Router advice

Unanswered Question
Oct 3rd, 2009
User Badges:
  • Gold, 750 points or more

Hello,

I need to terminate 8 ADSL (POTS) connections at a cisco router. Currently i am using a Netasq device that "tries" to load-balance 8 speedtouch adsl modems that terminate telephone lines.

Please advice on a cisco router type that i can plug 8x ADSL (POTS) WICs. Having a fiber port (or available slot for fiber interface) is a plus.


Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
paolo bevilacqua Sat, 10/03/2009 - 12:56
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

There is none, you would need 2x 2801 for this.



husycisco Sun, 10/04/2009 - 04:02
User Badges:
  • Gold, 750 points or more

Thank you paolo, 1 more question

If I use 2x2801, I believe i should use glbp right? And within routers, i have to enter static routes with same metric to achieve equal cost load sharing? I remember that that static route becomes inactive when the interface is down, but what happens if interface is up but its gateway is down? Is there somethine like sla service monitor in PIX and ASA?

Btw i checked 2801 specifications and saw the following


(2) HWIC/VWIC/WIC/VIC Slots, (1) VWIC/WIC/VIC Slot, and (1) VWIC/VIC Slot


So one slot is not suitable for ADSL WIC? I can use only 3?

Thanks

paolo bevilacqua Sun, 10/04/2009 - 04:14
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

This is not a nice design that you're going to do.


First of all as you correctly noted, the 2801 only takes 2x hwic, so you have to use 2x 2811.


Second, devices below the two router will have to use two static default routes, in practice you will need a third router unless you don't reuse one of the above said for the purpose.


Then, you have to configure IP SLA to avoid black-holes, and that in conjunction with NAT is know can cause problems.


All this said, the router will just try to balance like the device you're using now, but is a pseudo-balancing only, as the router doesn't even consider the actual traffic to decide on which link to send a new flow.


So I would suggest either convince the customer to lease a true high speed link, or stay with a balancer and the external modems.


husycisco Sun, 10/04/2009 - 04:43
User Badges:
  • Gold, 750 points or more

Paolo,

Thank you for your helpful response. Let me elaborate more.

We are providing metro ethernet connections to campuses. But untill the metro ethernet arrives, we have to provide an internet solution. by purchasing 8x8mbit ADSLs and a NETASQ u120, we provide that service. But here is the deal.

1)Netask is not doing well.

2)Once the metro ethernet arrives, we completely remove netasq since it doesnt have fiber port

Thats why, buying a cisco router makes sense. I can place 2x2811 and plug 8 ADSL WICs and once ME arrives, I remove one router and all ADSL WICs, Plug 1 SFP module and terminate ME. This is a scalable solution.


"Second, devices below the two router will have to use two static default routes" As far as i know, you can use GLBP (Gateway loadbalancing protocol) to create a virtual hop that has an IP address so that device below (a L3 switch) will only have 1 route to 1 Ip address.

Hope that makes sense. Btw can you please elaborate pseudo-balancing?


Thank you

Giuseppe Larosa Sun, 10/04/2009 - 05:44
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Huseyn,


>> As far as i know, you can use GLBP (Gateway loadbalancing protocol) to create a virtual hop that has an IP address so that device below (a L3 switch) will only have 1 route to 1 Ip address


No, GLBP is good for client vlans with multiple clients it provides different MAC addresses in ARP reply for different ARP requests of GLBP VIP.

Having a single device the core switch defeats GLBP.

So you would need two static routes on the core switch with object tracking / IP SLA if possible.


Load balancing would work well if NAT is not in the picture:

CEF load balancing uses an exor of IP SA, IP DA and a seed hash to decide what link to use.

This would allow for decent load balacing outbound.


The problem can be with NAT:

the 2811 has to decide :

how to NAT the packet

this decision involves also the choice of the exit point:

that is out DSL link1 all packets should be sourced with a public ip address = DSL link1 ip address (physical or dialer the question is the same).

So if you haven't a public address block routable on all these links (and this is likely) you can only nat using overload of dialers.

But this then would require you to do tricks like:


divide the private space in 4 parts.

using ACLs and route-maps the border router decides to use link X for a given private ip address.


This is the sense of pseudo load balancing under these conditions.


Also you should take in account how to handle failover: what to do when a DSL link fails.

This would require some links to be left as hot standby the opposite of trying to use all of them.


Hope to help

Giuseppe


husycisco Mon, 10/05/2009 - 03:23
User Badges:
  • Gold, 750 points or more

Giuseppe

Thank you for that awsome response. Couple of questions


"CEF load balancing uses an exor of IP SA, IP DA and a seed hash to decide what link to use"

Can you elaborate this more? What is SA and DA?


"Load balancing would work well if NAT is not in the picture"


Lets say that i configured 2 nat rules, they bot include 0.0.0.0 as source list, one includes dialer0 other includes dialer1 interface. And two default routes, specifying interface, (not next hop) entered with same metric.

So when the packet is routed to d0 interface, the net rule that contains d0 kicks in, when packet is routed to d2, other nat rule kicks in. And router does equal cost load sharing in a round-robin fashion, so packet is routed round robin to interfaces. Once one dsl interface is down, route will switch to floating state and become inactive untill interface status is up. And dialer interfaces will have public IP addresses.Am I correct?

Thanks a bunch

Giuseppe Larosa Mon, 10/05/2009 - 03:37
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Huseyn,


>> Can you elaborate this more? What is SA and DA?

SA= source address

DA= destination address


I mean CEF choices a path making the EXOR of less significant digits of IP source address and ip destination address

and a value called hash.


About NAT:

it is not so easy to do load balancing with NAT.


you can use a route-map but this implies an order in matching that means a hierarchy in usage of DSL links.


to overcome this as I wrote you can divide the address space in subsets to have each served by a different dialer.


It is not really a load balancing.


NAT requires translation of source ip address.

Translation has to be done using dialer public ip address if no public block has been allocated to your company by ISP.


from that comes all the problems described in my previous post


Hope to help

Giuseppe


paolo bevilacqua Mon, 10/05/2009 - 03:49
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

In my experience, NAT load balancing works even without route-map.


The real problem is the translations not being removed when a route is invalidate by a tracking.

husycisco Mon, 10/05/2009 - 12:59
User Badges:
  • Gold, 750 points or more

thank you for your time guys. I will test the behaviour in dynamips lab and see what is going on. Apperantly cisco cant do a simple load-balancing. That arp issue in GLBP is a frustration, somewhat makes it useless.

Actions

This Discussion