Multihoming with BGP + NAT

Answered Question
Aug 22nd, 2007

We are configuring one customer with two ISPs and the customer is not having his own AS and Public IP. ISPs are not ready to advertise other ISPs public ips.

The solution which comes in my mind is NAT. Customer private LAN will be natted to ISPs public IPs and the packets will be forwarded to respective ISPs.

Please advise if the above solution will work? if yes, then will both links be used as backup to each other? If some other option is also avaialble.

I have this problem too.
0 votes
Correct Answer by mohammedmahmoud about 9 years 3 months ago

Hi Bharat,

Load balancing is impossible in this case, you can only do load sharing by manipulating the weights of the routes received from the 2 providers to prefer some routes over one provider and other routes from the other provider while still redundant to each other, if you are going to receive full routing table then see this example i liked its logic (1->128 through ProviderA, and others are preferred over providerB), this is your best bet:

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00800945bf.shtml#conf4

NOTE: Multipath can be used for multiple links from the same provider and can't used with multiple providers, as for the maximum-paths feature to operate, all attributes must be identical and the next-hop must be different (although we can use the hidden command bgp bestpath as-path multipath-relax to allow the router to load-share across multiple BGP paths even if the as-path is different but i've never tried this my self).

HTH,

Mohammed Mahmoud.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
mohammedmahmoud Wed, 08/22/2007 - 22:42

Hi,

This is very doable, you should do NATing with route-maps (to control which IPs should be used for NATing out of which interface), and your customer should not run BGP for the time being, and you can load share the traffic over the 2 ISPs, or have them as main and backup by manipulating the default routes, it is your call.

HTH,

Mohammed Mahmoud.

Bharat Negi Wed, 08/22/2007 - 23:10

Hi Mohammed

Thanks for the feedback. Why I choose BGP because my customer want to access same remote servers/networks lying in DATA center. The DATA center is already running BGP with both ISPs (same ISPs at both ends).

Customer<-BGP->ISP1&2<-BGP->Customer's DATA center.

Can you please verify the below config as well for customer site:

interface Loopback0

description ***ISP1***

ip address 172.34.4.70 255.255.255.255

!

interface Loopback1

description ***ISP2***

ip address 10.53.81.235 255.255.255.255

!

interface FastEthernet0/0

ip address 200.100.100.38 255.255.255.0

ip nat inside

!

interface Serial0/1/0

description ***ISP1***

ip address 172.34.2.22 255.255.255.252

ip nat outside

!

interface Serial0/1/1

description ***ISP2**

ip address 10.53.72.125 255.255.255.252

ip nat outside

!

router bgp 65412

no synchronization

bgp log-neighbor-changes

network 10.53.81.235 mask 255.255.255.255

network 172.34.4.70 mask 255.255.255.255

neighbor 10.53.72.126 remote-as 18101 ---ISP2

neighbor 10.53.72.126 filter-list 20 out

neighbor 172.34.2.21 remote-as 9730---ISP1

neighbor 172.34.2.21 filter-list 20 out

!

ip nat inside source route-map ISP1_NAT interface Loopback0 overload

ip nat inside source route-map ISP2_NAT interface Loopback1 overload

!

access-list 1 permit 200.100.100.0 0.0.0.255

!

ip as-path access-list 20 permit ^$

!

route-map ISP1_NAT permit 10

match ip address 1

match interface Serial0/1/0

!

route-map ISP2_NAT permit 10

match ip address 1

match interface Serial0/1/1

!

Thanks

Bharat

Bharat Negi Thu, 08/23/2007 - 00:00

Hi Mohammed

Help me in one more thing. How can I achieve load balancing/sharing here. Because BGP will choose one path as best.

Shall I use multiple-path command under BGP?

Thanks

Bharat

Correct Answer
mohammedmahmoud Thu, 08/23/2007 - 00:29

Hi Bharat,

Load balancing is impossible in this case, you can only do load sharing by manipulating the weights of the routes received from the 2 providers to prefer some routes over one provider and other routes from the other provider while still redundant to each other, if you are going to receive full routing table then see this example i liked its logic (1->128 through ProviderA, and others are preferred over providerB), this is your best bet:

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00800945bf.shtml#conf4

NOTE: Multipath can be used for multiple links from the same provider and can't used with multiple providers, as for the maximum-paths feature to operate, all attributes must be identical and the next-hop must be different (although we can use the hidden command bgp bestpath as-path multipath-relax to allow the router to load-share across multiple BGP paths even if the as-path is different but i've never tried this my self).

HTH,

Mohammed Mahmoud.

Bharat Negi Thu, 08/23/2007 - 00:53

Thanks Mohammed

For all your help and clarifications.

Cheers!!!

Bharat

mohammedmahmoud Thu, 08/23/2007 - 01:01

Bharat,

You are very welcomed, i am glade that i've helped you, and thank you for using the rating system.

HTH,

Mohammed Mahmoud.

Actions

This Discussion