RE: advertising NAT pool in to BGP

From: Brian McGahan (bmcgahan@internetworkexpert.com)
Date: Sat Jul 01 2006 - 14:37:55 ART

• Next message: Scott Morris: "RE: DSCP"
• Previous message: JOSHUA LAUER: "Re: Behold The Newest CCIE in Town - CCIE #16464"
• Maybe in reply to: Jens Petter: "RE: advertising NAT pool in to BGP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

In the second case the static route to null0 is unnecessary.

HTH,

Brian McGahan, CCIE #8593
bmcgahan@internetworkexpert.com

Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987 x 705
Outside US: 775-826-4344 x 705
24/7 Support: http://forum.internetworkexpert.com
Live Chat: http://www.internetworkexpert.com/chat/

> -----Original Message-----
> From: Jens Petter [mailto:jenseike@start.no]
> Sent: Saturday, July 01, 2006 12:39 AM
> To: Brian McGahan; 'Kemal YILDIRIM'; ccielab@groupstudy.com
> Subject: RE: advertising NAT pool in to BGP
>
> So either of the scenarios under would do exactly the same for me..?
>
>
> interface fastethernet 1
> ip address 172.16.1.89 255.255.255.252
> ip nat outside
>
> interface fastethernet 0
> ip address 192.168.1.0 255.255.255.0
> ip nat inside
>
> router bgp 1
> neighbor 10.1.1.1 remote-as 2
> network 172.16.1.17 mask 255.255.255.255
>
> access-list 2 permit 192.168.1.0 0.0.0.255
>
> ip route 172.16.1.17 255.255.255.255 null 0
>
> ip nat pool NAT-POOL 172.16.1.17 172.16.1.17 prefix 30
> ip nat inside source list 2 pool NAT-POOL overload
>
> or
>
> interface loopback 0
> ip address 172.16.1.17 255.255.255.255
>
> interface fastethernet 1
> ip address 172.16.1.89 255.255.255.252
> ip nat outside
>
> interface fastethernet 0
> ip address 192.168.1.0 255.255.255.0
> ip nat inside
>
> router bgp 1
> neighbor 10.1.1.1 remote-as 2
> network 172.16.1.17 mask 255.255.255.255
>
> access-list 2 permit 192.168.1.0 0.0.0.255
>
> ip route 172.16.1.17 255.255.255.255 null 0
>
> ip nat pool NAT-POOL 172.16.1.17 172.16.1.17 prefix 30
> ip nat inside source list 2 pool NAT-POOL overload
>
> or
>
> ip nat inside source list 2 interface loopback 0 overload
> (do this command do the job even without " ip nat outside " command on
the
> loopback?)
>
>
> Jens
>
>
>
> -----Original Message-----
> From: Brian McGahan [mailto:bmcgahan@internetworkexpert.com]
> Sent: 1. juli 2006 00:33
> To: Jens Petter; Kemal YILDIRIM; ccielab@groupstudy.com
> Subject: RE: advertising NAT pool in to BGP
>
> The route just needs to be installed in the routing table so you
> can advertise it into BGP. You can either do this by adding a
Loopback
> that's in the subnet or doing a static route to null. There is no
> functional difference between the two since the network doesn't exist
> anywhere except logically in the NAT process. Whichever way you do it
> you simply need to add the "network" statement under the BGP process
to
> originate the route. Also don't worry about the "mask" or
> "prefix-length" option in the NAT statement; actual traffic isn't
> associated with a subnet mask only routes. You determine the route to
> the network either by the mask on the static route to null or on the
> Loopback.
>
>
> HTH,
>
> Brian McGahan, CCIE #8593
> bmcgahan@internetworkexpert.com
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987 x 705
> Outside US: 775-826-4344 x 705
> 24/7 Support: http://forum.internetworkexpert.com
> Live Chat: http://www.internetworkexpert.com/chat/
>
>
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > Jens Petter
> > Sent: Friday, June 30, 2006 5:00 PM
