09-03-2018 11:20 PM
For NAT process, i've forwarded NAT required traffic from access interface to VSM with help of ABF. Packets generated by subscriber can reach to destination after NAT process but return traffic doesn't get routed to subscriber interface from vrf.
Subscriber receives return traffic properly when /32 route is added to vrf.
09-04-2018 12:57 AM
If the subscribers are local to this router, I don't think you can tweak the routing table in the outside vrf to send the return traffic to a next-hop interface other than the subscriber interface itself. You need to have the true next-hop interface in the outside VRF.
/Aleksandar
09-04-2018 07:59 AM
I'm trying to tweak routing table in inside vrf as return traffic comes to outside vrf and then to inside vrf.
Suppose a subscriber gets ip 10.0.0.10, if I add static route to /32 destination like config below in inside vrf NAT works perfectly fine.
router static
address-family ipv4 unicast
100.64.0.0/26 ServiceApp2
!
vrf InsideVRF
address-family ipv4 unicast
0.0.0.0/0 ServiceApp1
10.0.0.10/32 vrf default Bundle-Ether4.100
!
!
!
09-04-2018 08:23 AM
I think I finally understood your question now. The additional static route (10.0.0.10/32 vrf default Bundle-Ether4.100) shouldn't be required. It would make the whole BNG+CGNAT integration very cumbersome.
VSM card has two NPs, the same ones that are used on any Typhoon line card. If configuring the static route resolves the issue, I doubt that the problem is in the translation table on the VSM. It seems more likely to be an issue with the forwarding table in the NPs. Can you send pings with timeout zero and see which NP counters are incrementing?
You can refer to these two docs for guidelines:
/Aleksandar
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide