cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
970
Views
0
Helpful
2
Replies

LISP NAT traversal

gabriel.gearip
Level 1
Level 1

Hi,

I'm testing a scenario with LISP in GNS3 in which 2 LISP-enabled sites are communicating over an IPv4 "Internet" network (consisting on 2 non-LISP routers). On the left side I have 2 routers acting as xTR's and on the right side, one router acting as xTR and MS/MR. LISP is working fine, even load balancing the connections.

Now I'm changing the scenario to run NAT on the non-LISP routers. The target is to accomplish communication over NAT between the 2 LISP sites. I'm using "ip lisp source-locator Loopback..." on the "Internet"-facing interfaces on the left-side. The Lookpback interfaces have the global NAT IP address as seen by the right-side LISP side. Also, the database-mapping is using these addresses instead of the IP's of the router's interfaces.

It's not working. I don't know if this is the correct solution to run LISP over NAT.

What do you think?

Thanks.

Note: I'm using 7200 IOS routers with 15.2(4).

2 Replies 2

gabriel.gearip
Level 1
Level 1

Now I see that you would have to do a port forward on the NAT gateway to reach the inside LISP routers.

Is there any way to accomplish LISP communication without the port forward?

pvinci
Level 4
Level 4

Hi Gabriel,

If you are trying to do NAT between the RLOCs on your xTR and your map server, you need an IOS version that supports info-request packets (look at the XB12 release)  for the control plane, and PxTR's are replaced with the concept of the RTR and serve as an anchor point in non-NATed space for the data plane.  You can read about the details here:

http://tools.ietf.org/html/draft-ermagan-lisp-nat-traversal-01

We run commercial LISP mapping and proxy gateways across the US, so, if you have more questions, let us know.

http://vinciconsulting.com/lisp-mapping-and-proxy-services

Regards,

Paul

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco