MLPP routing issue

Unanswered Question
Feb 17th, 2009
User Badges:

There is something I am not understanding here. See attached for my config on my 1841. I am accessing the internet via bonded T1's using MLPPP. The ISP has assigned me the address block 67.100.220.xxx/29. I have fastethernet0/0 attached to my local (192.168.214.0/32) network.

When the ppp connects, for example, it is assigned from ipcp the ip of 172.22.225.xxx with a gateway of 172.22.0.1. Now connecting to FE0/1 everything is perfect. If I connect from my local network (FE0/0)it will work for a few minutes, very slow, and then tell me destination unreachable.

What am I missing here? How do I get my local network to route over the PPP?


Here is my route table:

Gateway of last resort is 172.22.0.1 to network 0.0.0.0


172.22.0.0/32 is subnetted, 2 subnets

C 172.22.225.118 is directly connected, Multilink1

C 172.22.0.1 is directly connected, Multilink1

67.0.0.0/29 is subnetted, 1 subnets

C 67.100.220.xxx is directly connected, FastEthernet0/1

C 192.168.214.0/24 is directly connected, FastEthernet0/0

S* 0.0.0.0/0 [1/0] via 172.22.0.1


Thanks

GP



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Edison Ortiz Tue, 02/17/2009 - 11:42
User Badges:
  • Super Bronze, 10000 points or more
  • Hall of Fame,

    Founding Member

Modify the following statement:


ip nat inside source list 1 interface FastEthernet0/1 overload


with


ip nat inside source list 1 interface Multilink1 overload


HTH,


__


Edison.

Richard Burts Tue, 02/17/2009 - 11:57
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Greg


I agree with Edison that there is a problem in the way that NAT is configured. But I do not believe that changing the NAT so that it overloads on the multilink will solve the problem. The address learned on the multilink is also RFC1918 address space and will not produce addresses that can be used in the Internet.


I believe that there is a conceptual problem here that we need to work through. The ISP assigned you a block of addresses. Those addresses should be the source address of traffic that you send to the Internet. But you assigned them to a FastEthernet interface. I believe that this is not the right thing to do. I would believe that you need to create a NAT pool with those addresses and to do the translation using the pool instead of doing NAT overload on an interface address.


HTH


Rick

paolo bevilacqua Tue, 02/17/2009 - 12:14
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

I differ with both Edison and Rick.


I believe the config is correct, multink interface uses a private address as happens more and more these days.


Please let us know the exact IOS used.

Richard Burts Tue, 02/17/2009 - 12:18
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Paolo


Differences of opinion make for better discussion. In the original post he specified that his network is on the FastEthernet0/0 interface and that he is routing to the Internet over the multilink. And that the ISP had assigned him a block of addresses. Given that the traffic originates on FA0/0 and is routed out the multilink, how is assigning the ISP block on FA0/1 going to work?


HTH


Rick

paolo bevilacqua Tue, 02/17/2009 - 12:33
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Hi Rick,


It works because it Fa0/1 is not to be natted, it has a globally routable address. My understanding is that this is what the OP wants.


I correct my previous statement, Mu1 uses a public address as the OP clearly specified. On this one, overloaded NAT for FA0/0 is done

micrinservices Tue, 02/17/2009 - 14:51
User Badges:

The IOS ver:

Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9-M), Version 12.4(9)T4, RELEASE SOFTWARE (fc2)


Note: If I down FA0/1 with the public ip nothing will get routed out at all - When it is up and I do a trace from the private network, it doesnt appear to touch my public IP's. Next hop shows as 172.22.0.1... strange that is.


Thx

Greg

paolo bevilacqua Tue, 02/17/2009 - 15:05
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Hi, I would recommend you try either 12.4(9)T7, or more conservatively, 12.4(3j).

Your traceroute is normal, next-hop is ISP router.

micrinservices Wed, 02/18/2009 - 07:34
User Badges:

Unfortunately I do not have access to other version images. Is it your position that this is a bug and not a configuration issue?


Thanks

Greg

paolo bevilacqua Wed, 02/18/2009 - 07:46
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Yes, I've seen at least a bug like this in the past - many NAT entries caused memory leak and slowdown.


Note you cannot professionally operate cisco networks without at least one smartnet contract for downloads.

paolo bevilacqua Wed, 02/18/2009 - 10:10
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

I've looked at this further and found that you'reu sing MLPPP over frame-relay. That is not a very commonly used configuration and you may find issues in doing that.


Basically one reason more to try some different IOSlike the mentioned 12.4(3j).

micrinservices Wed, 02/18/2009 - 11:41
User Badges:

UPDATE

I tried Ricks suggestion and created a NAT pool. It is working much better. The download speed is pretty much right on but upload is very low. I am going to compare results by doing a test connection via fa0/1 and compare results.



I am working on getting smartnet up and going.


Thanks

Greg

Actions

This Discussion