NAT with NBM Active and Passive
Ingress and Egress NAT with NBM Active
For Ingress NAT, dynamic IGMP join or PIM join on external-link on pre-translated route will occupy OIF bandwidth and the flow-path visualization will show traffic being sent on the OIF. PMN can publish Fault MO for this case if needed.
For Egress NAT, dynamic IGMP join or PIM join on external-link on post-translated route will occupy OIF bandwidth and the flow-path visualization will show traffic being sent on the OIF. PMN can publish Fault MO for this case if needed.
Multicast to Unicast NAT with NBM active
For MU NAT, PMN will continue to do bandwidth management for pre-translated multicast flows. For the translated unicast flow, the outgoing interface will need to have unicast bandwidth reservation so that the translated unicast traffic will be sent out without any disruption. PMN will also publish the Flow operational MO to indicate the NAT relationship. Since there are three re-circulations happening internally for every unicast translation, one has to make sure only one third of the recirc port BW is assumed.
In case of any congestion on the service-reflect map interface used for re-circulation, PMN does not publish a Fault MO .
Ingress and Egress NAT with NBM Passive
Multicast Ingress and Egress NAT are supported in Pim-Passive mode.
In Pim-Passive mode, external controller will do bandwidth management for the flows and provision both pre-translated and post-translated flows.
For Pre-translated flow, controller will call switch Rest API to provision with RPF interface where the pre-translated flow will come in with no OIF. The pre-translated flow will be policed if policer and valid bandwidth is provisioned in pre-translated flow definition.
For Post-translated flow, controller will call switch Rest API to provision with RPF interface same as service-reflect source loopback interface and OIF same as the interface defined in SR rule.
Multicast to Unicast NAT with NBM passive
In PIM Passive mode, the Controller performs the Bandwidth management and call the Rest APIs to provision the pre-translated flow. PMN will publish the Flow operational MO to indicate the NAT relationship similar to the PIM Active mode.
The following are the examples of configuration and show commands:
Configure Pre-translate flow through Pim-Passive API
test nbm flow-definition 225.1.1.1 101.1.1.1
test ingress-interface Eth1/59
auto-leaf1(config-nbm-flow-def)# show ip mroute
IP Multicast Routing Table for VRF "default"
(101.1.1.1/32, 225.1.1.1/32), uptime: 00:00:27, nbmstatic ip pim
Incoming interface: Ethernet1/59, RPF nbr: 101.1.1.1
Outgoing interface list: (count: 0)
auto-leaf1(config-nbm-flow-def)# show ip mroute sr
IP Multicast Routing Table for VRF "default"
(101.1.1.1/32, 225.1.1.1/32), uptime: 00:00:50, nbmstatic ip pim
NAT Mode: Egress
NAT Route Type: Pre
Incoming interface: Ethernet1/59, RPF nbr: 101.1.1.1
Outgoing interface list: (count: 0)
Configure Post-translate flow through Pim-Passive API
test nbm flow-definition 226.1.1.1 100.1.1.1
test ingress-interface loopback 100
test egress-interface eth1/60 is-lhr
auto-leaf1(config-nbm-flow-def)# show ip mroute
IP Multicast Routing Table for VRF "default"
(101.1.1.1/32, 225.1.1.1/32), uptime: 00:02:30, nbmstatic ip pim
Incoming interface: Ethernet1/59, RPF nbr: 101.1.1.1
Outgoing interface list: (count: 0)
(100.1.1.1/32, 226.1.1.1/32), uptime: 00:00:53, nbmstatic ip pim
Incoming interface: loopback100, RPF nbr: 100.1.1.1
Outgoing interface list: (count: 1)
Ethernet1/60, uptime: 00:00:10, nbmstatic
auto-leaf1(config-nbm-flow-def)# show ip mroute sr
IP Multicast Routing Table for VRF "default"
(101.1.1.1/32, 225.1.1.1/32), uptime: 00:02:46, nbmstatic ip pim
NAT Mode: Egress
NAT Route Type: Pre
Incoming interface: Ethernet1/59, RPF nbr: 101.1.1.1
Outgoing interface list: (count: 0)
Translation list: (count: 1)
SR: (100.1.1.1, 226.1.1.1) OIF: Ethernet1/60
auto-leaf1(config-nbm-flow-def)#
Flow MO
test nbm flow-definition 226.1.1.1 100.1.1.1
test ingress-interface loopback 100
test egress-interface eth1/60 is-lhr
auto-leaf1(config-nbm-flow-def)# show ip mroute
IP Multicast Routing Table for VRF "default"
(101.1.1.1/32, 225.1.1.1/32), uptime: 00:02:30, nbmstatic ip pim
Incoming interface: Ethernet1/59, RPF nbr: 101.1.1.1
Outgoing interface list: (count: 0)
(100.1.1.1/32, 226.1.1.1/32), uptime: 00:00:53, nbmstatic ip pim
Incoming interface: loopback100, RPF nbr: 100.1.1.1
Outgoing interface list: (count: 1)
Ethernet1/60, uptime: 00:00:10, nbmstatic
auto-leaf1(config-nbm-flow-def)# show ip mroute sr
IP Multicast Routing Table for VRF "default"
(101.1.1.1/32, 225.1.1.1/32), uptime: 00:02:46, nbmstatic ip pim
NAT Mode: Egress
NAT Route Type: Pre
Incoming interface: Ethernet1/59, RPF nbr: 101.1.1.1
Outgoing interface list: (count: 0)
Translation list: (count: 1)
SR: (100.1.1.1, 226.1.1.1) OIF: Ethernet1/60
auto-leaf1(config-nbm-flow-def)#
Flow MO:
"nbmFlowsTable": {
"attributes": {
"dn": "sys/nbm/show/flows",
"modTs": "2021-02-05T16:42:03.896+00:00"
},
"children": [
{
"nbmFlowsDom": {
"attributes": {
"dn": "sys/nbm/show/flows/dom-default",
"modTs": "2021-02-05T16:42:03.896+00:00",
"name": "default"
},
"children": [
{
"nbmNbmFlow": {
"attributes": {
"bucket": "3",
"bwKbps": "0",
"dn": "sys/nbm/show/flows/dom-default/s-[101.1.1.1]-g-[225.1.1.1]",
"dscp": "0",
"egressIfCount": "0",
"flowPol": "",
"group": "225.1.1.1",
"ingressIf": "436237312",
"ingressIfName": "Ethernet1/59",
"isFhr": "YES",
"modTs": "2021-02-05T16:58:39.603+00:00",
"policed": "NO",
"priority": "LOW",
"qid": "0",
"source": "101.1.1.1",
"tStamp": "1612544319607"
}
}
},
{
"nbmNbmFlow": {
"attributes": {
"bucket": "3",
"bwKbps": "0",
"dn": "sys/nbm/show/flows/dom-default/s-[100.1.1.1]-g-[226.1.1.1]",
"dscp": "0",
"egressIfCount": "1",
"flowPol": "",
"group": "226.1.1.1",
"ingressIf": "335544420",
"ingressIfName": "loopback100",
"isFhr": "YES",
"modTs": "2021-02-05T17:00:33.063+00:00",
"policed": "NO",
"priority": "LOW",
"qid": "0",
"source": "100.1.1.1",
"tStamp": "1612544433066"
},
"children": [
{
"nbmOifList": {
"attributes": {
"dn": "sys/nbm/show/flows/dom-default/s-[100.1.1.1]-g-[226.1.1.1]/oif-436237824",
"modTs": "2021-02-05T17:00:33.062+00:00",
"oif": "436237824",
"oifName": "Ethernet1/60",
"oifTstamp": "1612544433064",
"origin": "API",
"reporterIP": "101.1.2.2"
},
"children": [
{
"nbmEgrNat": {
"attributes": {
"dn": "sys/nbm/show/flows/dom-default/s-[100.1.1.1]-g-[226.1.1.1]/oif-436237824/egr-pres-[101.1.1.1]-preg-[225.1.1.1]-postsp-[0]-postdp-[0]",
"modTs": "2021-02-05T17:00:33.064+00:00",
"postDPort": "0",
"postSPort": "0",
"preGroup": "225.1.1.1",
"preSource": "101.1.1.1"
}
}
}
]
}
}
]
}
}
]
}
}
]
}
}
End-Point MO
{
"nbmEndPoint": {
"attributes": {
"dn": "sys/nbm/show/endpoints/dom-default/h-[101.1.2.2]-if-436237824",
"hostIp": "101.1.2.2",
"if": "436237824",
"ifName": "Ethernet1/60",
"modTs": "2021-02-05T16:57:07.662+00:00",
"role": "RECEIVER"
},
"children": [
{
"nbmEndPointReceiver": {
"attributes": {
"dn": "sys/nbm/show/endpoints/dom-default/h-[101.1.2.2]-if-436237824/s-[100.1.1.1]-g-[226.1.1.1]",
"faultReason": "NONE",
"group": "226.1.1.1",
