From: Huan Pham (huan.pham@valuenet.com.au)
Date: Fri Feb 08 2008 - 05:54:47 ARST
Hi,
If you use private IP addresses in your LAN, then you can not advertise that
out to the Internet via BGP. Running BGP with ISP makes no sense in this
case.
You can use two static default routes, and NAT (actually PAT) your LAN
address to the 2 WAN addresses. Traffic to different destinations, from
different hosts, different applications normally go out via different WAN.
Incoming traffic from the Internet will comeback via the same link as the
outgoing traffic on, because your traffic appears to the Internet as
originating from your WAN IP addresses. Example NAT config below.
If you have a public IP, and you would like to run BGP, then you can just
need to add maximum-path 2 under BGP, so that you will see two routes to the
Internet. Load-share is achieved over the time and you do not have control
of what WAN your traffic (incoming/outgoing) would take. It's a random
process (by default per-destination).
Otherwise, for more control you can do policy routing to force half of your
LAN to go out via one WAN, and the rest via other VLAN. This is for outgoing
direction. For incoming, you can advertise a more specific subnet /25 for
example via one WAN, in addition to the /24 via one WAN. For the other WAN,
you advertise the other half /25 and the full /24.
NAT config for private address:
!
interface FastEthernet0/0
description LAN
ip address 192.168.0.1 255.255.255.0
ip nat inside
!
!
interface Serial1/0
description WAN1
ip address 13.0.0.1 255.255.255.252
ip nat outside
!
interface Serial1/1
description WAN2
ip address 13.1.1.1 255.255.255.252
ip nat outside
!
ip route 0.0.0.0 0.0.0.0 13.0.0.2
ip route 0.0.0.0 0.0.0.0 13.1.1.2
!
ip nat inside source route-map NAT_SERIAL0 interface Serial1/0 overload
ip nat inside source route-map NAT_SERIAL1 interface Serial1/1 overload
!
ip access-list standard LAN
permit 192.168.0.0 0.0.0.255
!
!
route-map NAT_SERIAL0 permit 10
match ip address LAN
match interface Serial1/0
!
route-map NAT_SERIAL1 permit 10
match ip address LAN
match interface Serial1/1
If I perform ping test from a host on the LAN to different destination goes
via two different WAN links.
R1#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 13.1.1.1:41 192.168.0.13:41 3.3.3.3:41 3.3.3.3:41
icmp 13.0.0.1:42 192.168.0.13:42 4.4.4.4:42 4.4.4.4:42
You would get reasonable load-share ratio when you have many sessions going
on (e.g. from different PC, to different destination, and running different
applications). Each session only sticks to one WAN link until the NAT
translation for that session expires.
Chamara Peris <dimsyboy@gmail.com> wrote:
Hi Guys,
I have a cisco 1841 router with 2x ADSL Wics. And two adsl connections
from
same ISP connect to the router. My questions are
1) How to do a load balancing WITH BGP
2) Is there a way to do a load balancing on both links without BGP?
Small diagram as follows.
ISP Link1 ISP Link2
| |
| |
---------------------
Cisco 1814
---------------------
| Lan 192.168.xx.xx
Thanks Heaps
CP
This archive was generated by hypermail 2.1.4 : Sat Mar 01 2008 - 16:54:47 ARST