Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

regarding NAT and Load-balancing

Hi All,

I have one ISR router having two internet links to two different ISPs and having different IP pool from both of them , LAN IP add are of 10.88.0.0 series .I have put two default routes towards both ISPs. Now I have two requirements , first is to load balance and second is to do NAT . I have a switch connected to this router and then a firewall. I have to NAT firewall's IP with WAN pool or if possible , i can even nat with other IP add but my main requirement is to make through the internet to LAN by combining the bandwith of both ISPs. Plz help me in this .

Thanks

Taran

  • LAN Switching and Routing
15 REPLIES
Cisco Employee

Re: regarding NAT and Load-balancing

You need to use PBR concept in order to achieve load balancing. As a first step, you need to determine which traffic goes through which ISP. Once you determine that, you can write an access-list to match interesting traffic. Then you need to write a route-map to set the next hop for that traffic.

Example:

Let us assume that you want to send all HTTP traffic through ISP 2 and all other traffic through ISP 1. Then your configuration on the router looks something like below:

IP route 0.0.0.0 0.0.0.0

IP route 0.0.0.0 0.0.0.0

access-list 101 permit tcp any any eq 80

route-map ISP2 10

match ip address 101

set ip next-hop

interface

ip policy route-map ISP2

The above configuration will ensure that all your outbound HTTP traffic goes over ISP2 link while rest of the traffic will go over ISP1 link. If your ISP has given you a pool of addresses to use on your firewall and have assigned a seperate IP address pool for the link between your router and the ISP, then you can do the NAT on the firewall itself and then write the access-list based on the Public IP addresses. If you are sharing the same range of usable addresses on your ISP links, you could do the NAT on eithre the firewall or the router. If you are doing it on the firewall, make sure that routr is not doing the RPF check. Hope this helps.

Re: regarding NAT and Load-balancing

Hi All,

I have one ISR router having two internet links to two different ISPs and having different IP pool from both of them , LAN IP add are of 10.88.0.0 series .I have put two default routes towards both ISPs. Now I have two requirements , first is to load balance and second is to do NAT . I have a switch connected to this router and then a firewall. I have to NAT firewall's IP with WAN pool or if possible , i can even nat with other IP add but my main requirement is to make through the internet to LAN by combining the bandwith of both ISPs. Plz help me in this .

Thanks

Taran

Hi Taran,

As suggested by Nagaraj Route map will do the load balancing of isp traffic with natting configuration on router, for load balancing you can use 2 default routes each pointing a different ISP as next-hop. Because of their admin distances will be same so your outgoing traffic will be load balanced between two ISP. After that you can use nat with route maps. This makes router to decide which "nat overload" statement will be used based on next-hop.

ip nat pool provider1-space ...

ip nat pool provider2-space ...

ip nat inside source route-map provider1-map pool provider1-space

ip nat inside source route-map provider2-map pool provider2-space

route-map provider1-map permit 10

match ip address 1

match interface E1  -> your int. that goes to ISP1

route-map provider2-map permit 10

match ip address 1

match interface E2 -> your int. that goes to ISP2

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

New Member

Re: regarding NAT and Load-balancing

Hi Ganesh,

Thanks for reply.I am also plannning this solution but I think if I wll add interface rather than public pool from isp and also will add SLA then i think it wll load balance . what u say ??

Thanks

taran

Re: regarding NAT and Load-balancing

Hi Taran,

You are right best recommended to have ip address configured insipte of

interface with sla configured for automatic failover without manual

intervention.

Hope to Help !!

Ganesh.H

Remember to rate the helpful post

New Member

Re: regarding NAT and Load-balancing

Hi Ganesh,

Let me check this scenario on this upcoming Saturday or Sunday. Then I wll give you the results.

Thanks

Taran

Cisco Employee

Re: regarding NAT and Load-balancing

SLA configuration is typically used for redundancy purposes. You can certainly use the SLA to ensure that if one of the ISP goes down, other will take over. But for load balancing, you still need to do the configuration manually. You need to identify interesting traffic and then force it to go via one of the ISP. Rest of the traffic will go via the other ISP. If you are running running a dynamic routing protocol (like EIGRP) with both ISP's, then the routing protocol will take care of the load-balancing part.  Hope this helps.

Regards,

NT

New Member

Re: regarding NAT and Load-balancing

Hi ALL,

I have tried this stuff with route-maps and  access-lists but there is one problem which I am getting that is I have  two different public IP pool and also different Name servers . It means I  have to create lot of route maps statements because I have done static  NAT previously , I can not do NAT with the total LAN pool.

What  you say ??

Thanks

Taran

Re: regarding NAT and Load-balancing

Hi ALL,

I have tried this stuff with route-maps and  access-lists but there is one problem which I am getting that is I have  two different public IP pool and also different Name servers . It means I  have to create lot of route maps statements because I have done static  NAT previously , I can not do NAT with the total LAN pool.

What  you say ??

Thanks

Taran

Hi Taran,

Can you elobarate more what exactly is the issue are you facing.

Ganesh.H

New Member

Re: regarding NAT and Load-balancing

HI Ganesh,

As you know I have 2 ISPs and connected to same router . Both ISP provide different public IP pool and DNS servers for internet connectivity , now my requirement is that half of traffic will go on one interface and half on other int and in present scenario I have implemented static NAT .plz help me to sort out this issue.

Thanks

Taran

1122
Views
0
Helpful
15
Replies
This widget could not be displayed.