Policy Based Source Routing over two WAN Links with NAT
Thanks to: http://jordansciscos.blogspot.com/
The scenario is that I have two Internet links. One over Ethernet and the other over ADSL. I want to push particular hosts on my internal LAN out through the ADSL and the others out through the Ethernet link.
192.168.0.0/24 = LAN Subnet
FastEthernet0/0 = LAN Interface
FastEthernet0/1 = Internet Connection 1 (Fibre/Cable)
Dialer1 = Internet Connection 2 (ADSL)
interface FastEthernet0/0
192.168.0.0/24 = LAN Subnet
FastEthernet0/0 = LAN Interface
FastEthernet0/1 = Internet Connection 1 (Fibre/Cable)
Dialer1 = Internet Connection 2 (ADSL)
interface FastEthernet0/0
ip policy route-map PBR
The above defines the internal LAN interface to be assigned to the "PBR" route-map which we will define below.
ip nat inside
The above defines the internal LAN interface to be assigned to the "PBR" route-map which we will define below.
ip nat inside
!
ip nat inside source route-map ADSL-Only interface Dialer1 overload
Specifies that all NAT must adhere to the ADSL-Only and LAN route-maps defined later
Specifies that all NAT must adhere to the ADSL-Only and LAN route-maps defined later
ip nat inside source route-map LAN interface FastEthernet0/1 overload
!
ip access-list extended ADSL-Only
My two hosts that I want to go out over ADSL
My two hosts that I want to go out over ADSL
permit ip host 192.168.0.15 any
permit ip host 192.168.0.10 any
!
ip access-list extended LAN
My LAN subnet
My LAN subnet
permit ip 192.168.0.0 0.0.0.255 any
!
route-map ADSL-Only permit 10
Match this Route-Map to the ADSL-Only ACL above and match it to outbound interface Dialer1. This is for the NAT aspect of routing.
Match this Route-Map to the ADSL-Only ACL above and match it to outbound interface Dialer1. This is for the NAT aspect of routing.
match ip address ADSL-Only
match interface Dialer1
!
route-map LAN permit 20
Match this Route-Map to the LAN ACL above and match it to outbound interface F0/1. This is for the NAT aspect of routing.
Match this Route-Map to the LAN ACL above and match it to outbound interface F0/1. This is for the NAT aspect of routing.
match ip address LAN
match interface FastEthernet0/1
!
route-map PBR permit 10
Our PBR route-map bound to our internal LAN interface to match ADSL-Only ACL and pump all traffic out thought Dialer1. Since my ADSL does not have a static default or next-hop IP, the "set interface Dialer1" is used instead of "set ip next-hop <ip>"
Our PBR route-map bound to our internal LAN interface to match ADSL-Only ACL and pump all traffic out thought Dialer1. Since my ADSL does not have a static default or next-hop IP, the "set interface Dialer1" is used instead of "set ip next-hop <ip>"
match ip address ADSL-Only
set interface Dialer1
!
route-map PBR permit 20
match ip address LAN
set ip next-hop 10.112.8.1
!
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1 10.112.8.1
Route Maps dont apply to the router itself. Specifying an ip route here means that the router itself has a default route to use.
Route Maps dont apply to the router itself. Specifying an ip route here means that the router itself has a default route to use.
Comentarios
Publicar un comentario
Dime si la información de este blog te sirvio.