MPLS Providers - Load balancing/fail-over

Unanswered Question
Sep 10th, 2007

We are currently switching from a point-to-point T1/E1 WAN to an MPLS network.

The core consists of two Cisco 3800 routers with one DS3 going to one MPLS provider and another DS3 going to another provider for load balancing and redundancy. Ultimately the present 7200's will be replacing the 3800's after all point-to-point T1's have been converted

Remote branches either use one or two (HDLC) circuits connecting to one MPLS cloud, or both, but only one Cisco router.

We are using OSPF across the network, and all WAN interfaces at the core and at each branch are in area

Branch LAN's and main office LAN's use Nortel Layer three switches in different OSPF areas (based on geographical locations) to connect to the MPLS CE router. CE routers are managed internally, PE's are managed by the providers and update OSPF tables in the CE's (BGP to OSPF handled at PE closest to us)

While we want to use both DS3's at the core, we'll need to use both T1's at the branch for performance reasons, and also at the branch, we don't mind load-balancing on a per session basis or per destination, not per packet.

We also may want to assign specific routes to either VoIP traffic, video-conferencing traffic or ERP traffic.

At the branch level, we would like to fail over to one MPLS circuit, in case of issues with one provider or the other.

Did someone have to build and support such a setup?

What is the best way to address this kind of architecture using OSPF? What kind of issues one has to expect?

Thanks in advance.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
umedryk Fri, 09/14/2007 - 12:48

The Failover pane contains the settings for configuring failover on the security appliance. However, the Failover pane changes depending upon whether you are in multiple mode or single mode, and when you are in multiple mode, it changes based on the security context you are in. Failover allows you to configure two security appliances so that one will take over operation if the other fails. Using a pair of security appliances, you can provide high availability with no operator intervention. The security appliance communicates failover information over a dedicated failover link. This failover link can be either a LAN-based connection or, on the PIX security appliance platform, a dedicated serial failover cable.


This Discussion