Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
703
Views
0
Helpful
3
Replies

IOS NAT Load Balancing w/ Failover Problem

exonetinf1nity
Level 1
Level 1

‎10-28-2009 06:28 AM - last edited on ‎03-25-2019 03:27 PM by Community Manager

Greetings, i am currently using the configuration below to provide failover between two DSL connections, all is working fine but i had expected outbound connections to be load balanced between the two DSL links on a round robin basis, however looking at the nat translations shows that only one of the links is being used, failover on the other hand works without issue.

track 1 ip sla 1 reachability

!

interface FastEthernet0/0

ip address 10.50.1.254 255.255.255.0

ip nat inside

ip tcp adjust-mss 1452

!

interface FastEthernet0/1

ip address 192.168.1.6 255.255.255.0

ip nat inside

ip tcp adjust-mss 1452

!

interface Dialer0

description WAN Interface

mtu 1492

ip address **********

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat outside

encapsulation ppp

dialer pool 1

!

interface Dialer1

description WAN Interface

mtu 1492

ip address **********

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat outside

encapsulation ppp

dialer pool 2

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 212.74.102.15 track 1

ip route 0.0.0.0 0.0.0.0 213.246.177.200 10

!

ip nat translation timeout 2

ip nat translation tcp-timeout 2

ip nat translation udp-timeout 2

ip nat translation icmp-timeout 2

!

ip nat inside source route-map opal interface Dialer1 overload oer

ip nat inside source route-map pipex interface Dialer0 overload oer

!

ip access-list extended dynamicNat

permit ip 10.50.1.0 0.0.0.255 any

permit ip 192.168.1.0 0.0.0.255 any

deny ip any any

!

ip sla 1

icmp-echo 212.74.102.15

frequency 5

ip sla schedule 1 life forever start-time now

!

route-map opal permit 10

match ip address dynamicNat

set ip next-hop 213.246.177.200

!

route-map pipex permit 10

match ip address dynamicNat

set ip next-hop verify-availability 212.74.102.15 1 track 1

!

Any assistance would be much appreciated.

Regards

Labels:
0 Helpful
3 Replies 3

exonetinf1nity
Level 1
Level 1

‎10-28-2009 07:07 AM

Think ive solved it by changing the preferance on the static routes from:

ip route 0.0.0.0 0.0.0.0 212.74.102.15 track 1

ip route 0.0.0.0 0.0.0.0 213.246.177.200 10

to

ip route 0.0.0.0 0.0.0.0 212.74.102.15 track 1

ip route 0.0.0.0 0.0.0.0 213.246.177.200

0 Helpful

exonetinf1nity
Level 1
Level 1
In response to exonetinf1nity

‎10-28-2009 03:15 PM

This does now appear to be working ask expected however the default gateway is showing as 213.246.177.200. I would have thought that 212.74.102.15 would take preferances even though they have the same metric.

Could i ask if anyone has had experience with a similar configuration?

Regards

0 Helpful

florianfz
Level 1
Level 1
In response to exonetinf1nity

‎09-02-2014 02:11 PM

Hi 

Thank you for this post man ! this have been so useful. I experienced almost the same problem the router was load balancing well, but the failover was not occuring well between both equal default route.

After using those command: ip nat translation timeout for tcp icmp and udp all the system has worked propertly.  yeah you need a Big bottle of Jack Daniel  :)    the funniest thing behind is that help me 5 years After......................!!!!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card