cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2140
Views
0
Helpful
1
Replies

NAT Multicast

I am trying to permit a multicast video stream to operate over an alternative IP address (239.239.20.5) as per the requirement from one customer without changing the origin multicast IP that all other customers use (239.239.10.5).

 

In my LAB I have 3 Routers (see attached topology diagram), one is the multicast source, the other the multicast destination, and the one in the middle running PIM, and everything works fine. If however on the middle router (R2), I add either of the below lines or both I am unable to get the multicast to work with the translated IP. It does however continue to work with the original IP Address.

 

ip nat inside source static 239.239.20.5 239.239.10.5 extendable

ip nat outside source static 239.239.10.5 239.239.20.5 extendable

(with ip nat inside and ip nat outside on the interfaces)

 

My general question is, is something special required to make the cisco router NAT multicast IP Addresses?

 

Below is the configuration of the routers and the output of the multicast routing table on the 3 routers when I attempt the multicast traffic:

 

R1

interface Ethernet0/1

 ip address 192.168.1.2 255.255.255.0

 ip pim sparse-dense-mode

!

interface Loopback1

 ip address 192.168.2.1 255.255.255.0

 ip pim sparse-dense-mode

 ip igmp join-group 239.239.20.5

!

router rip

 version 2

 network 192.168.0.0

 network 192.168.1.0

 network 192.168.2.0

 no auto-summary

!

 

sh ip mroute

IP Multicast Routing Table

Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,

       L - Local, P - Pruned, R - RP-bit set, F - Register flag,

       T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,

       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,

       U - URD, I - Received Source Specific Host Report, 

       Z - Multicast Tunnel, z - MDT-data group sender, 

       Y - Joined MDT-data group, y - Sending to MDT-data group, 

       G - Received BGP C-Mroute, g - Sent BGP C-Mroute, 

       N - Received BGP Shared-Tree Prune, n - BGP C-Mroute suppressed, 

       Q - Received BGP S-A Route, q - Sent BGP S-A Route, 

       V - RD & Vector, v - Vector, p - PIM Joins on route, 

       x - VxLAN group

Outgoing interface flags: H - Hardware switched, A - Assert winner, p - PIM Join

 Timers: Uptime/Expires

 Interface state: Interface, Next-Hop or VCD, State/Mode

 

(*, 239.239.20.5), 00:18:37/00:02:23, RP 0.0.0.0, flags: DCL

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Ethernet0/1, Forward/Sparse-Dense, 00:18:37/stopped

    Loopback1, Forward/Sparse-Dense, 00:18:37/stopped

 

(*, 224.0.1.40), 00:18:37/00:02:23, RP 0.0.0.0, flags: DCL

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Ethernet0/1, Forward/Sparse-Dense, 00:18:37/stopped

    Loopback1, Forward/Sparse-Dense, 00:18:37/stopped

 

R2

interface Ethernet0/0

 ip address 192.168.0.2 255.255.255.0

 ip pim sparse-dense-mode

 ip nat outside

 ip virtual-reassembly in

!

interface Ethernet0/1

 ip address 192.168.1.1 255.255.255.0

 ip pim sparse-dense-mode

 ip nat inside

 ip virtual-reassembly in    

!

interface Loopback1

 ip address 192.168.3.1 255.255.255.0

 ip pim sparse-dense-mode

!

router rip

 version 2

 network 192.168.0.0

 network 192.168.1.0

 network 192.168.3.0

 no auto-summary

!

 

sh ip mroute

IP Multicast Routing Table

Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,

       L - Local, P - Pruned, R - RP-bit set, F - Register flag,

       T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,

       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,

       U - URD, I - Received Source Specific Host Report, 

       Z - Multicast Tunnel, z - MDT-data group sender, 

       Y - Joined MDT-data group, y - Sending to MDT-data group, 

       G - Received BGP C-Mroute, g - Sent BGP C-Mroute, 

       N - Received BGP Shared-Tree Prune, n - BGP C-Mroute suppressed, 

       Q - Received BGP S-A Route, q - Sent BGP S-A Route, 

       V - RD & Vector, v - Vector, p - PIM Joins on route, 

       x - VxLAN group

Outgoing interface flags: H - Hardware switched, A - Assert winner, p - PIM Join

 Timers: Uptime/Expires

 Interface state: Interface, Next-Hop or VCD, State/Mode

 

