Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
433
Views
0
Helpful
2
Replies

Attempting to use Loopback /32 as NAT source for a dot1q sub-interface

Drew T.
Level 1
Level 1

‎04-05-2018 04:37 AM - edited ‎03-08-2019 02:32 PM

I'm sure i've done this before, but for some reason it just doesn't seem to be working.

 

Our provider have allocated an extra subnet to us, that's being sent over a DHCP service (fibre ethernet service). I've associated a /32 from the allocated subnet to Loopback10. I can ping it from the outside world, and can reach the router without any issues, so the IP is definitely seen and working.

 

Sub-interface is on a dot1q VLAN and is currently working with a regular NAT setup, using the main IP from our provider. 

 

Here's the configuration i'm attempting that does not seem to be working:

 

GigabitEthernet0/0.10

encapsulation dot1q 10

ip address 192.168.10.1 255.255.255.0

no ip redirects

no ip proxy-arp

ip accounting output-packets

ip nat inside

no ip virtual-reassembly in

!

ip nat inside source list int10 interface Loopback10 overload

!

Loopback10

ip address 1.2.3.4 255.255.255.255

!

ip access-list extended int10

 permit ip 192.168.10.0 0.0.0.255 any

!

 

I have also attempted to try it with a NAT pool and route-map, but its not working (the loopback is a /30 and the nat pool won't accept a subnet smaller than a /30). 

 

This is pretty urgent and i'm kinda scratching my head. Anyone able to offer a suggestion here?

 

I've tried a lot of searches and nothing seems to suggest it'll work as I want it to. Any traffic originating from VLAN10 simply has to have the IP of the Lo10 interface when going to the outside world.

 

Labels:
0 Helpful
2 Replies 2

Seb Rupik
VIP Alumni
VIP Alumni

‎04-05-2018 04:46 AM 

!
int loop10
  ip nat outside
!

cheers,

Seb.

 

 

0 Helpful

Julio E. Moisa
VIP Alumni
VIP Alumni

‎04-05-2018 05:38 AM - edited ‎04-05-2018 05:42 AM

Hi

The ip nat outside should be configured under a phisycal or logical (sub-interface) interface but the problem here could be that the IP 1.2.3.4 is not being known on the other router, so you should create at least a static router, imagine this scenario:

 

ROUTER 1 ------ L3 Link ------ ROUTER2

 

ROUTER1

 

interface loopback 0

ip address 1.2.3.4 255.255.255.255

 

interface g0/0

description TO-ROUTER2

ip address 10.12.0.1 255.255.255.252

ip nat outside

no shutdown

 

interface g0/1

description TO-MY-NETWORKS

ip address 192.168.1.1 255.255.255.0

ip nat inside 

no shutdown

 

ip access-list standard MY-NETS

permit 192.168.1.0 0.0.0.255

 

ip nat inside source list MY-NETS interface loopback0 overload

 

ip route 0.0.0.0 0.0.0.0 10.12.0.2 name INTERNET

 

 

ROUTER 2

Now, how R2 does not know about the R1's loopback, you must allow that communication so you need to create a method, the easy way is a static route.

 

ip route 1.2.3.4 255.255.255.255 10.12.0.2

 

 

Hope it is useful

:-)

 




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful
Customers Also Viewed These Support Documents