For each ISP link, a physical interface or vlan interface is required. For this example, vlan is used for external networks, and inside interface is used for internal networks.
1. Create the Vlan interfaces
vlan "outside" "isp1" 5
vlan "outside" "isp2" 6
Assign IP address to each interface.
ip address "inside" 172.28.8.1 255.255.255.0
ip address "isp1" 10.7.5.40 255.255.255.0
ip address "isp2" 10.7.6.40 255.255.255.0
2. Set routes
ip route default 10.7.5.1
ip route default 10.7.6.1
3. Create the NAT vips with Cluster
cluster virtual ifname "isp1" 10
cluster virtual vip "isp1" 10 10.7.5.41
cluster virtual ifname "isp2" 10
cluster virtual vip "isp2" 10 10.7.6.41
cluster virtual on
4. Set up Dynamic NAT to translate internal traffic to outside world.
#60 is the connection persistence timeout
nat port 10.7.5.41 172.28.8.0 255.255.255.0 60
nat port 10.7.6.41 172.28.8.0 255.255.255.0 60
5. LLB Setup
# Create and enable the links (where 10.7.4.11 and 10.7.9.11 ISP router IP address for icmp healthcheck)
llb link route "isp1" 10.7.5.1 10.7.4.11
llb link route "isp2" 10.7.6.1 10.7.9.11
llb link enable "isp1"
llb link enable "isp2"
# Enable health check
llb link health on
# Enable statistic
llb statistics link on
# Method (rr, wrr, sr, or dd)
#by default, method is rr .
# if llb method is rr, it won’t show in config.
# to change method sr, use “llb method outbound sr”
6. Check statistic
LLB(config)#show statistics llb link
Link "isp1":
status statistics:
Gateway Destination Interval Weight Resp_time Status Down Up_time
10.7.5.1 10.7.4.11 2 1 0.001ms Up 2 00:35:14
Bandwidth statistics:
Bandwidth (bit/sec): Min. 5min. Hour Day
10.7.5.1 Avg.: 984.000 (bps) 960.000 (bps) 712.000 (bps) 464.000 (bps)
10.7.5.1 Peak: 1.080(Kbps) 1.824(Kbps) 1.824(Kbps) 624.000 (bps)
Link "isp2":
status statistics:
Gateway Destination Interval Weight Resp_time Status Down Up_time
10.7.6.1 10.7.9.11 2 1 0.318ms Up 4 1+23:05:54
Bandwidth statistics:
Bandwidth (bit/sec): Min. 5min. Hour Day
10.7.6.1 Avg.: 1.480(Kbps) 1.440(Kbps) 1.584(Kbps) 1.728(Kbps)
10.7.6.1 Peak: 3.608(Kbps) 2.064(Kbps) 2.304(Kbps) 2.304(Kbps)
7. Test the setup
Test client ip 172.28.8.100 and default GW 172.28.8.1 (inside IP of TMX)
Client pings to 10.7.7.109 and 10.7.7.108.
an# ping 10.7.7.109
PING 10.7.7.109 (10.7.7.109): 56 data bytes
64 bytes from 10.7.7.109: icmp_seq=0 ttl=126 time=1.747 ms
64 bytes from 10.7.7.109: icmp_seq=1 ttl=126 time=0.963 ms
64 bytes from 10.7.7.109: icmp_seq=2 ttl=126 time=0.816 ms
^C
--- 10.7.7.109 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.816/1.175/1.747/0.409 ms
an# ping 10.7.7.108
PING 10.7.7.108 (10.7.7.108): 56 data bytes
64 bytes from 10.7.7.108: icmp_seq=0 ttl=126 time=0.708 ms
64 bytes from 10.7.7.108: icmp_seq=1 ttl=126 time=0.743 ms
64 bytes from 10.7.7.108: icmp_seq=2 ttl=126 time=0.764 ms
^C
Trace collected from outside NIC of TMX, notice that:
LLB routes traffic to 10.7.7.109 using ISP1 with NAT IP 10.7.5.41
LLB routes traffic to 10.7.7.108 using ISP2 with NAT IP 10.7.6.41
LLB(config)#debug trace live tcp outside
tcpdump: WARNING: em0: no IPv4 address assigned
tcpdump: listening on em0
..
..
07:22:58.097894 802.1Q vlan#5 P010.7.5.41 > 10.7.7.109: icmp: echo request
07:22:58.098478 802.1Q vlan#5 P010.7.7.109 > 10.7.5.41: icmp: echo reply
..
07:23:01.218357 802.1Q vlan#6 P010.7.6.41 > 10.7.7.108: icmp: echo request
07:23:01.218742 802.1Q vlan#6 P010.7.7.108 > 10.7.6.41: icmp: echo reply