«

Hello
I am in this situation:

I have a single site with two internet connections:

Primary Line: RFC1483 SHDSL 4Mbit/symmetric
Backup line: RFC1483 ADSL 2048down/512upload

They are configured in this way:


SHDSL: public ip address 1.1.1.2 - point to point 1.1.1.1

ADSL: public ip address 2.2.2.2 - point top oint 2.2.2.1

public range
90.90.90.208/29 default GW 209
this range is routed on the SHDSL link.

-------------
They are usually configured in this way:


First router SHDSL:
ATM0/0.1 point to point - 1.1.1.2
eth0/0 - 192.168.1.254/24 "lan"
default route 0.0.0.0 0.0.0.0 1.1.1.1

Second router ADSL:
ATM0/0.1 point to point - 2.2.2.2
eth0/0 - 192.168.1.253/24 "lan"
default route 0.0.0.0 0.0.0.0 2.2.2.1

They are connected to the same switch. My clients, in the range 192.168.1./0
if they use gw 192.168.1.254 go to the internet via the shdsl router, if
they use the .253 exits via the adsl link.

Then I want to use my public /29 IP:
1) first solution:

Now on the first router i put the /29 public link on the loopback0 interface
as the following:
int loopback0
ip addr 90.90.90.209 255.255.255.248

When I need to publish a service, I pat one of the public server as the
following:
ip nat inside source static tcp 192.168.1.10 80 90.90.90.210 80 ext

When I ned to NAT statically, i can nat statically the whole public IP I
choose (from my public range) to a "private" ip address.
Everything should work till now.

2) second solution:
I put on a different phisical interface on the first router, example ETH0/1:
int eth0/1
ip addr 90.90.90.209 255.255.255.248
then I put directly the public ip on the servers I connect to this
interface.
---------------------------------
I prefer the first solution, and I'd like to put the server on a different
network (DMZ) example 172.16.0.1/24
Assuming that I will use the first solution, please read onwards:

NOW IS THE CHALLENGE:
I put the two router in HSRP, using object tracking of the reachability (via
icmp ping) of the public point-to-point link, example the ip 1.1.1.1 for the
shdsl and the 2.2.2.1 for the adsl.
I create a virtual ip for hsrp example 192.168.1.250, and i set this gw on
the clients on the lan subnet.
using object tracking i can set the default route path, 2.2.2.1 or 1.1.1.1
depening on the reachability.
so the clients on the lan can go out with the shdsl or the adsl. ok?

WELL:

The challenge is here: can this work?
If i put on the loopback of both routers the wan ip of the /29, (i have
already spoken with my isp that manage to "re-route" on the shdsl or the
adsl the /29 range, if one of my routers is not reachable), and if they have
mapped some ports (example: 90.90.90.210:80 -> 192.168.1.10:80 set on both
router, setting the "redudancy option" as stated in the cisco docs), could
it works? In this config, that may seem complicate, the public range should
be reachable on both connections without any reconfigurations of the
servers?

My ISP suggested me to put both connection on the same router and using on
the (example) eth0/0 the first ip of the /29... but I want to have full
redundancy and so I want to use one router for each connectivity.

May that work?

Thank you