先配置ACL为NAT的转换源:
ip access-list standard NAT
permit 192.168.1.0 0.0.0.255
permit 192.168.2.0 0.0.0.255
在Route-map 中调用ACL:
route-map NAT-2 permit 10
match ip address NAT
route-map NAT permit 10
match ip address NAT
配置NAT接口:
ip nat inside
ip nat outside
ip nat outside
使用NAT转换:
ip nat inside source route-map NAT interface Ethernet0/1 overload
ip nat inside source route-map NAT-2 interface Ethernet0/2 overload
SLA:
R2(config)#ip sla 1
R2(config-ip-sla)#icmp-echo 23.1.1.3 source-interface e0/1
threshold 2 //阈值
timeout 1000 //超时
frequency 10 //频率
R2(config)#ip sla schedule 1 life forever start-time now
R2(config)#track 11 ip sla 1 reachability
R2(config)#ip sla 2
R2(config-ip-sla)#icmp-echo 24.1.1.4 source-interface e0/2
threshold 2
timeout 1000
frequency 10
R2(config)#ip sla schedule 2 life forever start-time now
R2(config)#track 22 ip sla 2 reachability
PBR:
ip access-list standard PBR
permit 192.168.1.1
ip access-list standard PBR-2
permit 192.168.2.1
route-map PBR permit 10
match ip address PBR
set ip next-hop verify-availability 23.1.1.3 10 track 11
set ip next-hop 24.1.1.4
route-map PBR permit 20
match ip address PBR-2
set ip next-hop verify-availability 24.1.1.4 10 track 22
set ip next-hop 23.1.1.3
在接口下
R2(config-if)#ip policy route-map PBR