"isExt": "NO",
"modTs": "2021-02-05T16:57:07.662+00:00",
"owner": "MRIB-STATIC",
"source": "100.1.1.1",
"tStamp": "1612544227663"
},
"children": [
{
"nbmEndPointRcvrPreNat": {
"attributes": {
"dn": "sys/nbm/show/endpoints/dom-default/h-[101.1.2.2]-if-436237824/s-[100.1.1.1]-g-[226.1.1.1]/pres-[101.1.1.1]-preg-[225.1.1.1]-postsp-[0]-postdp-[0]",
"faultReason": "NONE",
"modTs": "2021-02-05T16:57:07.663+00:00",
"postDPort": "0",
"postSPort": "0",
"preGroup": "225.1.1.1",
"preSource": "101.1.1.1",
"tStamp": "1612544227663"
}
}
}
]
}
}
]
}
}
Post-Translate Unicast Flow MO dump
{
"nbmNbmMuFlow": {
"attributes": {
"bucket": "3",
"destination": "30.30.30.30",
"dn": "sys/nbm/show/flows/dom-default/mus-[20.20.20.20]-mud-[30.30.30.30]",
"egressIfCount": "1",
"modTs": "2021-02-05T17:27:57.483+00:00",
"source": "20.20.20.20",
"tStamp": "1612546077483"
},
"children": [
{
"nbmMuOifList": {
"attributes": {
"dn": "sys/nbm/show/flows/dom-default/mus-[20.20.20.20]-mud-[30.30.30.30]/muoif-385875968",
"modTs": "2021-02-05T17:27:57.483+00:00",
"oif": "385875968",
"oifName": "Null0",
"oifTstamp": "1612546077483",
"origin": "API",
"reporterIP": "30.30.30.30"
},
"children": [
{
"nbmMuEgrNat": {
"attributes": {
"dn": "sys/nbm/show/flows/dom-default/mus-[20.20.20.20]-mud-[30.30.30.30]/muoif-385875968/muegr-pres-[100.1.1.1]-preg-[225.1.1.1]-postsp-[0]-postdp-[0]",
"modTs": "2021-02-05T17:27:57.483+00:00",
"postDPort": "0",
"postSPort": "0",
"preGroup": "225.1.1.1",
"preSource": "100.1.1.1"
}
}
}
]
}
}
]
}
}
]
}
}
Show commands
auto-leaf1(config-nbm-flow-def)# show system internal nbm sender-list
-----------------------------------------
NBM Sender list for VRF 'default'
-----------------------------------------
Interface Group Source failStatus
Ethernet1/59 225.1.1.1 101.1.1.1 (0)NONE
loopback100 226.1.1.1 100.1.1.1 (0)NONE
auto-leaf1(config-nbm-flow-def)#
auto-leaf1(config-nbm-flow-def)#
auto-leaf1(config-nbm-flow-def)# show system internal nbm receiver-list
-----------------------------------------
NBM Receiver list for VRF 'default'
-----------------------------------------
Interface Group Source Reporter Flag Owner Nat Count
Pre_trans_src Pre_trans_grp Sport Dport Owner
Ethernet1/60 226.1.1.1 100.1.1.1 101.1.2.2 Route added (1) NBM_STATIC
auto-leaf1(config-nbm-flow-def)#
auto-leaf1(config-nbm-flow-def)# show nbm flows
----------------------------------------------------------
NBM Flows for VRF 'default'
----------------------------------------------------------
Active Source-Group-Based Flow(s) :
Mcast-Group Src-IP Uptime Src-Intf Nbr-Device Num Rx Bw Mbps Slot Unit Slice DSCP QOS Policed Priority Policy-name
226.1.1.1 100.1.1.1 00:01:46 Lo100 not-available 1 0.000 NA NA NA 0 0 No LOW
225.1.1.1 101.1.1.1 00:03:23 Eth1/59 auto-spine2 0 0.000 1 0 0 0 0 No LOW
auto-leaf1(config-nbm-flow-def)#
auto-leaf1(config-nbm-flow-def)#
auto-leaf1(config-nbm-flow-def)# show nbm flows detail
----------------------------------------------------------
NBM Flows for VRF 'default'
----------------------------------------------------------
Active Source-Group-Based Flow(s) :
Mcast-Group Src-IP Uptime Src-Intf Nbr-Device LID Profile Status Num Rx Bw Mbps CFG Bw Slot Unit Slice DSCP QOS Policed FHR Priority Policy-name
Rcvr-Num Rcvr-slot Unit Num-Rcvrs Rcvr-ifidx IOD Rcvr-Intf Nbr-Device
226.1.1.1 100.1.1.1 00:01:52 Lo100 not-available None N/A ACTIVE 1 0.000 0.000 17 0 0 0 0 No Yes LOW
1 1 0 1 0x1a007600 65 Eth1/60 auto-spine2
225.1.1.1 101.1.1.1 00:03:29 Eth1/59 auto-spine2 None N/A ACTIVE 0 0.000 0.000 1 0 0 0 0 No Yes LOW
auto-leaf1(config-nbm-flow-def)#