Cisco GRS Configuration Manual
  1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Router
  5. GRS
  6. Configuration manual

Cisco GRS Configuration Manual

Ios xr carrier grade nat configuration
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco
CRS Router, Release 5.2.x
Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883
Text Part Number: OL-32659-01

Advertisement

Table of Contents
loading

Related Manuals for Cisco GRS

Summary of Contents for Cisco GRS

  • Page 1 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 Text Part Number: OL-32659-01...
  • Page 2 © 2014 Cisco Systems, Inc. All rights reserved.

  • Page 3: Table Of Contents

    ICMP Query Session Timeout Implementing NAT with TCP Address and Port Mapping Behavior Internally Initiated Connections Externally Initiated Connections Implementing NAT 44 over ISM Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 4 Configuring the Infrastructure Service Virtual Interface Configuring the Application Service Virtual Interface Configuring the Service Type Keyword Definition Configuring an Inside and Outside Address Pool Map Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 5 Line Card Upgrade UPGRADE FROM_ UBOOT to 559 & MANS FPGA to 0.41014 Configuring IPv6 Rapid Development Ping to BR Anycast Address Enable Additional 6rd Features Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 6 External Logging C H A P T E R 3 Bulk Port Allocation Restrictions for Bulk Port Allocation Session logging Syslog Logging Restrictions for Syslog Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 7 Contents Syslog Message Format Header Structured Data Netflow v9 Support NetFlow Record Format Frequently Asked Questions (FAQs) Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 8 Contents Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x viii OL-32659-01...

  • Page 9: Preface

    Subscribe to What's New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.
  • Page 10 Preface Obtaining Documentation and Submitting a Service Request Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 11: New And Changed Carrier Grade Nat Feature Information

    New and Changed Carrier Grade NAT Feature Information This table summarizes the new and changed information for the Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, and tells you where the features are documented. •...

  • Page 12: Chapter:

    Interface (SVI), on page CGSE-PLUS Throughput This feature was Release 5.2.0 Implementing Carrier Measurement introduced. Grade NAT on Cisco IOS XR Software chapter: Throughput Measurement, on page Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 13: Implementing Carrier Grade Nat On Cisco Ios Xr Software

    C H A P T E R Implementing Carrier Grade NAT on Cisco IOS XR Software This chapter provides an overview of the implementation of Carrier Grade NAT on Cisco IOS XR Software. • Carrier Grade NAT Overview and Benefits, page 3 •...

  • Page 14: Benefits Of Carrier Grade Nat

    Network address and port mapping can be reused to map new sessions to external endpoints after establishing a first mapping between an internal address and port to an external address. These NAT mapping definitions are defined from RFC 4787: Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 15: Translation Filtering

    Note The CGN service package was termed as hfr-cgn-p.pie or hfr-cgn-px.pie for releases prior to Cisco IOS XR Software Release 4.2.0. The CGN service package is referred as hfr-services-p.pie or hfr-services-px.pie in Cisco IOS XR Software Release 4.2.0 and later.

  • Page 16: Cgse Plim

    AAA administrator for assistance. CGSE PLIM A Carrier-Grade Services Engine (CGSE) is a physical line interface module (PLIM) for the Cisco CRS-1 Router. When the CGSE is attached to a single CRS modular service card (forwarding engine), it provides the hardware system running applications such as NAT44, XLAT, Stateful NAT64 and DS-Lite.

  • Page 17: Cgse Multi-Chassis Support

    It also supports services redundancy and QoS for service applications. CGSE Plus is brought up in two modes: • CGN mode — The Cisco IOS XR and Linux software are tuned to host CGN applications such as NAT44 and 6RD.

  • Page 18: Implementing Nat With Tcp

    Implementing NAT 44 over ISM These sections provide the information about implementation of NAT. The following figure illustrates the implementation of NAT 44 over ISM Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 19 The following figure illustrates the path of the data packet from a private network to a public network in a NAT implementation. The packet goes through the following steps when it travels from the private network to the public network: Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 20 The following figure illustrates the path of the packet coming from the public network to the private network. The packet goes through the following steps when it travels from the public network to the private network: Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 21: Implementing Nat 64 Over Ism

    This section explains how NAT64 is implemented over ISM. The figure illustrates the implementation of NAT64 over ISM. The components of this implementation are as follows: Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 22 The private address has to be mapped to the public address by NAT64 that is implemented in ISM. 2 The packet enters through the ingress port on the Gigabit Ethernet (GigE) interface at Slot 3. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 23 NAT64 that is implemented in ISM. 2 The packet enters through the ingress port on the Gigabit Ethernet (GigE) interface at Slot 3. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 24: Double Nat 444

    IPv4-only endpoint that is situated in an IPv4-only network, to communicate with an IPv6-only end-point that is situated in an IPv6-only network. This like-to-unlike address family connectivity paradigm provides backwards compatibility between IPv6 and IPv4. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 25: Ipv6 Rapid Deployment

    A Stateless XLAT (SL-XLAT) does not create or maintain any per-session or per-flow data structures. It is an algorithmic operation performed on the IP packet headers that results in the translation of an IPv4 packet to an IPv6 packet, and vice-versa. SL-XLAT requires Cisco IOS XR Software Release 3.9.3 or 4.0.1 or 4.1.0 or later.

  • Page 26: Port Control Protocol

    CGN supports the Real Time Streaming Protocol (RTSP), an application-level protocol for control over the delivery of data with real-time properties. RTSP provides an extensible framework to enable controlled, Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 27: Pptp-Alg

    CGSEs are reloaded together or the router is reloaded. There are remote chances that after a reboot, this association might change. This feature helps in cases where server applications running on the private network needs access from public internet. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 28: 1:1 Redundancy

    From this release onwards, you can create multiple pools of address for each inside VRF. This configuration currently supports 8 address pools that do not overlap with each other. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 29: Throughput Measurement

    Hence it becomes very important to measure the throughput for a service card. From this release onwards, the Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 30: High Availability On The Data Path Service Virtual Interface (Svi)

    • In the current release, the high availability configuration is supported only for V4 and V6 ServiceApps of 6rd application. • In case of a failure, the syslog message is generated irrespective of the shutdown of the SVI instance. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 31: External Logging

    In Cisco IOS XR Software Release 4.2.1 and later, the DS Lite and NAT44 features support Syslog as an alternative to Netflow. Syslog uses ASCII format and hence can be read by users. However, the log data volume is higher in Syslog than Netflow.

  • Page 32: Implementing Carrier Grade Nat On Cisco Ios Xr Software

    Implementing Carrier Grade NAT on Cisco IOS XR Software Implementing Carrier Grade NAT on Cisco IOS XR Software This chapter provides an overview of the implementation of Carrier Grade NAT on Cisco IOS XR Software. Getting Started with the Carrier Grade NAT Perform these tasks to get started with the CGN configuration tasks.

  • Page 33: Configuring The Service Instance And Location For The Carrier Grade Nat

    CGN configuration mode. Example: RP/0/RP0/CPU0:router(config)# service cgn cgn1 RP/0/RP0/CPU0:router(config-cgn)# Step 3 service-location preferred-active node-id Configures the active and standby locations for the CGN application. [preferred-standby node-id] Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 34: Configuring The Service Virtual Interfaces

    Do not remove or modify service infra interface configuration when the card is in Active state. The Note configuration is service affecting and the line card must be reloaded for the changes to take effect. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 35 EXEC mode. ◦ Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 36: Configuring The Application Service Virtual Interface

    RP/0/RP0/CPU0:router# configure Step 2 interface ServiceApp value Configures the application SVI as 1 and enters interface configuration mode. Example: RP/0/RP0/CPU0:router(config)# interface ServiceApp 1 RP/0/RP0/CPU0:router(config-if)# Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 37: Configuring The Service Type Keyword Definition

    Perform this task to configure the service type key definition. SUMMARY STEPS 1. configure 2. service cgn instance-name 3. service-type nat44 nat1 4. end or commit Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 38: Configuring An Inside And Outside Address Pool Map

    Perform this task to configure an inside and outside address pool map with the following scenarios: • The designated address pool is used for CNAT. • One inside VRF is mapped to only one outside VRF. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 39 [outside-vrf outside-vrf-name] address-pool Configures an inside VRF to an outside VRF and address pool address/prefix mapping. Example: RP/0/RP0/CPU0:router(config-cgn-invrf)# map outside-vrf outside vrf1 address-pool 10.10.0.0/16 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 40: Configuring The Policy Functions For The Carrier Grade Nat

    Perform this task to restrict the number of ports used by an IPv6 address. SUMMARY STEPS 1. configure 2. service cgn instance-name 3. service-type nat64 stateful instance-name 4. portlimit value 5. end or commit Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 41 ◦ Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. • Use the commit command to save the configuration changes to the running Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 42: Configuring The Timeout Value For The Protocol

    RP/0/RP0/CPU0:router(config)# service cgn cgn1 RP/0/RP0/CPU0:router(config-cgn)# Step 3 service-type nat44 nat1 Configures the service type keyword definition for CGN NAT44 application. Example: RP/0/RP0/CPU0:router(config-cgn)# service-type nat44 nat1 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 43: Configuring The Timeout Value For The Tcp Session

    Configuring the Timeout Value for the TCP Session Perform this task to configure the timeout value for either the active or initial sessions for TCP. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 44 • When you issue the end command, the system prompts you to Example: commit changes: RP/0/RP0/CPU0:router(config-cgn-proto)# Uncommitted changes found, commit them before exiting (yes/no/cancel)? RP/0/RP0/CPU0:router(config-cgn-proto)# commit [cancel]: Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 45: Configuring The Timeout Value For The Udp Session

    Step 2 service cgn instance-name Configures the instance named cgn1 for the CGN application and enters CGN configuration mode. Example: RP/0/RP0/CPU0:router(config)# service cgn cgn1 RP/0/RP0/CPU0:router(config-cgn)# Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 46: Configuring The Ftp Alg For Nat44 Instance

    Configuring the FTP ALG for NAT44 Instance Perform this task to configure the FTP ALG for the specified NAT44 instance. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 47 EXEC mode. ◦ Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 48: Configuring The Rtsp Alg For Nat44 Instance

    Example: RP/0/RP0/CPU0:router(config)# service cgn cgn1 RP/0/RP0/CPU0:router(config-cgn)# Step 3 service-type nat44 nat1 Configures the service type keyword definition for NAT44application. Example: RP/0/RP0/CPU0:router(config-cgn)# service-type nat44 nat1 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 49: Configuring The Pptp Alg For A Nat44 Instance

    Configuring the PPTP ALG for a NAT44 Instance SUMMARY STEPS 1. configure 2. service cgn instance-name 3. service-type nat44 nat1 4. alg pptpAlg 5. end or commit Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 50 • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 51: Configuring The Tcp Adjustment Value For The Maximum Segment Size

    RP/0/RP0/CPU0:router(config-cgn-invrf)# Step 5 protocol tcp Configures the TCP protocol session and enters CGN inside VRF AFI protocol configuration mode. Example: RP/0/RP0/CPU0:router(config-cgn-invrf)# protocol RP/0/RP0/CPU0:router(config-cgn-invrf-proto)# Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 52: Configuring The Refresh Direction For The Network Address Translation

    Perform this task to configure the NAT mapping refresh direction as outbound for TCP and UDP traffic. SUMMARY STEPS 1. configure 2. service cgn instance-name 3. service-type nat44 nat1 4. refresh-direction Outbound 5. end or commit Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 53 • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 54: Configuring The Carrier Grade Nat For Static Port Forwarding

    Configures the inside VRF for the CGN instance named cgn1 and enters CGN inside VRF configuration mode. Example: RP/0/RP0/CPU0:router(config-cgn-nat44)# inside-vrf insidevrf1 RP/0/RP0/CPU0:router(config-cgn-invrf)# Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 55 • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 56: Configuring The Dynamic Port Ranges For Nat44

    Uncommitted changes found, commit them before exiting (yes/no/cancel)? RP/0/RP0/CPU0:router(config-cgn-ivrf-sport-inside)# commit [cancel]: ◦ Entering yes saves configuration changes to the running configuration file, exits the Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 57: Configuring 1:1 Redundancy

    3. service-location preferred-active node-id [preferred-standby node-id] 4. end or commit DETAILED STEPS Command or Action Purpose Step 1 configure Enters global configuration mode. Example: RP/0/RP0/CPU0:router# configure Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 58: Configuring Multiple Public Address Pools

    Configuring Multiple Public Address Pools Perform the following steps to configure multiple public address pools for an inside VRF. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 59 • When you issue the end command, the system prompts you Example: to commit changes: RP/0/RP0/CPU0:router(config-cgn-invrf-afi)# Uncommitted changes found, commit them before exiting (yes/no/cancel)? Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 60: Configuring Port Limit Per Vrf

    5. inside-vrf vrf-name 6. portlimit value 7. end or commit DETAILED STEPS Command or Action Purpose Step 1 configure Enters global configuration mode. Example: RP/0/RP0/CPU0:router# configure Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 61 EXEC mode without committing the configuration changes. ◦ Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 62: Configuring Same Address Pool For Different Nat Instances

    Step 2 service cgn cgn1 Configures the instance named cgn1 for the CGN application and enters CGN configuration mode. Example: RP/0/RP0/CPU0:router(config)# service cgn cgn1 RP/0/RP0/CPU0:router(config-cgn)# Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 63 • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Step 7 configure Enters global configuration mode. Example: RP/0/RP0/CPU0:router# configure Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 64 • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 65: Configuring High Availability Of Data Path Service Virtual Interface (Svi)

    [cancel]: ◦ Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 66 Specifies the ServiceApp on which IPv6 traffic enters and leaves. Example: RP/0/RP0/CPU0:router(config-cgn-6rd)# datapath-test Step 11 end or commit Saves configuration changes. Example: RP/0/RP0/CPU0:router(config-cgn-tunnel-v6rd)# Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 67: Configuring The Export And Logging For The Network Address Translation Table Entries

    2. service cgn instance-name 3. service-type nat44 nat1 4. inside-vrf vrf-name 5. external-logging netflowv9 6. server 7. address address port number 8. end or commit Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 68 Uncommitted changes found, commit them before exiting (yes/no/cancel)? RP/0/RP0/CPU0:router(config-cgn-invrf-af-extlog-server)# commit [cancel]: ◦ Entering yes saves configuration changes to the running configuration file, exits the Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 69: Configuring The Path Maximum Transmission Unit For Netflow Logging

    6. server 7. path-mtu value 8. end or commit DETAILED STEPS Command or Action Purpose Step 1 configure Enters global configuration mode. Example: RP/0/RP0/CPU0:router# configure Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 70 EXEC mode. ◦ Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 71: Configuring The Refresh Rate For Netflow Logging

    Step 2 service cgn instance-name Configures the instance named cgn1 for the CGN application and enters CGN configuration mode. Example: RP/0/RP0/CPU0:router(config)# service cgn cgn1 RP/0/RP0/CPU0:router(config-cgn)# Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 72 EXEC mode without committing the configuration changes. ◦ Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 73: Configuring Session-Logging For A Nat44 Or Ds-Lite Instance

    Configures the service type keyword definition for NAT44 or DS-Lite application. Example: RP/0/RP0/CPU0:router(config-cgn)# service-type nat44 nat1 RP/0/RP0/CPU0:router(config-cgn)# service-type ds-lite ds-lite1 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 74 EXEC mode without committing the configuration changes. ◦ Entering cancel leaves the router in the current configuration session without Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 75: Configuring The Timeout For Netflow Logging

    RP/0/RP0/CPU0:router(config)# service cgn cgn1 RP/0/RP0/CPU0:router(config-cgn)# Step 3 Configures the service type keyword definition for service-type nat44 nat1 NAT44 application. Example: RP/0/RP0/CPU0:router(config-cgn)# service-type nat44 nat1 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 76 • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 77: Configuring The Carrier Grade Service Engine

    0.559 fpga3 0.559 fpga4 0.559 fpga5 0.559 fpga1 0.41014 rommonA 0 1.52 rommon 1.52 Latest uboot version is 559 & MANS is 0.41 Note Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 78 You need to reload the card. It takes about 15minutes. router# hw-module location 0/0/CPU0 reload WARNING: This will take the requested node out of service. Do you wish to continue?[confirm(y/n)] y Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 79: Configuring Ipv4/Ipv6 Stateless Translator (Xlat)

    • Configure static route to divert IPv6 traffic corresponding to XLAT prefix to the IPv6 ServiceApp conf t int serviceApp6 service cgn cgn1service-type nat64 stateless ipv6 address 2001:db8:fe00::1/40 commit exit router static address-family ipv6 unicast 2001:db8:ff00::/40 ServiceApp6 2001:db8:fe00::2 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 80: Xlat Instance Configuration

    ◦ This value can be overridden based on the configured Traffic Class value • IPv4 DF override ◦ When translating a IPv6 packet when the no Fragment Header IPv4 DF bit is set to 1. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 81: Line Card Upgrade

    Plim moved to uboot-mode and ready for UBOOT upgrade Step 4 Go to admin mode on the node and upgrade the FPGA MANS. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 82: Configuring Ipv6 Rapid Development

    • Configure 6rd instance (string “6rd1” in this example). There can be 64 6rd instances per CGSE/Chassis. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 83 Source address: 9.1.1.1 BR Unicast address: 2001:db8:901:101::1 IPv4 Prefix length: 0 IPv4 Suffix length: 0 TOS: 0, TTL: 255, Path MTU: 1280 Tunnel 6rd statistics ====================== Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 84 (IPv6) & non ICMP) Invalid IPv6 prefix fragment drop count : 0 (IPv6 Source from RG doesn’t have 6rd prefix) ===================================================================== IPv6 to IPv4 Fragments ======================= Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 85: Ping To Br Anycast Address

    This default behavior MAY be overridden by above configuration. ◦ tos value is in decimal service cgn demo service-type tunnel v6rd 6rd1 tos 160 ttl 100 commit Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 86 ◦ Basic Transition Mechanisms for IPv6 Hosts and Routers", RFC 4213, October 2005. • "An Anycast Prefix for 6to4 Relay Routers", RFC 3068, June 2001. • “Security Considerations for 6to4", RFC 3964, December 2004. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 87: Configuring Dual Stack Lite Instance

    21. address A.B.C.D port port-number 22. end or commit DETAILED STEPS Command or Action Purpose Step 1 Enters global configuration mode. configure Example: RP/0/RP0/CPU0:router# configure Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 88 Enters the address family IPv4 configuration mode. Example: RP/0/RP0/CPU0:router(config-cgn-ds-lite)# address-family ipv4 Step 10 Specifies the ServiceApp on which IPv4 traffic enters interface ServiceApp41 and leaves. Example: RP/0/RP0/CPU0:router(config-cgn-ds-lite-afi)# interface ServiceApp41 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 89 Configures the netflow server address and port number to use for netflow version 9 based external logging facility for DS LITE instance. Example: RP/0/RP0/CPU0:router(config-cgn-ds-lite-extlog-server)# address 90.1.1.1 port 99 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 90 • Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 91: Configuring Pcp Server For Nat44 Instance

    CGN inside VRF configuration mode. Example: RP/0/RP0/CPU0:router(config-cgn)# inside-vrf insidevrf1 RP/0/RP0/CPU0:router(config-cgn-invrf)# Step 5 Configures the PCP server for a NAT44 instance. pcp-server Example: RP/0/RP0/CPU0:router(config-cgn-invrf)# pcp-serevr RP/0/RP0/CPU0:router(config-cgn-invrf)# Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 92: Configuring Pcp Server For Ds-Lite Instance

    Configuring PCP Server for DS-Lite Instance Perform this task to configure PCP server for a DS-Lite instance: Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 93 • When you issue the end command, the system prompts you to Example: commit changes: RP/0/RP0/CPU0:router(config-cgn-invrf)# Uncommitted changes found, commit them before exiting (yes/no/cancel)? RP/0/RP0/CPU0:router(config-cgn-invrf)# commit [cancel]: Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 94: Configuration Examples For Implementing The Carrier Grade Nat

    0.0.0.0/0 serviceapp 1 interface ServiceApp 2 vrf insidevrf2 ipv4 address 211.1.1.1 255.255.255.0 service cgn cgn1 service-type nat44 nat1 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 95: Configuring A Different Inside Vrf Map To A Same Outside Vrf: Example

    0.0.0.0/0 serviceapp 2 interface ServiceApp 3 vrf outsidevrf1 ipv4 address 100.1.1.1 255.255.255.0 service cgn cgn1 router static vrf outsidevrf1 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 96: Configuring Acl For A Infrastructure Service Virtual Interface: Example

    1 router static address-family ipv4 unicast 180.1.0.0/16 10.222.5.2 181.1.0.0/16 10.222.5.2 Hardware Configuration for CSGE: vrf InsideCustomer1 address-family ipv4 unicast vrf OutsideCustomer1 address-family ipv4 unicast Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 97 OutsideCustomer1 address-pool 100.0.0.0/24 protocol tcp static-forward inside address 41.22.22.22 port 80 protocol icmp static-forward inside address 41.22.22.22 port 80 external-logging netflow version 9 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 98: Nat64 Stateless Configuration: Example

    Connected to PE22_C12406 GE 0/3/0/0.20 ipv6 address 2010::2/64 ipv6 enable dot1q vlan 20 interface GigabitEthernet0/6/5/1.20 description Connected to P1_CRS-8 GE 0/6/5/1.20 ipv4 address 10.97.97.2 255.255.255.0 dot1q vlan 20 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 99: Predefined Nat Configuration: Example

    This example shows how to configure the predefined NAT for NAT44: service cgn cgn1 service-location preferred-active 0/2/CPU0 service-type nat44 nat1 inside-vrf Inside_1 map address-pool 192.12.0.0/24 nat-mode predefined private-pool 192.1.106.0/24 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 100: Ds Lite Configuration: Example

    ServiceApp61 protocol tcp session init timeout 300 session active timeout 400 mss 1200 external-logging netflow9 server address 90.1.1.1 port 99 external-logging syslog Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 101: Bulk Port Allocation And Syslog Configuration: Example

    DS-Lite Instance service cgn cgn1 service-type ds-lite ds-lite1 external-logging netflow9 server session-logging PCP Server Configuration: Example NAT44 Instance service cgn cgn1 service-type nat44 nat1 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 102: Ds-Lite Instance

    In the following example the portlimit value 40 overrides the portlimit value 200. service cgn cgn1 service-location preferred-active 0/3/CPU0 service-type nat44 nat44 portlimit 100 Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 103: Configuration Of Same Public Address Pool Across Different Nat Instances: Example

    100.1.1.0/24 High Availability on data Path SVI: Example service cgn cgn1 service-type tunnel v6rd 6rd1 address-family ipv4 interface ServiceApp 100 datapath-test shut-down-on-failure Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 104 Implementing Carrier Grade NAT on Cisco IOS XR Software High Availability on data Path SVI: Example Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 105: Chapter 3 External Logging

