02-17-2009 11:08 AM - edited 03-04-2019 03:36 AM
There is something I am not understanding here. See attached for my config on my 1841. I am accessing the internet via bonded T1's using MLPPP. The ISP has assigned me the address block 67.100.220.xxx/29. I have fastethernet0/0 attached to my local (192.168.214.0/32) network.
When the ppp connects, for example, it is assigned from ipcp the ip of 172.22.225.xxx with a gateway of 172.22.0.1. Now connecting to FE0/1 everything is perfect. If I connect from my local network (FE0/0)it will work for a few minutes, very slow, and then tell me destination unreachable.
What am I missing here? How do I get my local network to route over the PPP?
Here is my route table:
Gateway of last resort is 172.22.0.1 to network 0.0.0.0
172.22.0.0/32 is subnetted, 2 subnets
C 172.22.225.118 is directly connected, Multilink1
C 172.22.0.1 is directly connected, Multilink1
67.0.0.0/29 is subnetted, 1 subnets
C 67.100.220.xxx is directly connected, FastEthernet0/1
C 192.168.214.0/24 is directly connected, FastEthernet0/0
S* 0.0.0.0/0 [1/0] via 172.22.0.1
Thanks
GP
02-17-2009 11:42 AM
Modify the following statement:
ip nat inside source list 1 interface FastEthernet0/1 overload
with
ip nat inside source list 1 interface Multilink1 overload
HTH,
__
Edison.
02-17-2009 11:57 AM
Greg
I agree with Edison that there is a problem in the way that NAT is configured. But I do not believe that changing the NAT so that it overloads on the multilink will solve the problem. The address learned on the multilink is also RFC1918 address space and will not produce addresses that can be used in the Internet.
I believe that there is a conceptual problem here that we need to work through. The ISP assigned you a block of addresses. Those addresses should be the source address of traffic that you send to the Internet. But you assigned them to a FastEthernet interface. I believe that this is not the right thing to do. I would believe that you need to create a NAT pool with those addresses and to do the translation using the pool instead of doing NAT overload on an interface address.
HTH
Rick
 
					
				
		
02-17-2009 12:14 PM
I differ with both Edison and Rick.
I believe the config is correct, multink interface uses a private address as happens more and more these days.
Please let us know the exact IOS used.
02-17-2009 12:18 PM
Paolo
Differences of opinion make for better discussion. In the original post he specified that his network is on the FastEthernet0/0 interface and that he is routing to the Internet over the multilink. And that the ISP had assigned him a block of addresses. Given that the traffic originates on FA0/0 and is routed out the multilink, how is assigning the ISP block on FA0/1 going to work?
HTH
Rick
 
					
				
		
02-17-2009 12:33 PM
Hi Rick,
It works because it Fa0/1 is not to be natted, it has a globally routable address. My understanding is that this is what the OP wants.
I correct my previous statement, Mu1 uses a public address as the OP clearly specified. On this one, overloaded NAT for FA0/0 is done
02-17-2009 02:51 PM
The IOS ver:
Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9-M), Version 12.4(9)T4, RELEASE SOFTWARE (fc2)
Note: If I down FA0/1 with the public ip nothing will get routed out at all - When it is up and I do a trace from the private network, it doesnt appear to touch my public IP's. Next hop shows as 172.22.0.1... strange that is.
Thx
Greg
 
					
				
		
02-17-2009 03:05 PM
Hi, I would recommend you try either 12.4(9)T7, or more conservatively, 12.4(3j).
Your traceroute is normal, next-hop is ISP router.
02-18-2009 07:34 AM
Unfortunately I do not have access to other version images. Is it your position that this is a bug and not a configuration issue?
Thanks
Greg
 
					
				
		
02-18-2009 07:46 AM
Yes, I've seen at least a bug like this in the past - many NAT entries caused memory leak and slowdown.
Note you cannot professionally operate cisco networks without at least one smartnet contract for downloads.
 
					
				
		
02-18-2009 10:10 AM
I've looked at this further and found that you'reu sing MLPPP over frame-relay. That is not a very commonly used configuration and you may find issues in doing that.
Basically one reason more to try some different IOSlike the mentioned 12.4(3j).
02-18-2009 11:41 AM
UPDATE
I tried Ricks suggestion and created a NAT pool. It is working much better. The download speed is pretty much right on but upload is very low. I am going to compare results by doing a test connection via fa0/1 and compare results.
I am working on getting smartnet up and going.
Thanks
Greg
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide