Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4141
Views
0
Helpful
4
Replies

IP nat inside source command with : match-in-vrf

croue
Level 1
Level 1

‎04-10-2008 07:02 AM - edited ‎03-03-2019 09:30 PM

Hi,

What is the explanation of the option " match-in-vrf" in the command ip nat inside source?

Because nothing is explain on the CCO.

router(config)#ip nat inside source list TEST pool POOL_TEST vrf VRF_TEST ?

match-in-vrf Match incoming vrf

overload Overload an address translation

<cr>

Labels:
0 Helpful
4 Replies 4

aghaznavi
Level 5
Level 5

‎04-17-2008 06:10 AM

The match-in-vrf keyword is missing from the ip nat inside source command, and the ip nat inside source command is not accepted at all in interface-configuration mode. This symptom is observed on a Cisco 7200 series that runs Cisco IOS interim Release 12.4(11.6a) or interim Release 12.4(12.03)T but may also affect other routers.

0 Helpful

csco10387876
Level 1
Level 1

‎10-07-2010 11:26 PM

the match in vrf allow you to have the same translation in two distinct vrf

so that you can have something like

ip nat inside source a.a.a.a b.b.b.b vrf a match-in-vrf

ip nat inside source a.a.a.a b.b.b.b vrf b match-in-vrf

but this feature is, as far as I know, only working for a vrf-lite config.

0 Helpful

knagavol
Cisco Employee
Cisco Employee

‎07-15-2013 05:55 AM

There is a new CCO doc explaining match-in-vrf -

http://www.cisco.com/en/US/docs/ios-xml/ios/ipaddr_nat/configuration/xe-2/iadnat-match-vrf.html

HTH

0 Helpful

Javier Teliz (jtelisbr)
Cisco Employee
Cisco Employee

‎07-02-2021 08:27 AM

The Match-in-VRF Support for NAT feature supports Network Address Translation (NAT) of packets that communicate between two hosts within the same VPN routing and forwarding (VRF) instance. In intra-VPN NAT, both the local and global address spaces for end hosts are isolated to their respective VPNs, and as a result, the translated addresses for the hosts overlap each other. The Match-in-VRF Support for NAT feature helps separate the address space for translated addresses among VPNs.

 

In summary:

! The match-in-vrf keyword enables NAT inside and outside traffic in the same VRF.
! The match-in-VRF Support for NAT feature helps separate the address space for translated addresses among VPNs.

 

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-2/nat-xe-2-book/iadnat-match-vrf.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card