Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1072
Views
0
Helpful
3
Replies

BGP, NAT, Redundancy and VOIP traffic on a Router 2821

petero007
Level 1
Level 1

‎07-06-2009 02:47 PM - edited ‎03-04-2019 05:20 AM

Hi all,

I'm trying to know, how can I do NAT portmap-based for a group of Asterisk-based VoIP servers, on the inside interfaces of the router, with multiple Internet links.

I have a dual-ISP connection, on a Cisco 2821 with the IOS 14.4(15)T and two HWIC-4ESW. Two default routes are applied. Services (WEB, VOIP, DNS) have been isolated in different vlans.

Each server will have two public IP address and one private address. So, external clients on Internet will have two paths for each server. In the event that one fails, the other takes the entire load. In this case, how BGP4 can improve the efficiency and redundancy of the network? What attributes help?

what type of QoS I can put on the router, in order to ensure SIP and RTP traffic flows?

and What routing best practices can be implemented?

If I install a DNS Server with local IP address, on the inside zone of the network, that serves queries for external clients, the DNS response must be to a Global IP address or may be to a local IP address?

Thanks for all.

Labels:
0 Helpful
3 Replies 3

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎07-09-2009 09:47 AM

Hello Peter,

>> Each server will have two public IP address and one private address

you probably need PBR policy based routing that allows you to route outbound based on source address applied inbound on internal vlan interfaces.

BGP by itself cannot route based on source address. BGP can be used to influence return path but likely you have one IP address pool from provider A and one address pool from provider B or you have divided your own IP address blocks in two halfs (in this last case BGP can be helpful)

for PBR you can have a look at:

http://www.cisco.com/en/US/docs/ios/iproute/configuration/guide/irp_prb_mult_track_ps6017_TSD_Products_Configuration_Guide_Chapter.html

About DNS:

the external clients should look for the ip address of your servers contacting their DNS that then can contact your public DNS server.

if you are going to use NAT and BGP combined the config will be complex and interaction with DNS has to be considered

Hope to help

Giuseppe

0 Helpful

petero007
Level 1
Level 1

‎07-13-2009 12:37 PM

Hi Giuseppe,

You have right on this >>you probably need PBR policy based routing that allows you to route outbound based on source address applied inbound on internal vlan interfaces.

I have actually doing this. I create one route-map for ISPs exit, that match servers IP address and route them throught the same inbound flow traffic.

But I have a lot of questions about this particular topology design and his network configuration.

|||||ISP_A||||| |||||ISP_B|||||

200.100.50.1/28 50.100.200.1/29

. .

. .

. .

G0/0:200.100.50.2/28 |||||R2821||||| G0/1:50.100.200.2

VLAN10 VLAN20

STATIC NAT

200.100.50.3 --> 172.16.10.100 50.100.200.3 --> 172.16.10.101

200.100.50.4 --> 172.16.20.100 50.100.200.4 --> 172.16.20.101

. .

. .

. .

(sip.dmn.com) (ns.dmn.com)

|||||VoIP Server||||| |||||DNS Server|||||

eth0:172.16.10.100/24(sip1.dmn.com) eth0:172.16.20.100/24(ns1.dmn.com)

eth1:172.16.10.101/24(sip2.dmn.com) eth1:172.16.20.101/24(ns2.dmn.com)

Note: The IP adressess and domains has been changed, but VLANs and netmask still be the same.

First: DNS Server Multihomed Configuration

I consulted three books about DNS, and still not find anything similar. So, multihomed DNS server configuration isn't work yet. I can reach the DNS Server through both ISPs. I can actually ping with an external client to:

ns.dmn.com OK

ns1.dmn.com OK

ns2.dmn.com OK

sip.dmn.com Don't work

sip1.dmn.com OK

sip2.dmn.com OK

Second: BGP Protocol

I know that BGP by itself cannot route based on source address, and can be used to influence return path, but at this point, BGP can really help in redundacy and optimization of this network? if so, what is the recommended way to implement it?

Third: NAT Multihomed

Given the limited space in each ISP pool, would help implement NAT port forwarding to the server farm. Again, what is the recommended way to implement it?

I readed this article and I didn't understand the last topic "Single NAT to Multiple ISPs"

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a0080091c8a.shtml

Thanks a lot.

0 Helpful

petero007
Level 1
Level 1
In response to petero007

‎07-13-2009 12:39 PM

Hi,

I tried to post the topology with ASCII, but didn't work.

Sorry.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card