whats wrong with this scenario..!

mnlatif · ‎08-12-2003

Hi,

I am trying to setup the following for a home network. User has 5 ip addresses from the service provider

x.x.x.173, x.x.x.221, x.x.x.239, x.x.x.241, x.x.x.249

Gateway = x.x.x.129

Service Provider assigned netmask = 255.255.255.0

Using a Cisco 1721 Router, i want the DSL modem connect to "e0" of the Router and then all other internal PC on "fa0".

This needs one special consideration, a Windows XP PC "Should" have a Public IP address (not even 1-1 NAT mapping will work), reason is that user wants to use MSN Voice Chat (which uses SIP protocol) and if the PC doesn't have a Public IP Address, then it puts the private ip address in the SIP header, which is not routable and connection fails.(UNfortuantely Cisco SW is not able to translate the SIP header).

I set this up as below (modifying the given subnet mask)

e0 (x.x.x.173\26) - will x.x.x.128 network

fa0 (x.x.x.221\26) - will be x.x.x.192 network

WinXP PC = x.x.x.239\26, x.x.x.221 as the Gateway

Now the problem is that Service Provider doesn't care that i have the ip address further subnetted.So for my "self created" x.x.x.192\26 subnet, the packets are "not" sent to x.x.x.173 (e0 address) but instead ARP request are sent to get the associated MAC address.

I can think of two solutions

1. Enable "proxy arp" for e0 interface (this works..!) but router also starts responding to all "other" addresses in the x.x.x.192\26 subnet and those addresses don't belong to the user, so it messes up the provider's network.

2. As another option, i disbaled "proxy arp" and added an arp entry as

arp x.x.x.239 <mac of windows> arpa alias

As far as i understand the router should respond to any ARP request for IP x.x.x.239 with its own MAC address and then forward the packet to configured MAC address (Win XP) ?

However this doesn't seem to work ?

Am i missing something ? OR Will this never work (reason) ? Can i have a solution, without having to enable "proxy arp" ?

thisisshanky · ‎08-13-2003

Infact there is support for SIP and NAT starting with IOS ver 12.2(8). That should save you some bucks on the IPs. The command used it "ip nat service"

Router responds with its own mac address, only if you have proxy arp enabled. Since you have disabled proxy arp and added a static arp entry, it will only respond with that configured mac addr.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

mnlatif · ‎08-13-2003

Actually i am runnung 12.2(15)T and still it doesn't work. SIP and H.323 support (i already have it enabled using ip nat service..) works for Microsoft Net Meeting but not for MSN Messenger.

From your reply, it seems that my config should be working, if router is responding with the configured mac address, so it should be receiving packets destined for the PC address on interface e0 and then it should forward these through interface fa0 ?

Maybe i should check if return packets are getting to the router interface,

thisisshanky · ‎08-13-2003

Have you checked your pc gateway settings.

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus

mnlatif · ‎08-13-2003

Yes. All settings are correct. I sniffed packets at router's external interface e0.

So with "arp arpa command, Router replies to the ARP requests with the PC configured MAC address and the I do get the packets back from the Provder's network addressed to the PC_MAC address, but since the router is not configured with "proxy arp" , it doesn't forward those to PC.

I thought that router will forward the packets, if i had the static arp command configured (even without proxyarp command).

So i guess there is no possible work around ?

Can bridging be a solution ? Any hints for configuring that ?