最近客户新加了条电信的线路(之前是使用联通的),需要做双线路负载均衡,访问联通网站时走联通线路,默认时走电信线路。在这里随便复习一下在cisco路由器上实现该功能,如下图:
Eg:
拓扑描述:R3是公司路由器F0/1接内网,NAT内部地址上外网;R1,R4模拟电信外部网络;R2,R5模拟联通外部网络。
R3接口基本配置:
interface FastEthernet0/1
ip address 192.168.1.1 255.255.255.0
description R1 LAN
ip nat inside
interface FastEthernet1/1
ip address 21.21.21.1 255.255.255.0
description R1---->ISP1
ip nat outside
interface FastEthernet1/0
ip address 12.12.12.1 255.255.255.0
description R1---->ISP1
ip nat outside
======================================
R1接口配置:
interface FastEthernet1/0
ip address 12.12.12.2 255.255.255.0
interface FastEthernet1/1
ip address 14.14.14.1 255.255.255.0
=======================================
R2接口配置:
interface FastEthernet1/0
ip address 21.21.21.2 255.255.255.0
interface FastEthernet1/1
ip address 25.25.25.1 255.255.255.0
========================================
1.配置NAT列表:
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
2. 配置动态地址池:
ip nat pool isp1 12.12.12.1 12.12.12.1 netmask 255.255.255.0
ip nat pool isp2 21.21.21.1 21.21.21.1 netmask 255.255.255.0
3. 配置路由策略 :
route-map isp2 permit 1
match ip address 100
match interface FastEthernet1/0
route-map isp1 permit 1
match ip address 100
match interface FastEthernet1/1
4.配置IP SLA:
ip sla 1
icmp-echo 12.12.12.2 source-ip 12.12.12.1
frequency 20
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 21.21.21.2 source-ip 21.21.21.1
frequency 20
ip sla schedule 2 life forever start-time now
track 10 ip sla 1 reachability
track 20 ip sla 2 reachability
5. 映射NAT列表:
ip nat inside source route-map isp1 pool isp1 overload
ip nat inside source route-map isp2 pool isp2 overload
6. 配置路由:
ip route 0.0.0.0 0.0.0.0 12.12.12.2 track 10
ip route 0.0.0.0 0.0.0.0 21.21.21.2 track 20--------配合sla实现双线路冗余,默认配置下cisco路由器是基于目标地址负载均衡
ip route 25.25.25.0 255.255.255.0 21.21.21.2--------实现访问联通网络时从联通线路出外网
将全国的联通地址段全部添加到静态路由表中
验证:
R3#show ip route
Gateway of last resort is 21.21.21.2 to network 0.0.0.0
21.0.0.0/24 is subnetted, 1 subnets
C 21.21.21.0 is directly connected, FastEthernet1/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, FastEthernet1/1
C 192.168.1.0/24 is directly connected, Loopback1
S* 0.0.0.0/0 [1/0] via 21.21.21.2 -----------------显示两条默认路由
[1/0] via 12.12.12.2
R3#traceroute 25.25.25.2 source 192.168.1.1
Type escape sequence to abort.
Tracing the route to 25.25.25.2
1 21.21.21.2 40 msec 76 msec 60 msec ------从联通线路出外网
2 25.25.25.2 80 msec * 76 msec
Eg:
R3接口基本配置:
interface FastEthernet0/1
ip address 192.168.1.1 255.255.255.0
description R1 LAN
ip nat inside
interface FastEthernet1/1
ip address 21.21.21.1 255.255.255.0
description R1---->ISP1
ip nat outside
interface FastEthernet1/0
ip address 12.12.12.1 255.255.255.0
description R1---->ISP1
ip nat outside
======================================
R1接口配置:
interface FastEthernet1/0
ip address 12.12.12.2 255.255.255.0
interface FastEthernet1/1
ip address 14.14.14.1 255.255.255.0
=======================================
R2接口配置:
interface FastEthernet1/0
ip address 21.21.21.2 255.255.255.0
interface FastEthernet1/1
ip address 25.25.25.1 255.255.255.0
========================================
1.配置NAT列表:
access-list 100 permit ip 192.168.1.0 0.0.0.255 any
2. 配置动态地址池:
ip nat pool isp1 12.12.12.1 12.12.12.1 netmask 255.255.255.0
ip nat pool isp2 21.21.21.1 21.21.21.1 netmask 255.255.255.0
3. 配置路由策略 :
route-map isp2 permit 1
match ip address 100
match interface FastEthernet1/0
route-map isp1 permit 1
match ip address 100
match interface FastEthernet1/1
4.配置IP SLA:
ip sla 1
icmp-echo 12.12.12.2 source-ip 12.12.12.1
frequency 20
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 21.21.21.2 source-ip 21.21.21.1
frequency 20
ip sla schedule 2 life forever start-time now
track 10 ip sla 1 reachability
track 20 ip sla 2 reachability
5. 映射NAT列表:
ip nat inside source route-map isp1 pool isp1 overload
ip nat inside source route-map isp2 pool isp2 overload
6. 配置路由:
ip route 0.0.0.0 0.0.0.0 12.12.12.2 track 10
ip route 0.0.0.0 0.0.0.0 21.21.21.2 track 20--------配合sla实现双线路冗余,默认配置下cisco路由器是基于目标地址负载均衡
ip route 25.25.25.0 255.255.255.0 21.21.21.2--------实现访问联通网络时从联通线路出外网
将全国的联通地址段全部添加到静态路由表中
验证:
R3#show ip route
Gateway of last resort is 21.21.21.2 to network 0.0.0.0
21.0.0.0/24 is subnetted, 1 subnets
C 21.21.21.0 is directly connected, FastEthernet1/0
12.0.0.0/24 is subnetted, 1 subnets
C 12.12.12.0 is directly connected, FastEthernet1/1
C 192.168.1.0/24 is directly connected, Loopback1
S* 0.0.0.0/0 [1/0] via 21.21.21.2 -----------------显示两条默认路由
[1/0] via 12.12.12.2
R3#traceroute 25.25.25.2 source 192.168.1.1
Type escape sequence to abort.
Tracing the route to 25.25.25.2
1 21.21.21.2 40 msec 76 msec 60 msec ------从联通线路出外网
2 25.25.25.2 80 msec * 76 msec
