From: fferrer10@vodafone.es
Date: Fri Jan 07 2005 - 08:06:21 GMT-3
Matt:
Firstly, thank you very much for the info.
The sample you provided is good if you aren't using DIALER interfaces
to control the internet access (ADSL on mi case, as i have said on my
previous mail).
Our provider uses some way of ppp over atm on these adsl, and the
tipical config at the adsl router is like this one:
interface ATM0/0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
interface Dialer1
ip address negotiated
ip nat outside
encapsulation ppp
dialer pool 1
ppp chap hostname PA281XI1
ppp chap password 7 032B032A2C5C157E7A
As you can suppose, the problem i have is that a DIALER interfaz is
always UP/UP (spoofing), no matters how the access line (adsl) is up or
down. Then, if one of the 2 adsl i have to go out fails, i can't access
to internet via the another one.
I have tried to configure this adsl with a virtual-template interface,
instead the dialer interface, but i can't achieve that the remote end
gives me the ip public address to work with this config...
Have anyone seen a problem like this and knows a solution?
Regards
----- Mensaje Original -----
De: Matt Mullen <mullenm@gmail.com>
Fecha: Martes, Enero 4, 2005 10:17 pm
Asunto: Re: conditional NAT
> Hi,
>
> Here is a configuration that will allow traffic to be port address
> translated to the public IP address on the interface which the traffic
> is leaving. The key is the 'match interface' command on the
> route-map which causes the traffic to be translated based on the
> interface that it is passing through. If one interface goes
> down,
> traffic will always leave the other one that is up and will be
> translated to the public IP of that interface.
>
> interface Serial0
> Description ISP-A
> ip address 88.88.88.88 255.255.255.252
> ip nat outside
>
> interface Serial1
> Description ISP-B
> ip address 99.99.99.99 255.255.255.252
> ip nat outside
>
> interface Ethernet0
> Description Inside
> ip address 10.1.1.1 255.255.255.0
>
> ip nat inside source route-map ISP-A interface Serial0 overload
> ip nat inside source route-map ISP-B interface Serial1 overload
>
> route-map ISP-A permit 10
> match interface Serial0
> match access-group 100
>
> route-map ISP-B permit 10
> match interface Serial1
> match access-group 100
>
> access-list 100 permit ip 10.1.1.0 0.0.0.255 any
>
>
> HTH,
> Matt
>
>
>
>
> On Tue, 04 Jan 2005 19:44:59 +0100, fferrer10@vodafone.es
> <fferrer10@vodafone.es> wrote:
> > Hi group:
> >
> > Anyone knows a way to configure some form of "conditional natting"?
> > This is, i have 1 router with 2 adsl interfaces to connect to
> internet,> and i want to load balance the traffic using both the
> interfaces...then> i thought: well, maybe using policy based
> routing i could redirect a
> > group of internal subnets to one interface and the another group
> to the
> > other configuring a route-map like this one:
> >
> > route-map salidaeth permit 10
> > match ip address 101
> > set default interface atm0/0 atm0/1
> > !
> > route-map salidaeth permit 20
> > description toINTERNET
> > match ip address 102
> > set default interface atm0/1 atm0/0
> >
> > Where 101, 102 are ACL matching the subnets i said...
> >
> > However, this router must also do the natting, and i only have
> the 2
> > public ip addresses of the adsl interfaces to use, and i must assure
> > that if one adsl interface goes down, all the traffic use the
> other adsl
> > interface to go to internet. Also i can't use BGP on this router.
> >
> > Then, i'm wondering if there is any way to nat the subnets
> matching 101
> > acl to the ip of atm0/0 if this atm0/0 is up, and to nat them to
> the ip
> > of the atm0/1 if that it is down (and similarly with the other
> group of
> > subnets).
> >
> > Regards
> >
> >
>
This archive was generated by hypermail 2.1.4 : Wed Feb 02 2005 - 22:10:19 GMT-3