    • The value for the size of bulk allocation can be 16, 32, 64, 128, 256, 512, 1024, 2048 and 4096. For optimum results, it is recommended that you set this size to half of the port limit. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 106: Session Logging

    In general, the syslog message is made up of header, structured data, and msg fields. However, in the CGv6 applications, the structured data is not used. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 107: Header

    • This field identifies the type of the syslog message. • In the ASCII format, the values for NAT44 and DS Lite messages are NAT44 and DS LITE respectively. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 108: Structured Data

    • UserbasedW: User-based port withdrawal • SessionbasedW: Session-based port withdrawal • SessionbasedWD: Session-based port withdrawal with destination information • Portblockrunout: Ports exhausted Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 109 Let us look at an example for NAT444 user-based UDP port translation mapping: [UserbasedA - 10.0.0.1 Broadband - 100.1.1.1 - 2048 3071 - -] The description for this example is as follows: Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 110: Netflow V9 Support

    All the fields of the header follow the format prescribed in RFC 3954. The source ID field is composed of the IPv4 address of ServiceInfra interface (of the card) and specific CPU-core that is generating the record. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 111 0. For more information on Options template, see RFC3954. Events The events and the corresponding template details are described in the following table: Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 112 N APTSourceT ransport P ort Post ( t r a n s l a t e d ) source port protocolIdentifier protocol identifier Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 113 D e s t i n a t i o n address destinationTransportPort D e s t i n a t i o n port protocolIdentifier protocol identifier Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 114 TPortBlockStart Start Post ( t r a n s l a t e d ) source port block postNATPortBlockEnd Post source port block Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 115 ( t r a n s l a t e d ) source port destinationTransportPort D e s t i n a t i o n port protocolIdentifier protocol identifier Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 116 ( t r a n s l a t e d ) source port block. Note this is defined IANA yet. DS-Lite Disabled Disabled ingressVRFID ID of translation create Ingress event egressVRFID ID of Egress Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 117 Original source port post N APTSourceT ransport P ort Post ( t r a n s l a t e d ) source port Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 118 D e s t i n a t i o n address destinationTransportPort D e s t i n a t i o n port protocolIdentifier Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 119 - l o g g i n g enabled. Else, it will reported as 0 sourceIPv6Address IPv6 address of the element (Tunnel source) Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 120 TPortBlockStart Start Post ( t r a n s l a t e d ) source port block postNATPortBlockEnd Post source port block Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 121 Ingress event sourceIPv4Address Original source IPV4 address sourceIPv6Address IPv6 address of the element (Tunnel source) sourceTransportPort Original source port protocolIdentifier protocol identifier Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 122 (with sourceIPv4Address Original destination) source IPV4 address sourceIPv6Address IPv6 address of the element (Tunnel source) sourceTransportPort Original source port protocolIdentifier protocol identifier Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 123 N APTSourceT ransport P ort Post ( t r a n s l a t e d ) source port protocolIdentifier protocol identifier Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 124 ( t r a n s l a t e d ) source port destinationTransportPort D e s t i n a t i o n port protocolIdentifier protocol identifier Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

  • Page 125: Frequently Asked Questions (Faqs)

    This section provides answers to the following frequently asked questions on external logging. Q: How to trace a subscriber by using the NAT logs? Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 126 Hence, bulk port allocation significantly reduces log data volume and hence the demand on storage space needed for the translation logs. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 127 IP address to public IP address and a certain port range by using an algorithm. Hence there is no need to keep track of NAT entries. Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...
  • Page 128 External Logging Frequently Asked Questions (FAQs) Cisco IOS XR Carrier Grade NAT Configuration Guide for the Cisco CRS Router, Release 5.2.x OL-32659-01...

This manual is also suitable for:

Crs

Table of Contents