Force source interface.

Unanswered Question
Jul 20th, 2007

Hi NetPros:

Is there any way to force the outbound interface of the router?

I mean, when router does ping, dns, queries, ntp, etc... is doing with the interface nearest to destination, does it?

I need router do queries, pings, and so on with source internal private ip and later nat to inside public ip.

Any advice?

Thanks in advance and best regards,

Olaf

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mohammedmahmoud Fri, 07/20/2007 - 08:35

Hi,

For ping use, "ping ip source ".

Other service like TACACS for example can control the source interface "ip tacacs source-interface <>".

HTH,

Mohammed Mahmoud.

olafmarcos Fri, 07/20/2007 - 08:38

Hi Mohammed:

I need this cause router is dns server and it does queries unattended. I need to force source interface all time.

Thanks and regards,

Olaf

mchoo2005 Tue, 07/24/2007 - 22:15

I've never come across a way to force source-interface for DNS on Cisco routers (in fact, I've never come across a Cisco router being used as a DNS server!). I tried searching Cisco's doco, as well as trying several commands on an actual router. No joy.

However, most other protocols in Cisco routers have specific commands to force their source-interface. E.g.:

- NTP: ntp source

- SNMP Trap: snmp-server trap-source

- TFTP: ip tftp source-interface

- FTP: ip ftp source-interface

- SSH: ip ssh source-interface

- TACACS: ip tacacs source-interface

- RADIUS: ip radius source-interface

etc. etc. etc.

HTH

olafmarcos Wed, 07/25/2007 - 10:44

I saw the option to force the source interface of other protocols, but cisco has the built-in dns server (proxy server), and why not to use?

I remember other issue updating dyndns ip cause not to be able to force source interface.

This necesity is due to be able to map a range of ports to a internal server. I need an ip nat:

ip nat inside source static PrivateIP PublicIP/Interface

I only have one public ip. Router's dns queries or any other access to internet is doing with the ip of the nearest interface (PublicIP). And due to ip nat statement, all replies are natted to internal server, so router hasn't access.

I put other conversation and the result is that this approach is not possible with Cisco (when "every cheap" routers does).

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=WAN%2C%20Routing%20and%20Switching&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1ddf197d

Any advices?

Thanks and best regards,

Olaf

mchoo2005 Wed, 07/25/2007 - 16:38

Sorry Olaf... I don't have much experience with NAT-ing on Cisco routers (been using Firewalls mostly). But, I was thinking... maybe unnumbered interface may help somehow?

olafmarcos Wed, 07/25/2007 - 17:18

I'll try your sugestion. Any configuration example?

I thought with loopback interface too.

Regards,

Actions

This Discussion