11-15-2012 07:46 AM - edited 03-07-2019 10:04 AM
Hello,
i have some Problem with doing NAT and BGP dynamic routes. I do have the follwing configuration with works perfectly.
interface GigabitEthernet0/0.150
encapsulation dot1Q 150
ip address 90.90.90.33 255.255.255.0
ip nat outside
ip virtual-reassembly
!
interface GigabitEthernet0/0.160
encapsulation dot1Q 160
ip address 90.90.100.33 255.255.255.0
ip nat outside
ip virtual-reassembly
!
interface GigabitEthernet0/1.204
encapsulation dot1Q 204
ip address 100.230.64.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
ip routing
!
ip nat inside source list NAT2A interface GigabitEthernet0/0.150 overload
ip nat inside source list NAT2B interface GigabitEthernet0/0.160 overload
ip route 90.1.1.0 255.255.255.0 90.90.90.32
ip route 90.1.2.0 255.255.255.0 90.90.100.32
!
ip access-list extended NAT2A
permit ip 100.230.64.0 0.0.0.255 90.1.1.0 0.0.0.255
ip access-list extended NAT2B
permit ip 100.230.64.0 0.0.0.255 90.1.2.0 0.0.0.255
!
Now i would like to replace the static routes to BGP dynamic routes. If i do so (remove the static routes and add BGP) natting is not working any more. I seems to be that NAT will not work with non static routes. BGP in advertising all nessesary routes but NAT will not used them. Does any body know a solution for this.
Kind Regards
11-15-2012 08:11 AM
Hi,
NAT should be working no matter if static or dynamic routing being used.
You just need to get proper routes on all sites.
I understand if you remove the static routes you are getting the routes for 90.1.1.0/24 and 90.1.2.0/24 via BGP?
As you are using the interface IP addresses as the global NATed addresses - are you able to Ping the target hosts in 90.1.1.0/24 and 90.1.2.0/24 from the router (source address 90.90.90.33 or 90.90.100.33)?
If not:
Are you enabling BGP just on your site or also on the remote site at the same time?
Isn't also some kind of NAT applied on the remote site?
How does you BGP peering look like exactly?
HTH,
Milan
11-15-2012 08:56 AM
Hi
You need to check if BGP is installing those routes in routing table
Please check if the routes are there in routing table when you configure BGP instead of ststic route
show ip route 90.1.1.0
Show ip route 90.1.2.0
Thank you
Raju
11-15-2012 11:41 AM
Hi,
I am only do NAT on this router.
BGP Peering is ok.
Routing is working fine with BGP routes. (without NAT)
Routing table is fine on both sides.
Ping is working too. (Without Nat also from End2End. Routed)
Notice:
i do not have any default route. Does even not work if i have one
Some details of the Router
Cisco 2901 512Ram 256Flash
c2900-universalk9-mz.SPA.150-1.M2.bin (now running this IOS. NAT only working with static routes)
c2900-universalk9-mz.SPA.150-1.M4.bin (before running this IOS. NAT only working with static routes)
Since this so such a easy setup and i am doing NAT/Routing/BGP on may of my routers (frist time NAT + BGP) it do not understand why this is not working.
11-15-2012 07:01 PM
Hi Andre,
did you check show ip nat translations to see if nating was happening?
if you are not seeing nat translations, we need to debug this
deb ip nat
Thank you
Raju
11-16-2012 12:28 AM
Hi,
I suppose you are peering with 90.90.90.32 and 90.90.100.32 BGP neighbours?
And the BGP routes for 90.1.1.0/24 and 90.1.2.0/24 are showing them as the next-hops?
BR,
Milan
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide