Multihoming without BGP using 2 ISP connections with PAT

Discussion in 'Cisco' started by pmachete, May 22, 2006.

  1. pmachete

    pmachete Guest

    Hi,

    My goal is to have 2 ISP connections, loadbalancing and redundant
    internet links in one single router.
    - Both ISP connections will have static ip addresses, one ip per isp.
    - If one fails, users will use the other connections for web access
    - if both are ok, loadbalancing will ocur
    - users will use PAT in one of the ISPs IP address
    - Web server and mail server will be configured with port redirect.
    - The ISP connections might be dsl and cable connections, so the
    maximum I can have is a PAT in both of the connections.
    - Load balancing will be controlled with equal metrics in the static
    routes

    My question is if this is possible to do with IOS.
    I have read a lot about multihoming with BGP but have not seen a good
    solution without BGP.
    My biggest question is if it is possible to have load balancing in PAT
    with static routes, and if this will work properly.
    I intend to have "route cache" active in order to avoid problems.

    Here's my proposed configuration:



    interface Ethernet0
    ip address 192.168.0.1 255.255.255.0
    ip nat inside
    !
    interface Ethernet1
    ip address 11.0.0.100 255.255.255.0
    ip nat outside
    ip route-cache
    !
    interface Ethernet2
    ip address 12.0.0.100 255.255.255.0
    ip nat outside
    ip route-cache
    !
    !
    ip nat inside source route-map isp1 interface Ethernet1 overload
    ip nat inside source route-map isp2 interface Ethernet2 overload
    !
    access-list 101 permit ip 192.168.0.0 0.0.0.255 any
    !
    route-map isp1 permit 10
    match ip address 101
    !
    route-map isp2 permit 10
    match ip address 101
    !
    ip route 0.0.0.0 0.0.0.0 ethernet1
    ip route 0.0.0.0 0.0.0.0 ethernet2


    Will this work?

    Thanks in advance for any tip/hint !

    Regards,
    Pedro Machete Pereira
     
    pmachete, May 22, 2006
    #1
    1. Advertisements

  2. pmachete

    Kevin Widner Guest

    My goal is to have 2 ISP connections, loadbalancing and redundant
    internet links in one single router.
    - Both ISP connections will have static ip addresses, one ip per isp.
    - If one fails, users will use the other connections for web access
    - if both are ok, loadbalancing will ocur
    - users will use PAT in one of the ISPs IP address
    - Web server and mail server will be configured with port redirect.
    - The ISP connections might be dsl and cable connections, so the
    maximum I can have is a PAT in both of the connections.
    - Load balancing will be controlled with equal metrics in the static
    routes

    ========================


    Why the redundancy in ISP connections but no 2nd router? I would
    purchase another router and then use glbp to load balance your
    connections.

    Anyway, the more difficult challenge is to automatically determine that
    ISP1 for instance has stopped forwarding traffic for some reason.
    Happens all the time that I still have a link from my cable modem, but
    I do not have a functioning internet connection. To try to and solve
    for this, check out this document:

    http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124tcg/tiap_c/taipbtrk.htm

    Specifically the ip-route reachibility section.

    -k
     
    Kevin Widner, May 22, 2006
    #2
    1. Advertisements

  3. pmachete

    pmachete Guest

    Hi Kevin,

    Thank you for your answer. This concepts are new to me.
    Would glbp and enhanced object tracking work in a single router?

    Thanks,
    Pedro
     
    pmachete, May 24, 2006
    #3
  4. pmachete

    Kevin Widner Guest


    You wouldn't use glbp with just one router. I'm not sure if you can use
    the object tracking to increment a static route's administrative
    distance based on a test, but if you could that would be the route to
    go. You might just have to read up on it or maybe someone else can
    answer that for you. I don't see any examples of it being used that
    way, but it would sure be a good feature.

    Best way to accomplish what you are trying to do is with two routers.
    That is true redundancy anyway. Your two ISP connections won't help
    much when your 1 router goes down.
     
    Kevin Widner, May 31, 2006
    #4
  5. pmachete

    pmachete Guest

    pmachete, Jun 4, 2006
    #5
  6. Actually, if you compare the failure rate of typical ISP links with the
    failure rate of typical Cisco routers, you'll find that it is not that bad
    a redundancy solution. But you may get burnt by a few other factors, such
    as failure of your NAT tables to be invalidated when an ISP goes down but
    the link stays up (if the NAT is being done in the router). Assuming you
    get the NAT right, the users will also see all their connections fail when
    you do a fail over (because their outside IP address has changed), but that
    usually is not a major issue for web surfing unless they are watching
    videos or otherwise keeping a single link active for a significant period
    of time.

    This issue has been addressed many times over the past few years and would
    be in the FAQ if Hansang ever got around to updating it (or released
    control to a new maintainer). Try a search on "ping based routing" which is
    the classic technique used. Be aware that while there are multiple traps if
    you use Cisco IOS routers to do the job rather than a cheap SOHO router
    designed for the purpose, and that many of the cheap routers which claim to
    have that feature have a tendency to lock up and need rebooting far more
    frequently than the ISP links have problems, negating their contribution to
    availability.

    Good luck and have fun!
     
    Vincent C Jones, Jun 16, 2006
    #6
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.