Guest

Preview Tool

Cisco Bug: CSCsz47840 - VRF Aware NAT doest work in MPLS VPN scenario. Nat inside is core facing

Last Modified

Feb 02, 2017

Products (1)

  • Cisco IOS

Known Affected Releases

12.4(24)T

Description (partial)

Symptom:

Source NAT-PT (overload) doesn't work for given scenario:

PE1---{mpls vpn}---PE2---{vrf} ---CE

"ip nat inside" is configured on core facing interface on PE2
"ip nat outside" is configured on customer facing (vrf) interface.

Nat statement is as follows:
ip nat inside source list 123 interface Ethernet1/0 vrf VRF_NAME match-in-vrf overload

Eth1/0 is PE2 interface in VRF.

access-list 123 permit ip host IP_OF_PE1_IN_VRF any

Issue is seen int 12.4(22)T and 12.4(24)T. 
IOS 12.4(20)T1 is not affected.
Conditions:
Source NAT configuration for MPLS VPN core facing interface.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.