I have a Cisco 2811 that I'm using to NAT the source address of a group of multicast streams to a single source IP address. When I look at the output with Wireshark I see that most packets are getting NATed correctly, but about 10% have bad UDP checksums and about half of those still have the original source address.
The multicast data is coming in on Fa 0/0 (set to inside) and I have four subifs on Fa 0/1. The multicast data is replicated without NAT on two of the subifs and one subif is set to the outside interface. On the interfaces without NAT the data looks fine. Here's a partial config:
interface FastEthernet0/0 ip address 192.168.11.10 255.255.255.128 ip pim dense-mode ip nat inside ip igmp unidirectional-link duplex auto speed auto no cdp enable ! interface FastEthernet0/1 no ip address duplex full speed 100 no cdp enable no mop enabled ! interface FastEthernet0/1.1 encapsulation dot1Q 1 native ip address 10.82.82.10 255.255.255.0 ip helper-address 10.82.34.255 ip pim sparse-mode no cdp enable ! interface FastEthernet0/1.302 encapsulation dot1Q 302 ip address 10.82.32.1 255.255.255.0 ip pim dense-mode no cdp enable ! interface FastEthernet0/1.304 encapsulation dot1Q 304 ip address 10.82.34.1 255.255.255.0 ip directed-broadcast ip pim sparse-dense-mode no cdp enable ! interface FastEthernet0/1.310 encapsulation dot1Q 310 ip address 10.82.31.1 255.255.255.0 ip pim dense-mode ip nat outside no cdp enable ! router eigrp 84 network 10.82.0.0 0.0.255.255 no auto-summary ! ip classless ip forward-protocol udp 3012 ... ip forward-protocol udp 3007 no ip http server ip pim send-rp-announce Loopback1 scope 16 ip pim send-rp-discovery scope 16 ip nat pool NAT-pool 10.82.1.0 10.82.1.3 prefix-length 30 ip nat inside source list NAT_sources pool NAT-pool overload ! ip access-list standard NAT_sources permit 10.128.0.0 0.127.255.255 ! ip access-list extended MULTICAST_ACL permit udp any host 10.82.82.255 eq 3012 ... permit udp any host 10.82.82.255 eq 3236
Any ideas? I've tried turning off the helper address, thinking it could be overloading the router, but that didn't help. I would appreciate any input from the experts out there.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...