NAT can be used for load balancing purpose as well. We do a translation from the destination IP address of the outside packet to multiple inside IP addresses which are load-balance.
The command which serves this purpose is below
ip nat inside destination list <access-list of global IP address> pool <pool of internal IP address range>
ip nat pool <name> <IP address start> <IP address stop> type rotary
Configuration Example
Task:
- R3 is in nat outside network trying to connect to servers inside.
- R3 uses 172.16.1.10 to connect to the servers.
- R2 and R4, in this example, are served as servers inside the nat network
- R2 and R4 are required to load balancing with each other
- Configure only on R1.
Configuration
R1
!
interface FastEthernet0/0
ip address 172.16.1.1 255.255.255.0
ip nat outside
!
interface FastEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
!
ip nat pool net-192 192.168.1.2 192.168.1.3 prefix-length 24 type rotary
ip nat inside destination list 1 pool net-192
!
access-list 1 permit 172.16.1.10
!
Verify Configuration
R1#sh ip nat translations
Pro Inside global Inside local Outside local Outside global
tcp 172.16.1.10:23 192.168.1.2:23 172.16.1.2:43480 172.16.1.2:43480
tcp 172.16.1.10:23 192.168.1.3:23 172.16.1.2:48533 172.16.1.2:48533
We see from the translation table that 172.16.1.10 was translated in to 2 ip addresses which are 192.168.1.2 and 192.168.1.3. Now we will test the configuration by trying to telnet to 172.16.1.10 from R3. The correct result will be R3 telnet to R2 and then telnet to R4 when create another session.
R3#
R3#telnet 172.16.1.10
Trying 172.16.1.10 ... Open
User Access Verification
Password:
R2>exit
[Connection to 172.16.1.10 closed by foreign host]
R3#
R3#
R3#telnet 172.16.1.10
Trying 172.16.1.10 ... Open
User Access Verification
Password:
R4>
No comments:
Post a Comment