10-17-2009 05:36 AM - edited 03-04-2019 06:24 AM
I am usig cisco 1841 with dual WAN connection to the internet.I want to send all voice taffic over over HDSL link and Data traffic to ADSL link.
To achieve that I have created a ACL to match all voice traffic and then used a route map to send matched traffic (voice) to SDSL interface on Cisco 184.
Now I am not very sure how do I send all other Data traffic to the ADSL link.I think I need to create a route map but not sure how ?
PLease see the sample config below.
Extended IP access list 100
remark matching VOICE_TRAFFIC
10 permit udp any any range 16384 32767
20 permit tcp any any eq 1720
30 permit tcp any any range 11000 11999
40 permit tcp any any range 1199 11000
50 permit udp any any eq 2427
60 permit tcp any any eq 2428
70 permit tcp any any range 2000 2002
80 permit udp any any eq 1719
90 permit udp any any eq 5060
100 permit tcp any eq 1720 any
110 permit tcp any any eq 5060
120 permit udp any any eq 5004
130 permit udp any any eq 10000
!
route-map DIVERT_VOICE
match ip address 100
set interface atm 0/0/0 atm 0/0/1 ( NOTE: traffic will go to atm0/0/0 int first and if that interface is down then it will route towards the atm0/0/1 intterace, will it work? )
route-map DIVERT_DATA
match ????????
set ????????
How do I match all other data?
Thanks for the help.
Solved! Go to Solution.
10-17-2009 08:43 AM
Salman
Just set the default-route to be the ADSL link and all other non-PBR traffic will go that way.
Jon
12-09-2009 12:29 AM
Hi Salman,
I am not sure how this config will work or will it work at all. I understand that you do NOT need load balancing (by the way i think load balancing over this two links is inpossible). First your Route-maps DIVERT_VOICE and SDSL_NAT will only work if the interface facing the ADSL (fa 0/1) goes to down state. In normal situation when ADSL connection fails, the interface is remaining UP. For that reason you need to configure TRACKing as i gave you an example already. So again:
!
ip sla 1
icmp-echo X.X.X.X source-interface FastEthernet0/1
timeout 3000
threshold 300
frequency 5
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo Y.Y.Y.Y source-interface Dialer0
timeout 3000
threshold 300
frequency 5
ip sla schedule 2 life forever start-time now
!
track 1 ip sla 1 reachability
!
track 1 ip sla 2 reachability
!
This way we are doing tracking on each connection. With change of the tracking state, we can configure the default route as follows:
ip route 0.0.0.0 0.0.0.0 fasthernet0/1 track 1
ip route 0.0.0.0 0.0.0.0 dialer0 10 track 2
By the way the number "10" is not Administrative distance but is a Metric. With the routing above all traffic goes over fa 0/1 until the track 1 goes down (adsl connection fails) and then all the traffic goes over the SDSL link. But we want Voice traffic to go over Dialer0. That's why we configure Route-map DIVERT_VOICE. Remember that the route-maps has precedence over the routing table. For this reason we have to remove the route-map when the SDSL route goes down, so the Voice traffic will go over ADSL This is done by the way shown below:
!
route-map DIVERT_VOICE
match ip address 2222
set ip next-hop verify-availability 192.168.1.1 10 track 1 -------> where 192.168.1.1 is the next-hop ip address of the SDSL link.
!
Interface Fa0/0 ( Inside/LAN Interface)
ip policy DIVERT_VOICE
!
!!!About the NAT configuration!!!
!
ip nat inside source route-map SDSL_NAT interface dailer0 overload
ip nat inside source route-map ADSL_NAT interface fastethernet0/1 overload
!
But the route-maps must be changet to
!
route-map SDSL_NAT
match ip address 2...........................>> Matching ALL Traffic
match interface dialer0.........>> Sending it to Dailer0
!
route-map ADSL_NAT
match ip address 2
match inteface fastehtnet0/1
!
That way you can NAT all the traffic over both links. The NAT is done after the routing. So first voice packets are routed to interface dialer0, and then are NAT-ed with dialer0 IP address because of the "match interface dialer0" statement in route-map SDSL_NAT.
Now when both connections are UP, Voice traffic is routed to SDSL because of the route-map DIVER_VOICE. All other traffic goes over the ADSL, thanks to the default route. If any of the links fails, all the traffic goes over the second one.
