Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
330
Views
0
Helpful
1
Replies

Load balancing over 2 ISPs based on subnets

amr2020eg
Level 1
Level 1

‎04-10-2018 12:34 AM - edited ‎03-05-2019 10:15 AM

I am preparing configuration to support below requirements

Subnet1 172.29.3.0/25 use dialer1 internet link

Subnet2 172.29.3.128/25 user F0/1 internet link

Both subnets connect to HQ through s0/1/0network.JPG

 

 

This is the new configuration which i have created. i want to review it if it will work there or i need some changes

 

hostname Branch1
!
boot-start-marker
boot system flash:c2800nm-advipservicesk9-mz.124-22.T.bin
boot-end-marker
!
logging message-counter syslog
logging buffered 40960
!
no aaa new-model
!
dot11 syslog
ip source-route
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 172.29.3.1 172.29.3.10
ip dhcp excluded-address 172.29.4.1 172.29.4.10
ip dhcp excluded-address 172.29.3.129 172.29.3.139
!
ip dhcp pool Voice
network 172.29.4.0 255.255.255.224
default-router 172.29.4.1
option 150 ip 172.25.1.250
!
ip dhcp pool Data
network 172.29.3.0 255.255.255.128
default-router 172.29.3.1
dns-server 192.168.0.29 192.168.0.2 4.2.2.2 4.2.2.3
!
ip dhcp pool Data2
network 172.29.3.128 255.255.255.128
default-router 172.29.3.1
dns-server 192.168.0.29 192.168.0.2 4.2.2.2 4.2.2.3
!
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!


!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
!
interface FastEthernet0/0.2
description <<DATA VLAN INTERFACE>>
encapsulation dot1Q 2
ip address 172.29.3.1 255.255.255.128
ip nat inside
ip virtual-reassembly
!
interface FastEthernet0/0.3
description <<VOICE VLAN INTERFACE>>

 

 

Many Thanks,

Amr
encapsulation dot1Q 3
ip address 172.29.4.1 255.255.255.224
h323-gateway voip interface
h323-gateway voip bind srcaddr 172.29.4.1
!
interface FastEthernet0/0.4
description <<DATA2 VLAN INTERFACE>>
encapsulation dot1Q 4
ip address 172.29.3.129 255.255.255.128
ip nat inside
ip virtual-reassembly
!
interface FastEthernet0/1
description "ISP2"
ip address 192.168.1.2 255.255.255.252
ip nat outside
ip virtual-reassembly

!
interface ATM0/0/0
no ip address
no atm ilmi-keepalive
!
interface ATM0/0/0.35 point-to-point
pvc 0 0/35
pppoe-client dial-pool-number 1
!
!
interface Serial0/1/0
no ip address
encapsulation frame-relay IETF
frame-relay lmi-type q933a
!
interface Serial0/1/0.16 point-to-point
description "VPN To HQ"
ip address 172.30.200.2 255.255.255.252
ip nat inside
ip virtual-reassembly
snmp trap link-status
frame-relay interface-dlci 16

!
interface Dialer1
description "ISP1"
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
ppp authentication pap chap callin
ppp chap hostname ****
ppp chap password 7 *****
ppp pap sent-username **** password 7 *****
!

!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip route 10.0.0.0 255.0.0.0 Serial0/1/0.16
ip route 172.0.0.0 255.0.0.0 Serial0/1/0.16
ip route 192.168.0.0 255.255.255.0 Serial0/1/0.16
no ip http server
no ip http secure-server
!
!
ip nat inside source route-map ISP1 interface Dialer1 overload
ip nat inside source route-map ISP2 interface fastethernet0/1 overload
!
access-list 101 permit ip 172.29.3.0 0.0.0.127 any
access-list 102 permit ip 172.29.3.129 0.0.0.127 any

route-map ISP1 permit 20
match ip address 101
match interface dialer1

route-map ISP2 permit 20
match ip address 102
match interface fastethernet0/1


!
!
!
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip

!
mgcp fax t38 ecm
!
sccp local FastEthernet0/0.3
sccp ccm 172.25.1.250 identifier 1 priority 1 version 3.1
sccp
!

!

 

Labels:
0 Helpful
1 Reply 1

Richard Burts
Hall of Fame
Hall of Fame

‎04-10-2018 02:47 PM

There are several things in this config that puzzle me. But they are incidental to the main question of the original post, which is that one inside subnet should use one route to outside while the other subnet uses a different route to outside and that both would use the same route to the HQ. To achieve that requirement you need to implement Policy Based Routing. PBR is applied to the interface which receives the traffic from the source subnet. PBR uses a route map to select the traffic to which it will act and then sets the next hop for that traffic to use the particular outbound interface. So you will need a route map for each source subnet. Each route map will use a match statement referencing an access list. The ACL will deny the source of its own subnet and destination of HQ and in the next statement will permit the source of its subnet to any.

 

HTH

 

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card