I have an odd issue with BGP+NAT. I have 2 separate routers and 2 different ISP's.
Topology looks like this:
ISP1--BGP--> RTR1 \
\--OSPF-- Palo Alto Firewall-- Internal Network
ISP2 ---BGP--> RTR2 /
Hope that makes sense.
So I currently have BGP and NAT working with just ISP1 on RTR1. However, when I turn up ISP2, advertise our /24, and issue the NAT commands on RTR2 as well, NAT stops working. Am I missing something here?
Thanks
Best Answer
If I understand correctly you are performing NAT for your traffic going to the Internet on RTR1 and RTR2.
If the NAT tables are not synched between those 2 routers, then if a NAT translation is performed on RTR1 for example, but the answer come through ISP2 to RTR2, then RTR2 doesn't have a NAT entry for this traffic and cannot forward it to the originating host.
The solution is either to synch NAT tables between the 2 routers (depends on the routers models) or to perform NAT on another device and only route on the BGP routers.