08-12-2016 07:30 AM - edited 03-08-2019 06:58 AM
Hello everyone
What we have
WAN1, WAN2, LAN1, LAN2
Simply 2 conditions:
1) we need to route and provide access to internet for LAN1 only over WAN1 and if WAN1 failed - failover to WAN2
2) LAN2 should work always over WAN2, and switch to WAN1 only if it failed.
What i have configured in GNS test scenario you can find in attachment, tracking, pbr, nat route-map.. everything looks fine.
Here is how configuration is looks like:
R1#show runn
Building configuration...
version 15.2
hostname R1
ip tcp synwait-time 5
ip ssh version 1
!
track 1 ip sla 1 reachability
!
track 2 ip sla 2 reachability
!
!
interface FastEthernet0/0
description WAN1
ip address 10.1.1.1 255.255.255.0
ip nat outside
ip virtual-reassembly in
!
interface FastEthernet0/1
description WAN2
ip address 10.2.1.1 255.255.255.0
ip nat outside
ip virtual-reassembly in
!
interface Ethernet1/0
description LAN172
ip address 172.24.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip policy route-map WAN1
!
interface Ethernet1/1
description LAN192
ip address 192.168.0.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip policy route-map WAN2
!
!
ip nat inside source route-map SNAT interface FastEthernet0/0 overload
ip nat inside source route-map SNAT2 interface FastEthernet0/1 overload
!
ip sla auto discovery
ip sla 1
icmp-echo 10.1.1.2
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 10.2.1.2
ip sla schedule 2 life forever start-time now
access-list 1 permit 172.24.0.0 0.0.0.255
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 10 permit 172.24.0.0 0.0.0.255
access-list 20 permit 192.168.0.0 0.0.0.255
no cdp log mismatch duplex
!
route-map SNAT permit 10
match ip address 1
match interface FastEthernet0/0
!
route-map SNAT2 permit 10
match ip address 1
match interface FastEthernet0/1
!
route-map WAN1 permit 10
match ip address 10
set ip next-hop verify-availability 10.1.1.2 1 track 1
set ip next-hop verify-availability 10.2.1.2 2 track 2
!
route-map WAN2 permit 10
match ip address 20
set ip next-hop verify-availability 10.2.1.2 1 track 2
set ip next-hop verify-availability 10.1.1.2 2 track 1
!
!
end
at GNS3 it is working fine as i can see, all packets from R9 is going in correct way to R5 and R6
But in real life, when i export that config to working 1921 switch with c1900-universalk9-mz.SPA.154-3.M3.bin i have a packet losses near 40-50% Like it is trying to work over second subnet and dropped, and so on.
Nothing special on real equipment, same commands.. The only thing that I am using 7200 image 15.2 in GNS3.
But i dont thing this could be the reason?
I on working on this topic almost second week, may be you can show me what i am doing wrong?
Thank you beforehands!
09-06-2016 12:11 AM
no one follow this?
09-06-2016 12:18 AM
Hello Howard,
i am still working on this case, for now have only solution with "load balancing" between 2 ISPs, a little different from initial approach. This case will also work for my scenario.
It is still same conditions, with a little modification in config, and i have balancing
Like 1 ISP - 8 mbit
2nd ISP - 8 mbit
LAN1 can utilize both channels, but limited to 10 mbit
LAN2 - same thing
So a little better throughput then planned, but will not work in some other scenarios.
May be someone here will point me correct direction and i can optimize/test my schema later.
Regards,
Sergii
09-06-2016 12:30 AM
Hello sergii,
Tks, I just want to know how to configure 2 WANs for 1 LAN user..
and then searched your this question.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide