Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

GLBP load balancing and internal web server NAT

Hi,

 

I have two 2811 routers with two different ISP using GLBP load lancing (round-robin).

R1:

fa0/0 10.10.10.1 (ISP1)

fa0/1 192.168.0.2 (LAN)

GLBP on fa0/1 with virtual IP 192.168.0.1

 

R2:

fa0/0 20.20.20.1 (ISP2)

fa0/1 192.168.0.3 (LAN)

GLBP on fa0/1 with virtual IP 192.168.0.1

 

GLBP Load balancing and fail-over works great, but I have an internal web server which needs to be available on port 80 from the external ISP IP.

I added static NAT on both routers: ip nat inside source static tcp 192.168.0.8 80 interface FastEthernet0/0 80

When I try to access the server from the internet using ISP1 IP and the GLBP VF from R1(ISP) responds to the request everything works great and I can access the server on port 80. Same works fine if I try to access the server from the internet using ISP2 IP and VF from R2(ISP) responds to the request...

 

But the issue starts when the used external IP is crossed with the the other responding VF.

E.g. If the VF from R2(ISP2) responds to the request coming from internet ISP1 external IP then it doesnt reach the internal webserver... and the other way around request from ISP2 external IP answered by VF from R1(ISP1) doesnt reach the internal server...

 

How can I do one of the following (preferably the first option)

1. set it up so that no matter what external IP is used the request will always find its way to the internal 192.168.0.8 port 80 server

2. if the above #1 is not possible then how can I bypass or add exception to GLBP so that this particular internal server host will always be routed/ answered by R1 (ISP1) and not R2 - so that i can always use the same external IP of ISP 1 and the internal host will be always reachable using this IP .

Everyone's tags (1)
120
Views
0
Helpful
0
Replies