Best Regards!
Tihomir
10-17-2009 08:43 AM
Salman
Just set the default-route to be the ADSL link and all other non-PBR traffic will go that way.
Jon
10-17-2009 10:26 AM
Jon ,
Oh yes, I totally forgot that soultion.by the way I am impressed to see the number of post you are invloved.
Thanks & Regards
Salman
12-02-2009 07:17 AM
Jon ,
Just a quick one. How would voice traffic fail over to ADSL link in case of SDSL failure and how data will switched to SDSL link if ADSL is down?
In other word in case of any circuit ( SDSL/ ADSL ) failer tariifc should route via other link.
Regards
Salman
12-08-2009 07:03 AM
Hi ,
Do I need to configure NATing for the PBR traffic as currently there is only one nat statment which is overloading on Dialer 0
ip nat inside source list 5 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
access-list 5 remark SDM_ACL Category=2
access-list 5 permit 10.0.0.0 0.0.255.255
12-08-2009 07:13 AM
Salman
Do you need to NAT the voice traffic ? If you don't need to then don't because voice and NAT don't always work toogether.
Jon
12-08-2009 07:34 AM
Jon,
I believe I must need to NAT voice traffic as I have around 30 phone in a office and these phone make outbound call via IP BPX , and once voice traffic leave LAN to make a call then it should be transltaed to some public IP address.( in my case dialer0).
So I must need to run NAT for the voice traffic and for the data traffic , In totall I have two ISP connection , SDSL and ADSL2. I want all voice traffic to go via SDSL and All other traffic via ADSL.
I am having problem now as currently traffic only flows via SDSL ( dialer 0), no traffic going via ADSL. When I try to add second nat satement for the ADSL , its does not allow me.
My only goal is All Voice taffic should use SDSL ( dilaer0) and All other tarffic use ADSL2 link.and in case of link failer they should switch over to the link which is UP.
I think I need two NAT statment , one overloading SDSL( dialer0) and other oveloading SDSL (Fasthernet0/1). and need two routes ?? not sure.
Any sample config will help.
Do you want to see the current config to underatand more ?
Regards
Salman
12-08-2009 07:32 AM
Hi Salman,
I have similar situation in my office, and i resolved with tracking function in Cisco IOS (See http://www.cisco.com/en/US/docs/ios/12_3/12_3x/12_3xe/feature/guide/dbackupx.html )
First make two IP SLA's to ping some reliable IP addresses (it could be some ip of your ISP)
!
ip sla 1
icmp-echo x.x.x.x source interface (ADSL interface)
frequency 5
timeout 1000
ip sla schedule 1 start-time now life forever
!
ip sla 2
icmp-echo y.y.y.y source interface (SDSL interface)
frequency 5
timeout 1000
ip sla schedule 1 start-time now life forever
!
track 1 ip sla 1 reachability
!
track 2 ip sla 2 reachability
!
Now define two default routes:
ip route 0.0.0.0 0.0.0.0 int (ADSL interface) track 1
ip route 0.0.0.0 0.0.0.0 int (SDSL interface) 10 track 2
I hope this helps. I am in hurry now and will be back tomorow
Best Regards
Tihomir Yosifov
12-08-2009 09:55 AM
Hi Tihomir ,
A very good link , but it does not solve my problem as and my inital problem is to send all voice traffic to SDSL link ( via Dialer 0) and rest of the data taffic to ADSL ( via fastethernet0/1).
To distinguish these two types of traffic flows I have created a route-map called DIVERT_VOICE which matches the voice traffic (RTP & SIP) using access-list 2222. Once this tarffic is matched , I want to send it to SDSL link ( Dialer0 interface), for this i have used command below.
Setp No. 1 PBR Configuration
To match Voice Traffic
access-list 2222 remark Matching_Voice_traffic
access-list 2222 permit udp any eq 5060 any log
access-list 2222 permit udp any range 16384 32767 any log
Route-Map To Send Voice Traffic Towards SDSL Link ( Dialer0)
route-map DIVERT_VOICE
match ip address 2222
set interface dailer0 fastethernet0/1
Finally
Interface Fa0/0 ( Inside/LAN Interface)
ip policy DIVERT_VOICE
So at this point I have configured ''Routing'' to tell router to send voice traffic to Dialer0 and any traffic that doesn't match by route-map should be routed normally via fastethernet0/1 ( ADSL interface, ip route 0.0.0.0 0.0.0.0 fastethernet0/1)
Step No. 2 NAT Configuration
As I have two outside interfaces ( dialer 0 and fastethernet0/1) and one inside interface, I have configured two NAT satatments using route-map as follows.
