Cisco多出口NAT自动切换
in Cisco with 0 comment
Cisco多出口NAT自动切换
in Cisco with 0 comment

2019-07-03_205557.png

拓扑如图,R3为出口路由器,R5、R4模拟PC,为内部局域网,R1和R2为两家不同的ISP,写两条静态路由,R1为主,R2为备。
需求:当R1网关down掉的时候自动走R2,并自动完成NAT切换
R1: 1.1.1.1/30
R2: 2.2.2.1/30
R3 f0/0: 1.1.1.2/30 f0/1:2.2.2.1/30 f1/0:192.168.1.1
主要展示R1配置:

interface FastEthernet0/0
 ip address 1.1.1.2 255.255.255.0
 ip nat outside
exit

interface FastEthernet0/1
 ip address 2.2.2.2 255.255.255.0
 ip nat outside
exit

interface FastEthernet1/0
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
exit

ip route 0.0.0.0 0.0.0.0 f0/0 1.1.1.1
ip route 0.0.0.0 0.0.0.0 f0/1 2.2.2.1 10

ip nat inside source route-map nat1 interface FastEthernet0/0 overload
ip nat inside source route-map nat2 interface FastEthernet0/1 overload

access-list 1 permit 192.168.1.0 0.0.0.255

route-map nat1 permit 10
 match ip address 1
 match interface FastEthernet0/0
exit

route-map nat2 permit 20
 match ip address 1
 match interface FastEthernet0/1
exit

这里的难点是route-map中的match interface语句,这条是匹配192.168.1.0的同时,匹配路由的第一跳接口,然后在NAT语句里面调用route-map进行匹配地址翻译,以下为IOS注释

interface -- Match first hop interface of route

本来想做成一条静态路由,再通过一条PBR进行路径选择,当路径down掉的时候自动使用默认路由,但是未能解决路径down掉PBR未自动失效的问题,等找到方法再更新。

本文由 Ethan 创作,采用 知识共享署名4.0 国际许可协议进行许可。
本站文章除注明转载/出处外,均为本站原创或翻译,转载前请务必署名。

The article has been posted for too long and comments have been automatically closed.