We have a client who have taken a internet connectivity from us. This client already having a another internet connectivity from some another provider. They want to operate on both the connectivity simultaneously. Attached is the network current network connectivity scenario in which we are representing ourselves as PROVER-B.
At present PROVIDER-A wan link is connected on client router Gig0/0 interface (18.104.22.168/29), and we (PROVIDER-B) connected on client router Gig0/1 interface(22.214.171.124/29). TWO default route is configured on client router towards both provider’s network i.e.
ip route 0.0.0.0 0.0.0.0 126.96.36.199 name Provider_A
ip route 0.0.0.0 0.0.0.0 188.8.131.52 name Provider_B
Client router Gig0/1/1 interface (172.16.0.1/24) is connected with LAN L-3 switch from where customer’s LAN HOST are connected (with private natted IPs of 172.16.0.XX pool).
Please find the configs of WAN/LAN interfaces from customer router :-
description +++ Connected to Provider-A+++
ip address 184.108.40.206 255.255.255.248
ip nat outside
description +++ Connected to Provider-B +++
ip address 220.127.116.11 255.255.255.248
ip nat outside
description +++ Connected to L3 Switch +++
ip address 172.16.0.1 255.255.255.0
ip nat inside
ip nat inside source static 172.16.0.3 18.104.22.168
ip nat inside source static 172.16.0.8 22.214.171.124
[PC with private IP 172.16.0.3 is binded with Provider-A ip 126.96.36.199 and …….PC with private IP 172.16.0.8 is binded with our(Provider-B) ip 188.8.131.52]
Note- These NATTED PC are having single LAN card.
Problem :- Problem we are facing that at our end router(Provider-B) on which this client internet connectivity is connected. We always getting high “input” traffic i.e. Upload traffic from customer (even when customer is not accessing/browsing on our network) and output traffic on our router interface is almost very small. Like below , which is recently taken from our router respective interface when client is not using /acessing network.
30 second input rate 634000 bits/sec, 310 packets/sec
30 second output rate 2000 bits/sec, 2 packets/sec
Sometime client is not able to browse by using our network. After removing the default route towards our WAN IP from client router and then again adding it , browsing happening. This is the only point of conclusion with is till time. We have checked almost thigs , but suspecting some routing or configuration related issue. Please suggest if the existing configs on client router is proper or if any need to add or remove any command.
*** => Client don't have any plan for future to segragate the LAN (private) IP pool for both the Providers. They want to use with current IP scheme configured.
As client setup is not well explained so I have made some assumptions about things which could go wrong at client side. a total different perspective of solving the issue (logically yes but not sure if it make sense in pure technical terms)-
1) Upstream traffic is high - possibly its not an issue, as at the client side two default routes so upstream traffic is load balanced
2) Now about the downstream traffic - Now client has two hosts and question for the client side
- if both the hosts have been used for internet browsing (proxy kind of setup), it is possible that only the host which is NATed with Service provider A is the one who is catering to the load right now, so when you delete the default route towards Service provider B, browsing works fine
Capture the netflow traffic which is entering your router, which could help you clarify if any traffic with source address 184.108.40.206 is coming your way.
in nutshell, along with configuration thing, get more clraity on client side setup and then based on client setup & requirement, check for useful ways of configuring the client router (as marwanshawi recommended)
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...