dual isp

Answered Question
Mar 30th, 2009

Hi Folks/Giuseppe,

I have 2 isp links at site A terminating on a L3 switch.I wud be running ospf on this end to ideally loadbalance n utilise both links in somewhat equal proportion.

Now this A location has to access services at location B & anything which is outside of these specific service would go to another device C at same location as B, to be moved over to internet.I need to ensure that the ospf on loc A does understand this as well and acts accordingly.Can anyone help me with a sample config?

Also, wud the return data coming from B or C towards A keep back the same path as it went out or would it arrive thru any of the 2 links towards A.Wud the isp be able to control this incoming path towards loc A or can we do it in anyway?

NB: there wont be any bgp on our end...bgp would be probably inside the providers pe-ce cloud.Any suggestions i should give to them?

I had put somewhat similar query sometime back in this forum albeit the B & C location...thats y posting it again.That time Giuseppe had helped me in understanding the original post.Appreciate if anyone or Giuseppe can help on this!!!

Thanks in advance.

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 7 years 9 months ago

Hello Sunny,

>> if i enable ospf on switch at site Y on a vlan with 2 ports having the provider link termination, it would engage in loadsharing the traffic outwards.

only if you make an etherchannel with the provider you can use both links.

My notes have been made under the hyphotesis of two distinct L3 links.

if the two links are l2 links bundled together they are a single L3 link and load balancing is made by etherchannel using exor of IP SA and IP DA

>> how good is running gre tunnel from Site Y to Site X?

I would use it only to carry non ipv4 traffic between the two sites : in an L3 MPLS VPN service you don't need to use GRE tunnels.

Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Giuseppe Larosa Mon, 03/30/2009 - 13:23

Hello Sunny,

I would suggest you to post a jpeg network diagram in order to get better help.

I'm not sure I've understood your post.

I try to write down what I've catched:

Site A is dual homed with two Internet ISPs connections.

However, you would like to send traffic to site B.

Traffic destined to site B stay there but traffic to the internet should go to device C in site B (or to site C ?).

The return traffic is conditioned to how the internal ip addresses are translated: it is likely that if translation is done at device C/ site C traffic will go back there if you are using different public address blocks in different locations.

However, it is not possible to suggest a configuration more details are needed.

Hope to help

Giuseppe

suthomas1 Tue, 03/31/2009 - 08:59

Hi Giuseppe,

Sorry for confusion..to begin with below is the previous post i was referring to.

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=LAN%2C%20Switching%20and%20Routing&topicID=.ee71a04&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40^1%40%40.2cd250a0/0#selected_message.

________

I have attached a small jpeg for the case.Site Y currently has only 1 link which we would be getting 2 link and intend to loadbalance both providers.

Planning to use ospf.

Any traffic from Site Y goes to Site X router A which is the provider entry router in there & then lands to Coreswitch B.From here if the request is for servers, it is passed on via router D & any thing unknow bound to internet is via C. B & D have ospf running between them & rest of them are all on static.If i enable ospf on Site Y switch just for loadbalancing purpose using /30 address on interfaces terminating each of the 2 providers and not for actual transfer between the sites..would it work? or is it necessary that i need to run ospf including the lan segments to advertise out?

How would the return traffic from SiteX travel back to Site Y..would it be able to decide the same link it took to go out from Site Y's switch?

Is it better to jst enable ospf and let the loadsharing happen or is it better to form more complex gre tunnel between these sites n run ospf in there?

Pls suggest , if possible with sample config.

Thanks in advance..

Attachment: 
Giuseppe Larosa Wed, 04/01/2009 - 05:03

Hello Sunny,

the network diagram is useful.

I make the following assumptions:

MPLS service: L3 MPLS VPN

both links at site y are supposed to be provided by the same provider

PE-CE protocol: OSPF

all PE-CE links are in area 0.

Site X:

OSPF is extended and running on all L3 devices on the site.

on internet facing router RC a default route is generated into the OSPF domain:

RC

router ospf 10

default-information originate route-map check_internet

eventully RC can send a default route if some conditions are met.

access-list 11 permit 0.0.0.0

access-list 12 permit host 10.1.2.3

route-map check_internet permit 10

match ip address 11

match ip next-hop 12

set metric 50

set metric-type 1

the default route is received by RA that propagates it to PE node PEx.

The service provider using multi protocol BGP propagates the route to PEy that sends out a regenerated LSA on the two parallel links

>> How would the return traffic from SiteX travel back to Site Y..would it be able to decide the same link it took to go out from Site Y's switch?

No, a flow based load balancing happens but indipendently in each direction, this shouldn't be an issue in your scenario.

It should be enough to use OSPF that provides load balancing by default.

Note: if any of the assumptions is wrong some changes may be needed.

Hope to help

Giuseppe

suthomas1 Wed, 04/01/2009 - 05:27

That was very useful Guiseppe..

Some other queries..so if i enable ospf on switch at site Y on a vlan with 2 ports having the provider link termination, it would engage in loadsharing the traffic outwards.Correct?

Now would the return traffic from Site X coming back take the same path or probably not.Shouldnt the provider be able to use bgp metrics within their PE cloud to have this done?

Another case, apart from the one above..how good is running gre tunnel from Site Y to Site X?any merits or demerits and config snippets to attain same loadsharing.

Just weighing the options!Thanks!

Correct Answer
Giuseppe Larosa Wed, 04/01/2009 - 09:12

Hello Sunny,

>> if i enable ospf on switch at site Y on a vlan with 2 ports having the provider link termination, it would engage in loadsharing the traffic outwards.

only if you make an etherchannel with the provider you can use both links.

My notes have been made under the hyphotesis of two distinct L3 links.

if the two links are l2 links bundled together they are a single L3 link and load balancing is made by etherchannel using exor of IP SA and IP DA

>> how good is running gre tunnel from Site Y to Site X?

I would use it only to carry non ipv4 traffic between the two sites : in an L3 MPLS VPN service you don't need to use GRE tunnels.

Hope to help

Giuseppe

suthomas1 Thu, 04/02/2009 - 07:31

Hi Giuseppe,

Etherchannel wont work out as there are 2 diff links from 2 different routers coming in towards the L3 switch at Site Y.so bundling wont be possible..correct?

Any workaround on this..

Thanks

Giuseppe Larosa Thu, 04/02/2009 - 08:01

Hello Sunny,

I made a wrong guess they will be two distinct L3 links and all I said in first posts apply.

I was confused by the fact you were going to use an SVI so I guessed it was a bundle.

No problems and thanks for your kind remarks

Hope to help

Giuseppe

suthomas1 Fri, 04/03/2009 - 05:27

Hi Giuseppe,

I was looking for inbound loadsharing on return path to avoid out of order packets as well...which my provider cant give assurance for within the PE cloud.

Anyways to work around.

Thanks!

Giuseppe Larosa Fri, 04/03/2009 - 06:19

Hello Sunny,

if your provider uses normal flow based load balancing chances of out of order packets are ver low:

each packet belonging to a flow defined with source IP and destination IP will follow the same path.

I don't see whay the provider should use per-packet load balancing, of course the path is not chosen before but once is chosen is used for all packets of the flow

Hope to help

Giuseppe

suthomas1 Fri, 04/03/2009 - 07:36

As per them, when flow returns back from the other end it would take best path, as per their PE clouds bgp criteria.So they dont have any means to force the flow to use the same path.If this is the case, the out of order packs will increase as also one of the links would be less used.

Thanks.

Actions

This Discussion