2811 Twin Adsl Wan load balanced

Unanswered Question
Sep 24th, 2007

Hi,

I have a Cisco 2811 with 2xadsl wan cards installed.

i'm trying to load balance the two lines together. with the following config i can ping googe.co.uk getting 40% reply. if i remove the static routes and only have ip route 0.0.0.0 0.0.0.0 dialer1 i get 100% but the traffice needs to come down the other line. this is my config its a No-NAT setup. Any help and advice would be great. Thanks

ip name-server 158.x.x.58

!

!

!

!

interface FastEthernet0/0

ip address (EXT IP 1) 255.255.255.240

duplex auto

speed auto

!

interface FastEthernet0/1

ip address (EXT IP 2) 255.255.255.240

duplex auto

speed auto

!

interface ATM0/0/0

no ip address

no atm ilmi-keepalive

dsl operating-mode auto

pvc 8/35

!

!

interface ATM0/0/0.2 point-to-point

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

!

interface ATM0/1/0

no ip address

no atm ilmi-keepalive

dsl operating-mode auto

pvc 8/35

!

!

interface ATM0/1/0.2 point-to-point

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 2

!

!

interface Dialer0

ip address negotiated

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication chap callin

ppp chap hostname (Username)

ppp chap password (password)

!

interface Dialer1

ip address negotiated

encapsulation ppp

dialer pool 2

dialer-group 2

ppp authentication chap callin

ppp chap hostname (username)

ppp chap password (password)

!

ip classless

ip default-network 0.0.0.0

ip route 0.0.0.0 0.0.0.0 Dialer1

ip route 0.0.0.0 0.0.0.0 Dialer0

!

ip http server

!

!

control-plane

!

!

line con 0

line aux 0

line vty 0 4

login

!

end

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
lgijssel Mon, 09/24/2007 - 08:13

Assuming that you have a /28 public for each adsl line? When routing at round robin from your internal network you will only get a response when the packet is actually sent via the corresponding adsl line.

You should use a route-map to fix the relation between the incoming (eth) and the outgoing (dsl) line so that all traffic is sent to the link that routes the corresponding /28 to&from the internet.

regards,

Leo

jamiebenger Mon, 10/15/2007 - 01:07

Hi yes using /28 for public adsl lines.

Would it be possible to give me an example as i'm not use to using the route-map command.

Many thanks for your help.

Jamie

Paolo Bevilacqua Mon, 10/15/2007 - 02:01

Hi,

in brief, you cannot have multiple lines to the internet without using NAT or BGP.

Hop this helps, please rate post if it does!

jamiebenger Mon, 10/15/2007 - 03:06

Hi yes that helps.

Ok is it possible to have say

atm0/0/0 going to fa0/0 - NO NAT

and

atm0/1/0 going to fa0/1 - NAT'd

Its so we can run an online backup without killing the internet speeds.

Many thanks

Jamie

Paolo Bevilacqua Mon, 10/15/2007 - 03:35

Hi,

for accessing the internet, from inside to outside, is not a problem, you can have load sharing as well as backup.

But if you have servers to be reached from outside eg on on FA0/0, if ATM0/0/0 goes down, there is no solution, that is, you could still use the other circuit to reach them, but not with the same addresses.

Thanks for the rating and good luck!

jamiebenger Mon, 10/15/2007 - 04:55

Thanks for that.

Any idea what commands i should put in my config and where. Never done anything with load sharing before.

Many thanks for your Help

Jamie

Paolo Bevilacqua Mon, 10/15/2007 - 05:16

Because you have two inside networks, but only one with nat, it's a more advanced config.

Pls describe how would you like things to work.

jamiebenger Mon, 10/15/2007 - 06:52

The end result im looking for is:

fa0/0 to ATM0/0/0 - NO NAT Connection - This is for internet/Email and VPN

fa0/1 to ATM0/1/0 this is for an backup that will go to the MD's house for a off site backup.

I was thinking about load sharing the ADSL line so the off site backup does not kill the internet. But it would be fine if i could just get atm0/0/0 to fa0/0 and atm0/1/0 to fa0/1 keeping the connections separate.

I really appricate your help trying to solve this problem.

Jamie

Paolo Bevilacqua Mon, 10/15/2007 - 07:32

Ok,

keep one static default route and one ip nat inside source list int dialer1 .. statement.

keep nat inside/outside only on fa0/1 and atm0/1/0.

configure a route-map for pbr matching only addresses in fa0/1 (ACL if needed), 'set interface dialer1'.

attach it to fa0/0.

ip policy route-map

Once you have this working a backup configuration can be elaborated.

ilya.varlashkin Tue, 10/16/2007 - 12:51

I've discovered interesting CEF bug in IOS for 2800 series, where if one interface has CEF and the other doesn't traffic can experience 50% packet loss towards upstream router. This was in the lab environment and I didn't have anything beyond upstream router so couldn't test further. Workaround was to enabled CEF on all interfaces.

In your config you route over Dialer interfaces without specifying next-hop IP, this disables Dialer CEF. Try removing both default routes (and default-network too) and add following line to both of your dialers:

ppp ipcp route default

This will enable CEF on the dialer interfaces.

Let me know if this helps.

Actions

This Discussion