> > To: 'Kemal YILDIRIM'; ccielab@groupstudy.com
> > Subject: RE: advertising NAT pool in to BGP
> >
> > This is not for the lab, but real life scenario... So, I don't need
to
> > follow any rules about static routes..
> >
> > So, will the nating work even if the nat outside command not are on
> the
> > loopback but on the Ethernet interface. Since you are overloading
the
> > loopback interface?
> >
> > Jens
> >
> > -----Original Message-----
> > From: Kemal YILDIRIM [mailto:kemalhy@gmail.com]
> > Sent: 30. juni 2006 23:19
> > To: 'Jens Petter'; ccielab@groupstudy.com
> > Subject: RE: advertising NAT pool in to BGP
> >
> > Hi Jens,
> > 1- static routes is not allowed otherwise specifically stated.
> > 2- access-list 2 permit 192.168.1.0 will not match inside hosts.
> > access-list 2 permit 192.168.1.0 0.0.0.255 will match inside hosts
> >
> > You can create a loopback interface that has the NAT address and
> advertise
> > it in to BGP with network command. NAT translation can be done to
> loopback
> > interface and also can be overloded.
> > Regards
> >
> > interface Loopback0
> > ip address 172.16.1.10 255.255.255.255
> > !
> > interface Ethernet0/0
> > ip address 192.168.1.1 255.255.255.0
> > ip nat inside
> > !
> > interface Serial0/1
> > ip address 172.16.1.1 255.255.255.252
> > ip nat outside
> > !
> > router bgp 1
> > network 172.16.1.10 mask 255.255.255.255
> > neighbor 172.16.1.2 remote-as 2
> > no auto-summary
> > !
> > ip nat inside source list 2 interface Loopback0 overload
> > !
> > access-list 2 permit 192.168.1.0 0.0.0.255
> >
> >
> > Objects are what is unalterable and subsistent;
> > their configuration is what is changing and unstable.
> > So, you need PRACTICE, PRACTICE, AND MORE PRACTICE...
> >
> > -----Original Message-----
> > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf
> Of
> > Jens
> > Petter
> > Sent: Friday, June 30, 2006 10:58 PM
> > To: ccielab@groupstudy.com
> > Subject: advertising NAT pool in to BGP
> >
> > I am trying to figure out how to advertise a NAT configured pool in
to
> > bgp..
> >
> > Will this do the job ? :
> >
> >
> >
> > interface fastethernet 1
> > ip address 172.16.1.x 255.255.255.252
> > ip nat outside
> >
> > router bgp 1
> > neighbor 10.1.1.1 remote-as 2
> > redistribute static route-map STATIC-TO-BGP
> >
> > access-list 1 permit 172.16.1.10
> > access-list 2 permit 192.168.1.0
> >
> > route-map STATIC-TO-BGP
> > match ip address 1
> >
> > ip nat pool NAT-POOL 172.16.1.10 172.16.1.10 PREFIX 30
> >
> > ip nat inside source list 2 pool NAT-POOL overload
> >
> > ip route 172.16.1.10 255.255.255.255 null 0
> >
> > 172.16.1.10 is my nat pool address that I am overloading for my
inside
> > addresses... This is the NAT address I need to advertise in to BGP
so
> that
> > external host have a route back... I tried to use /32 as prefix in
the
> ip
> > nat pool command but got an error telling me that /30 is the smalest
> > prefix
> > I can use... Is this a problem..? the outside interface are /30 net
> >
> > Will this advertising of that NAT address work well. I dont have a
lab
> to
> > test this, so any advice will be apreaciated... Any other advices is
> alo
> > apreachiated..
> >
> > Jens
> >
> >
>

• Next message: Scott Morris: "RE: DSCP"
• Previous message: JOSHUA LAUER: "Re: Behold The Newest CCIE in Town - CCIE #16464"
• Maybe in reply to: Jens Petter: "RE: advertising NAT pool in to BGP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Aug 01 2006 - 07:13:46 ART