Multiple ISP on 1811

Unanswered Question
Feb 21st, 2008
User Badges:

Hi,


We have a cisco 1811 with FE0 connected with SHDSL, FE1 connected with ADSL2+ and an additional static IP address for mail server.


What we want to achieve is as below.


1. All the servers and users are in 1 private network connecting to VLAN1.


2. All the traffic initiated from private network will be directed out through FE1. Mostly are http request to browse the internet.


3. Some servers in private network are providing remote access, such as web server,citrix server, etc. We want these traffic coming through FE0.


4. The additional public IP address is assigned to Mail server, so outgoing mail has consistant source IP and wont be treated as spam.It is also used for MX record.


So how can I config the router?


My idea is :


1. ip route 0.0.0.0 0.0.0.0 FE1 metric 1

ip route 0.0.0.0 0.0.0.0 FE0 Metric 10

So outgoing traffic will choose FE1 first.

Dynamic Nat will translate the internal IP into FE1.

Do I also need to translate them into FE0?


2. All the PAT is set for FE0. But will the reply traffic going through FE1 instead of FE0 which will cause the connection fail?


3. Assign the additional public IP to interface FE0, nat into mail server. If the route is set as above, does that mean the outgoing mail will go through FE1? As mail server is in the range of dynamic ip, will it be translated into ip of FE1 when sending out mail?


How can I monitor the traffic? Can I set up mail service as low priority so it wont affect other traffic?


Lydia

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
spremkumar Wed, 02/27/2008 - 20:58
User Badges:
  • Red, 2250 points or more

Hi


You need to make sure that you have proper failback routing via the DSL's.


AFAIK metrics wont work with ethernet interface since ethernet interfaces are tend to remain up until the cable is disconnected.


So to route the traffic via the secondary interface may not be feasible if the primary interface remains up and the traffic will try to flow via the same and get dropped.


Secondly you need to maintain the connectivity/reachability to the public ip address of your mail server (something like the ip is routed from the SP end via both the DSL links so that it can be reached when any one of the link is up).


regds


Actions

This Discussion