[c-nsp] Megapath frame relay question

Scott Granados scott at granados-llc.net
Fri Feb 24 18:38:51 EST 2012


What about sourcing the traffic for your sip trunks from the source interface you want say from your inside public ethernet address or something that's routed?

	If memory serves correctly Megapath usually deploys their configs with a WAN port in the private ranges and then a public /29 (frame route radius attribute).  Or have I missed something?
 
On Feb 24, 2012, at 4:18 PM, Bill D'Anjou wrote:

> Thanks Joe.
> 
> I'll give this a try... I didn't realize NAT rules could interact with
> traffic originating from the router itself.
> 
> BTW, the reason I need this to work is the router has a couple FXS ports
> in it.  None of the dial-peer stuff works under the current
> configuration.
> 
> -----Original Message-----
> From: Joe Maimon [mailto:jmaimon at ttec.com] 
> Sent: Friday, February 24, 2012 1:08 PM
> To: Bill D'Anjou
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] Megapath frame relay question
> 
> Use some nat if you want to source traffic from the router and have it
> attempt to use the unrouted address and still work.
> 
> Of course, you could start hard configuring which address various router
> initiated traffic sourced from, but this is a much more complete
> approach.
> 
> ip access-list extended inside-nat-rules
>  deny   ip any 192.168.0.0 0.0.255.255
>  deny   ip any 172.16.0.0 0.15.255.255
>  deny   ip any 10.0.0.0 0.255.255.255
>  permit ip 192.168.0.0 0.0.255.255 any
>  permit ip 172.16.0.0 0.15.255.255 any
>  permit ip 10.0.0.0 0.255.255.255 any
>  deny   ip any any
> 
> route-map inside-nat-f0/0 den 200
> route-map inside-nat-f0/0 per 100
> match ip add inside-nat-rules
> 
> 
> int f0/0
> ip nat in
> int Virtual-Tem1
> ip nat ou
> 
> ip nat ins so rou inside-nat-f0/0 int f0/0 ov
> 
> 
> 
> 
> 
> 
> bill at siliconics.net wrote:
>> Thank-you all for the responses.
>> 
>> I don't think "unnumbered" or "multilink" are options for me since the
> 
>> WAN IP - AND the default route - are "obtained."
>> Note the following directives on the virtual-template:
>> int virtual-template1
>> ip address negotiated
>> ppp ipcp route default
>> 
>> As Scott & others have pointed out, Megapath is giving me a 
>> non-routable address. See below.
>> 
>> sh ip route
>> Gateway of last resort is 172.22.0.1 to network 0.0.0.0
>> 172.22.0.0/32 is subnetted, 2 subnets
>> C 172.22.0.1 is directly connected, Virtual-Access1 C 172.22.246.177 
>> is directly connected, Virtual-Access1
>> 74.0.0.0/29 is subnetted, 1 subnets
>> C x.x.x.x is directly connected, FastEthernet0/0
>> S* 0.0.0.0/0 [1/0] via 172.22.0.1
>> 
>> So that's the crux of the issue right? If they were giving me a "real"
>> IP I wouldn't have the issue, right?
>> Anyway, it doesn't look like any of the solutions offered thus far 
>> will work for me. And Megapath is not inclined to provide
> configuration support.
>> 
>> -----Original Message-----
>> From: Scott Granados [mailto:scott at granados-llc.net]
>> Sent: Thursday, February 23, 2012 2:02 PM
>> To: Bill D'Anjou
>> Cc: cisco-nsp at puck.nether.net
>> Subject: Re: [c-nsp] Megapath frame relay question Ok, few points.
>> FIrst, yes, Megapath is going to assign you a 172.16 address to your 
>> wan interface. This is a pretty standard Covad / Megapath thing.
>> Next, when I've done this is memory served I had to use a dialer 
>> interface for the actual interface and bind that to a sub interface 
>> using a dialer pool You should see something like a standard interface
> 
>> when you show the dialer that includes the IP assigned.
>> Then you set your default route with ip route 0.0.0.0 0.0.0.0 
>> interface
>> dialer1 and it should work, at least as well as Megapath circuits ever
> 
>> work which is definitely not that well. If you google Cisco PPP over 
>> FR you should find the example I used as the first or second listing 
>> with a great config example.
>> GOod luck
>> ?
>> On Feb 23, 2012, at 1:09 PM, Bill wrote:
>>> Dear Cisco gurus,
>>> 
>>> I have the following simple config for a frame-relay T1 on Megapath's
>>> network:
>>> 
>>> interface FastEthernet0/0
>>> ip address x.x.x.x x.x.x.x !!!!!!!!!!!!(publicly addressable /29) 
>>> duplex auto speed auto !
>>> interface Serial0/0
>>> no ip address
>>> encapsulation frame-relay IETF
>>> no fair-queue
>>> frame-relay interface-dlci 16 ppp Virtual-Template1 !!!!!!!!!(I've 
>>> seen examples where this line is entered on a sub-interface - not 
>>> sure if this
>>> matters)
>>> frame-relay lmi-type ansi
>>> !
>>> interface Virtual-Template1
>>> ip address negotiated
>>> ppp chap hostname username at bz8
>>> ppp chap password 0 password
>>> ppp ipcp dns request
>>> ppp ipcp route default
>>> ppp ipcp address accept
>>> !
>>> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
>>> The issue I have is, there's no connectivity from the router itself.
>>> Anything behind the router - using the LAN IP block - works fine. For
> 
>>> example, within the Cisco CLI, if I issue the ping command by itself,
> 
>>> I get no reply. If I issue the ping command & specify that the source
> 
>>> address is the IP on the FastE interface, then I get replies.
>>> 
>>> This seems to me like an issue with the way Megapath provisions these
> 
>>> circuits but I'm trying to see if there's a simple way to workaround 
>>> the issue. Such as making ALL traffic from the router appear to 
>>> originate from the IP on the FastE interface.
>>> 
>>> Thanks in advance for your help/replies.
>>> 
>>> Bill
>>> 
>>> _______________________________________________
>>> cisco-nsp mailing list cisco-nsp at puck.nether.net 
>>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>> ?
>> ?
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net 
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>> 
>> 
> 
> 
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/




More information about the cisco-nsp mailing list