[flow-tools] reports considerations with NAT

Systems Administrator sysadmin@sunet.com.au
Thu, 9 Jan 2003 14:58:48 +1100 

    Looks like I was wrong -- this didn't fix the problem.  I've found about
15-20 people asking the same question somewhere on the 'Net or in Google
Groups, but there were not useful answers.  Let us know if you get anything.

    Thanks,

Tim Nelson
Systems Administrator
Sunet Internet
Tel:  +61 3 5241 1155
Fax: +61 3 5241 6187
Web: http://www.sunet.com.au/
Email: sysadmin@sunet.com.au

----- Original Message -----
From: "Systems Administrator" <sysadmin@sunet.com.au>
To: "Horatio B. Bogbindero" <wyu@ateneo.edu>; <flow-tools@splintered.net>
Sent: Wednesday, January 08, 2003 4:27 PM
Subject: Re: [flow-tools] reports considerations with NAT


>     Not quite as easy as you make it sound.  I've just spent 2 weeks
banging
> my head against this, and I think I've finally got it licked, but not sure
> yet.
>
>     Anyway, NAT happens before Netflow, so it will only record the global
> addresses.  What I did to get around this was this:
>
> Netflow on ATM1/0.2
>
> NAT inside on Loopback0
>
> NAT outside on other interfaces
>
> route-map nat-loop permit 10
>  match ip address 152
>  set interface Loopback0
>
> And on ATM1/0.2:
>     ip policy route-map nat-loop
>
>     Anyway, it seems to be doing the NAT correctly and recording some flow
> info.  But we'll see how it continues.
>
>     :)
>
> Tim Nelson
> Systems Administrator
> Sunet Internet
> Tel:  +61 3 5241 1155
> Fax: +61 3 5241 6187
> Web: http://www.sunet.com.au/
> Email: sysadmin@sunet.com.au