NAT corrupting packets?

Unanswered Question
Nov 20th, 2009

I have a Cisco 2811 that I'm using to NAT the source address of a group of multicast streams to a single source IP address.  When I look at the output with Wireshark I see that most packets are getting NATed correctly, but about 10% have bad UDP checksums and about half of those still have the original source address.

The multicast data is coming in on Fa 0/0 (set to inside) and I have four subifs on Fa 0/1.  The multicast data is replicated without NAT on two of the subifs and one subif is set to the outside interface.  On the interfaces without NAT the data looks fine.  Here's a partial config:

...

interface FastEthernet0/0
ip address 192.168.11.10 255.255.255.128
ip pim dense-mode
ip nat inside
ip igmp unidirectional-link
duplex auto
speed auto
no cdp enable
!
interface FastEthernet0/1
no ip address
duplex full
speed 100
no cdp enable
no mop enabled
!
interface FastEthernet0/1.1
encapsulation dot1Q 1 native
ip address 10.82.82.10 255.255.255.0
ip helper-address 10.82.34.255
ip pim sparse-mode
no cdp enable
!
interface FastEthernet0/1.302
encapsulation dot1Q 302
ip address 10.82.32.1 255.255.255.0
ip pim dense-mode
no cdp enable
!
interface FastEthernet0/1.304
encapsulation dot1Q 304
ip address 10.82.34.1 255.255.255.0
ip directed-broadcast
ip pim sparse-dense-mode
no cdp enable
!
interface FastEthernet0/1.310
encapsulation dot1Q 310
ip address 10.82.31.1 255.255.255.0
ip pim dense-mode
ip nat outside
no cdp enable
!
router eigrp 84
network 10.82.0.0 0.0.255.255
no auto-summary
!
ip classless
ip forward-protocol udp 3012
...
ip forward-protocol udp 3007
no ip http server
ip pim send-rp-announce Loopback1 scope 16
ip pim send-rp-discovery scope 16
ip nat pool NAT-pool 10.82.1.0 10.82.1.3 prefix-length 30
ip nat inside source list NAT_sources pool NAT-pool overload
!
ip access-list standard NAT_sources
permit 10.128.0.0 0.127.255.255
!
ip access-list extended MULTICAST_ACL
permit udp any host 10.82.82.255 eq 3012
...
permit udp any host 10.82.82.255 eq 3236

Any ideas?  I've tried turning off the helper address, thinking it could be overloading the router, but that didn't help.  I would appreciate any input from the experts out there.

Patrick Griffin

CCNA

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion