cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
535
Views
3
Helpful
4
Replies

load balancing help

hi all

i have to configure a cisco 2800

with 2 WAN interface ADSL, SERIAL(ISDN)

as the folowing :

the smtp and ftp flow pass through the ISDN

and all other trafic like www,DNS,..

must pass through ADSL (it has a dynamic ip @ )

i do the folowing but it doesn't work

---------------------

Current configuration : 5078 bytes

!

version 12.4

no service pad

!

interface FastEthernet0/1

description $ETH-LAN$

ip address W.W.W.W 255.255.255.252 secondary

ip address Y.Y.Y.Y 255.255.255.240

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip route-cache flow

ip policy route-map PBR

duplex auto

speed auto

no mop enabled

!

interface ATM0/1/0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip route-cache flow

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0/1/0.4 point-to-point

ip access-group 138 in

pvc 8/35

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

!

interface Serial0/2/0

ip address x.X.X.X (public ip @ ) 255.255.255.252

no ip redirects

no ip unreachables

no ip proxy-arp

ip route-cache flow

!

interface Dialer0

ip address negotiated

encapsulation ppp

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap callin

ppp chap hostname xxxxxxxxxxxxxxxxx

ppp chap password xxxxxxxxxxxxxxxxx

!

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0/2/0

ip route 0.0.0.0 0.0.0.0 ATM0/1/0.4

!

!

logging trap emergencies

access-list 128 permit tcp any X.X.X.X 0.0.0.3 eq smtp

access-list 128 permit tcp any X.X.X.X 0.0.0.3 eq ftp

access-list 128 permit tcp any X.X.X.X 0.0.0.3 eq ftp-data

access-list 128 deny ip any any

access-list 138 permit ip any any

dialer-list 1 protocol ip permit

no cdp run

route-map PBR permit 10

match ip address 128

set ip next-hop x.X.X.X

!

route-map PBR permit 20

match ip address 138

set ip next-hop (adsl ip @)

!

!

!

!

control-plane

!

!

thank's

1 Accepted Solution

Accepted Solutions

It is not clear to me that the access works without any PBR configured. Assuming it does ...

the serial interface has a mask of 255.255.255.252, so the IP address of the remote end can be worked out from this - it will be the next address up if your address is odd ( e.g .2 if you are .1) , or the next address down if your address is even ( e.g .1 if you are .2) . The route should not point to the router's local interface.

View solution in original post

4 Replies 4

rtanner
Level 1
Level 1

Without knowing "how" it doesn't work ...

First , get the access working through your ADSL, then apply the PBR configs.

The PBR will only apply to the SMTP and FTP traffic, so you only need to set the next hop IP for this traffic ( ACL 128) . Normal destination-based routing will occur for the rest of the traffic.

! so remove

ip route 0.0.0.0 0.0.0.0 Serial0/2/0

! and remove as not required and is confusing me

access-list 128 deny ip any any

! and since normal routing is used for the ADSL traffic, remove

route-map PBR permit 20

match ip address 138

set ip next-hop (adsl ip @)

! and acl 138 is no longer required so can be removed.

ref: http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a4409.shtml

One last thing, can you confirm that the next-hop IP address for the serial link is the remote end of the link?

hth,

Ross

Well....speaking of load balancing, how can i load balance 2 serial internet connections to work together at the same time, for fail-over reasons.

note that they're p2p connections, connected to satellite modems.

i did it but it doesn't work also

when i apply the policy all traffic is bloced

http smt www

i remove ip route 0.0.0.0 0.0.0.0 Serial0/2/0

access-list 128 deny ip any any

route-map PBR permit 20

match ip address 138

set ip next-hop (adsl ip @)

the hext hope is the ip adresse of the serial interface in my router i have a

% Warning: Next hop address is our address

and i don't know the ip @ of my isp to make a next hope in ur opinion could that be the problem ?

It is not clear to me that the access works without any PBR configured. Assuming it does ...

the serial interface has a mask of 255.255.255.252, so the IP address of the remote end can be worked out from this - it will be the next address up if your address is odd ( e.g .2 if you are .1) , or the next address down if your address is even ( e.g .1 if you are .2) . The route should not point to the router's local interface.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco