IMHO: You would use load-sharing mechanism with the policy base routing feature on the router. Let me explain further you can give vlan/subnet 2-5 go to ISP_1 and vlan/subnet 6-10 go to ISP_2 with source-route of policy base routing feature. Now you can control out-bound traffics go to ISPs. I don't think multiple default route(Load balancing with CEF) will be good solution for multiple ISPs because are you sure the packets of 1 session go to the same ISP at a time.

Are you doing nat traffics into ISPs? If so I can advice you with this commands.

route-map NatISP1 permit 10

match ip address VLAN2-5

match interface Serial0/0/0 #interface conneted to ISP1

route-map NatISP2 permit 10

match ip address VLAN6-10

match interface Serial0/0/1 #interface conneted to ISP2

ip nat inside source route-map NatISP1 interface Serial0/0/0 overload

ip nat inside source route-map NatISP2 interface Serial0/0/1 overload

Hope this helps

L.Thot

Hi L.Thot,

yes multiple default routes work with NAT. What you can do, is to disable CEF switching so you will be sure that sessions to the same destinatio will use the same interface all the time.

Hi Thot

The above scenario fits well when the user is not bothered about the redundancy and insisting on load balancing alone.

The config posted by you works well when theres no failure with any of the ISP but when one of the ISP goes down then connectivity to the particular which is routed via that ISP will go off...

In addition to your suggestion i feel he needs to add one more interface too under the route map command.

But in case of ethernet which wont go down in normal condition until the cable is removed off from the port the traffic may get blackholed..

regds

Hi Paolo and Edwin

I don't meaning we would disable CEF.Let me clarify when we have routes to ISPs in this case is connected to ISPs and we run ip cef command on router.To be honest I think to be control outbound traffics I would use load-sharing with PBR and do fail-over for redirecting traffics each other.

=== Part of Route-Map =====

route-map Input permit 10

match ip address Vlan2-5GotoISP1_First

set ip next-hop ConnectedIP_ISP1 ConnectedIP_ISP2

!

route-map InputNet permit 20

match ip address Vlan6-10GotoISP2_First

set ip next-hop ConnectedIP_ISP2 ConnectedIP_ISP1

Apply it into interface

=== Part of NAT =====

route-map NatISP1 permit 10

match ip address Vlan2-5GotoISP1_First

match interface Serial0/0/0 ==> For sure doing nat with ip of this interface when packets go out off this interface only

route-map NatISP2 permit 10

match ip address Vlan6-10GotoISP2_First

match interface Serial0/0/1 ==> For sure doing nat with ip of this interface when packets go out off this interface only

ip nat inside source route-map NetISP1 interface Serial0/0/0 overload

ip nat inside source route-map NetISP2 interface Serial0/0/1 overload

Apply it into interface

Anyway you can do the same way by classifying traffics with services such as http and https go to ISP1 , SMTP and DNS go to ISP2 depending upon your design.

I don't think this is best way you go but it is best way I can share ;-)

Regards

L.Thot

Hi L.Thot,

yes your configuration suggestion is very reasonable. But for some customers PBR and VLAN is already a little complicated so in some cases, to keep it simple, I suggest to just configure default routes.

Thanks!