Re: Second ISP



On Oct 31, 8:41 am, Trendkill <jpma...@xxxxxxxxx> wrote:
On Oct 31, 10:38 am, "bobneworle...@xxxxxxxxx"



<bobneworle...@xxxxxxxxx> wrote:
On Oct 31, 8:17 am, Trendkill <jpma...@xxxxxxxxx> wrote:

On Oct 31, 8:28 am, Bob Simon <nob...@xxxxxxxxxxx> wrote:

If I add a second Internet feed and can't run BGP, how do I tell my
network to send traffic out via the new router?

BGP is just your EGP. All you need to do to make sure traffic goes
out both links is ensure that whatever routing protocol is running
between your network/core and the internet routers has equal costs or
a preferred metric for whatever internet pipe you wish to use. Also
make sure that the second ISP router does not have a better default
route out the other internet router, and is sending traffic out that
it receives from the core. All of this can be done with show ip route
0.0.0.0 commands.

Balancing internet traffic back in is a completely different story as
I'm sure you are aware......

Currently, the network is simple and there is only one way out so we
are only using static routes. This is a school and Internet access
via the school board is intermittent. We simply want to get cable or
DSL for an alternate path out and back. Does this require a routing
protocol? If so, will RIP do?

Static will load balance, but if one fails, you may be SOL. You could
do statics and point to the interface rather than the next hop (if its
point to point), but I would recommend a routing protocol. Rip should
do multi-path load balancing.

Here's a way to do it based on protocol:


! First setup object tracking to ping your ISP's routers.

ip sla 1
icmp-echo <ISP1 next hop IP>
timeout 1000
frequency 5
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo <ISP2 next hop IP>
timeout 1000
frequency 5
ip sla schedule 1 life forever start-time now

! Then define your default routes. We're going to use ISP 2 as the
preferred default route, since
! it has a lower metric. If the tracking object goes down, it will
failover to ISP2.

ip route 0.0.0.0 0.0.0.0 <ISP1 next hop IP> 20 track 1
ip route 0.0.0.0 0.0.0.0 <ISP2 next hop IP> track 2

! Now create the ACL that will match traffic you want to route
differently than your default route.

ip access-list extended PBR
permit tcp 10.233.165.0 0.0.0.255 any eq smtp
permit tcp 10.233.165.0 0.0.0.255 any eq www

! Setup the route map to match anything in the ACL to be routed out
ISP1. If the ISP1 upstream router is down, it will failover to ISP2
(our normal default route).

route-map RULES permit 10
description Tracking object routing - PBR ACL for bypass
match ip address PBR
set ip next-hop verify-availability <ISP1 next hop IP> 1 track 1

! Lastly, you need to setup NAT according to the ISP that you're
routing traffic to. Optional: Use a deny statement if you have lan to
lan vpn's.

ip access-list extended nat_rule
deny ip 10.233.160.0 0.0.31.255 10.233.148.0 0.0.0.255
permit ip 10.233.165.0 0.0.0.255 any

! Now create the route map to NAT according to which interface the
traffic is leaving.

route-map NAT_MAP_ISP2 permit 10
description To nat outbound traffic to ISP address block
match ip address nat_rule
match interface fa0/1
!
route-map NAT_MAP_ISP1 permit 10
description To nat outbound traffic to ISP address block
match ip address nat_rule
match interface fa0/2

! Dont' forget to put ip nat outside statements on each of your
Internet facing interfaces and ip nat inside on your LAN interface.

.



Relevant Pages

  • Re: Some thoughts of DECnet Phase IV vs. DECnet Phase V
    ... And so the router needs to understand those protocols, ... IS-IS helps with the question "where to pass the packets on". ... IS-IS was developed by DEC as routing protocol for DECnet Phase V. ...
    (comp.os.vms)
  • Re: Some thoughts of DECnet Phase IV vs. DECnet Phase V
    ... And so the router needs to understand those protocols, ... IS-IS was developed by DEC as routing protocol for DECnet Phase V. ... The router will receive the packet, ...
    (comp.os.vms)
  • Re: [Full-disclosure] Packet sniffing help needed
    ... > When you say manipulating the routing tables, ... their table, they would accept a 'more specific' 1.2.3.0/24 route, which ... now-failed router, thus making sure that outages stay limited - so that ... > for one of those machines then arp poison the router ...
    (Full-Disclosure)
  • Re: Routing Problem on OpenServer 5.0.6
    ... > I have one big problem with routing. ... > OSR506A route table: ... server to the network 129.12.130.0. ... router at 192.168.10.254 and need know nothing more about the route it takes. ...
    (comp.unix.sco.misc)
  • Re: Win2k3 LAN Routing Questions
    ... all you need to do is enable IP routing on the router. ... If there was no other network involved, you simply make the router the ... pretty straight forward as long as you can add a route to your NAT router. ... This is important because this router needs to know where your new subnet is ...
    (microsoft.public.windows.server.networking)