Sorting NAT Statements... producing useless diffs...
john heasley
heas at shrubbery.net
Fri Jun 10 23:50:10 UTC 2005
sigh, I dont have a pix, but from the manual, I think rancid's match is
deficient.
/^ip nat (\S+) source static (\S+)/ &&
doesn't handle a protocol field (udp|tcp) as the 6th field.
/^ip nat (\S+) source static ((udp|tcp) )?(\S+)/ &&
ProcessHistory("IP NAT $1","ipsort","$4","$_") && next;
the IP match probably ought be more specific too,
/^ip nat (\S+) source static ((udp|tcp) )?(\d+\.\d+\.\d+\.\d+)/ &&
What options are available for the 6th field?
Fri, Jun 10, 2005 at 07:26:53AM -0700, Roderick B. Greening:
> Hi,
>
> I keep getting uninteresting diffs like the following:
>
> retrieving revision 1.10
> diff -U4 -r1.10 <FILENAME REMOVED>
> @@ -101,11 +101,11 @@
> no keepalive
> !
> ip default-gateway <IP REMOVED>
> + ip nat inside source route-map nonat interface cable-modem0 overload
> ip nat inside source static udp 192.168.1.11 5632 interface cable-modem0
> 5632
> ip nat inside source static tcp 192.168.1.11 5631 interface cable-modem0
> 5631
> - ip nat inside source route-map nonat interface cable-modem0 overload
> ip classless
> no ip http server
> no ip http secure-server
> no ip http cable-monitor
>
> It appears that the sort routine for NAT needs some augmentation to order
> non-static entries as well to try and forces these to appear either before
> or after the static ones. Any thoughts?
>
> There are two main types of entry I use for overloading:
>
> ip nat inside source list 1 interface cable-modem0 overload
>
> and
>
> ip nat inside source route-map nonat interface cable-modem0 overload
>
> The important (non-changing) bits are the "overload" and the "list" vs
> "route-map".
>
> I'd like to augment the NAT/sort/ProcessHistory to force overloaded
> statements to appear at the top of the NAT history.
>
> Also, I've noticed that I receive the following diff's regularly:
>
> retrieving revision 1.3
> diff -U4 -r1.3 <FILENAME REMOVED>
> @@ -76,12 +76,12 @@
> no cable-modem compliant bridge
> !
> ip default-gateway <IP REMOVED>
> ip nat inside source list 1 interface cable-modem0 overload
> - ip nat inside source static udp 192.168.1.20 5632 interface cable-modem0
> 5632
> ip nat inside source static udp 192.168.1.20 5631 interface cable-modem0
> 5631
> - ip nat inside source static tcp 192.168.1.20 5631 interface cable-modem0
> 5631
> + ip nat inside source static udp 192.168.1.20 5632 interface cable-modem0
> 5632
> ip nat inside source static tcp 192.168.1.20 5632 interface cable-modem0
> 5632
> + ip nat inside source static tcp 192.168.1.20 5631 interface cable-modem0
> 5631
> ip classless
> no ip http server
> !
> logging trap notifications
>
> Notice that no actual config changes have occured. The NAT sort routine only
> sorts on IP with no consideration to the same IP having multiple ports being
> translated. It should also sort on port (at least in my case I'd like this).
>
> Has anyone provided (or can provide) a way to augment the NAT sorting rules?
> I'd like to reduce the amount of diff mails I receive, as I currenly have a
> few hundred of these out in the field and I constantly get diffs with no
> real changes.
>
> Thank in advance,
>
> Rod.
>
>
> Roderick B. Greening, B.Sc.
> Manager, Provisioning & Technical Support
> Atlantic Region
> group telecom, a Bell Canada Company
> 541 Kenmount Rd.
> St. John's, NF
> (709) 757-1328 (Office)
> (709) 685-3681 (Mobile)
> (709) 757-1201 (Fax)
> rgreening at gt.ca
>
>
>
More information about the Rancid-discuss
mailing list