Policy Based Routing with the Multiple Tracking Options Feature Configuration Example
Итак у нас 2 канала:
- ISP1 подключен к FastEthernet0/0, шлюз x.x.x.1
- ISP2 подключен к FastEthernet0/1, шлюз y.y.y.1
Локальная сеть:
- Vlan1 192.168.0.0/24
! ip sla 100 icmp-echo 8.8.8.8 source-interface FastEthernet0/0 threshold 1000 frequency 10 ip sla schedule 100 life forever start-time now ! ip sla 101 icmp-echo 8.8.4.4 source-interface FastEthernet0/1 threshold 1000 frequency 10 ip sla schedule 101 life forever start-time now ! track 100 ip sla 100 reachability delay down 5 up 5 ! track 101 ip sla 101 reachability delay down 5 up 5 ! interface FastEthernet0/0 ip address x.x.x.2 255.255.255.252 ip nat outside ! interface FastEthernet0/1 ip address y.y.y.2 255.255.255.252 ip nat outside ! interface Vlan1 ip address 192.168.0.1 255.255.255.0 ip nat inside ip policy route-map PBR-nexthop ! ip route 0.0.0.0 0.0.0.0 x.x.x.1 1 track 100 ip route 0.0.0.0 0.0.0.0 y.y.y.1 2 track 101 ip route 0.0.0.0 0.0.0.0 x.x.x.1 254 ! ip nat inside source route-map ISP#1 interface FastEthernet0/0 overload ip nat inside source route-map ISP#2 interface FastEthernet0/1 overload ! route-map ISP#1 permit 10 match ip address 100 match interface FastEthernet0/0 ! route-map ISP#2 permit 10 match ip address 100 match interface FastEthernet0/1 ! route-map PBR-nexthop permit 10 set ip next-hop verify-availability x.x.x.1 1 track 100 set ip next-hop verify-availability y.y.y.1 2 track 101 ! ! access-list 100 remark ACL-for-nat access-list 100 deny ip 192.168.0.0 0.0.0.255 10.0.0.0 0.255.255.255 access-list 100 deny ip 192.168.0.0 0.0.0.255 192.168.0.0 0.0.255.255 access-list 100 deny ip 192.168.0.0 0.0.0.255 172.16.0.0 0.15.255.255 access-list 100 permit ip 192.168.0.0 0.0.0.255 any access-list 100 deny ip any any !
Policy Based Routing with the Multiple Tracking Options Feature Configuration Example Document ID: 48003 http://www.cisco.com/en/US/tech/tk364/technologies_configuration_example09186a0080211f5c.shtml