Re: Stateful NAT question from Carlos G Mendioroz on 2011-06-11 (Ccielab archives 06/2011)

From: Carlos G Mendioroz <tron_at_huapi.ba.ar>
Date: Sat, 11 Jun 2011 13:33:18 -0300

In my experience, NAT is special about route-maps vs ACLs.
It is like even though you don't use the capacity of the route-map
to single the flow you are interested, more data is kept in the
translation and so the translation is more specific.

I have the memory of some weird configurations working with route-maps
and not working with ACLs, even though the route-map only used the
match ip from the same ACL.

-Carlos

garry baker @ 11/06/2011 12:48 -0300 dixit:
> not speaking to just stateful nat, but the general use of route-maps over
> access-list or other more 'static' configurations such as in bgp using a
> route-map vs a neighbor statement is just about the flexibility the
> route-map gives you to set more options and even add on later down the
> road...
>
> so necessary or unnecessary, just depends on your point of view...
>
> --
> Garry L. Baker
>
> "With sufficient thrust, pigs fly just fine..." - RFC 1925
>
>
>
> On Fri, Jun 10, 2011 at 6:21 PM, Jacek <q.192.168.1.0_at_gmail.com> wrote:
>
>> Hello experts,
>>
>> I have a question about applying stateful nat. Cisco doc and IPexpert blog
>> http://www.cisco.com/en/US/docs/ios/12_4/12_4_mainline/snatsca.html
>> http://blog.ipexpert.com/2009/04/27/high-availability-nat-with-hsrp/
>>
>> tell to use route-map, like this:
>>
>> # ip nat inside source route-map rm-101 pool SNATPOOL1 mapping-id 10
>> overload
>>
>> Why they do not use "list" keyword instead:
>> # ip nat inside source list 101 pool SNATPOOL1 mapping-id 10 overload
>>
>> It looks to me like configuring route-map that only matches an access
>> lists is just an unnecessary step.
>> Am I right ?
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>

-- 
Carlos G Mendioroz  <tron_at_huapi.ba.ar>  LW7 EQI  Argentina
Blogs and organic groups at http://www.ccie.net

Received on Sat Jun 11 2011 - 13:33:18 ART

This archive was generated by hypermail 2.2.0 : Fri Jul 01 2011 - 06:24:28 ART