07-03-2013 08:21 AM - edited 03-07-2019 02:13 PM
Hello all, We are trying to load balance 2 isp with our 1941 router.
We have IPBase license. I've created the route-maps and the 2 defaul routes, but the router acts weird: all the connections (http, tracerts) that the router makes with ISP1, works perfectly, but with ISP2, it just give timeout most of the time. When I disable ISP1 interface, it works perfectly with ISP2.
Interfaces:
G0/1 = LAN
G0/0.10 = ISP1
F0/0/0 = ISP2
This is my running config:
Building configuration...
Current configuration : 11929 bytes
!
! Last configuration change at 20:19:03 PCTime Tue Jul 2 2013 by *
version 15.1
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 1941
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
clock timezone PCTime -4 30
!
no ipv6 cef
no ip source-route
ip cef
!
!
!
ip dhcp excluded-address 172.16.16.254
ip dhcp excluded-address 172.16.16.1 172.16.16.40
!
ip dhcp pool LAN
network 172.16.16.0 255.255.254.0
default-router 172.16.16.254
dns-server 172.16.16.122
!
!
!
ip flow-cache timeout active 1
no ip bootp server
ip name-server 172.16.16.122
multilink bundle-name authenticated
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-3106419311
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3106414311
revocation-check none
rsakeypair TP-self-signed-3106434246
!
!
crypto pki certificate chain TP-self-signed-3106434246
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33313036 34313933 3131301E 170D3132 30313239 31363535
34345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 31303634
31393331 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B4E5 55C253FE CA155DC2 71FB296A AEC8F9D7 93E4CB08 BC02A5E3 6465ED94
B41F3A4A FF69E4DD 3F7802A7 F6D08399 D8548549 FD6B7B03 74625101 723152A7
BB8C570D 9CF88368 BC8ABB37 1D8112D6 14C6FD2A 1A63942F 53CDC946 2050DEBF
249F5EB7 9E98C791 68C167B7 ED00A986 6FB12909 1A11B076 E8A5943F FE3D2C1D
C0950203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 14B813B8 01763845 258DEED9 445F1267 A9B4B127 DA301D06
03551D0E 04160414 B813B801 76384525 8DEED944 5F1267A9 B4B127DA 300D0609
2A864886 F70D0101 05050003 89684064 ACB4E083 BFF48CFE A45F422D 96ED2B9D
D454A689 418ACB5A D0B17AA0 34EB72D1 657AC4DF 9098EA9C 8A611797 A5FEA415
1A1880D9 EAAC2402 7E72BDD0 4DDBC764 1A7861CE F87963E8 52D37086 1FB0F900
56EE5DC2 6DD564A6 E79FB758 23600B17 5E2EC9E8 95D6E652 B95A339D 520D5B80
quit
license udi pid CISCO1941/K9 sn FTX16058
!
!
username admin privilege 15 secret 5 $1$ZhAI$1sz9yGHEJ8Ip5xPXRD03Z1
!
!
!
class-map match-any P2P
match protocol bittorrent
!
!
policy-map P2P
class P2P
drop
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
shutdown
!
interface GigabitEthernet0/0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
duplex full
speed 100
no mop enabled
!
interface GigabitEthernet0/0.10
description WAN VLAN
encapsulation dot1Q 1286
ip address 200.109.XXX.XXX 255.255.255.252
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly in
!
interface GigabitEthernet0/1
description LAN
ip address 172.16.16.254 255.255.254.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
no mop enabled
service-policy input P2P
service-policy output P2P
!
interface FastEthernet0/0/0
description NETUNO
ip address 190.6.XX.XX 255.255.255.252
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
service-policy input P2P
service-policy output P2P
!
interface FastEthernet0/0/1
no ip address
shutdown
duplex auto
speed auto
!
ip forward-protocol nd
!
ip http server
ip http access-class 7
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip flow-export version 5
ip flow-export destination 172.16.16.12 1050
!
ip nat pool desarrollos 200.109.XXX.XXX 200.109.XXX.XXX prefix-length 29
ip nat inside source route-map CANTV interface GigabitEthernet0/0.10 overload
ip nat inside source route-map NETUNO interface FastEthernet0/0/0 overload
ip nat inside source static tcp 172.16.16.136 80 200.109.XXX.XXX 80 extendable
ip nat inside source static tcp 172.16.16.122 80 200.109.XXX.XXX 80 extendable
ip nat inside source static tcp 172.16.16.127 81 200.109.XXX.XXX 81 extendable
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/0.10
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0/0
ip route 172.16.15.0 255.255.255.0 172.16.16.128
!
ip access-list extended cantv1
!
no cdp run
route-map NETUNO permit 10
match ip address 7
match interface FastEthernet0/0/0
!
route-map CANTV permit 10
match ip address 7
match interface GigabitEthernet0/0.10
!
!
snmp-server community XXXX WO
snmp-server ifindex persist
!
control-plane
!
!
!
line con 0
logging synchronous
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
exec-timeout 3 0
privilege level 15
logging synchronous
login local
transport input ssh
!
scheduler allocate 20000 1000
end
So, what am I missing?
Furthermore, I would like to work with NAT, but I really do not have idea where to start.
Cheers and thanks!
10-26-2013 08:01 PM
Hello, Hector
You solved your problem?
Try
ip route 0.0.0.0 0.0.0.0 200.109.XXX.XXX -----> next hop ISP 1
ip route 0.0.0.0 0.0.0.0 190.6.XX.XX -----> next hop ISP 1
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide