Link to home
Start Free TrialLog in
Avatar of Sri M
Sri MFlag for United Arab Emirates

asked on

Static routing

Hello,

We have a rack in a Data Center and have an internet connection from a carrier. There is a small Cisco router 3XXX and large managed Cisco router both installed by carrier who provided us internet in front of our Endian firewall. Initially they provided 91.72.219.32/30 where 91.72.219.34 is usable IP. We assigned the ip 91.72.219.34 to our firewall external interface and all working good. Now we requested another usable IP address and they mentioned 91.72.219.28/30 is our new subnet where 91.72.219.30 is usable ip address. However they informed us that 91.72.219.28/30 is our primary subnet where we are confused as we are using .32/30 subnet already. Below is what their activation network engineer wrote.


"Customer using  2 *Subnets  91.72.219.28/30 (Primary )one , another Subnet 91.72.219.32/30  static route configured . Customer also need to Configure the Static route from his end also.

Static route configuration we are pointing CM Primary Usable IP to the Static route subnet.  If customer  facing any issue,  we will coordinate CM."



Can any expert advise where we should configure this static route? Is it on Endian? or do we need to get another cisco router to do all of this? We have a network consultant who says he is unable to understand the carrier architecture and where he should configure the static route despite having 15 years of experience

Can any one throw some light over the same asap we are supposed to go live with a webserver yesterday however unable to do so due to this

Thank you in advance
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

Why don't they just give it to you from your available list in  91.72.219.32 - 91.72.219.35 range?  What you wanted was 91.72.219.32 or .33 or .35.  Perhaps you would need another modem to use the new ip address.

Previously everything that was sent to  91.72.219.32/30  was sent to 91.72.219.34 via a static route. Do you in fact need 5 ip addresses  You apparently now have 8 ip addresses
Avatar of Sri M

ASKER

Hi David,

Agree with you. This was our expectation and we are puzzled why they have given it that way. When we requested for clarification below is what they replied on an earlier occasion

Activation team wrote as below

Please find below the details as requested for both the IP ranges.

Network ID:  91.72.219.28/30
Gateway:      91.72.219.29
Usable IP Pool: 91.72.219.30
Broad Cast: 91.72.219.31
Subnet Mask: 255.255.255.252

Total IPs assigned : As per system record on these IPs are assigned i.e. 4 by default IPs out of which 1 is usable and 4 additional out of which another 2 are usable.

 Network ID: 91.72.219.32/30 (Static route) Pointed to 91.72.219.30
Gateway: 91.72.219.29
Usable IP Pool: 91.72.219.33 -34
Broad Cast: 91.72.219.35
Subnet Mask: 255.255.255.252


Here above they mentioned two usable IP Pool 33 and 34 however on an earlier communication they mentioned 33 is our gateway. While double checking with carrier support they said only 34 is usable ip address  as .33 is our gateway and we need to do a static route to use 91.72.219.30. Its different conflicting answers from same carrier team

Are you able to make anything out of this?

Hope this helps and looking forward for your suggestion

Thank you
ISP can provide static route that can point to your current .30 address that will point that address as next hop to yours 33 and 34 addresses.
If on their router that is facing your router is route and your router address is .30
ip route 91.72.219.32 255.255.255.252 91.72.219.30
then all traffic for .33 and .34 will be forwarded to 91.72.219.30

I guess that you just need to create nat associations for those addresses and define nat pool for .33 and .34 and just send traffic out of your router with those addresses as those are assigned to router's interface. It is very common setup (I had no chance to do that yet in real world, but I had it during some presentations :( ).
Avatar of Sri M

ASKER

Hi

Thank you all. Now I created a Static route as below and I could ping all IP addresses under 91.72.219.28/30 subnet.

Static Route:
Internal network        Destination             via
192.168.2.0                     91.72.219.28/30       via Main uplink which is 91.72.219.33 gateway

Now I want to two different things

1. Use my usable IP address in this subnet which is 91.72.219.30 and NAT all incoming requests on this usable IP to an internal IP address 192.168.2.X

2. Similarly I want to Source NAT the internal IP 192.168.2.x to 91.72.219.30 for all outbound traffic

I tried natting but unable to make it work

Thank you in advance
ASKER CERTIFIED SOLUTION
Avatar of Predrag Jovic
Predrag Jovic
Flag of Poland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Sri M

ASKER

Hi Predrag Jovic,

Thank you for your reply.

I already tried both your suggestion before my post itself for which you replied. When I did the NAT its not working. When I did the Source NAT Internal IP to 91.72.219.30 the host is loosing internet connection. My question do we need to do anything else for the NAT to work and reach the internal IP? apart from NAT

Regards
normaly when you have an routed subnet to a cisco device you need to add an route like this
 ip route <extra ip range> <extra ip range subnet> wan local wan interface

can you provide the configuration of the router ?
Avatar of Sri M

ASKER

Dear All,

The operator team seems to have done the complicated way. I had to sit with their team to explain we don't need such complicated network and requested them to remove all existing subnets and provide one single subnet  with several usable ip addresses which solved the issue. However seems in earlier scenario we had to do several static ip routing and nats to make it work which is unnecessary in our case.

Thanks to you all for help understanding the issue.

Regards
Avatar of Sri M

ASKER

This seems to be the case and how operator wanted us to use.. however since we need several ip's we had to ask them to change and provide one single subnet with large usable pool of IP's