BGP load sharing - two router & two ISP

bsn1980in · ‎04-20-2009

I have two routers connected to two different ISPs. On LAN side both the routers are connected to two L3 switches. On L3 switches users/web servers are connected. I have APNIC IP addresses and AS number with me.

Both ISPs will provide me default a route instead of full routing table.

Now I want to load share incoming as well outgoing traffic among both ISPs.

I have a doubt; if somehow I achieve load sharing for out/in traffic, is it mandatory for a user request go out of one ISP and the acknowledgement coming back via same ISP? Or it can go through one ISP and come back through other ISP?

rgds/bsn

Please suggest.

Joseph W. Doherty · ‎04-20-2009

"I have a doubt; if somehow I achieve load sharing for out/in traffic, is it mandatory for a user request go out of one ISP and the acknowledgement coming back via same ISP? Or it can go through one ISP and come back through other ISP? "

No and yes.

Pavel Bykov · ‎04-20-2009

Whenever load sharing, you will always have a possibility of asymmetric routing, meaning reply coming back on a different link from where request was sent.

But it depends a lot on how you do your load balancing. If you are balancing based on subneting (e.g. you have /22 from APNIC, you can send /23 to one ISP and another /23 to another ISP) then the probability of asymetric routing can be manually lowered, or banned altogether based on unicast RPF checks (ip verify source).

bsn1980in · ‎04-21-2009

As per your suggestions, I have made below arrangements:

R1 to ISP1 over EBGP

R2 to ISP2 over EBGP

R1 to SWH1 over OSPF

R1 to SWH2 over OSPF

R2 to SWH1 over OSPF

R2 to SWH2 over OSPF

For outgoing traffic:

On Routers, I will have default route from each ISP and will redistribute the same in OSPF. SWH1 will have two default routes from both ISPs redistributed via OSPF. Any traffic comming to SWH1 will load balance (per packet) between both ISPs. The same hold true for SWH 2 as well.

For incomming traffic:

I have devided /23 pool into two /24 pools and influnced the BGP decesion using as-path prepend and I don't find any problem in this.

Please correct me if I am wrong.

Again a doubt: My traffic for abc.com is loadbalanced (per packet) between both ISPs using two default routes. But the return path will be from either of ISPs. Will I be able to open webpage?

rgds/bsn

Joseph W. Doherty · ‎04-21-2009

Suggest you avoid per packet load balancing. Just use CEF's per flow load balancing.

bsn1980in · ‎04-21-2009

How to acheive this and is it scalable for 1000 users accessing internet?

rgds/bsn

Joseph W. Doherty · ‎04-22-2009

On Cisco platforms that support CEF, all you need to do is insure CEF is active and not configured for per-packet load balancing. (This would be done on the OSPF L3 switches that connect to the WAN routes.)

As to scalable for 1,000, that depends on the equipment and the actual traffic load they are making.

PS:

BTW, an issue with spliting your /22, it alone doesn't guarantee equal load balancing unless traffic to/from each /23 is equal.

Other comments:

For outbound, OER/PfR can dynamically load balance. PfR can also dynamically load balance inbound, but that's complex.

Also, other than trying to achieve better load balancing, asymetrically routing shouldn't be a problem (unless it leads to unicast flooding).

bsn1980in · ‎04-23-2009

Is there any other option OR setup which can be used for load sharing with default routes.

rgds/bsn

Joseph W. Doherty · ‎04-23-2009

OER/PfR will work with a default route.