BGP Load balancing problem

Unanswered Question
May 8th, 2007
User Badges:

Hi all,


I have in my office two Catalyst 4000 switches that do layer 3 routing. HSRP is used on all vlans, so that one switch acts as primary and the other as failover. The HSRP address of each vlan interface is configured as the default gateway on all connected workstations.


For connecting to the WAN, I have two routers (with same BGP AS, directly connected back to back running iBGP between them). I intend to connect one to the primary switch and one to the backup in order to get as much redundancy as possible. Now, since these routers are in active-active mode (load balancing), I am not sure how to make a layer 3 design that allows my primary core switch to load balance traffic to the WAN over both routers.


My first idea was to create a "link VLAN" with a /30 netmask between each switch and router pair, run iBGP between the switches and eBGP between each switch and router, but after reading a bit about this, it seems like BGP would always prefer the locally connected router. My other idea was to create one vlan that spans both switches, and put both routers and switches on the same layer 3 segment, then run iBGP between the switches and eBGP between each switch and router pair.


Hope this explanation makes sense to someone.. All help is much appreciated!


User LAN

------------------------------

| |

| |

Cat4000 -------------- Cat4000

| |

| |

Router1 ---- iBGP ---- Router2

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bjornarsb Tue, 05/08/2007 - 23:34
User Badges:
  • Bronze, 100 points or more

Hi,


BGP is not a loadbalancing protocol since its always choosing the best path for a destination prefix. On the other hand you can use OSPF as your IGP (interior gatway protocol)


So loadbalancing is ok for outgoing traffic, but you also need loadbalancing for return traffic and traffic originated from Internet.


You need to aggree with your service provider how to do this. Which routing protocol is used between router 1 and your ISP and same for router 2 and your ISP.


Do you have 2 different ISP's?

Then you need to "loadbalance" on diffrent IP segments, like in the example I've posted.


HTH


Regards,

Bjornarsb



cwtseit Wed, 05/09/2007 - 00:39
User Badges:

Hi Bjornarsb,


Thanks for picking this up - the two routers are really a connection to our VPN. They come from the same provider and belong to the same (private) BGP AS. Inbound traffic from the WAN is already load balanced.


My question concerns outbound load balancing. How should I interconnect the core switches and the routers in order to get part of the outbound traffic sent to one router and the rest to the other? Ideally I want to avoid to load balance on different IP segments. Automatic per-flow balancing would be ideal.


Thanks,

Andy

bjornarsb Wed, 05/09/2007 - 01:06
User Badges:
  • Bronze, 100 points or more

Hi,


Ok, then you can set up this using static routes or OSPF.


I think you need two more links.

Total it would be one link from the primary switch to router 1 and one link from the primary switch to router2. Same for the backup switch (i.e hsrp standby)


Problem is that if you do this it will result in asymetric routing. i.e exit on router 2 and return traffic on router 1.


Some applications does not "like" that.




HTH


Regards,

Bjornarsb

Actions

This Discussion