Solved: Link Load sharing using application port numbers

dpugalendi.d · ‎09-08-2011

Dear Team,

I am having two - 4Mbps links connected to Location A to B , i would like to send Mail , Browsing and FTP traffic only via link 2 , and all other traffic via Link1 ,

The Router is Cisco2921 with Security IOS Enabled , Could you please suggest commands and documents reagarding the same

cadet alain · ‎09-08-2011

Hi,

you don't need natting if you don't want to but I gave you the most comprehensive config I could supposing you were natting traffic.

Alain.

Don't forget to rate helpful posts.

View solution in original post

cadet alain · ‎09-08-2011

Hi,

You can use PBR to achieve what you want.

here is an example config:

int f0/0

description LAN interface

ip add 10.1.1.254 255.255.255.0

ip policy route-map POLICY-ROUTING

ip nat inside

no sh

int s0/0

description link1

ip add 192.168.1.254 255.255.255.0

ip nat outside

no sh

int s0/1

description link2

ip add 192.168.2.254 255.255.255.0

ip nat outside

no sh

access-list 1 permit 10.1.1.0 0.0.0.255

access-list 100 permit tcp 10.1.1.0 0.0.0.255 any eq 25

access-list 100 permit tcp 10.1.1.0 0.0.0.255 any eq 80

access-list 100 permit tcp 10.1.1.0 0.0.0.255 any eq 21

access-list 100 permit tcp 10.1.1.0 0.0.0.255 any eq 20

access-list 100 permit tcp 10.1.1.0 0.0.0.255 any eq 443

access-list 100 permit tcp 10.1.1.0 0.0.0.255 eq 20 any

access-list 100 permit tcp 10.1.1.0 0.0.0.255 eq 21 any

route-map NAT-LINK1 permit 10

match ip add 1

match interface s0/0

route-map NAT-LINK2 permit 20

match ip add 1

match interface s0/1

ip nat inside source route-map NAT-LINK1 interface s0/0 overload

ip nat inside source route-map NAT-LINK2 interface s0/1 overload

route-map POLICY-LINK1permit 10

match ip address 100

set interface s0/0

route-map POLICY-LINK2 permit 10

set interface s0/1

Regards.

Alain.

Don't forget to rate helpful posts.

dpugalendi.d · ‎09-08-2011

GREAT , mostly matching to my problem , but can you just explain me why we need NATTING on this ?

cadet alain · ‎09-08-2011

Hi,

you don't need natting if you don't want to but I gave you the most comprehensive config I could supposing you were natting traffic.

Alain.

Don't forget to rate helpful posts.

dpugalendi.d · ‎09-08-2011

One more clarification,

1 . Whether we need to apply this "ip policy route-map POLICY-ROUTING" in

only LAN interface ? or any other interface is possible ?

2. If only on LAN interface then , i can able to apply only one policy to

one interface , then my next policy for LINK2 ?

On Thu, Sep 8, 2011 at 5:09 PM, cadetalain <

cadet alain · ‎09-08-2011

Hi,

1)PBR can only be applied inbound on the interface where the src packets are coming in or it can be used for router traffic with the ip local policy route-map command

2)All 2 policies are taken into account in the route map the 10 clause if for link1 traffic and the 20 clause matches all other traffic which will get to link2

Regards.

Alain.

Don't forget to rate helpful posts.

shehinpm1 · ‎09-08-2011

Hi,

The scenario is very clear,for this requirement nating is not required,u have to do PBR in u r router if u r terminated those

2 links in your in router.in route-map classify only that perticular traffic which u send to link 2,other traffic wll go through

other ink bcoz policy based routing will take the action before routing protocol decision.