I need to nat traffic between an IP range in one vrf to a single overload address in a different VRF on a nexus switch.
config im using is roughly like this
int e1/1 ip address 1.1.1.1 255.255.255.252 vrf member AAA ip nat outside int vlan 123 ip address 2.2.2.2 255.255.255.0 vrf member BBB ip nat inside ip nat inside source list LIST-BBB pool AAA overload ip nat pool AAA 10.10.10.10 10.10.10.10 prefix-length 32 vrf context AAA ip route 10.10.10.10/32 null 0
>>>>>>>>>>>>>>>>
switch advertises only the 10.10.10.10 /32 address via BGP to neighbour 1.1.1.2 on other side of e1/1 interface. The 1.1.1.2 neighbour advertises a range of addresses to the switch and these are leaked into the BBB VRF using route targets.The single null route is just used to get the 10.10.10.10 address into the routing table so it can be advertised by BGP
The aim is to get all traffic from LIST-BBB going out the e1/1 address to be NAT-ed as 10.10.10.10/32
I cant seem to get this config to work. I initiate connections from the inside but cant see any translations happening.
Any ideas where I might be going wrong?
When i enter "ip nat inside source list LIST-BBB pool AAA overload" there is no option to specify vrf
No comments:
Post a Comment