双ISP接入,实现负载负载均衡相互备份和策略路由
实验环境:R1上联线路分别为R2和R3,R2、R3、R4通过OSPF进行通信实验目的:让C1默认通过R1与R2的连接访问R4,如果R1与R2的线路中断,那则通过R1与R3的线路访问R4.让C2默认通过R1与R3的连接访问R4,如果R1与R3的线路中断,那则通过R1与R2的线路访问R4.
配置如下:
R1(config-if)#do sh runBuilding configuration...
Current configuration : 2055 bytes!version 12.4service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname R1!boot-start-markerboot-end-marker!!no aaa new-modelmemory-size iomem 5ip cef!!!!no ip domain lookupip domain name lab.local!multilink bundle-name authenticated!!!!!!!!!!!interface FastEthernet0/0ip address 10.10.10.2 255.255.255.0ip nat outsideip virtual-reassemblyshutdownduplex autospeed auto!interface FastEthernet0/1ip address 192.168.1.2 255.255.255.0ip nat outsideip virtual-reassemblyduplex autospeed auto!interface FastEthernet1/0ip address 40.40.40.1 255.255.255.0 secondaryip address 30.30.30.1 255.255.255.0ip nat insideip virtual-reassemblyip policy route-map load注:将策略路由load,应用到访f1/0口duplex autospeed auto!ip route 0.0.0.0 0.0.0.0 192.168.1.1ip route 0.0.0.0 0.0.0.0 10.10.10.1!!no ip http serverno ip http secure-server
ip nat inside source route-map test1 interface FastEthernet0/0 overload
注:如果是去往R2,转换出口为fa0/0口,正常去往R2时就拿fa0/0公网地址进行转换
ip nat inside source route-map test2 interface FastEthernet0/1 overload
注:如果是去往R2,转换出口为FA0/1口,作用就是当去往R2主接口FA0/0 down掉,这时只有拿FA0/1接口的公网地址进行转换。
ip nat inside source route-map test3 interface FastEthernet0/1 overload
注:如果是去往R3,转换出口为fa0/1口,正常去往R3时就拿fa0/1公网地址进行转换
ip nat inside source route-map test4 interface FastEthernet0/0 overload
注:如果是去往R3,转换出口为FA0/0口,作用就是当去往R3主接口FA0/1 down掉,这时只有拿FA0/0接口的公网地址进行转换。
access-list 1 permit 30.30.30.0 0.0.0.255
注:允许30.30.30.0网段访问。
access-list 2 permit 40.40.40.0 0.0.0.255
注:允许40.40.40.0网段访问。!!route-map load permit 10match ip address 1set interface FastEthernet0/0set default interface FastEthernet0/1
注:策略路由名为load,匹配去往R2的,设置出口为FA0/0口(电信出口),如果FA0/0 DOWN掉,设置默认出口为FA0/1口(与R3出口)。!route-map load permit 20match ip address 2set interface FastEthernet0/1set default interface FastEthernet0/0
注:如果没有匹配10,则往下匹配20,匹配去往R3网段的地址,设置出口为FA0/1口,如果FA0/1 DOWN掉,设置默认出口为FA0/0口(与R2出口)。!route-map test4 permit 10match ip address 2match interface FastEthernet0/0
注:即要匹配去往R3的地址段,也要匹配出口为FA0/0口。同时满足这两个条件,就给它做nat转换。这条语句主要是做备份用的,当fa0/1口DOWN掉时,这里就只有fa0/0口可以用!route-map test2 permit 10match ip address 1match interface FastEthernet0/1
注:即要匹配去往R2的地址段,也要匹配出口为FA0/1口。同时满足这两个条件,就给它做nat转换。这条语句主要是做备份用的,当fa0/0口DOWN掉时,这里就只有fa0/1口可以用!
route-map test3 permit 10match ip address 2match interface FastEthernet0/1
注:即要匹配去往R3的地址段,也要匹配出口为FA0/1口。同时满足这两个条件,就给它做nat转换。!route-map test1 permit 10match ip address 1match interface FastEthernet0/0
注:即要匹配去往R2的地址段,也要匹配出口为FA0/0(电信出口)。同时满足这两个条件,就给它做nat转换。!!!!control-plane!!!line con 0exec-timeout 0 0privilege level 15logging synchronousline aux 0exec-timeout 0 0privilege level 15logging synchronousline vty 0 4login!!end
解释就是掩饰,掩饰就是编故事! 生,容易。活,容易。生活,不容易。 路过,学习下 读书读到抽筋处,文思方能如尿崩! ■■ヽ︶ㄣ还记得你说过你会娶莪吗? 他们都说人生就像茶几摆满杯具,而我却觉得人生似乎更像是刷牙。
页:
[1]