iczfirz wrote:
其實我最大既難題係...

我有..
1* ip
1* 2514 dual ethernet
4* server (4* web, 1* ftp, 1* sendmail, 4* imap)

如果係NAT load distribution... 咁我1*ip round robin呢4* server就好頭痕... 因為router會下下都RR呢4*server.. 但我又唔係部部server都行晒sendmail同ftp..

所以我諗住開4* RR pool.. 睇下咩port黎就行邊個邊個pool... 但最後就做到上面段config就行唔到...

但其實我手頭有2*2514... 兩隻serial 0 cross埋再加下面段野就做到我要做既野... 但用兩隻實在太笨... 但上面個post果段又唔work..我功力又未夠... 唯手咁頂住先..

近public果隻... (先nat去另一set ip... 會係 1.0."public last octal"."port")

 
 interface Ethernet0 
  ip address 202.123.165.30 255.255.255.248 
  ip nat outside 
 ! 
 interface Serial0 
  ip address 1.0.1.1 255.255.255.0 
  ip nat inside 
  no ip mroute-cache 
  clockrate 4000000 
  dce-terminal-timing-enable 
 ! 
 ip nat inside source list 1 interface Ethernet0 overload 
 ip nat inside source static tcp 1.0.29.21 21 202.123.165.29 21 extendable 
 ip nat inside source static tcp 1.0.29.23 23 202.123.165.29 23 extendable 
 ip nat inside source static tcp 1.0.29.25 25 202.123.165.29 25 extendable 
 ip nat inside source static tcp 1.0.29.21 20 202.123.165.29 20 extendable 
 ip classless 
 ip route 0.0.0.0 0.0.0.0 202.123.165.25 
 ip route 1.0.0.0 255.255.0.0 Serial0 
 ip http server 
 ip pim bidir-enable 
 ! 
 access-list 1 permit 1.0.0.0 0.0.255.255 
 

近private 果隻.. (基於上面既nat去入自己個RR pool)

 
 ! 
 interface Ethernet1 
  ip address 1.0.0.1 255.255.255.0 
  ip nat inside 
 ! 
 interface Serial0 
  ip address 1.0.1.2 255.255.255.0 
  ip nat outside 
  no ip mroute-cache 
  no fair-queue 
  compress stac 
 ! 
 interface Serial1 
  no ip address 
  shutdown 
 ! 
 ip nat pool service-29-23 1.0.0.11 1.0.0.11 prefix-length 28 type rotary 
 ip nat pool service-29-25 1.0.0.11 1.0.0.12 prefix-length 28 type rotary 
 ip nat pool service-29-21 1.0.0.11 1.0.0.12 prefix-length 28 type rotary 
 ip nat inside source list 1 interface Serial0 overload 
 ip nat inside destination list 2 pool service-29-23 
 ip nat inside destination list 3 pool service-29-25 
 ip nat inside destination list 4 pool service-29-21 
 ip classless 
 ip route 0.0.0.0 0.0.0.0 1.0.1.1 
 ip http server 
 ip pim bidir-enable 
 ! 
 access-list 1 permit 1.0.0.0 0.0.0.255 
 access-list 2 permit 1.0.29.23 
 access-list 3 permit 1.0.29.25 
 access-list 4 permit 1.0.29.21 
 

其實... 有冇計仔可以一個2514自己loop自己個serial 行兩次nat呢?

等你救命... 記得屈番franng請你食飯喎