Connectivity Options

Unanswered Question
Oct 26th, 2009
User Badges:

Hi All,

I have cisco 2821 Router with 2 fastEthernet module. One port connected to my LAN and other port to ISP-Modem


We got another Internet link over Ethernet. Apart from purchasing Ethernet module do I have any other Options.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Amit Singh Mon, 10/26/2009 - 23:37
User Badges:
  • Cisco Employee,

Another option is to configure the LAN connecting port on 2821 as trunk port and connect the new internet link to the switch connected to the port. Create another Vlan for internet link and enable the inter-vlan routing for routing traffic to that internet.


http://www.cisco.com/en/US/docs/switches/lan/catalyst5000/hybrid/routing.html#wp43662


HTH,

-amit singh

joe.marcelo9 Tue, 10/27/2009 - 00:30
User Badges:

Great Help, Do I need a static route to second Internet-link.


switch

=======

vlan 10

name NET1


vlan 11

name NET2


interface FastEthernet0/24

switchport trunk native vlan 100

switchport trunk allowed vlan 10-11

switchport mode trunk


interface FastEthernet0/1

switchport access vlan 10

switchport mode access


interface FastEthernet0/2

switchport access vlan 11

switchport mode access


interface Vlan1

ip address 192.166.255.1 255.255.255.248

ip default-gateway 192.166.255.2


---------------------------------------------


Router

======


interface FastEthernet0/0

ip address 10.0.0.1 255.255.255.0

duplex auto

speed auto


interface FastEthernet0/1

no ip address

duplex auto

speed auto

!


interface FastEthernet0/1.1

encapsulation dot1Q 1

ip address 192.166.255.2


interface FastEthernet0/1.10

encapsulation dot1Q 10

ip address 80.98.15.3 255.255.255.240


interface FastEthernet0/1.11

encapsulation dot1Q 11

ip address 79.65.3.8 255.255.255.248


router eigrp 2

network 10.0.0.1 0.0.0.255


ip route 0.0.0.0 0.0.0.0 80.98.15.1


Our Final Goal : Establish VPN Tunnel redundancy over Two Internet link to parent-company

Amit Singh Tue, 10/27/2009 - 01:41
User Badges:
  • Cisco Employee,

Yes, create another static route with higher AD to use it as floating static route. somthing like


ip route 0.0.0.0 0.0.0.0 x.x.x.1 200


This would make sure that one your primary link/route goes down the secondary route/link will be used for routing the traffic and have the VPN tunnel kicked in using the standby link.

joe.marcelo9 Tue, 10/27/2009 - 02:13
User Badges:

Eigrp do support load balancing on unequal bandwidth. Does it works similar for Gre Tunnels with IPSEC.


Amit Singh Tue, 10/27/2009 - 02:22
User Badges:
  • Cisco Employee,

Joe,


It should would the same way. I have used EIGRP with DMVPN and works well for load-balancing.


Make sure that in your crypto map you have the peer destination as a loopback IP for VPN tunnel redundancy.


http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a008009438e.shtml


Also, let us know if you have the redundant link terminating at central site on a single router or on a secondary/redundant router.


HTH,

-amit singh

joe.marcelo9 Tue, 10/27/2009 - 03:00
User Badges:

Amit,

I am following the same example you send me but it has twist.


Hub for now will be Single head with one Service provider. Next week will get another Internet Link from different service provider terminating on Different router.


Spokes already have two Service provider.

Load Balancing from Spoke end should work with Two Tunnels terminating the Hub from different service provider.


For Spoke with Two Service Provider do I still need to add floating routes ip route 0.0.0.0 0.0.0.0 SP2





Amit Singh Tue, 10/27/2009 - 04:01
User Badges:
  • Cisco Employee,

you need it in order to reach or forward the traffic to ISP. You dont need the route if you are running a routing protocol with ISP. You have to configure the second default route without any higher AD i.e not making it floating route in order to have traffic forwarded to both the ISP's simultaneously.


Once you have both the GRE tunnels up and the destinations are listed in the routing table the load-balancing should work. Make sure that you advertise the routes in EIGRP process on both the routers.




Actions

This Discussion