Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1042
Views
0
Helpful
7
Replies

dual ISP multihoming on an 1811 router

Go to solution
thomasdzubin
Level 1
Level 1

‎10-11-2007 01:21 PM - edited ‎03-03-2019 07:08 PM

I have a client with an 1811 router (two "WAN" ports: FE0 & FE1) who wants to connect both WAN ports up to two different ISPs for either load-balancing or a simple fail-over system. I've done some Google-ing and most of the multi-homing scenarios involve complicated BGP setups. Is there a simpler way? They don't have any outside-to-inside initiated traffic (people on the LAN basically just surf the Internet)

Their FE2-FE9 ports (Vlan1) are on a NAT-ed subnet 192.168.1.x and so the router must be keeping track of inside-to-outside flows and I would think it would be simple just to send one NAT flow to one WAN interface, and the next NAT flow to the second interface, and continuing back and forth... or am I missing something?

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
paolo bevilacqua
Hall of Fame
Hall of Fame
In response to thomasdzubin

‎10-12-2007 08:17 AM

Yes. The problem arises when one interface is up but has no connectivity. There are anyway advanced configurations that can overcome this problem also.

View solution in original post

0 Helpful

Go to solution
alose
Level 1
Level 1
In response to paolo bevilacqua

‎05-09-2008 04:28 PM

Someone else posted this, I think this is what you are looking for:

ip sla 1

icmp-echo ip1 source-interface FastEthernet1

timeout 1000

threshold 30

frequency 3

ip sla schedule 1 life forever start-time now

ip sla 2

icmp-echo ip2 source-interface FastEthernet0

timeout 1000

threshold 30

frequency 3

ip sla schedule 2 life forever start-time now

track 100 rtr 1 reachability

!

track 101 rtr 2 reachability

ip route 0.0.0.0 0.0.0.0 ip1 track 100

ip route 0.0.0.0 0.0.0.0 ip2 track 101

ip nat inside source route-map ISP1 interface FastEthernet0 overload

ip nat inside source route-map ISP2 interface FastEthernet1 overload

!

access-list 100 permit ip 172.16.30.0 0.0.0.255 any

!

!

!

route-map ISP1 permit 10

match ip address 100

match interface FastEthernet0

!

route-map ISP2 permit 10

match ip address 100

match interface FastEthernet1

This is working fine for outgoing traffic.

Basic operations, if you have no incoming services I think it will meet your need.

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Pavel Bykov
Level 5
Level 5

‎10-11-2007 01:51 PM

Definetely. In fact, BGP is meant for more complex situations, like smaller SNMP, return traffic manipulation, control etc.

Normally you would achieve desired result using static routes. If you create two identical static routes, than your internal router mechnaizms will load balance automatically between two paths. There could be a problem though, if the packet returns on an opposite port that it was sent, and dynamic NAT entry has to have this record in place for all the applicants.

0 Helpful

Go to solution
paolo bevilacqua
Hall of Fame
Hall of Fame
In response to Pavel Bykov

‎10-11-2007 02:02 PM

Luckily with multiple ISP NAT, packets will never return on another interface than the one they were sent out.

This is because packets are sourced from ISP-specific address space and to there they will be replied.

0 Helpful

Go to solution
thomasdzubin
Level 1
Level 1
In response to paolo bevilacqua

‎10-12-2007 07:55 AM

So are you saying (I'm hoping) that I just need to set up the WAN interfaces (both as "ip nat outside"), set up two identical cost static routes to these interfaces and it will load balance auto-magically? (I love that word)

That is great news.

0 Helpful

Go to solution
paolo bevilacqua
Hall of Fame
Hall of Fame
In response to thomasdzubin

‎10-12-2007 08:17 AM

Yes. The problem arises when one interface is up but has no connectivity. There are anyway advanced configurations that can overcome this problem also.

0 Helpful

Go to solution
Pavel Bykov
Level 5
Level 5
In response to paolo bevilacqua

‎10-12-2007 11:31 AM

Like IP SLA?

0 Helpful

Go to solution
paolo bevilacqua
Hall of Fame
Hall of Fame
In response to Pavel Bykov

‎10-12-2007 12:33 PM

Yes, plus eem as needed, and the latest as found by Edison, oer keyword in nat statements.

0 Helpful

Go to solution
alose
Level 1
Level 1
In response to paolo bevilacqua

‎05-09-2008 04:28 PM

Someone else posted this, I think this is what you are looking for:

ip sla 1

icmp-echo ip1 source-interface FastEthernet1

timeout 1000

threshold 30

frequency 3

ip sla schedule 1 life forever start-time now

ip sla 2

icmp-echo ip2 source-interface FastEthernet0

timeout 1000

threshold 30

frequency 3

ip sla schedule 2 life forever start-time now

track 100 rtr 1 reachability

!

track 101 rtr 2 reachability

ip route 0.0.0.0 0.0.0.0 ip1 track 100

ip route 0.0.0.0 0.0.0.0 ip2 track 101

ip nat inside source route-map ISP1 interface FastEthernet0 overload

ip nat inside source route-map ISP2 interface FastEthernet1 overload

!

access-list 100 permit ip 172.16.30.0 0.0.0.255 any

!

!

!

route-map ISP1 permit 10

match ip address 100

match interface FastEthernet0

!

route-map ISP2 permit 10

match ip address 100

match interface FastEthernet1

This is working fine for outgoing traffic.

Basic operations, if you have no incoming services I think it will meet your need.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card