Load Balancing with QoS over to IPS Links

thomas.waterman · ‎10-30-2008

OK a few weeke ago I posted a question about QoS vs. PBR. The general feeling was that I should use QoS. So now I am ready to go but I need an example of how to setup QoS, but first let me tell you about the outbound connections. I have a DSL and a T1 connection currently. I need to get the QoS and load balancing going and then in less than 30 days they are going to change my connections. We will be getting a cable connection (which is here already) and a Fiber connection that is coming in about 30 days. The company providing the fiber will terminate it on thier own Cisco router and it will connect to our 2821 via ethenet. So my question is how with QoS do I load balance over the 2 connections and how does this effect NAT? Any help is greatly appreciated and I don't mind reading Cisco articles either. Thank you,

Tom

Collin Clark · ‎10-30-2008

Tom-

Here's a good sheet on LB with NAT. As far as QoS, what are you giving priority too?

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a00808d2b72.shtml

thomas.waterman · ‎10-30-2008

We are going to give priority to VPN,then FTP, then email and Web. In the next year we are also going to a VOIP solution, so I need to take that into consideration.

Tom

Collin Clark · ‎10-30-2008

Since this is an internet connection, IMO QoS will not do much except make your config more complicated. You can prioritize traffic, but once it leaves your router it's on the internet where there is no QoS. You state you want to prioritize VPN traffic, but what applications on the VPN? or do you mean the protocols that make up the VPN tunnel? One last thing to consider about QoS is that when you give priority to one application, you're stealing it from all the others. Are you seeing congestion today?

thomas.waterman · ‎10-31-2008

no what we are trying to do is ensure that standard web traffic goes out the cable connection that we have and that traffic such as VPN email and soon VOIP go out our fiber connection which is a constant 5/5 connection.

Joseph W. Doherty · ‎10-30-2008

In theory, QoS should encompass your concern of using multiple paths to provide service as you specify. In practice, your issues of load balancing (using PBR) and QoS were treated separately. Practical QoS often dealt with congestion management.

The latest IOS (e.g. 12.4T) provides a new technology, PfR (performance routing), which, I believe, if combined with routine QoS would do about everything you desire, at least for outbound traffic. However, I haven't used the PfR technolgy to the extent it appears you would require.

If it weren't for your NAT, I might be able to provide an example on using a simple version of PfR (or OER - optimize edge routing - an earlier version of PfR) and QoS.

However, even if we had everything working correctly for outbound traffic, there's still an inbound traffic issue. Managing inbound, generally, doesn't work very well, so you might find half a solution isn't any solution.

Yet, all might not be lost if your DSL is ADSL and likewise your fiber is asymmetric bandwidth too. In that case, assuming your outbound provides much less bandwidth than inbound, using advanced techniques and/or technologies outbound alone might be a benefit.

You can also start with a very simple QoS implementation. For instance, assuming the fiber connection provides 5 Mbps outbound but you have a 100 Mbps Ethernet interface, even something as simple as a traffic shaper configured for 5 Mbps (outbound) might make a noticable difference.

thomas.waterman · ‎11-10-2008

Joseph, could you provide me the example of PfR that you spoke of? I can take a closer look at the NAT but I would really like to see a basic implementation of PfR. Thank you for your time.

Tom

Joseph W. Doherty · ‎11-10-2008

Below is an example, but without reading about how to config the technology, probably won't make much sense other than perhaps showing how little is needed to configure for a basic setup.

Master controller router:

conf t

oer master

logging

!

border x.x.x.x key-chain key1

interface GigabitEthernet0/0 internal

interface Serial1 external

!

border x.x.x.x key-chain key1

interface FastEthernet0/0 internal

interface ATM0/0/0 external

!

learn

throughput

delay

periodic-interval 0

monitor-period 1

aggregation-type bgp

mode route control

mode select-exit best

periodic 180

!

key chain xxx

key 1

key-string xxx

end

Border router:

conf t

oer border

local Loopback0

master x.x.x.x key-chain key1

key chain xxx

key 1

key-string xxx

end