Friday, January 27, 2012

"Extendable" static translations:

Q: When to use ip nat ... extendable

A:
The extendable keyword allows the user to configure several ambiguous static translations, where an ambiguous translations are translations with the same local or global address.

ip nat inside source static <localaddr> <globaladdr> extendable

Some customers want to use more than one service provider and translate into each provider's address space. You can use route-maps to base the selection of global address pool on output interface as well as an access-list match. Following is an example:

ip nat pool provider1-space ...

ip nat pool provider2-space ...

ip nat inside source route-map provider1-map pool provider1-space

ip nat inside source route-map provider2-map pool provider2-space

!

route-map provider1-map permit 10

 match ip address 1

 match interface Serial0/0

!

route-map provider2-map permit 10

 match ip address 1

 match interface Serial0/1

Once that is working, they might also want to define static mappings for a particular host using each provider's address space. The software does not allow two static translations with the same local address, though, because it is ambiguous from the inside. The router will accept these static translations and resolve the ambiguity by creating full translations (all addresses and ports) if the static translations are marked as "extendable". For a new outside-to-inside flow, the appropriate static entry will act as a template for a full translation. For a new inside-to-outside flow, the dynamic route-map rules will be used to create a full translation.
Reference: from Cisco.com

No comments:

Post a Comment