), IP 172.16.0.1/24
> > DMVPN environment with EIGRP
> > Performing static source address translation from hosts in
> > 10.20.20.0/24 to 192.168.20.x
> >
[...]
> > The router will happily translate 10.20.20.50 etc. into any arbitrary
> > IP, as per the "ip nat inside .." command, but return traffic is
> > unrouteable because there is no routing table entry for 192.168.20.5
> > in other routers in the AS.
> >
> > At present, I'm adding and redistributing a static host route like so:
> >
> > ip route 192.168.20.5 255.255.255.255 FastEthernet0 10.20.20.2
> >
> > ..And as expected, 192.168.20.5/32 appears in the routing table and
> > packets know how to come back to this router.
> >
> > It's a bit ugly/counter-intuitive though, don't you think? Is there a
> > more elegant way? (perhaps specifying Null0 in the static route would
> > be nicer)
> > I have a mix of 12.3 and 12.4 IOS in the environment so while I'm
> > happy to hear about any better methods, ideally I'm looking for
> > something that will work on all versions.
> >
> > cheers,
> > Dale
More information about the cisco-nsp
mailing list