Routing networks differently on a multihomed Cisco router with NAT

  • Cisco 3745 with three network interfaces: one Serial (SER0/0) and two FastEthernet (ETH0/0, ETH0/1)
  • Provider A — primary ISP providing satellite link (SER0/0).
  • Provider B — secondary ISP with fiber link (ETH0/0).
  • Site X — our LAN (ETH0/1)

Here is some info about Cisco router:

  1. sh ver | include IOS
  2. IOS (tm) 3700 Software (C3745-IK9S-M), Version 12.3(12), RELEASE SOFTWARE (fc3)

For detailed and comprehensive network diagram please refer to the picture below LOL:

Provider A is used as a primary provider and this is where default route points to. 1.2.3/24 network belongs to Provider A and is leased by Site X.

Provider B is used as a secondary provider and only few networks being routed through this link on a peering basis. This networks are local and Provider B is advertising 1.2.3/24 network to local peers only. 5.6.7/24 network belongs to Provider B.

There is no NAT translation happening so far but only routing.

What are we trying to achieve?

Basically, Site X wants to route 8.9.10/24 network through Provider B. Since 8.9.10/24 network is not a peer of Provider B and Provider A doesn’t allow to do public announce (aka BGP) routing of 8.9.10/24 through will not work. Moreover, Site X only wants http and https traffic to be routed through Provider B.

Here we go with NAT implementation! http and https traffic would be NATed through Provider B, so the source part would be translated to

  1. interface FastEthernet0/0
  2.  ip nat outside
  3. interface FastEthernet0/1
  4.  ip nat inside
  5. ip nat inside source list 150 interface FastEthernet0/0 overload
  6. ip route
  7. access-list 150 permit tcp eq 443
  8. access-list 150 permit tcp eq 80

— where is a gateway located on Provider B site.

To see whether NAT is really taking place use:

  1. sh ip nat translations

Tags: , , ,

Leave a Reply