NAT - ip nat outside source

I came upon some interesting results when I was configuring NAT on my home router to allow Internet access for a Raspberry Pi.

I configured the interface connected to the Pi as an ip nat outside interface as my LAN interface was configured with ip nat inside and I created the following translation to allow the Pi to access the Internet which works:

interface FastEthernet0/0

 desc *** connected to Pi ***

 ip address 10.50.255.225 255.255.255.252

 ip nat outside

interface FastEthernet0/1

 ip address 192.168.254.101 255.255.255.0

 ip nat inside

ip route 0.0.0.0 0.0.0.0 192.168.254.1

ip nat outside source static 10.50.255.226 192.168.254.250 add-route

The odd thing is that a trace out to the internet reports the destination address for every hop and it appears to do a double tranlation as the traffic comes back to the Pi, once for the destination (expected) and another for the source (unexpected).

R1#traceroute 8.8.8.8 probe 1

Type escape sequence to abort.

Tracing the route to 8.8.8.8

  1 10.50.255.225 0 msec

  2 8.8.8.8 4 msec 

  3 8.8.8.8 4 msec

  4 8.8.8.8 4 msec

R1#

*May 22 16:25:42.128: ICMP: time exceeded rcvd from 10.50.255.225

*May 22 16:25:42.132: ICMP: time exceeded rcvd from 8.8.8.8

*May 22 16:25:42.140: ICMP: time exceeded rcvd from 8.8.8.8

*May 22 16:25:42.144: ICMP: dst (10.50.255.226) port unreachable rcv from 8.8.8.8

When I debug ip nat detail I see the following which shows the double translation:

*May 22 16:25:40.736: NAT: Processing out-2-in packet in after_routing2

*May 22 16:25:40.740: NAT: s=10.50.255.226->192.168.254.250, d=8.8.8.8 [901]

*May 22 16:25:40.740: NAT: i: icmp (192.168.254.1, 33435) -> (192.168.254.250, 49180) [43613]     

*May 22 16:25:40.740: NAT: s=192.168.254.1->8.8.8.8, d=192.168.254.250 [43613]

*May 22 16:25:40.740: NAT: s=8.8.8.8, d=192.168.254.250->10.50.255.226 [43613]

*May 22 16:25:40.744: NAT: Processing out-2-in packet in after_routing2

*May 22 16:25:40.744: NAT: s=10.50.255.226->192.168.254.250, d=8.8.8.8 [902]

*May 22 16:25:40.744: NAT: i: icmp (10.115.1.1, 33436) -> (192.168.254.250, 49181) [12588]     

*May 22 16:25:40.744: NAT: s=10.115.1.1->8.8.8.8, d=192.168.254.250 [12588]

*May 22 16:25:40.744: NAT: s=8.8.8.8, d=192.168.254.250->10.50.255.226 [12588]

*May 22 16:25:40.748: NAT: Processing out-2-in packet in after_routing2

*May 22 16:25:40.748: NAT: s=10.50.255.226->192.168.254.250, d=8.8.8.8 [903]

*May 22 16:25:40.752: NAT: i: icmp (10.115.2.1, 33437) -> (192.168.254.250, 49182) [12485]     

*May 22 16:25:40.752: NAT: s=10.115.2.1->8.8.8.8, d=192.168.254.250 [12485]

*May 22 16:25:40.752: NAT: s=8.8.8.8, d=192.168.254.250->10.50.255.226 [12485]

192.168.254.250 is translated to 10.50.255.226 as I expect but each hop in the trace has the source translated to the detsination of the trace (8.8.8.8 in this example) - I ihghlighted those in bold above.

When I look at the translation table I can see the holes that were opened in NAT and they are all 8.8.8.8 which is correct but I don't understand why the source of the trace timeouts are translated?

Thanks in advance.

Nick