Two ISPs load sharing

Unanswered Question
Feb 25th, 2009
User Badges:

Hello Experts,


I am trying to use two DSL ISPs to share my VOIP traffic of about 19 SIP phones using G711. I am thinking about using one 2811 router with three Fa interfaces. One interface will go to ISPA, second will go to ISPB and third will go to LAN.


As per my thought process, use two LANs and direct half the traffic through ISPA and half through ISPB. Do I have to use PBR for doing this. If yes, any suggestion or working configuration.


Thanks

OJ

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Tshi M Wed, 02/25/2009 - 13:09
User Badges:
  • Silver, 250 points or more

I would use route-map for this setup. An ACL will go along with each subnet.


rgds,

bansal.ojasvi Wed, 02/25/2009 - 13:15
User Badges:

Thanks... but I have a confusion.


How could I configure the default route? can I specify this?

ip route 0.0.0.0 0.0.0.0 xx.xx.xx.xxx

ip route 0.0.0.0 0.0.0.0 yy.yy.yy.yyy


OJ

Mohamad Qayoom Wed, 02/25/2009 - 14:57
User Badges:
  • Bronze, 100 points or more

Are your ISPs providing IP space for you? Or are you advertising to them via BGP?

bansal.ojasvi Wed, 02/25/2009 - 14:58
User Badges:

No BGP. just one static IP address per connection from the ISP. My ISP doesn't support for small customers.

Tshi M Wed, 02/25/2009 - 15:20
User Badges:
  • Silver, 250 points or more

I apologized for I misread your posting. But please take a look at this link as I hope it might be able to help or at least give you something to work with.


http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a00808d2b72.shtml


I was also thinking of using two VLANs so that the policy is based on different source addresses. If source is x route to ISPA and if source is y route to ISPB

bansal.ojasvi Thu, 02/26/2009 - 14:48
User Badges:

I did as per the document but have an issue. I don't have a default router pointing to two different IP address.


I have attached the config from my test router.

Sh run

sh ip sla statistics

sh ip nat translation

sh ip route

sh ip int brief

sh flash


Any help on this would be very much appreciated.


Thanks

OJ



Attachment: 
Tshi M Fri, 02/27/2009 - 05:11
User Badges:
  • Silver, 250 points or more

Hi Bansal,


It might not be related but your internal interface is showing up/down.

Pravin Phadte Fri, 02/27/2009 - 05:50
User Badges:
  • Silver, 250 points or more

gentlemans,


I guess we are taking about load balancing and not redudancy.


Which means we need to send traffic on both the inteface connected to ISP. Sharing the load.


Redudant which means if one ISP fails traffic shift to othe one. If this is the case thats the above all comments are right.


This can be done using SLA also


bansal.ojasvi Fri, 02/27/2009 - 07:04
User Badges:

You are absolutely right. The purpose here is load-balancing and not redundancy. As per the document on Cisco, I should have default route pointed towards two next hop IP addresses. In my case this is not happening.


Any ideas?

OJ

bansal.ojasvi Fri, 02/27/2009 - 07:03
User Badges:

that is because I don't have it plugged into anything. This is a test scenario and I am wondering why I don't have two gateways for default router?


Any idea?


OJ

bansal.ojasvi Fri, 02/27/2009 - 12:33
User Badges:

could someone please help me with this issue. does anyone have idea on how to do policy based routing with two Vlans. example:

if request comes from Vlan 1 use this gateway and if request comes from Vlan 2 use the other gateway.


Much appreciated.

OJ

Tshi M Fri, 02/27/2009 - 12:47
User Badges:
  • Silver, 250 points or more

Could you try this:


ip access-list standard vlan1

permit ip 10.1.1.0 0.0.0.255 any

ip access-list standard vlan2

permit ip 10.1.2.0 0.0.0.255 any


route-map vlan1 permit 10

match address vlan1

set ip nexthop ISP1


route-map vlan2 permit 10

match address vlan2

set ip nexthop ISP2


Or you could just use

ip route 0.0.0.0 0.0.0.0 ISP2 for the other traffic

Tshi M Mon, 03/02/2009 - 06:25
User Badges:
  • Silver, 250 points or more

Hi Bansal,


I actually thought that you were using two VLANs from the switch and using a trunk between the router and the switch.


rgds,

bansal.ojasvi Mon, 03/02/2009 - 20:37
User Badges:

No, I didn't use two vlans initially but after your suggestion I used two vlans. I still have issues with it.


Any ideas?

OJ

Marwan ALshawi Tue, 03/03/2009 - 00:36
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

can you post your current config plz

Mohamed Sobair Tue, 03/03/2009 - 02:42
User Badges:
  • Gold, 750 points or more


Hi,


The Only way to do that with your current connectivity is to have (reliable Staic routing backup using object tracking).


PBR always chooses on next hop , so it wouldnt help.


Configure 2 Static routes using Object tracking in order to perform loadsharing as well as redundancy methods.


Pls have alook at this document:


http://www.cisco.com/en/US/docs/ios/12_3/12_3x/12_3xe/feature/guide/dbackupx.html



HTH

Mohamed

bansal.ojasvi Tue, 03/03/2009 - 07:16
User Badges:

Mohamed,


Thanks for you input. I went through the document and it says that it has to be used for failover and not for load sharing. I got failover working using IP sla and route-map. I am not able to get the load sharing working.


My understanding is that a device connnected to the internal network goes through any default gateway but there is no return path to that gateway.


I would appreciate your further input on this.


OJ

Tshi M Tue, 03/03/2009 - 07:24
User Badges:
  • Silver, 250 points or more

Bansal,


my suggestion was to setup two VLANs on a switch and to configure a trunk from your edge router to the switch to allow both vlans. once that is done, you will use route-map to load share the traffic based on the source vlan.



bansal.ojasvi Tue, 03/03/2009 - 07:38
User Badges:

Thanks for you drawing.


Could you please send me little more config about this on NAT and configuring default route.


I would really appreciate that.

Tshi M Tue, 03/03/2009 - 07:55
User Badges:
  • Silver, 250 points or more

are you using any firewalls in your setup? If so, let your firewall do the NAT. Your route to the outside will be based on the PBR you are using. traffic from VLANx will go out to ISP1 and traffic from VLANy will go to ISP2.

bansal.ojasvi Tue, 03/03/2009 - 08:00
User Badges:

No I am not using any firewall. Also, how do I configure the routes?

Mohamed Sobair Tue, 03/03/2009 - 08:53
User Badges:
  • Gold, 750 points or more

oj,


The link i have provided should be useful for loadsharing and redundancy purposes. WHY and HOW?


The object tracking ensures a static route is valid and presesnt ONLY and ONLY if the next-hop is reachable. As you know, If you configure 2 Static default route , traffc will be load shared but will never be failed over incase of a failure cause a static route is never removed from the routing table.

So still traffic will take one of the failed pathes and result in packet being dropeed.


How? The solution of having 2 default route with Object tracking ensures traffic will be load shared ONLY if both next-hops are reachable and would provide redundancy method if one of the static route failed.


Hope it helps,


Mohamed

bansal.ojasvi Tue, 03/03/2009 - 11:53
User Badges:

Hey Mohamed,


I don't need redundancy. I only need load sharing.


I have few confusions.


interface FastEthernet 0/0

description primary-link

ip address 10.1.1.1 255.0.0.0

ip nat outside


interface Dialer 0

description backup-link

ip address 10.2.2.2 255.0.0.0

ip nat outside


Interface ethernet 0/1

description Internal-Lan

ip address 192.168.1.1 255.255.255.0

ip nat inside


<>


ip sla monitor 1

type echo protocol ipIcmpEcho 172.16.23.7

timeout 1000

frequency 3

threshold 2


ip sla monitor schedule 1 life forever start-time now


track 123 rtr 1 reachability


access list 101 permit icmp any host 172.16.23.7 echo


route map MY-LOCAL-POLICY permit 10

match ip address 101

set interface dialer 0 null 0


!


ip local policy route-map MY-LOCAL-POLICY

ip route 0.0.0.0 0.0.0.0 10.1.1.242 track 123

ip route 0.0.0.0 0.0.0.0 10.2.2.125 254


Please help me on this.


OJ

r.zagorodnev Fri, 03/13/2009 - 06:55
User Badges:

ip route 0.0.0.0 0.0.0.0 10.1.1.242 track 123

ip route 0.0.0.0 0.0.0.0 10.2.2.125 254

in this case it is redundancy.

you need two route to 0.0.0.0 with the same distance, two route map and two nat:

ip route 0.0.0.0 0.0.0.0 10.1.1.242

ip route 0.0.0.0 0.0.0.0 10.2.2.125


route map MY-LOCAL-POLICY permit 10

match ip address 10

match interface dialer 0


route map MY-LOCAL-POLICY-2ISP permit 10

match ip address 10

match interface FastEthernet 0/0


access list 10 permit 192.168.1.0 0.0.0.255 - your LAN here


ip nat inside source route-map MY-LOCAL-POLICY interface dialer 0 overload

ip nat inside source route-map MY-LOCAL-POLICY-2ISP interface FastEthernet0/0 overload


ip cef


try this. whit two ethernet and two isp it works on my 1841

Actions

This Discussion