(*, 239.239.10.5), 00:00:04/stopped, RP 0.0.0.0, flags: D

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Ethernet0/1, Forward/Sparse-Dense, 00:00:04/stopped

    Ethernet0/0, Forward/Sparse-Dense, 00:00:04/stopped

 

(192.168.4.1, 239.239.10.5), 00:00:04/00:02:54, flags: PT

  Incoming interface: Ethernet0/0, RPF nbr 192.168.0.1

  Outgoing interface list:

    Ethernet0/1, Prune/Sparse-Dense, 00:00:04/00:02:54

 

(*, 224.0.1.40), 00:07:10/00:02:50, RP 0.0.0.0, flags: DCL

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Ethernet0/0, Forward/Sparse-Dense, 00:06:41/stopped

    Ethernet0/1, Forward/Sparse-Dense, 00:06:41/stopped

    Loopback1, Forward/Sparse-Dense, 00:07:10/stopped

 

 

R3

interface Ethernet0/0

 ip address 192.168.0.1 255.255.255.0

 ip pim sparse-dense-mode

!

interface Loopback1

 ip address 192.168.4.1 255.255.255.0

 ip pim sparse-dense-mode

!

router rip

 version 2

 network 192.168.0.0

 network 192.168.1.0

 network 192.168.4.0

 no auto-summary

!

 

sh ip mroute

IP Multicast Routing Table

Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,

       L - Local, P - Pruned, R - RP-bit set, F - Register flag,

       T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,

       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,

       U - URD, I - Received Source Specific Host Report, 

       Z - Multicast Tunnel, z - MDT-data group sender, 

       Y - Joined MDT-data group, y - Sending to MDT-data group, 

       G - Received BGP C-Mroute, g - Sent BGP C-Mroute, 

       N - Received BGP Shared-Tree Prune, n - BGP C-Mroute suppressed, 

       Q - Received BGP S-A Route, q - Sent BGP S-A Route, 

       V - RD & Vector, v - Vector, p - PIM Joins on route, 

       x - VxLAN group

Outgoing interface flags: H - Hardware switched, A - Assert winner, p - PIM Join

 Timers: Uptime/Expires

 Interface state: Interface, Next-Hop or VCD, State/Mode

 

(*, 239.239.10.5), 00:00:03/stopped, RP 0.0.0.0, flags: D

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Ethernet0/0, Forward/Sparse-Dense, 00:00:03/stopped

 

(192.168.4.1, 239.239.10.5), 00:00:03/00:02:56, flags: PT

  Incoming interface: Loopback1, RPF nbr 0.0.0.0

  Outgoing interface list:

    Ethernet0/0, Prune/Sparse-Dense, 00:00:03/00:02:56

 

(*, 224.0.1.40), 00:18:58/00:02:01, RP 0.0.0.0, flags: DCL

  Incoming interface: Null, RPF nbr 0.0.0.0

  Outgoing interface list:

    Ethernet0/0, Forward/Sparse-Dense, 00:18:29/stopped

    Loopback1, Forward/Sparse-Dense, 00:18:58/stopped

 

 TEST FROM R3

#ping 239.239.10.5 so lo1

(because of the static NAT I an hoping the 239.239.20.5 join group on R1 would reply. If I change the join group back to the original IP of 239.239.10.5 so there is no NAT, then the ping works fine)

 

1 Reply 1

 

Hi Jonathan,

 

I do not think you can do NAT for the multicast address. You can do NAT for the multicast source address when it is operating on a private IP and you have receivers outside of your network. Please look at the following Cisco documentation:- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-16/nat-xe-16-book/iadnat-multicast-dynamic.html

 

Here is part of the document I grab for you regarding "Restrictions for IP Multicast Dynamic NAT":-

The IP Multicast Dynamic NAT feature does not support:

- IPv4-to-IPv6 address translation.
- Multicast destination address translation.
- Port Address Translation (PAT) overloading for multicast.
- Source and destination address translation.
- Unicast-to-multicast address translation.

 

Please correct me if I am wrong. 

 

HTH,

Meheretab

HTH,
Meheretab
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco