MPLS/VPN Load Balance and Fail Over

cmadiam82 · ‎03-26-2008

Hi All!

Right now, we are using MPLS/VPN for our connection. Another MPLS/VPN line is coming provided by other Telco. Does anyone here knows or have experience to configure loadbalancing and fail over using 2 MPLS/VPN connection? I want to configure our router to act this way. Your help is much appreciated.

Tnx!

guruprasadr · ‎03-26-2008

Hi, [Pls Rate if HELPS]

MPLS-VPN is the Service Type and you need some Protocol to do Load Balance & Failover of the Traffic.

Below link will provide more detail on using BGP as protocol in Single Homing / Multi Homing environment to do Load Balance & Failover Concepts with Sample Configuration.

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00800945bf.shtml

Hope I am Informative.

Pls Rate if HELPS

Best Regards,

Guru Prasad R

Danilo Dy · ‎03-26-2008

Hi,

I assume that this is a private WAN.

If both MPLS/VPN terminates in the same router in both site;

- Configure IP GRE Tunnel to have a logical P2P (MPLS/VPN is multi-hop)

- Configure floating static route for auto-failover or configure OSPF for load-balancing and auto-failover

If both MPLS/VPN terminates in different router in both site or in one of the site;

- Configure IP GRE Tunnel to have a logical P2P (MPLS/VPN is multi-hop)

- Configure BGP for load-sharing and auto-failover.

Regards,

Dandy

cmadiam82 · ‎03-26-2008

Hi medan!

du u have any link that i can read on how to configure this? Both MPLS/VPN will be terminated in the same router.

Tnx.

cmadiam82 · ‎03-26-2008

Hi!

Can I use EIGRP for load-balancing and auto-failover instead of OSPF? If someone knows any links that i can use to configure this one, please let me know. Thank you very much guys!!!

Joseph W. Doherty · ‎03-26-2008

Besides the information that Guru provided, you might also look into OER/PfR technology. Another technique, which I've seen within these forum, but haven't tried, is appending you own AS to both inbound providers so that BGP will consider both paths equal.

mheusing · ‎03-27-2008

Hi,

Using dynamic protocolls with two MPLS VPN providers interconnecting the same sites CAN lead to routing loops if not designed carefully together with both SPs.

Mainly what could happen: a network from site A is announced through SP1 to site B, which announces it back to site A through SP2, which in turn announces it back to site B ... etc.

The PE-CE protocolls have different capabilities to handle this scenario. Also of interest might be to choose one path as primary and one as backup. From the point of your SP you are installing a backdoor link between sites. If you are interested in EIGRP, have a look at "MPLS VPN Support for EIGRP Between Provider Edge and Customer Edge "

http://www.cisco.com/en/US/docs/ios/12_4/ip_route/configuration/guide/h_eipece_ps6350_TSD_Products_Configuration_Guide_Chapter.html

and "BGP Cost Community Support for EIGRP MPLS VPN PE-CE with Backdoor Links"

http://www.cisco.com/en/US/docs/ios/12_2s/feature/guide/fsbgpcce.html

From the later document you can understand that the MPLS VPN provider likely needs to change the PE configuration, as you redesign your IP routing. You need to talk to both SPs to get their statement regarding what is possible and what is not. Note: there might be a big difference between what is technically possible and what is offered as a product by a SP.

What will always work: use floating static routes towards the backup MPLS VPN and dynamic routing with your primary MPLS VPN.

A clean hierarchical IP address design will simplify this setup a lot.

Hope this helps! Please use the rating system.

Regards, Martin