cable modem dhcp proxy nat on Cisco Cable Modems

Similar documents
How to Configure a Cisco Router Behind a Non-Cisco Cable Modem

Policy Based Routing with the Multiple Tracking Options Feature Configuration Example

Configuring GRE Tunnel Over Cable

Configuring a Cisco 827 Router to Support PPPoE Clients, Terminating on a Cisco 6400 UAC

Use NAT to Hide the Real IP Address of CTC to Establish a Session with ONS 15454

Using NAT in Overlapping Networks

How to configure MB5000 Serial Port Bridge mode

Table of Contents. Cisco IPSec Tunnel through a PIX Firewall (Version 7.0) with NAT Configuration Example

IOS Router : Easy VPN (EzVPN) in Network Extension Mode (NEM) with Split tunnelling Configuration Example

Table of Contents. Cisco NAT Order of Operation

Configuring Transparent and Proxy Media Redirection Using ACNS Software 4.x

Removing Cable Modem and CPE Entries from the CMTS

Lab b Standard ACLs Instructor Version 2500

Configuring a Terminal/Comm Server

Using the Cable Monitor Tool

Configuring the Cisco IOS MGCP Gateway

CONFIGURATION DU SWITCH

Configuring the Cisco ubr904 Cable Modem

Configuring Catalyst Switches for Polycom Conference Phones

Configuring IDS TCP Reset Using VMS IDS MC

ord Recovery Procedure for the Cisco Catalyst 8510 Multiserv

Cisco DSL Router Configuration and Troubleshooting Guide Cisco DSL Router Acting as a PPPoE Client with a Dynamic IP Address

Lab 8.5.2: Troubleshooting Enterprise Networks 2

IPsec Anti-Replay Window Expanding and Disabling

No Service Password-Recovery

Configuring a Cisco 827 Router Using PPPoA With CHAP and PAP

Using Setup Mode to Configure a Cisco Networking Device

Lab Configuring Port Address Translation (PAT) (Instructor Version)

Configuring EtherChannel and 802.1Q Trunking Between Catalyst L2 Fixed Configuration Switches and Catalyst Switches Running CatOS

Catalyst Switches for Microsoft Network Load Balancing Configuration Example

NAT Support for Multiple Pools Using Route Maps

Configuring the Eight-Port FXS RJ-21 Module

Configuring IOS Server Load Balancing with HTTP Probes in the Dispatched Mode

Lab 7 Configuring Basic Router Settings with IOS CLI

Configuration Professional: Site to Site IPsec VPN Between Two IOS Routers Configuration Example

Support for policy-based routing applies to the Barracuda Web Security Gateway running version 6.x only.

LAN to LAN IPsec Tunnel Between a Cisco VPN 3000 Concentrator and Router with AES Configuration Example

Lab Configuring Static Routes Instructor Version 2500

Three interface Router without NAT Cisco IOS Firewall Configuration

IPsec Anti-Replay Window: Expanding and Disabling

Configuring Secure (Router) Mode on the Content Switching Module

Internet. SonicWALL IP Cisco IOS IP IP Network Mask

co Configuring PIX to Router Dynamic to Static IPSec with

Communication Media Module IP Connectivity

Using Setup Mode to Configure a Cisco Networking Device

II+/II+TS/II+10GE/III/IV/V/V 10GE

Using Cisco IOS Software

Table of Contents. isco Configuring 802.1q Trunking Between a Catalyst 3550 and Catalyst Switches Running Integrated Cisco IOS (Nativ

Lab Troubleshooting Using traceroute Instructor Version 2500

Lab Configuring Dynamic and Static NAT (Solution)

Configuring IOS to IOS IPSec Using AES Encryption

Laboration 2 Troubleshooting Switching and First-Hop Redundancy

1 of :22

Password Recovery Procedure for the Cisco 3600 and 3800 Series Routers

Lab Configuring Dynamic and Static NAT (Instructor Version Optional Lab)

Viewing Sample Configuration Files

Telnet, Console and AUX Port Passwords on Cisco Routers Configuration Example

Configuring Dynamic Multipoint VPN Using GRE Over IPsec With OSPF, NAT, and Cisco IOS Firewall

Configuring Redundant Routing on the VPN 3000 Concentrator

VPN Connection through Zone based Firewall Router Configuration Example

LANE, CES, and VBR PVCs in Shaped VP Tunnels

Lab Catalyst 2950T and 3550 Series Basic Setup

Chapter 6: Network Layer

Password Recovery Procedure for the Cisco 801, 802, 803, 804, 805, 811, and 813 Series Routers

