Re: fun with nat

From: John Conzone (jkconzone@xxxxxxxx)
Date: Tue Sep 12 2000 - 19:02:19 GMT-3

• Next message: Feliz, Edgar: "RE: OSPF demand-circuit over OSPF no backbone area"
• Previous message: Scott F. Robohn: "Re: Cat5500 Lane question"
• Maybe in reply to: John Conzone: "fun with nat"
• Next in thread: John Conzone: "Re: fun with nat"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
       Kyle, what happens is that when I debug ospf, it won't form a
   neighbor relation shipp becasue the hello's are being source by a
   network that is not on the cable./
       For instance, whne I put NAT on an serial frame itnerface, and NAT
   the 10 network to a 64 network, the hellos come out from 64.64.64.1,
   and the oruter ont he other end, which is a 10 network, rejects the
   hellos because the come from an unknown network.
   
   ----- Original Message -----
   
   From: Kyle Galusha
   
   To: John Conzone ; ccielab
   
   Sent: Monday, September 11, 2000 9:02 PM
   
   Subject: Re: fun with nat
   
     As far as I can tell NAT works fine with OSPF. The trick to get
     around the fact that ospf advertises loopbacks as host/32 networks
     (I assume that is the problem you have run into). To get around
     that problem either try setting "ip ospf network p-t-p"
     or put the ip address of over global nat pool on a tunnel interface
     and have the tunnel source and destination point to the same
     loopback address. Either technique should allow ospf to advertise
     a real sunet address and not just a /32 route. NAt works with
     other routing protocols as well.
     Kyle
     At 07:07 PM 9/11/2000 -0400, John Conzone wrote:
     
         I've been playing with nat in my test lab, and have found that
     it wreaks havoc with ospf. I haven't tried any of the DV protocols
     yet.
         Has anyone tried?
         My plan was to do DLSW through NAT but I can't apply NAT, at
     least with OSPF.
         How do you guys do DLSW through NAT? I mean, how do you "route"
     to the routers running NAT?
         Static's, RIP,etc.? How about tunnels. I know from real life
     that PPTP and L2TP won't run through PAT, which is actually what
     I'm doing. OSPF won't set up adj at all because the hellos are
     sourced form a network that is not local to the net. (the NAT
     address). I imaginef EIGRP will have the same problem.
         I guess what I am asking is where and how do you place NAT in
     your nets to test how various scenarios work?
         Thanks!

• Next message: Feliz, Edgar: "RE: OSPF demand-circuit over OSPF no backbone area"
• Previous message: Scott F. Robohn: "Re: Cat5500 Lane question"
• Maybe in reply to: John Conzone: "fun with nat"
• Next in thread: John Conzone: "Re: fun with nat"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:55 GMT-3