I've got a router that linked to our ISP. What I'd like to do is migrate from our single router to a dual router setup. Between the routers I'd like to run HSRP. However I've got a slight problem, the ip addressing between the ISP and our site is:
ip address 212.x.x.2 255.255.255.252
This only give four ip address, one which the ISP is using that other is on my end. Given that limit how can I configure ip addressing on the interface while having my ip 212.x.x.2 as a floating ip in hsrp?
Is it possible to use private ip's on the interface i.e 192.168.40.x on each of my routers and configure the floating ip as 212.x.x.2?
1st of all, my question is: how are you connected to the Internet? Leased line using serial interface on the router? If you're going to get a 2nd router, how is the internet connection going to be implemented? If it's going to be connected to one router then you don't need to add another router. Or are you going for a 2nd Internet connction?
Thanks for the reply. Currently its an ethernet connection presented as with an RJ-45 connection.
What I'm planning on doing is plugging in the ISP connection into a switch and then have these two routers plugged into the same vlan as the ISP link. I'll then have HSRP running so that if one router fails the other can just take over. But since I don't have free IP's on the link, I'm going to need to know whether I can use private IP's on the interface while having the external IP 212.x.x.2 as the floating IP. Hope this answers your question.
Yes it's much clearer now. Keep in mind that although you're implementing a two router scenario for higher availability, the design isn't that strong since you have the switch as a single point of failure. The correct thing to do for such cases is to apply two redundant Internet connections. Anyway back to your question:
Honestly, I never tried that before and I'm not sure if using private IPs for the physical interfaces and a real IP for the virtual router is going to work. I think it's worth to give it a try.
Anyhow, there are two other possible solution that I would go for:
1- Convert to private IP addressing which is the safest solution. The issue here is that your ISP needs to make some changes from their side too, and I know this is kind of headache.
2- Why don't you simply change the subnet mask on your outside interface to 255.255.255.248. This will give you extra IP addresses without disrubting connectivity to and from your ISP. But be careful that this solution will make communication through your router to any hosts using these IP addresses not possible. But anyway it's kind of workaround.
The ISP can keep their subnet mask as it is since they need only to speak to x.x.x.2 (and the subnet mask of 255.255.255.252 will allow this as the x.x.x.2 address will be considered a valid host IP from the ISP point of view within the 255.255.255.252 subnet mask).
On the other hand, changing the subnet mask on your side to 255.255.255.248 will still enable your router to speak with x.x.x.1 since it's a valid IP address within your subnet, as well as allowing you to have these extra IP addreses that can be accessed only from within your subnet:
Keep in mind that in this case if you try to generate traffic from your router itself towards your ISP using the physical interface IP address x.x.x.3 for example, this is not going to work since this address is not valid. Also don't try to NAT your internal users to any other address than x.x.x.2.
What i understand is tht the /30 subnet provided by the ISP is for serial interfaces.
ISP would have given a pool to be used for natting etc. I assume that 1 IP frm same pool would have been used to your fastethernet interface of router. So, you can use free IP from that pool. HSRP is configured on ethernet interfaces, so what IP's you have on serial interfaces doesnt mater.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...