Chapter 5 Lab 5-1 Inter-VLAN Routing INSTRUCTOR VERSION

Configuring EtherChannel Between Catalyst 2900XL/3500XL Switches and CatOS Switches

Initial Configuration for the Switch

Cable FAQs. Contents. Document ID: 12177

Lab Establishing and Verifying a Telnet Connection Instructor Version 2500

IP MultiLayer Switching Sample Configuration

Configuring a Management IP Address on Catalyst 4500/4000, 5500/5000, 6500/6000, and Catalyst Fixed Configuration Switches

assword Recovery Procedure for the Catalyst 4000 Supervisor

Chapter 10 Lab 10-2, Securing VLANs INSTRUCTOR VERSION

Password Recovery Procedure for the Cisco 1700 and 1800 Series Routers

co Password Recovery Procedure for the Cisco 1700 Series R

PIX/ASA 7.x and Later : Easy VPN with Split Tunneling ASA 5500 as the Server and Cisco 871 as the Easy VPN Remote Configuration Example

Context Based Access Control (CBAC): Introduction and Configuration

Configuring EtherChannel and 802.1Q Trunking Between Catalyst L2 Fixed Configuration Switches and a Router (InterVLAN Routing)

Cisco 7206 Series Router-PBX Interoperability: Lucent Definity G3r PBX and VXC-2TE1+ Port Adapter Card with E1 ISDN PRI Signaling

when interoperating with a Cisco Layer 3 Switch Situation: VLAN 1 shutdown, no IP on default VLAN on Cisco switch

Dynamically Configuring DHCP Server Options

Lab - Troubleshooting VLAN Configurations (Instructor Version Optional Lab)

PIX/ASA as a DHCP Server and Client Configuration Example

Lab Configuring Basic Switch Settings (Solution)

WCCPv2 and WCCP Enhancements

Configuring PPP over Ethernet with NAT

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Cisco Configuring Hub and Spoke Frame Relay

Chapter 5 Lab 5-2 DHCP INSTRUCTOR VERSION

Cisco Press CCIE Practical Studies CCIE Practice Lab: Skynet Solutions

Lab Configuring IGRP Instructor Version 2500

Lab Troubleshooting IP Address Issues Instructor Version 2500

Contents. Introduction

Configuring PPPoE Client on the Cisco 2600 to Connect to a Non Cisco DSL CPE

Router Allows VPN Clients to Connect IPsec and Internet Using Split Tunneling Configuration Example

Table of Contents. Cisco Password Recovery Procedure for the Cisco 2000, 2500, 3000, 4000, AccessPro, 7000 (RP), AGS, IGS, STS

Cable Commands: ca through cr

Cisco Conventions Used in Cisco Technical Tips

Configure the ASA for Dual Internal Networks

Case Study 2: Frame Relay and OSPF Solution

Transcription:

cable modem dhcp proxy nat on Cisco Cable Modems Document ID: 12176 Contents Introduction Prerequisites Requirements Components Used Conventions Dynamic NAT Versus Static NAT Configuration Using cable modem dhcp proxy nat Command Configuration Verification Related Information Introduction This document explains how to use the cable modem dhcp proxy nat command. The main function of this command is to configure a Network Address Translation (NAT) address pool with an IP address supplied by the Intrernet Providers DHCP server. For more information, refer to cable modem dhcp proxy in Cable IOS CMTS Commands. Caution: Be aware of Cisco bug ID CSCdt32356 (registered customers only), which is fixed in Cisco IOS Software Release Trains 12.2 and later. Dynamic NAT using the cable modem dhcp proxy nat pool name cable interface command does not function correctly. The IP address or subnet masks and default gateways are not assigned correctly, if at all. After the command is entered, the address that is assigned to the NAT pool does not respond to Address Resolution Protocol (ARP). The IP NAT pool that is created is from the cable modem scope, rather than the customer premises equipment (CPE) scope, so it puts an unroutable IP address in the NAT pool. Notice that this problem occurs in the Cisco IOS Software releases for several cable modems, especially 12.1(5)T. It is recommended that you use Cisco IOS Software Release Train 12.2 on the ubr924 and use Releases 12.2T, 12.3, and later Trains for the ubr905, ubr925, and CVA modems. For additional information, refer to Cisco bug ID CSCdt32356 (registered customers only). Note: Also be aware of these considerations: 1. Because the ubr904 platforms do not support Cisco IOS Software Release 12.1(1)T, it is not possible to configure the cable modem dhcp proxy command on this platform. 2. To enable the dhcp proxy feature on the ubr924, it is generally recommended that you use Cisco IOS Software Release 12.2(6j). 3. For the CVA122, the command is documented as cable dhcp proxy nat. This command is the same as the cable modem dhcp proxy nat command on the ubr900 series cable modems. From a CVA122, this output can be seen: Router(config)# interface cable 0 Router(config if)# cable? cable modem

Prerequisites Requirements Readers of this document should have knowledge of these topics: Basic understanding of Network Address Translation and why it is used Data over Cable Service Interface Specifications (DOCSIS) 1.0 protocol The Cisco IOS Software command line interface Components Used This table shows the Cisco IOS Software releases that support this command for each Cisco cable modem platform: Release that introduced the cable modem dhcp proxy command 12.1(1)T 12.1(3)XL 12.2(2)XA 12.1(5)XU1 Platform ubr924 ubr905 ubr925 CVA122 The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command. Conventions Refer to Cisco Technical Tips Conventions for more information on document conventions. Dynamic NAT Versus Static NAT With dynamic NAT, translations do not exist in the NAT translation table until the router receives traffic that requires translation. Dynamic translations have a time out period, after which they are purged from the translation table. With static NAT, however, translations exist in the NAT translation table as soon as you configure a static NAT command, and they remain in the translation table until you delete the static NAT command or commands. The easiest way to determine that you have dynamic NAT configured in your cable modem is by searching for this command in the configuration of the cable modem: ip nat inside source list 100 interface cable modem0 overload By pointing the NAT source to an access list, you are dynamically building the NAT translation table. The cable modem dhcp proxy nat command uses this dynamic NAT feature. Configuration Using cable modem dhcp proxy nat Command

When using the cable modem dhcp proxy nat command, the address used for the NAT pool is automatically allocated from the cable operators DHCP server. When using this option, include these NAT configuration commands: ip nat inside interfaceuse to configure the Ethernet interface as the inside interface. ip nat outside interfaceuse to configure the cable interface as the outside interface. overloadspecify this option with the IP NAT global configuration command because the NAT pool created by the cable modem dhcp proxy nat command contains only one IP address. After configuring the router with the cable modem dhcp proxy nat command, reboot the router. During the DOCSIS provisioning process, the router sends a DHCP client request to obtain an IP address for the cable interface. The router then sends a proxy DHCP request to the DHCP server using the MAC address of the Ethernet interface. The DHCP server replies with a second IP address that the router assigns to a dynamically configured Loopback interface that is pointing to a dynamically configured NAT pool of only one address. See the configuration output in this document for the information that is automatically added to the configuration after DHCP is processed. To configure NAT so that it creates the pool dynamically, issue these commands on your router. Remember that, in order to configure NAT, your router must be in routing mode. Router# config t Enter configuration commands, one per line. End with CNTL/Z. Router(config)# interface ethernet 0 Router(config if)# ip address 192.168.1.1 255.255.255.0 Assign an IP address to interface Ethernet 0. Router(config if)# no bridge group 59 Remove bridging so that you can configure for routing. Router(config if)# no bridge group 59 spanning Remove bridging spanning. Router(config if)# ip nat inside Enable NAT inside for the Ethernet interface. Router(config if)# exit Router(config)# Router(config)# interface cable 0 Router(config if)# no bridge group 59 Remove bridging so that you can configure for routing. Router(config if)# no bridge group 59 spanning Remove bridging spanning. Router(config if)# no cable compliant bridge Remove bridging so that you can configure for routing.

Router(config if)# ip nat outside Enable NAT outside for the cable interface. Router(config if)# cable modem dhcp proxy nat TEST_POOL Define dhcp proxy nat for the TEST_POOL pool. Router(config if)# exit Router(config)# Router(config)# ip routing Enable routing. Router(config)# ip nat inside source list 1 pool TEST_POOL overload Configure dynamic NAT. Router(config)# access list 1 permit 192.168.1.0 0.0.0.255 Define interesting traffic for NAT. The configuration looks like this: router# show run Building configuration... Current configuration : 953 bytes version 12.2 no service single slot reload enable no service pad service timestamps debug uptime service timestamps log uptime no service password encryption hostname router logging rate limit console 10 except errors ip subnet zero no ip finger ip audit notify log ip audit PO max events 100 no ip dhcp client network discovery interface Ethernet0 ip address 192.168.1.1 255.255.255.0 ip nat inside no ip mroute cache interface cable modem0 ip nat outside no ip mroute cache no cable modem compliant bridge cable modem dhcp proxy nat TEST_POOL ip nat inside source list 1 pool TEST_POOL overload ip classless no ip http server no ip http cable monitor

