• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 335
  • Last Modified:

Route Map for 2 ISP's and a Load Balancer

This is the setup that I want to implement:-

                                         #########(1.1.1.2)             (1.1.1.1)##########
                  ISP1 (S0/0)-----#                #Eth 0/0-----------------Eth0#                  #
                                         #ROUTER    #                     #    Load        #----------Internal N/W
                  ISP2 (S0/1)-----#                 #Eth 0/1-----------------Eth1#   Balancer   #
                                         #########(2.2.2.1)             (2.2.2.2)##########


Initially I had 2 different routers, one for each ISP and it was simple to implement as all i had to was define default routing and it used to work.But now I need to terminate both the ISP's on the same router and hence default route wont work.
I want that any traffic from ETH0 of loadbalancer should go out through ISP1 and similarly any traffic from ETH1 of loadbalancer should go out through ISP2.
My router is not doing natting as it is already being taken care by the loadbalancer. All it needs to do is to forward traffic to the respective ISP's.

Can someone help me with optimized Source based routing configuration for this?
Thanks
Sid
0
siddharthaparti
Asked:
siddharthaparti
  • 7
  • 5
1 Solution
 
rsivanandanCommented:
On router;

access-list 100 permit ip 1.1.1.0 0.0.0.255
access-list 200 permit ip 2.2.2.0 0.0.0.255

route-map OUT permit 10
match access-list 100
set ip next-hop <ISP1 Interface>

route-map OUT permit 20
match access-list 200
set next-hop <ISP2 Interface>

int eth0/0
ip policy route-map OUT

int eth0.1
ip policy route-map OUT

Link for reference;

http://www.cisco.com/en/US/tech/tk364/technologies_configuration_example09186a00802135d3.shtml

Cheers,
Rajesh
0
 
siddharthapartiAuthor Commented:
Hey Rajesh
I guess the commands that you have mentioned are for Cisco Catalyst Switches. I am using a cisco 2600 series router here. I guess it would be a little different here.
Sid
0
 
rsivanandanCommented:
It works for them as well. Just give it a try. They are generic route-map commands, all you need to check is, login to the device and type rout? and see if it is listed there. It will be.

Cheers,
Rajesh
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
siddharthapartiAuthor Commented:
Hi
just one difference in command
match ip address <access List No.>

But the problem that I am facing is with the access list. When I give a standard access list and permit the ip 1.1.1.1 then I am able to ping the outside world only from the load balancer. I am not able to ping any public ip from my  router.
This subnet has a /27 mask.
Can you help me with the access list ?
0
 
rsivanandanCommented:
Do this;

access-list 100 permit ip 1.1.1.0 0.0.0.255 any established

I presume that you don't have any webserver or something inside your network.

Cheers,
Rajesh
0
 
siddharthapartiAuthor Commented:
hmmmm
it's strange i have tried this also. This is the config that i have fed:-
interface FastEthernet0/1
 ip address 1.1.1.2 255.255.255.224
 ip policy route-map OUT

access-list 100 permit ip 1.1.1.0 0.0.0.255 any (have tried any any also but that didnt work either)
route-map OUT permit 10
 match ip address 100
 set ip next-hop X.X.X.X(Remote end ip for the serial link)  
The serial link is a IP over frame relay.

I still havent terminated the other link and was testing this on one of the links. No we dont have a websever on our network. behind the loadbalancer we have the pix outside interface which has the loadbalancer as the gateway for outside.
0
 
rsivanandanCommented:
The access-list basically refers to the natted address right ? I mean, the 1.1.1.x we are talking about is the ip after load balancer has natted it ?

Cheers,
Rajesh
0
 
rsivanandanCommented:
Also post the configuration of the router.

Cheers,
Rajesh
0
 
siddharthapartiAuthor Commented:
Sorry for the delay. Was not in office for the last few days. The config is as follows.
Yes the ip 1.1.1.0 subnet is after we the load balancer has natted it.

interface Serial0/0
 no ip address
 encapsulation frame-relay IETF
 ip route-cache flow
 no fair-queue
 frame-relay lmi-type ansi
!
interface Serial0/0.50 point-to-point
 ip address X.X.X.X 255.255.255.252
 frame-relay interface-dlci 50
!
interface FastEthernet0/1
 ip address 1.1.1.X 255.255.255.224
  ip policy route-map OUT
 speed auto


access-list 100 permit ip 1.1.1.10 any
route-map OUT permit 10
 match ip address 100
 set ip next-hop x.x.x.x


Thanks
Sid
0
 
rsivanandanCommented:
>>access-list 100 permit ip 1.1.1.10 any

Change that to;

access-list 100 permit ip host 1.1.1.10 any

See if it helps.

Cheers,
Rajesh
0
 
siddharthapartiAuthor Commented:
Hi
Been a long time since I attended to this. reason being there was some problem with my Loadbalanceer because of which it was not routing traffic to the interface. Now I have terminated both the links on the same router and it's working fine. Thanks for your help
0
 
rsivanandanCommented:
thnx for the points and glad that you got it resolved.

Cheers,
Rajesh
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 7
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now