Two ISPs load sharing

Unanswered Question
Feb 25th, 2009

Hello Experts,

I am trying to use two DSL ISPs to share my VOIP traffic of about 19 SIP phones using G711. I am thinking about using one 2811 router with three Fa interfaces. One interface will go to ISPA, second will go to ISPB and third will go to LAN.

As per my thought process, use two LANs and direct half the traffic through ISPA and half through ISPB. Do I have to use PBR for doing this. If yes, any suggestion or working configuration.

Thanks

OJ

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Tshi M Wed, 02/25/2009 - 13:09

I would use route-map for this setup. An ACL will go along with each subnet.

rgds,

bansal.ojasvi Wed, 02/25/2009 - 13:15

Thanks... but I have a confusion.

How could I configure the default route? can I specify this?

ip route 0.0.0.0 0.0.0.0 xx.xx.xx.xxx

ip route 0.0.0.0 0.0.0.0 yy.yy.yy.yyy

OJ

Mohamad Qayoom Wed, 02/25/2009 - 14:57

Are your ISPs providing IP space for you? Or are you advertising to them via BGP?

bansal.ojasvi Wed, 02/25/2009 - 14:58

No BGP. just one static IP address per connection from the ISP. My ISP doesn't support for small customers.

Tshi M Wed, 02/25/2009 - 15:20

I apologized for I misread your posting. But please take a look at this link as I hope it might be able to help or at least give you something to work with.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a00808d2b72.shtml

I was also thinking of using two VLANs so that the policy is based on different source addresses. If source is x route to ISPA and if source is y route to ISPB

bansal.ojasvi Thu, 02/26/2009 - 14:48

I did as per the document but have an issue. I don't have a default router pointing to two different IP address.

I have attached the config from my test router.

Sh run

sh ip sla statistics

sh ip nat translation

sh ip route

sh ip int brief

sh flash

Any help on this would be very much appreciated.

Thanks

OJ

Attachment: 
Tshi M Fri, 02/27/2009 - 05:11

Hi Bansal,

It might not be related but your internal interface is showing up/down.

Pravin Phadte Fri, 02/27/2009 - 05:50

gentlemans,

I guess we are taking about load balancing and not redudancy.

Which means we need to send traffic on both the inteface connected to ISP. Sharing the load.

Redudant which means if one ISP fails traffic shift to othe one. If this is the case thats the above all comments are right.

This can be done using SLA also

bansal.ojasvi Fri, 02/27/2009 - 07:04

You are absolutely right. The purpose here is load-balancing and not redundancy. As per the document on Cisco, I should have default route pointed towards two next hop IP addresses. In my case this is not happening.

Any ideas?

OJ

bansal.ojasvi Fri, 02/27/2009 - 07:03

that is because I don't have it plugged into anything. This is a test scenario and I am wondering why I don't have two gateways for default router?

Any idea?

OJ

bansal.ojasvi Fri, 02/27/2009 - 12:33

could someone please help me with this issue. does anyone have idea on how to do policy based routing with two Vlans. example:

if request comes from Vlan 1 use this gateway and if request comes from Vlan 2 use the other gateway.

Much appreciated.

OJ

Tshi M Fri, 02/27/2009 - 12:47

Could you try this:

ip access-list standard vlan1

permit ip 10.1.1.0 0.0.0.255 any

ip access-list standard vlan2

permit ip 10.1.2.0 0.0.0.255 any

route-map vlan1 permit 10

match address vlan1

set ip nexthop ISP1

route-map vlan2 permit 10

match address vlan2

set ip nexthop ISP2

Or you could just use

ip route 0.0.0.0 0.0.0.0 ISP2 for the other traffic

Tshi M Mon, 03/02/2009 - 06:25

Hi Bansal,

I actually thought that you were using two VLANs from the switch and using a trunk between the router and the switch.

rgds,

bansal.ojasvi Mon, 03/02/2009 - 20:37

No, I didn't use two vlans initially but after your suggestion I used two vlans. I still have issues with it.

Any ideas?

