I have an application that is meant to run in NAT mode in IOx with some port forwardings. After installing the IOS15.9.3M1 on my IR809, the new IOx22.214.171.124 doesn't do the port forwarding I requested for the port 1731:1731. The problem is that this IOS version cannot be downgraded and I cannot find a quick fix for it.
The IOS configuration is the same as before installing the 15.9.3M1. I was running 15.7.3.M and everything was working fine. Also, I can connect to the container using the PEM file provided in the LocalManager, but this is not a connection done through a port, but from a lxc console redirect from GuestOS.
In the "sh run.txt" you can see the running-config.
In the "sh ip nat trans.txt" you can see that the IOS is doing the port forwarding.
In the "container log.txt" you can see that the container has internet access, the application is running and the port is up inside the container.
After hours of searching for a fix, I have found a workaround. If you do "IR800#guest-os 1 restart" after the restart of the image, everything is working well.
NOTE: This is just a workaround to the problem. If you do a "reload", after the router reloads, the problem is still there.
I hope Cisco will get us a fix soon!
Hello Andrei --
I have spent a couple of hours this morning trying to reproduce your issue, but for me this is working every time. I am using a Docker-based IOx app with Nginx web server, and running the same IOS release.
Your NAT translations seems to be working like mine:
IR800#sh ip nat translations | i :80
tcp 192.168.2.150:80 192.168.1.15:80 192.168.2.6:41452 192.168.2.6:41452
tcp 192.168.2.150:80 192.168.1.15:80 192.168.2.6:41454 192.168.2.6:41454
Can you try to telnet to your container (192.168.2.2) port tcp/1731 and verify that the connection is accepted?
Thank you for the response, I tried to telnet 192.168.2.2 1731 and I got Connection refused, but if I do the telnet inside the container console with telnet 127.0.0.1 1731 the communication works.
Do you think a reinstall of the IOS bundle can fix the issue?
Hello Andrei -
It is supported to downgrade from 15.9(3)M1 down to 15.8(3)M4 as they booth have the new FPGA code. While we search the issue with 15.9(3)M1 you can downgrade safely to 15.8(3)M4.
Don't use any older release.