Greetings all,
I'm going to be making a change to an existing client's network soon where multicast traffic is used over GRE (no IPSEC) tunnels. The client is adding a new location and is going to have a 10.x.x.x private IP space for the LAN side. The GRE tunnels amongst all sites are 192.168.x.x range.. so I need to NAT out from 10.x.x.x to 192.168.x.x. when sending multicast traffic to the address 225.8.20.x, which all the other sites will be listening for.
So I configured a NAT pool, ip nat inside on the inside interface, ip nat outside on the outside interface, set ip nat inside on the GRE tunnel, and tested it out in GNS3. The NAT is working when I ping from the LAN interface to one of the other Host's tunnel loopback address (can see this via ip packet debugs). However, when attempting to simulate a multicast from the 10.x.x.x LAN to 225.8.20.x, the NAT translation is never taking place. I know this for two reasons:
- If I process a "debug ip mpacket" on one of the other sites, I see the packet received with the 10.x.x.x address, and an RPF failure occurs because the host has no route to that network.
- If i turn on "debug ip nat" on the local router, I never see any NAT translations occuring when sending to multicast addresses like the 225.8.20.x range.
It seems as if any traffic being sent to that Multicast address is not being NAT'ed. Is there anything special that needs to be done to get hosts to NAT out when sending to Multicast addresses? Thanks!
