Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
275
Views
0
Helpful
1
Replies

Multi-Homing with NAT -- Problem --

signal
Level 1
Level 1

‎08-31-2004 05:07 PM - edited ‎03-02-2019 06:09 PM

I am trying to Multi-Home a customer using only NAT and static routing. The customer is two small to get their own IP space, and this is just the way they would like this done. They have no servers that need reachability from the Internet......the multi-homing is just to give them two points of access to the internet to surf from.

I am using dual default routes, and then NAT with route-maps to make sure the traffic gets translated to the appropriate IP address for the link it is going out over. I have tried both fast switching and netflow switching and I am seeing problems. It works but their appears to be packet loss, it will work fine for a bit but then lock for quite some time, start working again but very choppy.

I am going to go back out to the site and do some more extensive debugging to get an idea of what may be going on. I wanted to post the config to see if anyone has any thoughts on why this won't work or what I may need to change.

If I just default out one Serial, it works fine. Either serial works as it should, and there are no connectivity issues. But with the double defaults, thats where i see the problem.

interface FastEthernet0

ip address 66.0.102.181 255.255.255.248 secondary

ip address 192.168.1.1 255.255.255.0

ip nat inside

speed auto

!

interface Serial0

description ShreveNet T1

ip address 207.254.221.150 255.255.255.252

ip nat outside

!

interface Serial1

no ip address

encapsulation frame-relay

frame-relay lmi-type ansi

!

interface Serial1.1 point-to-point

description ITCDeltaComm

ip address 10.20.18.166 255.255.255.252

ip nat outside

frame-relay interface-dlci 100 IETF

!

ip nat pool deltacom 66.0.102.177 66.0.102.177 netmask 255.255.255.248

ip nat inside source route-map ToDeltacom pool deltacom overload

ip nat inside source route-map ToShreveNet interface Serial0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0

ip route 0.0.0.0 0.0.0.0 Serial1

ip route 207.254.192.0 255.255.224.0 Serial0

no ip http server

!

!

access-list 1 permit 192.168.1.0 0.0.0.255

access-list 2 permit 192.168.1.0 0.0.0.255

!

route-map ToDeltacom permit 10

match ip address 1

match interface Serial1.1

!

route-map ToShreveNet permit 10

match ip address 2

match interface Serial0

I appreciate any help you can give me on this.

Brian Feeny, CCIE #8036, CISSP

Labels:
0 Helpful
1 Reply 1

Georg Pauwen
VIP
VIP

‎08-31-2004 09:29 PM

Hello Brian,

my first thought is, there might be a problem with the way traffic gets translated and the way the return traffic flows, since your entire address space is NATted at both outside interfaces with no preference for one or the other. You might want to try and cut your address space in half:

access-list 1 permit 192.168.1.0 0.0.0.128

access-list 2 permit 192.168.1.128 0.0.0.128

to make the traffic flow more deterministic.

HTH,

Georg

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card