From: Thomas Larus (tlarus@cox.net)
Date: Sat Jul 05 2003 - 21:56:42 GMT-3
Has anyone else experienced this:
You configure BGP peering from a serial interface that is also the IP NAT
outside interface for Port Address Translation. Actually, the BGP peering
came first, and then you added PAT. PAT kills the BGP session by changing the
source port number.
Unless you exclude the IP NAT outside interface's own IP address from the IP
NAT inside source pool, PAT will change the source port for the TCP session,
and the other BGP peer will not like the new port number and will terminate
the BGP session. At least that is what seemed to be going on when I
experienced this a while back.
I just wanted to see if other folks had experienced this. I mean, ideally,
one would think that PAT would not act on TCP traffic originating from the IP
NAT outside interface itself. I guess there is so much shuffling around of
ports involved in PAT that the even traffic sourced from the outside interface
can end up with changed source ports. Either that, or the traffic ostensibly
sourced from the outside interface is logically treated by PAT as sourced from
elsewhere on the router. I would understand if this happened when I had a
loopback address configured as an IP NAT inside interface, but the problem
persisted when I took NAT off the loopback.
I just wanted to see if any of the brilliant engineers out there would explain
this phenomenon. (Priscilla O., Howard B., Brian D., Bryan M., Fred I.?)
Tom Larus, CCIE #10,014
This archive was generated by hypermail 2.1.4 : Wed Aug 06 2003 - 06:52:25 GMT-3