NAT接入双ISP负载均衡+SLA及内部服务器的发布
2012-12-05 23:03
351 查看
拓扑:
R7配置:
interface FastEthernet0/0
ip address 192.168.100.7 255.255.255.0
ip route 0.0.0.0 0.0.0.0 192.168.100.254
R8配置:
interface FastEthernet0/0
ip address 192.168.200.8 255.255.255.0
ip route 0.0.0.0 0.0.0.0 192.168.200.254
R6配置:
VLAN D
VLAN 100
VLAN 200
interface FastEthernet1/0
switchport mode trunk
interface FastEthernet1/1
switchport mode trunk
interface FastEthernet1/2
switchport access vlan 100
interface FastEthernet1/3
switchport access vlan 200
R1配置:
track 3 ip sla 3
!
track 4 ip sla 4
!
track 1000 ip route 59.1.1.0 255.255.255.0 reachability
!
interface FastEthernet0/0
ip address 13.1.1.1 255.255.255.0
ip nat outside
speed 100
duplex full
!
interface FastEthernet0/1
ip address 14.1.1.1 255.255.255.0
ip nat outside
speed 100
duplex full
!
interface FastEthernet1/0
no ip address
speed 100
duplex full
!
interface FastEthernet1/0.100
encapsulation dot1Q 100
ip address 192.168.100.1 255.255.255.0
ip nat inside
standby 100 ip 192.168.100.254
standby 100 priority 150
standby 100 preempt
standby 100 track 1000 decrement 80
!
interface FastEthernet1/0.200
encapsulation dot1Q 200
ip address 192.168.200.1 255.255.255.0
ip nat inside
standby 200 ip 192.168.200.254
standby 200 preempt
standby 200 track 1000 decrement 80
!
ip nat inside source route-map to_r3 interface FastEthernet0/0 overload
ip nat inside source route-map to_r4 interface FastEthernet0/1 overload
ip forward-protocol nd
!
ip route 59.1.1.0 255.255.255.0 13.1.1.3 100 track 3
ip route 59.1.1.0 255.255.255.0 14.1.1.4 200 track 4
!
ip access-list standard vlan_100
permit 192.168.100.0 0.0.0.255
ip access-list standard vlan_200
permit 192.168.200.0 0.0.0.255
!
ip sla 3
icmp-echo 13.1.1.3
frequency 30
ip sla schedule 3 life forever start-time now
ip sla 4
icmp-echo 14.1.1.4
frequency 30
ip sla schedule 4 life forever start-time now
!
route-map to_r4 permit 10
match ip address vlan_100 vlan_200
match interface FastEthernet0/1
!
route-map to_r3 permit 10
match ip address vlan_100 vlan_200
match interface FastEthernet0/0
R2配置:
track 3 ip sla 3
!
track 4 ip sla 4
!
track 1000 ip route 59.1.1.0 255.255.255.0 reachability
!
interface FastEthernet0/0
ip address 24.1.1.2 255.255.255.0
ip nat outside
speed auto
duplex auto
!
interface FastEthernet0/1
ip address 23.1.1.2 255.255.255.0
ip nat outside
speed auto
duplex auto
!
interface FastEthernet1/0
no ip address
speed 100
duplex full
!
interface FastEthernet1/0.100
encapsulation dot1Q 100
ip address 192.168.100.2 255.255.255.0
ip nat inside
standby 100 ip 192.168.100.254
standby 100 preempt
standby 100 track 1000 decrement 80
!
interface FastEthernet1/0.200
encapsulation dot1Q 200
ip address 192.168.200.2 255.255.255.0
ip nat inside
standby 200 ip 192.168.200.254
standby 200 priority 150
standby 200 preempt
standby 200 track 1000 decrement 80
!
ip nat inside source route-map to_r3 interface FastEthernet0/0 overload
ip nat inside source route-map to_r4 interface FastEthernet0/1 overload
!
ip route 59.1.1.0 255.255.255.0 23.1.1.3 200 track 3
ip route 59.1.1.0 255.255.255.0 24.1.1.4 100 track 4
!
ip access-list standard vlan_100
permit 192.168.100.0 0.0.0.255
ip access-list standard vlan_200
permit 192.168.200.0 0.0.0.255
!
ip sla 3
icmp-echo 23.1.1.3
frequency 30
ip sla schedule 3 life forever start-time now
ip sla 4
icmp-echo 24.1.1.4
frequency 30
ip sla schedule 4 life forever start-time now
!
route-map to_r4 permit 10
match ip address vlan_100 vlan_200
match interface FastEthernet0/1
!
route-map to_r3 permit 10
match ip address vlan_100 vlan_200
match interface FastEthernet0/0
R3配置:
interface FastEthernet0/0
ip address 13.1.1.3 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet0/1
ip address 23.1.1.3 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet1/0
ip address 35.1.1.3 255.255.255.0
speed 100
full-duplex
!
router bgp 300
no synchronization
bgp router-id 3.3.3.3
bgp log-neighbor-changes
network 13.1.1.0 mask 255.255.255.0
network 23.1.1.0 mask 255.255.255.0
neighbor 35.1.1.5 remote-as 500
no auto-summary
R4配置:
interface FastEthernet0/0
ip address 24.1.1.4 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet0/1
ip address 14.1.1.4 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet1/0
ip address 45.1.1.4 255.255.255.0
speed 100
full-duplex
!
router bgp 400
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
network 14.1.1.0 mask 255.255.255.0
network 24.1.1.0 mask 255.255.255.0
neighbor 45.1.1.5 remote-as 500
no auto-summary
R5配置:
interface FastEthernet0/0
ip address 35.1.1.5 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet0/1
ip address 45.1.1.5 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet1/0
ip address 59.1.1.5 255.255.255.0
duplex auto
speed auto
!
router bgp 500
no synchronization
bgp router-id 5.5.5.5
bgp log-neighbor-changes
network 59.1.1.0 mask 255.255.255.0
neighbor 35.1.1.3 remote-as 300
neighbor 45.1.1.4 remote-as 400
no auto-summary
R9配置:
interface FastEthernet0/0
ip address 59.1.1.9 255.255.255.0
duplex auto
speed auto
!
ip route 0.0.0.0 0.0.0.0 59.1.1.5
验证:
连通性:
如果服务器是内部的那么R9的配置可以改变为(内部不可路由192.168.100.9对外的可路由地址是59.1.1.100 ,内部不可路由192.168.200.9对外的可路由地址是59.1.1.200 )
R7配置:
interface FastEthernet0/0
ip address 192.168.100.7 255.255.255.0
ip route 0.0.0.0 0.0.0.0 192.168.100.254
R8配置:
interface FastEthernet0/0
ip address 192.168.200.8 255.255.255.0
ip route 0.0.0.0 0.0.0.0 192.168.200.254
R6配置:
VLAN D
VLAN 100
VLAN 200
interface FastEthernet1/0
switchport mode trunk
interface FastEthernet1/1
switchport mode trunk
interface FastEthernet1/2
switchport access vlan 100
interface FastEthernet1/3
switchport access vlan 200
R1配置:
track 3 ip sla 3
!
track 4 ip sla 4
!
track 1000 ip route 59.1.1.0 255.255.255.0 reachability
!
interface FastEthernet0/0
ip address 13.1.1.1 255.255.255.0
ip nat outside
speed 100
duplex full
!
interface FastEthernet0/1
ip address 14.1.1.1 255.255.255.0
ip nat outside
speed 100
duplex full
!
interface FastEthernet1/0
no ip address
speed 100
duplex full
!
interface FastEthernet1/0.100
encapsulation dot1Q 100
ip address 192.168.100.1 255.255.255.0
ip nat inside
standby 100 ip 192.168.100.254
standby 100 priority 150
standby 100 preempt
standby 100 track 1000 decrement 80
!
interface FastEthernet1/0.200
encapsulation dot1Q 200
ip address 192.168.200.1 255.255.255.0
ip nat inside
standby 200 ip 192.168.200.254
standby 200 preempt
standby 200 track 1000 decrement 80
!
ip nat inside source route-map to_r3 interface FastEthernet0/0 overload
ip nat inside source route-map to_r4 interface FastEthernet0/1 overload
ip forward-protocol nd
!
ip route 59.1.1.0 255.255.255.0 13.1.1.3 100 track 3
ip route 59.1.1.0 255.255.255.0 14.1.1.4 200 track 4
!
ip access-list standard vlan_100
permit 192.168.100.0 0.0.0.255
ip access-list standard vlan_200
permit 192.168.200.0 0.0.0.255
!
ip sla 3
icmp-echo 13.1.1.3
frequency 30
ip sla schedule 3 life forever start-time now
ip sla 4
icmp-echo 14.1.1.4
frequency 30
ip sla schedule 4 life forever start-time now
!
route-map to_r4 permit 10
match ip address vlan_100 vlan_200
match interface FastEthernet0/1
!
route-map to_r3 permit 10
match ip address vlan_100 vlan_200
match interface FastEthernet0/0
R2配置:
track 3 ip sla 3
!
track 4 ip sla 4
!
track 1000 ip route 59.1.1.0 255.255.255.0 reachability
!
interface FastEthernet0/0
ip address 24.1.1.2 255.255.255.0
ip nat outside
speed auto
duplex auto
!
interface FastEthernet0/1
ip address 23.1.1.2 255.255.255.0
ip nat outside
speed auto
duplex auto
!
interface FastEthernet1/0
no ip address
speed 100
duplex full
!
