[LONG - for experts] Configuring redundancy for a /29 public range

Discussion in 'Cisco' started by Elia Spadoni, Apr 3, 2008.

  1. Elia Spadoni

    Elia Spadoni Guest

    Hello
    I am in this situation:

    I have a single site with two internet connections:

    Primary Line: RFC1483 SHDSL 4Mbit/symmetric
    Backup line: RFC1483 ADSL 2048down/512upload

    They are configured in this way:


    SHDSL: public ip address 1.1.1.2 - point to point 1.1.1.1

    ADSL: public ip address 2.2.2.2 - point top oint 2.2.2.1

    public range
    90.90.90.208/29 default GW 209
    this range is routed on the SHDSL link.

    -------------
    They are usually configured in this way:


    First router SHDSL:
    ATM0/0.1 point to point - 1.1.1.2
    eth0/0 - 192.168.1.254/24 "lan"
    default route 0.0.0.0 0.0.0.0 1.1.1.1

    Second router ADSL:
    ATM0/0.1 point to point - 2.2.2.2
    eth0/0 - 192.168.1.253/24 "lan"
    default route 0.0.0.0 0.0.0.0 2.2.2.1

    They are connected to the same switch. My clients, in the range 192.168.1./0
    if they use gw 192.168.1.254 go to the internet via the shdsl router, if
    they use the .253 exits via the adsl link.

    Then I want to use my public /29 IP:
    1) first solution:

    Now on the first router i put the /29 public link on the loopback0 interface
    as the following:
    int loopback0
    ip addr 90.90.90.209 255.255.255.248

    When I need to publish a service, I pat one of the public server as the
    following:
    ip nat inside source static tcp 192.168.1.10 80 90.90.90.210 80 ext

    When I ned to NAT statically, i can nat statically the whole public IP I
    choose (from my public range) to a "private" ip address.
    Everything should work till now.

    2) second solution:
    I put on a different phisical interface on the first router, example ETH0/1:
    int eth0/1
    ip addr 90.90.90.209 255.255.255.248
    then I put directly the public ip on the servers I connect to this
    interface.
    ---------------------------------
    I prefer the first solution, and I'd like to put the server on a different
    network (DMZ) example 172.16.0.1/24
    Assuming that I will use the first solution, please read onwards:

    NOW IS THE CHALLENGE:
    I put the two router in HSRP, using object tracking of the reachability (via
    icmp ping) of the public point-to-point link, example the ip 1.1.1.1 for the
    shdsl and the 2.2.2.1 for the adsl.
    I create a virtual ip for hsrp example 192.168.1.250, and i set this gw on
    the clients on the lan subnet.
    using object tracking i can set the default route path, 2.2.2.1 or 1.1.1.1
    depening on the reachability.
    so the clients on the lan can go out with the shdsl or the adsl. ok?

    WELL:

    The challenge is here: can this work?
    If i put on the loopback of both routers the wan ip of the /29, (i have
    already spoken with my isp that manage to "re-route" on the shdsl or the
    adsl the /29 range, if one of my routers is not reachable), and if they have
    mapped some ports (example: 90.90.90.210:80 -> 192.168.1.10:80 set on both
    router, setting the "redudancy option" as stated in the cisco docs), could
    it works? In this config, that may seem complicate, the public range should
    be reachable on both connections without any reconfigurations of the
    servers?

    My ISP suggested me to put both connection on the same router and using on
    the (example) eth0/0 the first ip of the /29... but I want to have full
    redundancy and so I want to use one router for each connectivity.

    May that work?

    Thank you
    Elia Spadoni, Apr 3, 2008
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.

Share This Page