ip nat inside source route-map SDSL_NAT interface dailer0 overload
ip nat inside source route-map ADSL_NAT interface fastethernet0/1 overload
!
route-map SDSL_NAT
match ip address 2222...........................>> Matching Voice Traffic
Set interface dialer0 fastethernet0/1.........>> Sending it to Dailer0 first , if down then send it to fastethenet 0/1 ( ADSL)
!
route-map ADSL_NAT
match ip address 2
match inteface fastehtnet0/1
!
Step No. 3 Default Routing
I have configured default route as below.
ip route 0.0.0.0 0.0.0.0 fasthernet0/1 ( ADSL interface)
An in case of ADSL circuit failure use route below with higer administrative distnace.
ip route 0.0.0.0 0.0.0.0 diler0 10
Note: I dont need loadbalancing , All i need a voice traffic to be forearded via SDSL ( dialer0) and all other non voice traffic via ADSL ( via fa0/1).
Thanks for the help.
Salman
12-09-2009 12:29 AM
Hi Salman,
I am not sure how this config will work or will it work at all. I understand that you do NOT need load balancing (by the way i think load balancing over this two links is inpossible). First your Route-maps DIVERT_VOICE and SDSL_NAT will only work if the interface facing the ADSL (fa 0/1) goes to down state. In normal situation when ADSL connection fails, the interface is remaining UP. For that reason you need to configure TRACKing as i gave you an example already. So again:
!
ip sla 1
icmp-echo X.X.X.X source-interface FastEthernet0/1
timeout 3000
threshold 300
frequency 5
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo Y.Y.Y.Y source-interface Dialer0
timeout 3000
threshold 300
frequency 5
ip sla schedule 2 life forever start-time now
!
track 1 ip sla 1 reachability
!
track 1 ip sla 2 reachability
!
This way we are doing tracking on each connection. With change of the tracking state, we can configure the default route as follows:
ip route 0.0.0.0 0.0.0.0 fasthernet0/1 track 1
ip route 0.0.0.0 0.0.0.0 dialer0 10 track 2
By the way the number "10" is not Administrative distance but is a Metric. With the routing above all traffic goes over fa 0/1 until the track 1 goes down (adsl connection fails) and then all the traffic goes over the SDSL link. But we want Voice traffic to go over Dialer0. That's why we configure Route-map DIVERT_VOICE. Remember that the route-maps has precedence over the routing table. For this reason we have to remove the route-map when the SDSL route goes down, so the Voice traffic will go over ADSL This is done by the way shown below:
!
route-map DIVERT_VOICE
match ip address 2222
set ip next-hop verify-availability 192.168.1.1 10 track 1 -------> where 192.168.1.1 is the next-hop ip address of the SDSL link.
!
Interface Fa0/0 ( Inside/LAN Interface)
ip policy DIVERT_VOICE
!
!!!About the NAT configuration!!!
!
ip nat inside source route-map SDSL_NAT interface dailer0 overload
ip nat inside source route-map ADSL_NAT interface fastethernet0/1 overload
!
But the route-maps must be changet to
!
route-map SDSL_NAT
match ip address 2...........................>> Matching ALL Traffic
match interface dialer0.........>> Sending it to Dailer0
!
route-map ADSL_NAT
match ip address 2
match inteface fastehtnet0/1
!
That way you can NAT all the traffic over both links. The NAT is done after the routing. So first voice packets are routed to interface dialer0, and then are NAT-ed with dialer0 IP address because of the "match interface dialer0" statement in route-map SDSL_NAT.
Now when both connections are UP, Voice traffic is routed to SDSL because of the route-map DIVER_VOICE. All other traffic goes over the ADSL, thanks to the default route. If any of the links fails, all the traffic goes over the second one.
Best Regards!
Tihomir
12-09-2009 02:09 AM
Hi Tihomir ,
Thanks very much for explanation provided as it really helps me to understand the IP SLA and other bits of my config. I have read this post altest 4 times to understand very word of it.
I will apply this config tomorrow and hope it will work as currently client is not very happy.
Thanks again.
Regards
Salman
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: