NAT to multiple outside connections

GT-RobGT-Rob Member Posts: 1,090
Ok, first a brief run down of how I want things setup.


Inside interface going to a 10.x.x.x subnet.
3 outside interfaces, each going to a DSL line. Lets call this 60.x.x.x, 65.x.x.x, and 75.x.x.x.


Now I have all interfaces up and getting my PPPoE connection up with IPs, setting default routes to each and they are all installed in the routing table, so far so good.



My problem is with NAT. I want to NAT from my internal IPs, to these external networks, but it doesn't seem to want it. I can't seem to be able to specify more than 1 outside network.



The 2 work arounds I have thought of is:
-Break the 10.x.x.x network into 3 groups, and NAT each group out a different interface. Problem with this is I wont get the utilization I am looking for.

-install a switch behind the router and run some sort of HSRP/GLBP magic to 'load balance' between all 3 connections. Haven't explored this much yet.


Is there any way to get what I want here? Or is NAT not designed to do this?


BTW when I tried this: ip nat pool 60.x.x.x 75.x.x.x prefix 4....it crashed the router lol

Comments

  • networker050184networker050184 Mod Posts: 11,962 Mod
    Have you tired to just make multiple NAT statements to overload each interface? Then let your default routes load balance over the interfaces? Not sure if it will work or not.


    ip nat inside source list 1 interface 1 overload
    ip nat inside source list 1 interface 2 overload
    ip nat inside source list 1 interface 3 overload



    EDIT: Come to think of it it will probably only the first one will be used. Might be worth a try to be sure though.
    An expert is a man who has made all the mistakes which can be made.
  • GT-RobGT-Rob Member Posts: 1,090
    Have you tired to just make multiple NAT statements to overload each interface? Then let your default routes load balance over the interfaces? Not sure if it will work or not.


    ip nat inside source list 1 interface 1 overload
    ip nat inside source list 1 interface 2 overload
    ip nat inside source list 1 interface 3 overload



    EDIT: Come to think of it it will probably only the first one will be used. Might be worth a try to be sure though.

    Yeah I tried this first, but when you put in the second line, the first one is removed lol
  • GT-RobGT-Rob Member Posts: 1,090
    hmmm I might have found a solution on Cisco.com, using route maps to define the outside interfaces, and OER to track the routes (double bonus).


    I will post my solution if it works!
  • networker050184networker050184 Mod Posts: 11,962 Mod
    GT-Rob wrote: »
    hmmm I might have found a solution on Cisco.com, using route maps to define the outside interfaces, and OER to track the routes (double bonus).


    I will post my solution if it works!


    Haha, I was actually just about to try something like that. I pulled up dynamips because this got me thinking and seen the oer keyword. Let me know how it works out.

    Another thing that might keep the first entry from being removed when you add the second is to use a different ACL. You can make it the same statements, but use a different number/name. I haven't tried it yet though.
    An expert is a man who has made all the mistakes which can be made.
  • billscott92787billscott92787 Member Posts: 933
    What if you used the same configuration but used something like:

    ip nat inside source list 1 interface Serial0/0 overload
    ip nat inside source list 2 interface Serial0/1 overload
    ip nat inside source list 3 interface Serial1/0 overload


    Have separate lists per statement. If you use the nat configuration statement like you said they overwrite each other. If you use them this way they do not. I'm not sure if it will work for what you are looking for but it is worth a shot :)


    Networker you beat me to the punch!
  • ColbyGColbyG Member Posts: 1,264
    GT-Rob wrote: »
    hmmm I might have found a solution on Cisco.com, using route maps to define the outside interfaces, and OER to track the routes (double bonus).


    I will post my solution if it works!

    Yea, you found the doc I was going to post.

    https://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a00808d2b72.shtml
  • GT-RobGT-Rob Member Posts: 1,090
    haha thats the one. The logic of it doesn't quite make sense to me (defining the outside interface in the "inside" route-map match statement), but Ill give it a try anyway! I would have never thought of using a route-map in a NAT statement either.


    Bill: I think that will 'take', but what Im afraid of happening is the first ACL matching all the time, and always sending it out that first interface, instead of giving me my "round-robin, load balance". Haven't tested it yet though.
  • APAAPA Member Posts: 959
    ColbyNA wrote: »

    Yep read this optimized edge routing document a while back..... haven't had the chance to try it though..... but logically it makes sense :)

    Pretty cool as well....let us know how it goes!

    CCNA | CCNA:Security | CCNP | CCIP
    JNCIA:JUNOS | JNCIA:EX | JNCIS:ENT | JNCIS:SEC
    JNCIS:SP | JNCIP:SP
Sign In or Register to comment.