06-10-2016 09:24 AM - edited 03-08-2019 06:08 AM
Hi All.
I have a design issue - see if anyone can help..
I have a 9504 with separate VRF's per customer, each customer had RFC1918 address space - so can overlap.
I also have another VRF that's used as "common services" out of RIPE ip space. I want to "leak" routes from the customer vrf's to the common services (CS) and back allowing a customer to access CS for services they need, leaking using simple export/import of the RT's.
Issue is the return traffic could obviously be an issue as there could be multiple customers with the same ip/subnet. So what I wanted to do was NAT the traffic before it leaves the customer VRF to a RIPE ip I will assign.
Anyone know on the 9504 if this is possible?
thanks
06-10-2016 12:24 PM
Hi Derek,
I have never use the 9500 series, but according to the release notes NAT is available on 7.0.(3). see below link:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/release/notes/70321_nxos_rn.html
HTH
06-10-2016 01:33 PM
Thanks - I think part of the issue will be trying to get the 1918 ip's NAT'd inside the VRF before leaking just the NAT'd ip vrf to vrf.
Not convinced that's possible.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: