CISCO IOS – Dual Internet Connections without BGP enabled ISP

Dual-homed environments with different ISPs have usually meant that BGP must be used and that both ISPs must support BGP routing. Throughout this tutorial, I will show you how you can have mulitple ISPs without BGP or provider independant IP addresses. Tracking objects provide a means of removing static routes if the ISP cannot be contacted.

Here is a small drawing: Dual Internet with NAT

hostname Router 
 !
ip cef
!####Establish sla monitors for use in tracking objects####!
ip sla monitor 1
 type echo protocol ipIcmpEcho 12.34.45.1
 threshold 3 
 frequency 5
ip sla monitor schedule 1 life forever start-time now
ip sla monitor 2 
 type echo protocol ipIcmpEcho 23.34.56.1 
 threshold 3 
 frequency 5
ip sla monitor schedule 2 life forever start-time now
!
!####Configure Tracking objects (referencing IP SLA monitor’s above)####!
track 101 rtr 1 reachability
 ! 
 track 102 rtr 2 reachability 
 ! 
 ! 
 ! 
 ! 
 !####Configure Interfaces with NAT####!
interface FastEthernet0 
 ip address 192.168.1.254 255.255.255.0
 ip nat inside  
 ! 
 interface s0/0 
 ip address 12.34.45.2 255.255.255.0 
 ip nat outside  
 ! 
 interface s0/1 
 ip address 23.45.67.2 255.255.255.0 
 ip nat outside  
 ! 
 ip classless
!####Configure gateway of last resort with tracking objects####! 
 ip route 0.0.0.0 0.0.0.0 12.34.45.1 track 101 
 ip route 0.0.0.0 0.0.0.0 23.45.67.1 track 102
!####Configure NAT statements for most outbound traffic####! 
 ip nat inside source route-map ISP1 interface s0/0 overload 
 ip nat inside source route-map ISP2 interface s0/1 overload
!####Configure NAT statements for your mail server####! 
 !(remember to setup dns for mail on both public IP addresses)!
ip nat inside source static tcp 192.168.1.10 25 12.34.45.2 25 route-map ISP1 extendable 
 ip nat inside source static tcp 192.168.1.10 25 23.45.67.2 25 route-map ISP2 extendable 
 ! 
 ! 
 access-list 10 permit 192.168.1.0 0.0.0.255  
 ! 
 !####Configure route maps for reference in NAT statements####!
route-map ISP2 permit 10 
 match ip address 10 
 match interface s0/1
! 
 route-map ISP1 permit 10 
 match ip address 10 
 match interface s0/0 
 !

 

Cisco – Dual Internet Connections without BGP enabled ISP

This entry was posted in Uncategorized and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s