831 dual-wan connectivity with load sharing?

Unanswered Question
Jun 7th, 2007
User Badges:

I have (3) 831's and can use eth1 and eth2 as 'nat outside' interfaces successfully, with a weight added to my static routes. i.e.


ip route 0.0.0.0 0.0.0.0 Ethernet1 1

ip route 0.0.0.0 0.0.0.0 Ethernet2 2


But, when I add the 2 routes -

ip route 0.0.0.0 0.0.0.0 Ethernet1

ip route 0.0.0.0 0.0.0.0 Ethernet2

Outside connectivity ceases.


1) using ip cef

2) nat inside on eth0

3) Ethernet2 is actually FastEthernet4 (yep, got this one).


Our (2) ISP links are delivered via etherenet and we currently use a crappy Symantec 360R - which is evil.


Can I make something work with outbound-only load-sharing with cisco equipment?

Do I need a routing proto like oer, ospf, glbp? We also have an 1811 currently in use

as our media gateway, so I could startup a routing proto, I suppose, and use (2)

of the 831's. I just don't know which method would be best.


And thoughts or suggestions GREATLY appreciated.


-dave braford


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Amit Singh Thu, 06/07/2007 - 09:21
User Badges:
  • Cisco Employee,

Dave,


You have got 3 routers for 3 different ISP connections??? Please explain the toplogy again.. A brief network diagram would help in understanding the solution and designing the thoughts.


-amit singh

davebraford Thu, 06/07/2007 - 09:35
User Badges:

Ah, the 831's are NOT currently in use.

Looking to switch from Symantec 360R to Cisco gear.


1811 acts as internal gateway; routes appropriate traffic to

the 360R; 360R does NAT - port forwarding - dual ethernet WAN switching.


Can I use one of the 831's to replace the 360R?

Do I need a routing proto?

I know, it's confusing.


thanks for reply.

Ivan Villagomez Thu, 06/07/2007 - 09:55
User Badges:

Ok, so what i understand is that you want to eliminate the 360R and use the 831 Routers.


I have a few question, are they diff ISP do you have an AS?

davebraford Thu, 06/07/2007 - 09:58
User Badges:

Different ISP's - no routing proto support.


No AS - the Synantec 360R is the firewall.



Amit Singh Thu, 06/07/2007 - 10:04
User Badges:
  • Cisco Employee,

Dave,


You dont need to run any routing protocol on it unless your ISP says so. There are two ways to carry this out


1. Replace 360R with 2 831's and configure both the routers for HSRP, one will become the primary router and in case if one goes down the other one will start forwarding the traffic.


2. Replace 1811 and 360R with a higher model router like 1841 or 2800 series router. Terminate your both the ISP's on the new router and configure the policy based routing and natting to load-balance the traffic across both the ISP's.


When we have 2 different ISP;s, I would suggest for more controlled and filtered way for sending the traffic from 2 different ISP's.


I would suggest to use NAT and PBR (policy based routing).I would first look at the kind of traffic, users, applications that I have to go the outisde world. Once the traffic is determined I would see the traffic distribution of the users over the two links. I would use my application, mail traffic to go thorough one link and internet and other traffic to use another link.I will make both the links as back up of each other.In case of one of the link goes my all the traffic will use the other link. I would suggest to implement proper QOS and rate limiting to drop the unwanted traffic.


NAT:


http://www.cisco.com/warp/public/556/12.html


Policy Based Routing:


http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/qos_c/qcpart1/qcpolicy.htm


www.cisco.com/warp/public/732/Tech/plicy_wp.htm


QOS:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cg/hqos_c/qchintro.htm


HTH,Please rate if it does.

-amit singh

davebraford Thu, 06/07/2007 - 10:58
User Badges:

Yeah, yeah.

You guys always reccomend replacing a router....

Y? The 1811 is running @ like 5% ave. load......


I could do policy-based routing on the 1811 right now, right? Then, create logical interfaces on the un-used FastEth and use (2) 831's - or even 1.


My questions is/was - will an internal routing proto make that faster, easier, and/or cooler?





Actions

This Discussion