Load Balancing Eigrp

Unanswered Question
Nov 2nd, 2009
User Badges:

Hello, Got Stuck in getting load-Balancing working with Two GRE tunnels from Hub pointing two GRE Tunnels on Spoke using EIGRP.


show interface summary indicates traffic on one tunnel only, unless manually shutdown traffic not seen on other tunnel.


Any suggestion

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Tue, 11/03/2009 - 00:29
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Nasr,

the two tunnels have different parameters:

tunnel2 has BW 5000 kbps, tunnel1 has BW 2000 kbps.


EIGRP metric uses cumulative delay and inversely proportional to lowest delay on path.


EIGRP can perform un-equal cost load balancing but you need to add


router eigrp 7

variance 3


(under the hyphothesis that delays are equal on the two tunnels you can check with sh int tunnel 1 and sh int tunnel 2).


To perform equal cost load balancing you need to put the same bandwidth command


Hope to help

Giuseppe


nasr.khan Tue, 11/03/2009 - 01:00
User Badges:

Thank you.

Can you explain variance 3


Tunnel2 has higher bandwidth. Can hosts on spoke use Tunnel2 to pass critical application(HR application running on oracle) and other traffic on Tunnel1.


HR application is running on Server 192.168.205.10 at HUB Site

Spoke with IP 172.17.17.0/24




Giuseppe Larosa Tue, 11/03/2009 - 01:18
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Nasr,

the variance 3 allows EIGRP for unequal paths lod balancing with the two metric that can be in a ratio up to 3.


in your case 5/7 of traffic would go on faster link tunnel2 and 2/7 on tunnel1.


but this is flow based not application based.


>> Can hosts on spoke use Tunnel2 to pass critical application(HR application running on oracle) and other traffic on Tunnel1.


you need policy based routing to make this kind of traffic engineering based on application types.


Or more simply an host static route like

ip route 192.168.205.10 255.255.255.255 tunnel2


this can work on the spoke to hub direction


PBR is needed on hub site


access-list 11 permit host 192.168.205.10



route-map pbr_oracle permit 10

match ip address 11

set interface tunnel 2


on lan interface(s) on hub router


int fas0/0

ip policy route-map pbr_oracle




Hope to help

Giuseppe


nasr.khan Tue, 11/03/2009 - 01:31
User Badges:

This is the complete picture, sorry I should have put the complete diagram.


Host 192.168.205.10 is on Backbone Switch, behind the VPN router.


Other Spokes(spoke2/spoke3/spoke4) also access this server from different location via different Tunnels.


HUBBackBone----HubVPNRTR----Internet---spoke1VPNRTR-----LAN


HUB-Backbone

interface vlan66

description servers

ip address 192.168.205.1 255.255.255.0


I think PBR needs to be applied on BackBone VLAN, but will this impact other Spokes.


Giuseppe Larosa Tue, 11/03/2009 - 01:46
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Nasr,

yes if multiple point-to-point tunnels exist PBR cannot be used.


the only possible way is to have specific static routes but this can only work if only some clients access the server.

Otherwise you cannot do this on the routing level.


QoS can help in providing a better treatment to oracle application


Hope to help

Giuseppe


nasr.khan Tue, 11/03/2009 - 03:17
User Badges:

If I have a dedicated Router with tunnels pointing to this specific spoke then PBR would work. Is this correct.


But do I need to apply any additional commands on the vlan which has Oracle Server.




Giuseppe Larosa Wed, 11/04/2009 - 00:35
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Nasr,

you should terminate all tunnels "2" for each remote site in another router at central site.


the current node would then need a PBR to the second device configured in the vlan where the Oracle server is connected.


It is becoming a complex solution, but you can achieve redundancy at central site in this way.


Edit:

an alternative way could that of changing the point-to-point GRE tunnels into two multipoint GRE so that you could use a single interface on hub site to address the tunnel 2 DMVPN cloud.


Hope to help

Giuseppe


Actions

This Discussion