[c-nsp] Load balancing via 2 ISP + NAT
Rodney Dunn
rodunn at cisco.com
Thu Dec 2 12:13:28 EST 2004
Never send out an ascii diagram that doesn't
fix in an 80 column window.
/-ISP1(10.0.0.1/30)
LAN--(nat inside)Router
(10.0.2.1/24) \
-ISP2 (10.0.1.1/30)(nat outside)
What is your ISP1 connection?
Is your interface address a global one from the provider?
When you put 10.x.x.x addresses everywhere in your diagram
it makes it appear as though everything is private.
Were you given some global addresses to use?
If so from what provider?
Rodney
On Thu, Dec 02, 2004 at 09:37:17AM +0200, Sorin CONSTANTINESCU wrote:
> Hi,
>
> I have an implementation for a customer which peers with 2 different
> ISPs. The customer doesn't have an AS number and uses for the LAN
> addresses from one of the provides. When traffic goes through the
> interface of the second ISP, the source address is NATed.
> -----ISP1
> (10.0.0.1/30)---------------------------
> /
> LAN -- (nat inside) Router
> (10.0.2.1/24) \
> -------ISP2 (10.0.1.1/30)(nat outside) ------
>
> There are 2 BGP feeds receiving ~1500 prefixes and a default route via ISP2.
>
> The problem i'm facing is that when i receive a packet for the LAN
> (10.0.2.10) from an IP address reachable via ISP2, the packet is
> rewrited by NAT with the source address 10.0.1.1 (ISP2), this breaking
> the connections initiated from outside.
>
> I know the setup is really weired, but we had to find something
> suitable for load balancing over 2 ISP without PI address and public
> AS.
>
> Do you know how i can avoid this problem?
>
> TIA
> --
> Sorin CONSTANTINESCU
> consta at gmail.com
> Linux Registered User #222086
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list