Posted on March 25, 2015 4:10 pm
 |  Asked by Sriram Sriram
 |  2064 views
RESOLVED
0
0
Print Friendly, PDF & Email

hi,

Are there any examples on twice NAT for multicast ?  We want to NAT the source using dynamic overload and destination NAT to a range of multicast addresses.

If dynamic overload does not work, do you have examples of twice-nat using static NAT ?

Thanks

Sri

0
Posted by Alexis Dacquay
Answered on March 25, 2015 4:45 pm

Hello Sri,

Multicast Twice NAT must be applied egress. Also, like for single NAT (Destination NAT), two passes (recirculation) are required, meaning a doubling of latency (700-760ns instead of 350-380ns for unicast)

!
 interface ethernet6
    ip nat source static 10.0.0.15 20.0.0.15 group 2
    ip nat destination static 239.0.0.1 239.2.2.2 group 2
!

Note : The rule “ip nat source static 10.0.0.15 20.0.0.15 […]” is unique system-wide. It cannot be on both group1 and group2. Example illustrating that uniqueness:

7150S#sh active | i nat
 ip nat source static 10.0.0.15 20.0.0.15 group 1
 ip nat destination static 200.0.0.10 200.2.2.2 group 1
7150S(config-if-Et6)#ip nat source static 10.0.0.15 20.0.0.15 group 2
7150S(config-if-Et6)#ip nat destination static 239.0.0.1 239.2.2.2 group 2
7150S#sh active | i nat
 ip nat source static 10.0.0.15 20.0.0.15 group 2     <-- change from group 1 to group 2
 ip nat destination static 200.0.0.10 200.2.2.2 group 1
 ip nat destination static 239.0.0.1 239.2.2.2 group 2

Before NAT:

15:56:26.940505 […] ethertype IPv4 (0x0800), length 1020: 10.0.0.15.1234 > 239.0.0.1.80: UDP, length 978

After NAT:

16:00:26.165941 […] ethertype IPv4 (0x0800), length 1020: 20.0.0.15.1234 > 239.2.2.2.80: UDP, length 978

Example of outputs

7150S#show ip nat translation       <-- *Note*: no Twice-NAT output here
 Source IP Destination IP Translated IP TGT Type Intf
 ----------------------------------------------------------------------------
 
7150S#show ip nat translation twice      <-- Twice-NAT output is available
 Source IP Destination IP Translated Src IP Translated Dst IP
 ----------------------------------------------------------------------------
 10.0.0.15:0 239.0.0.1:0 20.0.0.15:0 239.2.2.2:0
 
7150S#show ip interface brief
 Interface IP Address Status Protocol MTU
 Ethernet5 10.0.0.1/24 up up 1500
 Ethernet6 123.0.0.1/24 up up 1500
 Loopback0 1.1.1.1/32 up up 65535
 […]
 
7150S#show ip mroute
 […]
 239.2.2.2
 0.0.0.0, 0:16:32, flags: W
 Incoming interface:
 Outgoing interface list:
 Ethernet6
 20.0.0.15, 0:12:34, flags: JKED
 Incoming interface:
 Outgoing interface list:
 Ethernet6

 

The config for the above examples is below:

 

! device: 7150S (DCS-7150S-64-CL, EOS-4.14.3F)
 !
 ip pim rp-address 1.1.1.1
 ip pim rp-candidate Loopback0 224.0.0.0/4
 !
 interface Ethernet5
 no switchport
 ip address 10.0.0.1/24
 ip pim sparse-mode
 !
 interface Ethernet6
 no switchport
 ip address 123.0.0.1/24
 ip nat source static 10.0.0.15 20.0.0.15 group 2
 ip nat destination static 239.0.0.1 239.2.2.2 group 2
 ip pim sparse-mode
 !
 interface Loopback0
 ip address 1.1.1.1/32
 !
 ip routing
 !
 ip multicast-routing
 !
 router ospf 1
 router-id 1.1.1.1
 network 1.1.1.1/32 area 0.0.0.0
 network 10.0.0.1/32 area 0.0.0.0
 network 10.0.1.1/32 area 0.0.0.0
 network 123.0.0.1/32 area 0.0.0.0
 max-lsa 12000
 !
Regards,   Alexis
0
Posted by Sriram Sriram
Answered on March 25, 2015 5:05 pm

Thanks Alexis.  I am assuming that dynamic overload is not an option here.

Regards

Sri

Sri,
Correct, the Twice-NAT implementation is static via the Twice-NAT groups.

(Alexis Dacquay at March 25, 2015 5:29 pm)

Post your Answer

You must be logged in to post an answer.