[cgnat] 2 inside-vrfs NAT to same outside pool

Carlos A. Silva · ‎09-18-2015

Hi, All:

With version 5.1.3 (or in other version), is it possible to map 2 different inside-vrfs so that they are NAT'd to the same outside pool in default-vrf?

Something like:

service cgn cgn1

service-location preferred-active 0/3/CPU0

service-type nat44 NAT44

portlimit 2048

inside-vrf nat1

map address-pool 172.16.120.0/22

inside-vrf nat2

map address-pool 172.16.120.0/22

As shown, i have 2 inside VRFs and the 172.16.120.0/22 is in the global table.

Thanks in advance!

c.

ranramal · ‎09-21-2015

Hi Carlos

If it is same mapped public address pool, it is going to be challenge to configure o2i without getting o2i drops.

Otherwise following configuration is allowed:

RP/0/RP0/CPU0:Router(config-cgn-invrf)#show

Fri Jun 15 16:54:52.430 PDT

service cgn demo

service-type nat44 nat44-1

inside-vrf Inside-1

map address-pool 151.0.0.0/24

!

inside-vrf Inside-2

map address-pool 151.0.1.0/24

!

RP/0/RP0/CPU0:Router(config-cgn-invrf)#

From 5.2.0 onwards, using ABF based redundancy, same public address pool can be configured across two different cards.

Thanks

Ranga

Carlos A. Silva · ‎09-21-2015

Thanks for your reply, Ranga.

See, the thing is that (using your example) pool for vrf Inside-1 is underutilized so, but for design reasons we need vrf Inside-2 and would like to avoid using more ip space so that Inside-2 has its own pool.

From what you say, I have 2 choices:

1) Splitting Inside-1 pool

2) Maybe route-leaking