We have a cisco 1811 with FE0 connected with SHDSL, FE1 connected with ADSL2+ and an additional static IP address for mail server.
What we want to achieve is as below.
1. All the servers and users are in 1 private network connecting to VLAN1.
2. All the traffic initiated from private network will be directed out through FE1. Mostly are http request to browse the internet.
3. Some servers in private network are providing remote access, such as web server,citrix server, etc. We want these traffic coming through FE0.
4. The additional public IP address is assigned to Mail server, so outgoing mail has consistant source IP and wont be treated as spam.It is also used for MX record.
So how can I config the router?
My idea is :
1. ip route 0.0.0.0 0.0.0.0 FE1 metric 1
ip route 0.0.0.0 0.0.0.0 FE0 Metric 10
So outgoing traffic will choose FE1 first.
Dynamic Nat will translate the internal IP into FE1.
Do I also need to translate them into FE0?
2. All the PAT is set for FE0. But will the reply traffic going through FE1 instead of FE0 which will cause the connection fail?
3. Assign the additional public IP to interface FE0, nat into mail server. If the route is set as above, does that mean the outgoing mail will go through FE1? As mail server is in the range of dynamic ip, will it be translated into ip of FE1 when sending out mail?
How can I monitor the traffic? Can I set up mail service as low priority so it wont affect other traffic?
You need to PAT on FE1 for the general traffic and static nat for servers on FE0.
You also need to keep in mind, when changing from one ISP to another, the external IP address will change (for instance, mail) so be careful with this design. You can't source a public IP from one interface while that public IP belong to the other ISP. The traffic will be dropped.
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...