12-14-2007 01:11 PM - edited 03-03-2019 07:56 PM
Hello all!
Looking for a little bit of help, please.
Company has an 1811 router, running version 12.4(6)T7 IOS. We have 1 broadband Internet connection with static IP into FastEthernet0. I would like to add a different slower broadband IP DHCP type into FastEthernet1 for backup and redundancy purposes.
My goal is backup and redundcany, and load balance outbound web browsing, if possible.
I have looked at Cisco doc #99427, but that is a slightly different config than I am working with and I can't quite follow where the doc is getting some of its parameters.
I can post my current config if someone is willing to help or has a similar working config that I can mirror with obvious IP changes.
Thanks, the recent ice storms in the midwest have brought this to fore front and I need to get this working.
Thank You
Brian
12-14-2007 01:15 PM
Let's see the config.
12-14-2007 01:32 PM
12-14-2007 01:45 PM
ip sla 1
icmp-echo 216.203.117.81
frequency 5
ip sla schedule 1 life forever start-time now
track 1 rtr 1 reachability
ip route 0.0.0.0 0.0.0.0 216.203.117.81 track 1
ip route 0.0.0.0 0.0.0.0 FastEthernet1 20
ip nat inside source route-map primary-nat interface FastEthernet0 overload oer
ip nat inside source route-map backup-nat interface FastEthernet1 overload oer
route-map primary-nat permit 10
match ip address 1
set ip next-hop verify-availability 216.203.117.81 track 1
!
route-map backup-nat permit 10
match ip address 1
set interface fastethernet1
_____________
I'm afraid you will have problems with the static NATs as you can't do extendable with interface as the global address.
12-14-2007 01:58 PM
Edison,
First, Thank You so much for stepping up.
I understand the issues with static NAT. One piece I still don't get, where do I define trck 1 rtr 1 as being my FastEthernet0 connection. Or, is that unnecessary? The doc #99427, also defined an sla 2 on the second Internet connection, is that needed?
Does your solution provide redundancy only or both load-balancing & redundancy on the outbound traffic?
Thanks
12-14-2007 02:08 PM
The SLA pings FastEthernet0's gateway. If FasEthernet0 connection is down, you should be unable to ping the gateway.
Once the gateway is unreachable the track will be marked down and subsequently the ip route will be removed since it has tracking enabled.
OER on the NAT will enable the changeover once the state of the SLA changes.
The rest is very straight forward.
I've implemented this config on some of my customers and suggested to other members of this community, with success.
12-14-2007 02:07 PM
When inputting commands I am getting bad responses on the oer in the ip nat commands and also on the route-map primary section on the track 1 command.
I am just copying & pasting, so its not typos. Ideas?
12-14-2007 02:09 PM
Argh, IOS limitations. OER may not be supported on some IOS versions, let me check which IOS is supported under 1811.
12-14-2007 02:22 PM
12-14-2007 02:28 PM
12.4(15)T supports it.
12-14-2007 02:30 PM
OK, so I need an IOS update. Will do that and get back to you Monday. THANKS! Have a good weekend.
12-16-2007 02:31 PM
Alright, I updated the IOS on the router to version you specified.
Completed input of your commands. Though I called my track 123, instead of track 1.
Disconnected cable from FE0 on router. Appears failover did NOT work, as I could not browse anywhere. Waited and tried for several minutes in case failover takes a little while, still no luck.
Have attached new updated config, showing all commands and updated IOS. Please review and tell me what I missed or screwed up.
THANKS!
12-16-2007 06:31 PM
Remove
ip nat inside source list 1 interface FastEthernet0 overload
Also, can you verify if you can ping 216.203.117.81 while FE0 is down ?
If so, IP SLA won't declare the track as down.
12-17-2007 08:57 AM
Your second issue brings up an interesting question on my part. Since both my connections are broadband, through diff carriers and speeds. I have a carrier provided high-speed modem on both connections. Typically the gateway declared on a router would point you to the modem. Since the modem is on my premise that might not be a good IP SLA test, if the carrier circuit is down beyond the modem. Can I substitute a different IP address in the IP SLA section for testing?
12-17-2007 09:07 AM
> Can I substitute a different IP address in the IP SLA section for testing?
Yes, but you need to make sure the track is declared down for switchover.
You can add the source-interface on the IP SLA configuration to ensure the ping is leaving the proper interface.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide