05-09-2007 05:42 AM - edited 03-03-2019 04:54 PM
Hello all,
I have a problem configuring our internet router. we have two main circuits from two different service providers which means two different IPs.
I need to configure static nat of different IP addresses base on ISP's IP for specific servers and nat overload on the external interface for the internal users.
Another requirement is that, the ISP changeover should be automatic (when one goes down, the other takes over automatically). I believe I have to use something like OER and route-maps but I am stuck.
Please advice.
05-09-2007 05:54 AM
hi,
It depends whether you want it Load-balancing or Primary and backup, you'll also need to add the static NAT for your server.
1-Load Balancing:
interface serial 0/0.1 point-to-point
description Connected to ISP1
ip nat outside
interface serial 0/1.1 point-to-point
description Connected to ISP2
ip nat outside
interface fastethernet 0/0
description Connected to LAN
ip nat inside
ip nat inside source list 10 interface serial0/0.1 overload
ip nat inside source list 10 interface serial0/1.1 overload
ip route 0.0.0.0 0.0.0.0 serial0/0.1 x.x.x.x (Default route to ISP1)
ip route 0.0.0.0 0.0.0.0 serial0/1.1 y.y.y.y (Default route to ISP2)
access-list 10 permit
2-Primary and Backup:
interface serial 0/0.1 point-to-point
description Connected to ISP1
ip nat outside
interface serial 0/1.1 point-to-point
description Connected to ISP2
ip nat outside
interface fastethernet 0/0
description Connected to LAN
ip nat inside
ip nat inside source list 10 interface serial0/0.1 overload
ip nat inside source list 10 interface serial0/1.1 overload
ip route 0.0.0.0 0.0.0.0 serial0/0.1 x.x.x.x (Default route to ISP1 - Primary)
ip route 0.0.0.0 0.0.0.0 serial0/1.1 y.y.y.y 254 (Default route to ISP2 - Backup)
access-list 10 permit
HTH, please do rate if is helpful,
Mohammed Mahmoud.
05-09-2007 06:13 AM
Hi Mohammed,
Thanks for the quick reply. I want to translate static external IP to the internal servers and the the internal users to the external interface. And also, since the static IP addresses for the servers would not be the same for each service provider. I would appreciate more insight.
Thanks.
05-09-2007 08:18 AM
Hi,
For full redundancy to work for both IP segments upstream and downstream I would recomend Multihomed BGP.
Have a look at this example. Keep in mind that you need Provider independent IP addresses.
http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00800945bf.shtml#conf5
However if you hesitat to run multihomed BGP,
you loose redundancy for WEB servers.
Well to be honset its possible using Dynamic DNS, but I've no practical experience with it and you somehow need to change the IP on your servers.
So if we stick with your case and the IP's that you've got. Using floating static and NAT would solve your problem.
HTH
Regards,
Bjornarsb
05-09-2007 10:30 AM
Hi,
For your servers, plus the above configuration you'll need to use PBR, apply it to the input interface using "ip policy route-map server"
route-map server permit
match ip address 1
set ip next-hop ISP1
access-list 1 permit host
ip nat inside source static
HTH, please do rate all helpful replies,
Mohammed Mahmoud.
05-09-2007 11:47 AM
hi Mohammed,
Based on the above configuration, the ip nat inside source static
Thanks.
05-09-2007 12:09 PM
Hi,
You are right, but the idea is that the server IP is always required to be a fixed well know IP, acordingly it should be NATed to 1 IP, the problem is that you can't get the IPs of 1 provider to go out of the other provider, unless you get your own PI addresses (which also requires ASN and BGP) and then you can control to which provider this IP can go.
So i don't think that we have a solution to this problem.
HTH, please do rate all helpful replies,
Mohammed Mahmoud.
05-09-2007 12:16 PM
Thanks for this. Can we in any way try using the OER technology base route maps?
Again, this is something I dont know and reading about this, makes me think there is a way to do this.
Thanks for the help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide