NAT routing - Next Hop is Multiaccess Interface

Unanswered Question
Jul 4th, 2007
User Badges:


Have an interesting one (I think)

So, I have the following



rtra-eth1 (NAT inside)

rtra-eth0 IP .1 (NAT outside)

rtrb IP .254

rtrc has external network

so I have configured destination NAT

ip nat outside source static (all my end user hosts point toward an IP of which get translated to

The destination NAT is within the subnet range.

So, in my routing table I have a route for directly connected via ethernet0 (well its is actually and not a host route)

Question 1.

If there is no static host route for the local NAT address ( to point towards the rtrb-eth0 .254 address, this will never work. Is this correct?

Becuase the router will only ever arp for the host address which does not exist? correct?

Question 2. NAT Question

The NAT order-of-operation states that going from inside to outside on rtra, routing happens before translation. Can I confirm the order of operation of the packet re-write?

So, packet destined for arrives on inside interface. NOW it is routed to outside interface (which must include L2 packet re-write) correct?

Now it the destination of the packet must change to Does this include another packet re-write?

At which point does an arp request happen to populate the L2 destination MAC address? and if it is a broadcast interface? and not next hop? what does it put in there?

Im sorry, but this quick question has turned into a whole host of Qs? Sorry!!

Does anyone know and can clarify for me?

Many thx indeed,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
a-vazquez Tue, 07/10/2007 - 10:23
User Badges:
  • Silver, 250 points or more

If using NAT on a WAN multi-access interface (with the NIAS component of Border Manager) make sure that a static route is defined in the WAN call for each of the remote networks. This is because only one default route is active at a time in the IP routing table. With multi-access setups, and the possibility of having multiple calls to different destinations at the same time, only one of the interfaces can be the default route. If other calls exist on different interfaces, a static route for the remote networks must be defined.


This Discussion