OJ

Mohamed Sobair Tue, 03/03/2009 - 02:42

Hi,

The Only way to do that with your current connectivity is to have (reliable Staic routing backup using object tracking).

PBR always chooses on next hop , so it wouldnt help.

Configure 2 Static routes using Object tracking in order to perform loadsharing as well as redundancy methods.

Pls have alook at this document:

http://www.cisco.com/en/US/docs/ios/12_3/12_3x/12_3xe/feature/guide/dbackupx.html

HTH

Mohamed

bansal.ojasvi Tue, 03/03/2009 - 07:16

Mohamed,

Thanks for you input. I went through the document and it says that it has to be used for failover and not for load sharing. I got failover working using IP sla and route-map. I am not able to get the load sharing working.

My understanding is that a device connnected to the internal network goes through any default gateway but there is no return path to that gateway.

I would appreciate your further input on this.

OJ

bansal.ojasvi Tue, 03/03/2009 - 07:38

Thanks for you drawing.

Could you please send me little more config about this on NAT and configuring default route.

I would really appreciate that.

Tshi M Tue, 03/03/2009 - 07:55

are you using any firewalls in your setup? If so, let your firewall do the NAT. Your route to the outside will be based on the PBR you are using. traffic from VLANx will go out to ISP1 and traffic from VLANy will go to ISP2.

Mohamed Sobair Tue, 03/03/2009 - 08:53

oj,

The link i have provided should be useful for loadsharing and redundancy purposes. WHY and HOW?

The object tracking ensures a static route is valid and presesnt ONLY and ONLY if the next-hop is reachable. As you know, If you configure 2 Static default route , traffc will be load shared but will never be failed over incase of a failure cause a static route is never removed from the routing table.

So still traffic will take one of the failed pathes and result in packet being dropeed.

How? The solution of having 2 default route with Object tracking ensures traffic will be load shared ONLY if both next-hops are reachable and would provide redundancy method if one of the static route failed.

Hope it helps,

Mohamed

bansal.ojasvi Tue, 03/03/2009 - 11:53

Hey Mohamed,

I don't need redundancy. I only need load sharing.

I have few confusions.

interface FastEthernet 0/0

description primary-link

ip address 10.1.1.1 255.0.0.0

ip nat outside

interface Dialer 0

description backup-link

ip address 10.2.2.2 255.0.0.0

ip nat outside

Interface ethernet 0/1

description Internal-Lan

ip address 192.168.1.1 255.255.255.0

ip nat inside

<>

ip sla monitor 1

type echo protocol ipIcmpEcho 172.16.23.7

timeout 1000

frequency 3

threshold 2

ip sla monitor schedule 1 life forever start-time now

track 123 rtr 1 reachability

access list 101 permit icmp any host 172.16.23.7 echo

route map MY-LOCAL-POLICY permit 10

match ip address 101

set interface dialer 0 null 0

!

ip local policy route-map MY-LOCAL-POLICY

ip route 0.0.0.0 0.0.0.0 10.1.1.242 track 123

ip route 0.0.0.0 0.0.0.0 10.2.2.125 254

Please help me on this.

OJ

r.zagorodnev Fri, 03/13/2009 - 06:55

ip route 0.0.0.0 0.0.0.0 10.1.1.242 track 123

ip route 0.0.0.0 0.0.0.0 10.2.2.125 254

in this case it is redundancy.

you need two route to 0.0.0.0 with the same distance, two route map and two nat:

ip route 0.0.0.0 0.0.0.0 10.1.1.242

ip route 0.0.0.0 0.0.0.0 10.2.2.125

route map MY-LOCAL-POLICY permit 10

match ip address 10

match interface dialer 0

route map MY-LOCAL-POLICY-2ISP permit 10

match ip address 10

match interface FastEthernet 0/0

access list 10 permit 192.168.1.0 0.0.0.255 - your LAN here

ip nat inside source route-map MY-LOCAL-POLICY interface dialer 0 overload

ip nat inside source route-map MY-LOCAL-POLICY-2ISP interface FastEthernet0/0 overload

ip cef

try this. whit two ethernet and two isp it works on my 1841

Actions

This Discussion