load sharing with NAT

Hi. my second post is about load sharing with NAT. you know that load balancing and load sharing is different terms. Actually in load balancing, device can really balanced the load between different links considering the actual amount of traffic that is passes through the links. but in load sharing, device can evenly share the connection between links without considering the amount of traffic and actual load. Anyway, with NAT you can do “load sharing” between devices and I’m going to show you the simple scenario here.

suppose we have 2 servers inside internal network (R2 and R4) that serve the same service to clients which is in our case,Telnet for testing purpose. in this scenario, we want to configure NAT on R3 so that, when R1 wants to connect to the IP address of shared services, R3 begins to share the load evenly between 2 internal devices. I mean, the first telnet connection destined to shared IP address and sources from an external IP (R1 in this example) should be redireced to R2 and the second one should be redirected to R4, the third to R2, …
for this to work, there is special configuration of NAT, known as “inside destination NAT” which is designed to fulfill our requirements. but it is good to mention that, this is just used for TCP connections and UDP cannot be be load-shared with this method. so let’s begin our configuration.
in first phase we need an ACL that will define the actual IP address that is seen from an external client’s point of view. for example, if external client sees internal shared service IP address as 100.1.1.1, this ACL must specify this IP address. for the second part we need to specify a NAT pool. this pool will define internal IP addresses of internal servers (in this case, the internal IP address of R2 nd R4). this pool must be an “rotary” pool which is specified with “rotary” keywork at the end of the nat pool command.

ip nat pool TEST netmask 255.255.255.0 type rotary
 address 155.1.234.2 155.1.234.2
 address 155.1.234.4 155.1.234.4
ip nat inside destination list GLOBAL_IP pool TEST
!
ip access-list standard GLOBAL_IP
 permit 155.1.13.3
!
interface FastEthernet0/0
 ip address 155.1.234.3 255.255.255.0
 ip nat inside
!
interface FastEthernet0/1
 ip address 155.1.13.3 255.255.255.0
 ip nat outside

as seen above, our internal IP address of R2 nd R4 is 155.1.234.2 and 155.1.234.4 respectively. so we put those IP addresses into a rotary pool as we discussed before. second, R1 needs to see the those internal IP addresses as 155.1.13.3, which is the IP address of interface f0/1 on R3.
at the final step, wen need to test to see if it works fine. for the test, you can issue a telnet on R1 destined to 155.1.13.3 IP address. surprisingly you will see that, the telnet is established with R2 or R4, and not with R3. the second telnet goes to R4, the third one will go to R2 again and the 4th telnet will be arrived at R4.
up to here, we configured the basic scenario about “inside destination NAT”, but there is some more tricks regarding this type of NAT that I will publish them soon. one of questions can be, what if we need a telnet to be established with R3 router without affecting our “inside destination NAT”?… I’ll be back soon ;)

Leave a Comment

Your email address will not be published. Required fields are marked *

* Copy This Password *

* Type Or Paste Password Here *

2,050 Spam Comments Blocked so far by Spam Free Wordpress

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>