I'm trying to understand what the following command is doing:
ip nat inside source route-map MAP1 interface GigabitEthernet0 vrf INET overload
Here is route-map MAP1:
route-map MAP1 permit 10 match ip address NAT_LOCAL match interface GigabitEthernet0
Here's NAT_LOCAL ACL:
ip access-list extended NAT_LOCAL permit ip 192.168.1.0 0.0.0.255 any permit ip 10.0.0.0 0.0.0.255 any
And then there's also another route map:
route-map MAP2 permit 10 match ip address LOCAL set vrf INET
And LOCAL ACL:
(Bunch of (what looks like to me) random deny statements.) permit ip any any
And finally
VRF definition INET
and our Tunnel0 has "tunnel vrf INET"
So, my question is, are both route maps being applied? What I think is happening (please correct me if I'm wrong) is both route-maps are being applied, but the IP of the traffic depends on which map is applied? For example if a packet comes in that's not in the 192.168.1 subnet or the 10.0.0 subnet, the route map MAP1 will be applied?
No comments:
Post a Comment