[c-nsp] Backup/redundant internet connection

Bill admin at vci.net
Wed Dec 13 14:39:57 EST 2006 

        Sorry, I didn't catch that point. I've never seen a "ip nat inside
source..." config that didn't reference the outside interface as the global
address like this before (or missed it). I reread this thread and there were
2 or 3 people that referenced this method. I currently have this working
using the Loopback interface as mentioned. My config is shown below.

    With this portion completed that leaves me with two more requirements.

        1) Establish routing so that the DSL circuit automatically takes
over if the fiber connection goes down. We've talked about BGP but the fiber
terminates on an Alcatel switch and the DSL fiber terminates on a Cisco
switch. Are there alternative methods?

        2) Some of my customers have 4,8,16 or more addresses with
router-to-router VPN and web/email servers. The addresses they use for these
should not change if the fiber goes down and DSL takes over. The NAT config
ensures their outgoing HTTP and such traffic remains at the same IP address
but what about these other IP addresses? How can I setup all of this so
these services continue to work if the fiber goes down? Do they need
additional Loopbacks for the VPNs and another subnet for the web/email
servers?


interface Loopback0
  desc Interface for NATing
 ip address xx.yy.164.1 255.255.255.255

interface FastEthernet0/0
  desc Fiber interface
 ip address xx.yy.181.2 255.255.255.252
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto

interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 no ip virtual-reassembly
 duplex auto
 speed auto

interface Ethernet1/0
  desc DSL interface
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 half-duplex

ip nat inside source list 100 interface Loopback0 overload

access-list 100 permit ip 192.168.1.0 0.0.0.255 any

ip route 0.0.0.0 0.0.0.0 xx.yy.181.1
ip route 0.0.0.0 0.0.0.0 xx.yy.189.1  10

      Bill



----- Original Message ----- 
From: Tim Franklin
To: cisco-nsp at puck.nether.net
Sent: Wednesday, December 13, 2006 4:51 AM
Subject: Re: [c-nsp] Backup/redundant internet connection


>     I understand how to configure NAT but that doesn't answer
> the question.
> The question was how to configure NAT on a loopback interface
> and then route
> the outbound traffic to that loopback interface.

But why would you need to do that?

If you want it go out of one WAN interface or the other, but be NATed to
have a source address of the loopback, you don't need to have the loopback
as an outside interface, or route traffic via it.  You just need to tell NAT
to make the source of the packets the address of the loopback, which is what
Paul's config does and my notes were trying to explain.

If you're trying to achieve something else, what?

Regards,
Tim.

More information about the cisco-nsp mailing list