Go CCIE Go!! - A Cisco Certified Internetwork Expert

IMHO, they have the same effect with one difference; Loopback interface can be reachable even there is no NAT translation. Static to null will drop packets if there is no proper NAT translation at that moment.
I tested the “loopback” scenario in my prior post, It is working as expected. You don’t need a static route to null, if you use network command under bgp process as in your second solution. Regards, Kemal
Objects are what is unalterable and subsistent; their configuration is what is changing and unstable. So, you need PRACTICE, PRACTICE, AND MORE PRACTICE…
—–Original Message—– From: Jens Petter [mailto:jenseike@start.no] Sent: Saturday, July 01, 2006 8:39 AM To: ‘Brian McGahan’; ‘Kemal YILDIRIM’; ccielab@groupstudy.com Subject: RE: advertising NAT pool in to BGP
So either of the scenarios under would do exactly the same for me..?
interface fastethernet 1 ip address 172.16.1.89 255.255.255.252 ip nat outside
interface fastethernet 0 ip address 192.168.1.0 255.255.255.0 ip nat inside
router bgp 1 neighbor 10.1.1.1 remote-as 2 network 172.16.1.17 mask 255.255.255.255 access-list 2 permit 192.168.1.0 0.0.0.255
ip route 172.16.1.17 255.255.255.255 null 0
ip nat pool NAT-POOL 172.16.1.17 172.16.1.17 prefix 30 ip nat inside source list 2 pool NAT-POOL overload
or
interface loopback 0 ip address 172.16.1.17 255.255.255.255
interface fastethernet 1 ip address 172.16.1.89 255.255.255.252 ip nat outside
interface fastethernet 0 ip address 192.168.1.0 255.255.255.0 ip nat inside
router bgp 1 neighbor 10.1.1.1 remote-as 2 network 172.16.1.17 mask 255.255.255.255 access-list 2 permit 192.168.1.0 0.0.0.255
ip route 172.16.1.17 255.255.255.255 null 0
ip nat pool NAT-POOL 172.16.1.17 172.16.1.17 prefix 30 ip nat inside source list 2 pool NAT-POOL overload
or
ip nat inside source list 2 interface loopback 0 overload (do this command do the job even without ” ip nat outside ” command on the loopback?)
Jens

—–Original Message—– From: Brian McGahan [mailto:bmcgahan@internetworkexpert.com] Sent: 1. juli 2006 00:33 To: Jens Petter; Kemal YILDIRIM; ccielab@groupstudy.com Subject: RE: advertising NAT pool in to BGP
The route just needs to be installed in the routing table so you can advertise it into BGP. You can either do this by adding a Loopback that’s in the subnet or doing a static route to null. There is no functional difference between the two since the network doesn’t exist anywhere except logically in the NAT process. Whichever way you do it you simply need to add the “network” statement under the BGP process to originate the route. Also don’t worry about the “mask” or “prefix-length” option in the NAT statement; actual traffic isn’t associated with a subnet mask only routes. You determine the route to the network either by the mask on the static route to null or on the Loopback.
HTH,
Brian McGahan, CCIE #8593 bmcgahan@internetworkexpert.com
Internetwork Expert, Inc. http://www.InternetworkExpert.com Toll Free: 877-224-8987 x 705 Outside US: 775-826-4344 x 705 24/7 Support: http://forum.internetworkexpert.com Live Chat: http://www.internetworkexpert.com/chat/
> —–Original Message—– > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of > Jens Petter > Sent: Friday, June 30, 2006 5:00 PM > To: ‘Kemal YILDIRIM’; ccielab@groupstudy.com > Subject: RE: advertising NAT pool in to BGP > > This is not for the lab, but real life scenario… So, I don’t need to > follow any rules about static routes.. > > So, will the nating work even if the nat outside command not are on the > loopback but on the Ethernet interface. Since you are overloading the > loopback interface? > > Jens > > —–Original Message—– > From: Kemal YILDIRIM [mailto:kemalhy@gmail.com] > Sent: 30. juni 2006 23:19 > To: ‘Jens Petter’; ccielab@groupstudy.com > Subject: RE: advertising NAT pool in to BGP > > Hi Jens, > 1- static routes is not allowed otherwise specifically stated. > 2- access-list 2 permit 192.168.1.0 will not match inside hosts. > access-list 2 permit 192.168.1.0 0.0.0.255 will match inside hosts > > You can create a loopback interface that has the NAT address and advertise > it in to BGP with network command. NAT translation can be done to loopback > interface and also can be overloded. > Regards > > interface Loopback0 > ip address 172.16.1.10 255.255.255.255 > ! > interface Ethernet0/0 > ip address 192.168.1.1 255.255.255.0 > ip nat inside > ! > interface Serial0/1 > ip address 172.16.1.1 255.255.255.252 > ip nat outside > ! > router bgp 1 > network 172.16.1.10 mask 255.255.255.255 > neighbor 172.16.1.2 remote-as 2 > no auto-summary > ! > ip nat inside source list 2 interface Loopback0 overload > ! > access-list 2 permit 192.168.1.0 0.0.0.255 > > > Objects are what is unalterable and subsistent; > their configuration is what is changing and unstable. > So, you need PRACTICE, PRACTICE, AND MORE PRACTICE… > > —–Original Message—– > From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of > Jens > Petter > Sent: Friday, June 30, 2006 10:58 PM > To: ccielab@groupstudy.com > Subject: advertising NAT pool in to BGP > > I am trying to figure out how to advertise a NAT configured pool in to > bgp.. > > Will this do the job ? : > > > > interface fastethernet 1 > ip address 172.16.1.x 255.255.255.252 > ip nat outside > > router bgp 1 > neighbor 10.1.1.1 remote-as 2 > redistribute static route-map STATIC-TO-BGP > > access-list 1 permit 172.16.1.10 > access-list 2 permit 192.168.1.0 > > route-map STATIC-TO-BGP > match ip address 1 > > ip nat pool NAT-POOL 172.16.1.10 172.16.1.10 PREFIX 30 > > ip nat inside source list 2 pool NAT-POOL overload > > ip route 172.16.1.10 255.255.255.255 null 0 > > 172.16.1.10 is my nat pool address that I am overloading for my inside > addresses… This is the NAT address I need to advertise in to BGP so that > external host have a route back… I tried to use /32 as prefix in the ip > nat pool command but got an error telling me that /30 is the smalest > prefix > I can use… Is this a problem..? the outside interface are /30 net > > Will this advertising of that NAT address work well. I dont have a lab to > test this, so any advice will be apreaciated… Any other advices is alo > apreachiated.. > > Jens > >