access list 1 permit 192.168.1.0 0.0.0.255 snmp server packetsize 4096 snmp server manager voice port 0 input gain 2 output attenuation 0 voice port 1 input gain 2 output attenuation 0 line con 0 transport input none line vty 0 4 login end router# The bold commands are the ones you entered; the others are the defaults. Notice that the NAT pool has not yet been created at this point. The cable modem needs to be reloaded, or the cable interface needs to be reset by issuing the shut command followed by the no shut command. router# reload Proceed with reload? [confirm] 133.CABLEMODEM.CISCO: 00:06:16: %SYS 5 RELOAD: Reload requested System Bootstrap, Version 12.0(6r)T3, RELEASE SOFTWARE (fc1) Copyright (c) 1999 by Cisco Systems, Inc. UBR924 platform with 16384 Kbytes of main memory program load complete, entry point: 0x80010000, size: 0x398070 Self decompressing the image : ################################# ########################################################## [OK] Output suppressed. Press RETURN to get started Note: In the configuration output, information that is automatically added to the configuration after DHCP is processed is noted with comments. In this document, a ubr7114 and ubr924 are used as examples. The Cisco IOS Software releases installed on them are 12.1(5)EC1 and 12.1(3a)T4, respectively. The next figure shows the connectivity and IP addresses used. Figure 1: Diagram used in the configuration using cable dhcp proxy nat command

ubr924configuration of the NAT address pool with an IP address supplied by the Service Providers DHCP server router# show run Building configuration... Current configuration : 1273 bytes Last configuration change at 13:12:52 Tue Feb 29 2000 version 12.2 no service single slot reload enable no service pad service timestamps debug uptime service timestamps log uptime no service password encryption hostname router logging rate limit console 10 except errors clock timezone 8 ip subnet zero no ip finger ip audit notify log ip audit PO max events 100 no ip dhcp client network discovery interface Loopback0 ip address 111.111.111.8 255.255.255.255 Lookback interface added automatically by DHCP configuration. interface Ethernet0 ip address 192.168.1.1 255.255.255.0 ip nat inside no ip mroute cache interface cable modem0 ip nat outside no ip mroute cache no cable modem compliant bridge cable modem dhcp proxy nat TEST_POOL cable modem boot admin 2 cable modem boot oper 5 cable modem downstream saved channel 525000000 37 1 ip nat pool TEST_POOL 111.111.111.8 111.111.111.8 netmask 255.255.255.0 NAT pool added automatically by DHCP configuration.

ip nat inside source list 1 pool TEST_POOL overload ip classless no ip http server no ip http cable monitor access list 1 permit 192.168.1.0 0.0.0.255 snmp server packetsize 4096 snmp server manager voice port 0 input gain 2 output attenuation 0 voice port 1 input gain 2 output attenuation 0 line con 0 transport input none line vty 0 4 login end Configuration Verification This section describes how to use show command output to verify the configuration of the cable modem. Certain show commands are supported by the Output Interpreter Tool (registered customers only), which allows you to view an analysis of show command output. Issue the show arp command to display the entries in the ARP table. router# show arp Protocol Address Age (min) Hardware Addr Type Interface Internet 111.111.111.111 56 0002.b9ff.8c1c ARPA cable modem0 Internet 10.4.1.1 59 0002.b9ff.8c1c ARPA cable modem0 IP address of the interface cable 1/0 of the cable modem termination system (CMTS). Internet 192.168.1.1 0030.1976.771a ARPA Ethernet0 Internet 192.168.1.5 34 00a0.243c.eff5 ARPA Ethernet0 IP address of the PC behind the cable modem. Internet 10.4.1.114 0030.1976.771b ARPA cable modem0 The PC behind the cable modem has IP address 192.168.1.5 statically configured. It is very easy, however, to make the cable modem a DHCP server which dynamically assigns an IP address to its LAN hosts; use this configuration: ip dhcp excluded address 192.168.1.1 ip dhcp pool pool name network 192.168.1.0 255.255.255.0 default router 192.168.1.1

To test that NAT works, issue a ping command from the PC connected behind the cable modem to try to reach the cable interface. If you look at the NAT translation table, you can see successful translations. router# show ip nat translations Pro Inside global Inside local Outside local Outside global icmp 111.111.111.8:512 192.168.1.5:512 10.4.1.114:512 10.4.1.114:512 For more information, refer to cable modem dhcp proxy in Cable IOS CMTS Commands. Related Information NAT (Network Address Translation) Support Pages Bridging and Routing Features for the Cisco ubr904 Cable Modem Cable CPE Commands Cisco CVA120 Series Cable Voice Adapter Features Technical Support Cisco Systems Contacts & Feedback Help Site Map 2014 2015 Cisco Systems, Inc. All rights reserved. Terms & Conditions Privacy Statement Cookie Policy Trademarks of Cisco Systems, Inc. Updated: Nov 20, 2006 Document ID: 12176

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback