04-19-2012 04:07 AM - edited 03-04-2019 04:04 PM
Hi,
I have a router Cisco 1901 with 4 links ADSL load balancing, when I activate the links 4, DNS resolution become very slow.
Can someone help me to solve this problem
below the router configuration:
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Ministere-Emploi
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
ip cef load-sharing algorithm original
!
!
!
ip dhcp excluded-address 172.16.1.1 172.16.1.41
!
!
ip name-server 212.217.0.1
ip name-server 8.8.8.8
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-1682566680
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1682566680
revocation-check none
rsakeypair TP-self-signed-1682566680
!
!
crypto pki certificate chain TP-self-signed-1682566680
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31363832 35363636 3830301E 170D3132 30323038 31303339
30305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36383235
36363638 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100BDC9 C6621A92 0ECC2818 D0E228A7 B1FCB08B 445A4ED2 14E24DDD 878C0F9A
FE579B4D E4C101C7 5AAAC26D 0AE3AA7C F3BE41E6 DDA73BF6 DEC3C1D5 FB3B343F
6EAD2CF1 BE89A19F 18AF8409 C54E5B5F 58CA6FE4 C4FDFF9A DC0B9308 D409C8C3
F1E914E0 C9351F20 4ABD82D9 6546B459 54570805 B6116F99 123C59E8 6A3395E3
8D410203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14FDF774 2DB13897 9CA162D1 3F2E4D59 626547CB 66301D06
03551D0E 04160414 FDF7742D B138979C A162D13F 2E4D5962 6547CB66 300D0609
2A864886 F70D0101 05050003 8181003B 951E5042 22A2EE53 01D5DEC8 EB17882C
01915FD0 30C903ED 22B73BAB 6DD7B68A F1AFC81C E5CCF619 1DBBDF3F B2367F8E
793F8224 CC8B5EA8 00533AC6 81EB99F3 5C7FB9E5 1135895F 4ABADF3A 74B71014
FD4C9449 F7C13575 4D55EA04 357B29D8 E713DF25 A04E5F88 8B37679B C5F567A3
65AFBDB1 FBD14CD7 C44BC5F8 7D9A7D
quit
license udi pid CISCO2901/K9 sn FCZ1550C45F
license boot module c2900 technology-package datak9
!
!
username emploi privilege 15 secret 5 <removed>
!
redundancy
!
!
ip ssh time-out 60
!
track 1 interface Dialer0 ip routing
!
track 2 interface Dialer1 ip routing
!
track 3 interface Dialer2 ip routing
!
track 4 interface Dialer3 ip routing
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description $ES_LAN$
ip address 192.168.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1452
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
no atm ilmi-keepalive
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface ATM0/1/0
no ip address
no atm ilmi-keepalive
pvc 8/35
pppoe-client dial-pool-number 2
!
!
interface ATM0/2/0
no ip address
no atm ilmi-keepalive
pvc 8/35
pppoe-client dial-pool-number 3
!
!
interface ATM0/3/0
no ip address
no atm ilmi-keepalive
pvc 8/35
pppoe-client dial-pool-number 4
!
!
interface Dialer0
mtu 1492
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp chap hostname emploi1
ppp chap password 0 123456
ppp pap sent-username emploi1 password 0 123456
ppp multilink
!
interface Dialer1
mtu 1492
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 2
dialer-group 2
ppp chap hostname emploi2
ppp chap password 0 123456
ppp pap sent-username emploi2 password 0 123456
!
interface Dialer2
mtu 1492
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 3
dialer-group 3
ppp chap hostname emploi3
ppp chap password 0 123456
ppp pap sent-username emploi3 password 0 123456
!
interface Dialer3
mtu 1492
ip address negotiated
ip nat outside
ip virtual-reassembly in
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 4
dialer-group 4
ppp chap hostname emploi4
ppp chap password 0 123456
ppp pap sent-username emploi4 password 0 123456
!
!
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source route-map ADSL1 interface Dialer0 overload
ip nat inside source route-map adsl1 interface Dialer0 overload
ip nat inside source route-map adsl2 interface Dialer1 overload
ip nat inside source route-map adsl3 interface Dialer2 overload
ip nat inside source route-map adsl4 interface Dialer3 overload
ip route 0.0.0.0 0.0.0.0 Dialer0 track 1
ip route 0.0.0.0 0.0.0.0 Dialer1 track 2
ip route 0.0.0.0 0.0.0.0 Dialer2 track 3
ip route 0.0.0.0 0.0.0.0 Dialer3 track 4
!
access-list 11 permit 192.168.10.0 0.0.0.255
!
!
!
!
route-map adsl2 permit 10
match ip address 11
match interface Dialer1
!
route-map adsl3 permit 10
match ip address 11
match interface Dialer2
!
route-map adsl1 permit 10
match ip address 11
match interface Dialer0
!
route-map adsl4 permit 10
match ip address 11
match interface Dialer3
!
!
!
control-plane
!
!
!
line con 0
password <removed>
login
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output lat pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
privilege level 15
password <removed>
login local
transport input ssh
transport output telnet
line vty 5 15
privilege level 15
login local
transport input telnet
transport output ssh
!
scheduler allocate 20000 1000
end
04-24-2012 06:44 AM
It depends on which DNS servers you are using. I had a similar problem. It turned out that the problem was that I had a DNS server set for each of my providers but the load balancing was not sending the queries out the correct links. When I sent out a query to an DNS server on the ISP1 network, it might have gone though an ISP2 link and ISP1 would deny it (since it was coming from outside the network).
My fix was to create static routes for each of the DNS server out the correct link.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide