Hi Ivan,
Sorry about the name, I dont speak German :)
Rgds
Uchil
On Fri, Apr 23, 2010 at 12:42 AM, Uchil Perera
<uchil.groupstudy_at_gmail.com>wrote:
> Hi Vielen,
>
> 1. When R5 receives a multicast hello from BB2, it brings the neighbor up,
> but if you check on BB2, there is no neighbor.
> 2. R5 drops outgoing Eigrp packets (debug ip nat det), hence neighbor
> session gets dropped
> 3. This process repeats as BB2 hello's are heard by R5 and no eigrp packets
> are sent to BB2
>
> The reason is that R5 drops locally generated Eigrp packets as there is
> no NAT entry for the source IP address (F0/0). As you are doing a NAT
> overload on the interface, router tries to NAT everything which goes out the
> interface while checking the NAT translation table. This is true for locally
> generated traffic. If the traffic is through a different incoming
> interface, NAT behaviour will depend on "ip nat inside" command on the
> ingress interface. If you create an "ip nat inside source static" command
> for the outgoing interface IP address (F0/0), Eigrp will work as NAT table
> has an entry for the source IP address (F0/0).
>
> Ex.
>
> If you configure "ip nat inside source static 14.7.225.5 14.7.225.5" or "ip
> nat inside source static 14.7.225.5 interface fastEthernet 0/0" Eigrp will
> work.
>
> This behaviour is similar but not the same when you try to telnet to R5
> from BB2's directly connected interface, it will fail unless you have a
> static NAT entry for telnet on R5.
>
> You can further verify this by doing a static NAT entry for source F0/0
> and a different interface. Ex. "ip nat inside source static 14.7.225.5
> interface *fastEthernet 1/1*". The router will send packets out the
> interface with a different source IP address and BB2 will log the
> "Neighbor x.x.x.x not on common subnet" message. But R5 will not drop Eigrp
> packets since there is an entry for F0/0 in the NAT table.
>
> Rgds
>
> Uchil Perera
> CCIE # 18536
>
>
>
> On Thu, Apr 22, 2010 at 7:50 PM, Ivan Hrvatska <ivanzghr_at_gmail.com> wrote:
>
>> Experts and all other who want to be experts :)
>> I have one issue with task that includes EIGRP and NAT:
>>
>>
>> Lo0
>> |
>> nat IN
>> |
>> nat IN---R5 (F0/0)----NAT OUT--------14.7.225.0/24----------BB2-----Lo0
>> |
>> nat IN
>> |
>>
>> Scenario is above. Task is to solve EIGRP neighbors flapping between
>> R5 and BB2.
>> R5 is doing NAT overload:
>>
>> ip nat inside source list 122 interface FastEthernet0/0 overload
>> !
>> access-list 122 permit ip any any
>> !
>>
>> EIGRP adjacency between R5 and BB2 is flapping. Solution is to exclude
>> EIGRP traffic from NAT on R5:
>>
>> access-list 122 deny eigrp any any
>> access-list 122 permit ip any any
>>
>> After that adjacency is UP, routes are exchanged and everything is
>> nice. And here comes my question:
>> Why configured NAT was problem for EIGRP since R5 and BB2 are directly
>> connected on the same segment, so what is good explanation for
>> flapping? Why R5 and BB2 couldn't established EIGRP adjecency on
>> directly connected segment?
>>
>> Vielen Dank !!
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Fri Apr 23 2010 - 00:48:03 ART
This archive was generated by hypermail 2.2.0 : Sat May 01 2010 - 09:49:57 ART