interface FastEthernet1/0.100
encapsulation dot1Q 100
ip address 192.168.100.2 255.255.255.0
ip nat inside
standby 100 ip 192.168.100.254
standby 100 preempt
standby 100 track 1000 decrement 80
!
interface FastEthernet1/0.200
encapsulation dot1Q 200
ip address 192.168.200.2 255.255.255.0
ip nat inside
standby 200 ip 192.168.200.254
standby 200 priority 150
standby 200 preempt
standby 200 track 1000 decrement 80
!
ip nat inside source route-map to_r3 interface FastEthernet0/0 overload
ip nat inside source route-map to_r4 interface FastEthernet0/1 overload
!
ip route 59.1.1.0 255.255.255.0 23.1.1.3 200 track 3
ip route 59.1.1.0 255.255.255.0 24.1.1.4 100 track 4
!
ip access-list standard vlan_100
permit 192.168.100.0 0.0.0.255
ip access-list standard vlan_200
permit 192.168.200.0 0.0.0.255
!
ip sla 3
icmp-echo 23.1.1.3
frequency 30
ip sla schedule 3 life forever start-time now
ip sla 4
icmp-echo 24.1.1.4
frequency 30
ip sla schedule 4 life forever start-time now
!
route-map to_r4 permit 10
match ip address vlan_100 vlan_200
match interface FastEthernet0/1
!
route-map to_r3 permit 10
match ip address vlan_100 vlan_200
match interface FastEthernet0/0
R3配置:
interface FastEthernet0/0
ip address 13.1.1.3 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet0/1
ip address 23.1.1.3 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet1/0
ip address 35.1.1.3 255.255.255.0
speed 100
full-duplex
!
router bgp 300
no synchronization
bgp router-id 3.3.3.3
bgp log-neighbor-changes
network 13.1.1.0 mask 255.255.255.0
network 23.1.1.0 mask 255.255.255.0
neighbor 35.1.1.5 remote-as 500
no auto-summary
R4配置:
interface FastEthernet0/0
ip address 24.1.1.4 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet0/1
ip address 14.1.1.4 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet1/0
ip address 45.1.1.4 255.255.255.0
speed 100
full-duplex
!
router bgp 400
no synchronization
bgp router-id 4.4.4.4
bgp log-neighbor-changes
network 14.1.1.0 mask 255.255.255.0
network 24.1.1.0 mask 255.255.255.0
neighbor 45.1.1.5 remote-as 500
no auto-summary
R5配置:
interface FastEthernet0/0
ip address 35.1.1.5 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet0/1
ip address 45.1.1.5 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet1/0
ip address 59.1.1.5 255.255.255.0
duplex auto
speed auto
!
router bgp 500
no synchronization
bgp router-id 5.5.5.5
bgp log-neighbor-changes
network 59.1.1.0 mask 255.255.255.0
neighbor 35.1.1.3 remote-as 300
neighbor 45.1.1.4 remote-as 400
no auto-summary
R9配置:
interface FastEthernet0/0
ip address 59.1.1.9 255.255.255.0
duplex auto
speed auto
!
ip route 0.0.0.0 0.0.0.0 59.1.1.5
验证:
连通性:
如果服务器是内部的那么R9的配置可以改变为(内部不可路由192.168.100.9对外的可路由地址是59.1.1.100 ,内部不可路由192.168.200.9对外的可路由地址是59.1.1.200 )
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- nat的双线接入负载均衡与虚拟服务器(发布服务器)
- xp上iis5发布asp站点,访问时出现内部服务器错误
- 浅谈内网web服务器发布到公网后路由器回流问题--NAT--PAT---技术研究
- 用ISA 2004发布内部FTP服务器
- Linux防火墙基础知识及应用;设置SNAT策略,局域网共享上网;DNAT策略,发布内部服务器
- 发布系统报错------500.19—内部服务器错误
- 通过NAT实现内网访问外网并发布内网服务器
- [ios]in house类型应用发布到内部服务器
- ServiceMix做内部服务器发布WebService(附带案例源码)
- 双ISP双链路接入NAT配置问题探讨
- 利用NAT技术把内部服务器安全放置到公网
- Hyper-V结合远程路由访问实现一个公网IP内部多个虚拟服务器的发布
- 双ISP单链路接入NAT配置问题探讨
- 在iis中发布asp的网站后,只显示登陆页面,其他的页面都不显示,并出现http500内部服务器错误,是怎么回事?
- ISA FAQ之一:如何利用ISA Server进行内部web服务器的发布(外网对内网进行访问)
- windos---内部服务器NAT和访问控制列表
- IIS7.0 网站发布页面显示 500 - 内部服务器错误。您要查找的资源有问题,无法显示
- 配置iptables NAT端口转发 实现内网服务器端口提供公网接入
- 电脑如何做服务器,面对动态IP和NAT转发后无公网IP,一样发布应用
- 建立企业内部maven服务器并使用Android Studio发布公共项目