Hello I am in this situation:
I have a single site with two internet connections:
Primary Line: RFC1483 SHDSL 4Mbit/symmetric Backup line: RFC1483 ADSL 2048down/512upload
They are configured in this way:
SHDSL: public ip address 1.1.1.2 - point to point 1.1.1.1
ADSL: public ip address 2.2.2.2 - point top oint 2.2.2.1
public range
90.90.90.208/29 default GW 209 this range is routed on the SHDSL link.------------- They are usually configured in this way:
First router SHDSL: ATM0/0.1 point to point - 1.1.1.2 eth0/0 - 192.168.1.254/24 "lan" default route 0.0.0.0 0.0.0.0 1.1.1.1
Second router ADSL: ATM0/0.1 point to point - 2.2.2.2 eth0/0 - 192.168.1.253/24 "lan" default route 0.0.0.0 0.0.0.0 2.2.2.1
They are connected to the same switch. My clients, in the range 192.168.1./0 if they use gw 192.168.1.254 go to the internet via the shdsl router, if they use the .253 exits via the adsl link.
Then I want to use my public /29 IP:
1) first solution:Now on the first router i put the /29 public link on the loopback0 interface as the following: int loopback0 ip addr 90.90.90.209 255.255.255.248
When I need to publish a service, I pat one of the public server as the following: ip nat inside source static tcp 192.168.1.10 80 90.90.90.210 80 ext
When I ned to NAT statically, i can nat statically the whole public IP I choose (from my public range) to a "private" ip address. Everything should work till now.
2) second solution: I put on a different phisical interface on the first router, example ETH0/1: int eth0/1 ip addr 90.90.90.209 255.255.255.248 then I put directly the public ip on the servers I connect to this interface.--------------------------------- I prefer the first solution, and I'd like to put the server on a different network (DMZ) example 172.16.0.1/24 Assuming that I will use the first solution, please read onwards:
NOW IS THE CHALLENGE: I put the two router in HSRP, using object tracking of the reachability (via icmp ping) of the public point-to-point link, example the ip 1.1.1.1 for the shdsl and the 2.2.2.1 for the adsl. I create a virtual ip for hsrp example 192.168.1.250, and i set this gw on the clients on the lan subnet. using object tracking i can set the default route path, 2.2.2.1 or 1.1.1.1 depening on the reachability. so the clients on the lan can go out with the shdsl or the adsl. ok?
WELL:
The challenge is here: can this work? If i put on the loopback of both routers the wan ip of the /29, (i have already spoken with my isp that manage to "re-route" on the shdsl or the adsl the /29 range, if one of my routers is not reachable), and if they have mapped some ports (example: 90.90.90.210:80 -> 192.168.1.10:80 set on both router, setting the "redudancy option" as stated in the cisco docs), could it works? In this config, that may seem complicate, the public range should be reachable on both connections without any reconfigurations of the servers?
My ISP suggested me to put both connection on the same router and using on the (example) eth0/0 the first ip of the /29... but I want to have full redundancy and so I want to use one router for each connectivity.
May that work?
Thank you