cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1394
Views
0
Helpful
30
Replies

leased line loadblancing + failover overleased line

rohit_agarawal
Level 1
Level 1

hi to all

can any body help me out regarding this problem

i have 1721 router in this router i have two leased line in this.

my requirment

1. some prime users packet should go via Serial0

and rest useres packet should go via serial1

2. if s0 will dwon all prime users all shoul go via s1

can any body tell me configuration for this requirment

30 Replies 30

network.king
Level 4
Level 4

Hi

You can use route-map to do the same .

1.Create a access-list for listing the prime users source ips

access-list 1 permit x.x.x.x

access-list 1 permit y.y.y.y

2.Create a route-map to set the next-hop for prime users

route-map prime-users permit 10

match ip address 1

set interface s0

3.All others except the prime users would go through the S1

ip route 0.0.0.0 0.0.0.0 s1

In case your S0 goes down , the route-map will have no interface to put the packet as s0 is down , so it sends the traffic default to s1.

In case of s1 failure , have a higher metric route to s0 so that during failure you have a auto fallback

ip route 0.0.0.0 0.0.0.0 s1 200 ---- higher metric.

Hope this helps

regards

vanesh k

thanx for reply

tell me wat is the nating confguration for this

Hi

I have not tried this , pls configure to check it out

You need to do pat for making ur multiple users to access internet.

1.For specific users to go via S0

a. Access-list for the specific users already created

pat :

ip nat inside source list 1 interface s0 overload

b.Access-list for other users

access-list 2 permit x.x.x.0 0.0.0.255 --- if your internal segment is /24

pat :

ip nat inside source list 2 interface s1 overload

c.During S1 failure for all traffic to go via S0

access-list 3 permit x.x.x.0 0.0.0.255

ip nat inside source list 3 interface s0 overload

int s0

ip nat outside

int s1

ip nat outside

int e0

ip nat inside

ip policy route-map prime-user

Pls try and let us know the results

Hope this helps

regards

vanesh k

thanx i ll try this conf

but i already tryied this conf

i tried this confg

it just a example:-

lets prime user ip is 192.168.5.6

so i did configrutatin like that

access-list 1 permit 192.168.5.6 0.0.0.0

rout-map primeusers sequence 100

match ip address 1

set interface s1 s0

rout-map othersusers 2

set interface s0

ip nat inside source route-map primeusers interface s1

ip nat inside source route-map othersusers interface s0

int e0

ip nat inside

ip policy route-map primeuser

but when s1 is getting down packet it not going via s0

my dought is some problem with nating plz find out right configuration

Hi

Just add another acl

access-list 2 permit 192.168.5.0 0.0.0.255

and change this

ip nat inside source list 2 interface s0 overlaod .

Just try this config first and then try the config given by me

Hope this helps

regareds

vanesh k

thanx

i will go there on monday morning i ll try this u r frm which city?

i tried this confg

it just a example:-

lets prime user ip is 192.168.5.6

so i did configuration like this:-

access-list 1 permit 192.168.5.6 0.0.0.0

rout-map primeusers sequence 10

match ip address 1

set interface s1 s0

rout-map othersusers 20

match ip address 1

set interface s1 s0

route-map othersusers 30

set s0

ip nat inside source route-map primeusers interface s1

ip nat inside source route-map othersusers interface s0

int e0

ip nat inside

but when s1 is getting down packet it not going via s0

my dought is some problem with nating plz find out right configuration

Did you add the static route & policy-map commands that suggest by network.king ?

ip route 0.0.0.0 0.0.0.0 s0 <-- primary path

ip route 0.0.0.0 0.0.0.0 s1 200 <-- backup if s0 down

int e 0

ip policy-map otherusers

If you have the static route configured in the router, you need to set the normal traffic. You only need to specify the traffic which you want to route to s1 and apply it as policy-based routing.

i.e. if match the access-list, forward the packet to s1, otherwise, follow the routing table to forward the packet to s0.

Can you post the full config. then we can check it ?

Hope this helps.

i have 1721 router in this router i have two leased line in this.

my requirment

1. some prime users packet should go via Serial0

and rest useres packet should go via serial1

2. if s0 will dwon all prime users all shoul go via s1

can any body tell me configuration for this requirment

i tried this confg

it just a example:-

lets prime user ip is 192.168.5.6

so i did configuration like this:-

access-list 1 permit 192.168.5.6 0.0.0.0

rout-map primeusers sequence 10

match ip address 1

set interface s1 s0

rout-map othersusers 20

match ip address 1

set interface s1 s0

route-map othersusers 30

set s0

ip route 0.0.0.0 0.0.0.0 s1

ip route 0.0.0.0 0.0.0.0 s0

ip nat inside source route-map primeusers interface s1

ip nat inside source route-map othersusers interface s0

int e0

ip nat inside

but when s1 is getting down packet it not going via s0

my dought is some problem with nating plz find out right configuration

Hi Rohit,

Pls let me know wheter you tried the config given by me in the earlier post

regards

vanesh k

ya i aleary tryed that one but its not working

Thanks for the config. Please check my comments as below :

access-list 1 permit 192.168.5.6 0.0.0.0

access-list 2 permit any <-- add this for NAT

rout-map primeusers sequence 10

match ip address 1

set interface s0 <-- remove s1 and set s0 as next-hop

no rout-map othersusers 20 <-- no need this route-map

match ip address 1 <-- no need this route-map

set interface s1 s0 <-- no need this route-map

route-map othersusers 30 <-- no need this route-map

set s0 <-- no need this route-map

ip route 0.0.0.0 0.0.0.0 s1

ip route 0.0.0.0 0.0.0.0 s0 200 <-- Add flowing static to this route, s0 as backup path

ip nat inside source list 2 overload <-- change to use access-list 2 (all traffic) and add 'overload' for port address translation

ip nat inside source route-map othersusers interface s0 overload <-- remove this nat rule

int e0

ip nat inside

ip policy route-map primeuser <-- add this to enable policy-based routing

int s0

ip nat outside <-- add this for NAT

int s1

ip nat outside <-- add this for NAT

In above suggestion, the primary path is s1 for all user except prime user. Primeuser will use s0 for outgoing. If s0 down, the primeuser will use s1 for outgoing as same as other users. If s1 down, the floating-static will take effect that s0 will be the outgoing path for all users (including primeuser).

Please check below link for more information of different features :

NAT :

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a0080091cb9.shtml

PBR :

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a008075fae6.html

Floating-static :

http://www.cisco.com/en/US/tech/tk801/tk133/technologies_configuration_example09186a0080093d6e.shtml

Please read above links that let you understand the operation and the correct commands format.

Hope this helps.

thanx for this but my dought is

plzz can u give me the clear picture of nat cammond

in which interface i have to overload

we have interface so s1 which int i need do ovlerload

According to my suggestion. Both s0 & s1 should be enable overload, the reason is both links may be the backup for another, so you have to enable both.

However, the problem of your original config is not only the NAT and also the routing problem. Please try to follow my suggestion or Venash's suggestion to test it again.

Moreover, if you can provide FULL config.(w/o password shown) to us, we can help more.

And, please read the links that I provided, they are useful for you to understand the feature operation.

Hope this helps.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco