NAT Load Balancing

NAT can be used for load balancing purpose as well. We do a translation from the destination IP address of the outside packet to multiple inside IP addresses which are load-balance. 

The command which serves this purpose is below

ip nat inside destination list <access-list of global IP address> pool <pool of internal IP address range>

ip nat pool <name> <IP address start> <IP address stop> type rotary

Configuration Example

Task:

• R3 is in nat outside network trying to connect to servers inside. 
• R3 uses 172.16.1.10 to connect to the servers.
• R2 and R4, in this example, are served as servers inside the nat network
• R2 and R4 are required to load balancing with each other
• Configure only on R1.

Configuration

R1
!
interface FastEthernet0/0
 ip address 172.16.1.1 255.255.255.0
 ip nat outside
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
!
ip nat pool net-192 192.168.1.2 192.168.1.3 prefix-length 24 type rotary
ip nat inside destination list 1 pool net-192
!
access-list 1 permit 172.16.1.10
!

Verify Configuration

R1#sh ip nat translations

Pro Inside global      Inside local       Outside local      Outside global

tcp 172.16.1.10:23     192.168.1.2:23     172.16.1.2:43480   172.16.1.2:43480

tcp 172.16.1.10:23     192.168.1.3:23     172.16.1.2:48533   172.16.1.2:48533

We see from the translation table that 172.16.1.10 was translated in to 2 ip addresses which are 192.168.1.2 and 192.168.1.3. Now we will test the configuration by trying to telnet to 172.16.1.10 from R3. The correct result will be R3 telnet to R2 and then telnet to R4 when create another session.

R3#
R3#telnet 172.16.1.10
Trying 172.16.1.10 ... Open


User Access Verification

Password:
R2>exit

[Connection to 172.16.1.10 closed by foreign host]
R3#
R3#
R3#telnet 172.16.1.10
Trying 172.16.1.10 ... Open

User Access Verification

Password:
R4>