Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
287
Views
0
Helpful
2
Replies

NAT problem to two physical links to two ISPs

oj88
Level 1
Level 1

‎06-26-2007 04:47 PM - edited ‎03-03-2019 05:37 PM

I have a 'simple' dual-homed ISP using two default-routes. Here's the sample config:

int s0

ip add 1.1.1.1 255.255.255.252

ip nat outside

!

int s0

ip add 2.2.2.1 255.255.255.252

ip nat outside

!

int f0

ip add 192.168.1.1 255.255.255.0

ip nat inside

!

ip nat pool isp1 1.1.1.1 1.1.1.1 netmask 255.255.255.252

ip nat pool isp2 2.2.2.1 2.2.2.1 netmask 255.255.255.252

ip nat inside source list LAN pool isp1 overload

ip nat inside source list LAN_ pool isp2 overload

!

ip access-list standard LAN

permit 192.168.1.0 0.0.0.255

!

ip access-list standard LAN_

permit 192.168.1.0 0.0.0.255

!

ip route 0.0.0.0 0.0.0.0 1.1.1.2

ip route 0.0.0.0 0.0.0.0 2.2.2.2

!

end

Using the config above, outbound traffic gets load-shared between the two ISPs if both links are up, which is desireable. But if we were to simulate a failure on ISP1 (ie. put Serial0 in admin down), the LAN users gets disconnected and will not use ISP2 unless we remove the ip nat entry for the ISP1. What am I missing?

All the end user wanted is the ability to load-balance between their two ISPs and failover to the other ISP if one fails.

Labels:
0 Helpful
2 Replies 2

respe
Level 1
Level 1

‎06-26-2007 05:37 PM

here's a working config

conf t

int s0

ip add 1.1.x.x.255.255.252

ip nat outside

!

int s1

ip add 2.2.x.x.255.255.252

ip nat outside

!

int f0

ip add 192.168.1.1 255.255.255.0

ip nat inside

!

ip nat pool isp1 1.1.1.1 1.1.1.1 netmask 255.255.255.252

ip nat pool isp2 2.2.2.1 2.2.2.1 netmask 255.255.255.252

ip nat inside source route-map ISP1 pool isp1 overload

ip nat inside source route-map ISP2 pool isp2 overload

!

ip access-list standard LAN

permit 192.168.1.0 0.0.0.255

!

route-map ISP1

match ip address LAN

match interface S0

!

route-map ISP2

match ip address LAN

match interface S1

!

ip route 0.0.0.0 0.0.0.0 1.1.1.2

ip route 0.0.0.0 0.0.0.0 2.2.2.2

!

end

0 Helpful

spremkumar
Level 9
Level 9
In response to respe

‎06-27-2007 08:07 PM

Hi Roel

The config posted by you takes care of loadbalancing of the outgoing traffic which gets out of this customer LAN but in case of the incoming traffic to the customer network i dont think you have much control or you can expect the same kinda even balancing on the traffic is possible...

Though i havent tried this setup in a live scenario pls do let me know whether this has been implemented and have better performance with this kinda setup.

regds

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card