Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6198
Views
5
Helpful
3
Replies

How to NAT UDP broadcast packets

Go to solution
mrmajedkhalifa
Level 1
Level 1

‎02-26-2010 11:05 AM - edited ‎03-04-2019 07:38 AM

Hello,

I'm experiencing a bit of an issue here. I am using static NAT to convert 172.20.0.0/24 into 172.21.0.0/24 on a Cisco 2811 router through FE0/0. On FE0/1, I have 192.168.0.0/24 subnetwork attached.

Here's what the objective is: A host on 172.20.0.0/24 (say, 172.20.0.5) is sending broadcast packets via UDP port 6000. The mainframe is on FE0/1 with an IP address of 192.168.0.35/24. This mainframe needs to receive the broadcast packets from the 172.20.0.5 host, but NAT needs to occur *first* on 172.20.0.5 so that it looks like the source address of the broadcast packet is really coming from 172.21.0.5/24. This is because the mainframe already has another interface on another 172.20.0.0/24 subnet (i.e., we're dealing with overlapping subnets here).


So far, I'm able to forward the broadcast packets to the 192.168.0.0/24 subnet by using ip forward-protocol udp 6000 (globally) and ip directed-broadcast (on the FE interfaces). I've also added an ip helper-address 192.168.0.255 statement to the FE0/0 interface.

Again, I can get the UDP:6000 packets to forward, but the source address is showing up as the original 172.20.0.5 instead of the NAT'ed address of 172.21.0.5.

Any suggestions would be very helpful. Even if I have to deploy additional hardware to make it work, that's OK too. I just can't use the original subnet, I have to NAT it somehow.

Thanks a bunch!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ohassairi
Level 5
Level 5

‎02-28-2010 12:18 AM

1-can you paste your NAT config?

2-as a bad solution you can cascade the  second NIC (172.20) switch  to the switch connecting c2811 to your server. so that the broadcast will come to the second interface :-)

View solution in original post

0 Helpful
3 Replies 3

Go to solution
ohassairi
Level 5
Level 5

‎02-28-2010 12:18 AM

1-can you paste your NAT config?

2-as a bad solution you can cascade the  second NIC (172.20) switch  to the switch connecting c2811 to your server. so that the broadcast will come to the second interface :-)

0 Helpful

Go to solution
mrmajedkhalifa
Level 1
Level 1
In response to ohassairi

‎02-28-2010 07:23 PM

Thank you for your suggestion. And yes, I believe your suggestion would have solved the issue, though a bit sloppily, as you intended, though.

As it turns out, I believe I solved the problem through a modification of the "ip helper-address" statement. For some strange reason (I'm sure someone knows the answer to this reason), if I use "ip helper-address ", then IOS does not apply NAT to the source address. However, if I use "ip helper-address ", then it does use NAT correctly. Strange eh? Well, I changed my "ip helper-address" statement to point to my mainframe, and it's working like a champ now.

Hopefully this thread will surface in a Google search for the next person to come across such an oddity.

Thx again, folks!

Go to solution
ohassairi
Level 5
Level 5
In response to mrmajedkhalifa

‎02-28-2010 09:08 PM

i think you are using static nat (one to one)

so if you use: "ip helper-address ",  may be there is no static nat entry for this broadcast address. so nat will not occur.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card