load balance between two different Internet links, two different locations, two different Public IP Addresses

Unanswered Question
Jan 4th, 2010

We have two different Internet links from the same provider. One link is in our main site and the other is in our DR location.

Each site has different hardware, edge routers and ASA5510 firewalls. Each site is in a different public IP Address range.

So, depending on which link is used, the traffic is sourced from a different address range.

We have a connection from the main site to the DR site with 100Mbps MetroE connection.

We also have an MPLS cloud that links the Main site, DR site to all of our branches.

Main site and DR site each has a link to the MPLS cloud, each branch has a link to MPLS all are via BGP.

Currently, everyone uses the main site for Internet access, a default route is being distributed from the main site Internet router to everyone.

There is a higher AD default route in the DR site internet connection.

If the main site goes down, a higher AD default route from the DR side is distributed to everyone and they go out that way.

Is it possible to do some load sharing from any one of our sites, so that the traffic is shared equally across the two Internet links.

I have been told by my manager that this is an easy thing to do (they do not know if it is or not).

For example, we have Webex, could I make an outbound connection using both internet links to the Webex destination IP Address by per packet or per destination load sharing?

The default route being distributed to everyone will have to be across the two internet links.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Jerry Ye Mon, 01/04/2010 - 18:32

Per packet load balancing will not work correctly with some service such as FTP in your situation.

And it is impossible to achieve 50/50 load balancing. If you want to some type of load sharing, you can do it by announcing /4 from your DR like

Main Site's static

DR's static - - -

... (higher AD)



wilson_1234_2 Mon, 01/04/2010 - 19:21

Thanks for the reply.

I am not clear on the statics for DR with the different ip address block, can you explain?

Also, if I put a higher AD on the DR, then that path will not be in the route table unless the main site goes down, correct?

Why won't the 50$ load sharing work?

What about for something like Webex, which I am thinking is symetrical (to and from end to end), would the per packet load sharing work in that case?

Jerry Ye Mon, 01/04/2010 - 19:46

In my previous post, I said

Main Site's static

DR's static - - -

... (higher AD)

routing always take the longest match (more specific), if you put /4 block into your routing table, any routes to those network will prefer DR, correct? As a result, your are routing 50% of the IPv4 block to DR while the other 50% (without the longest match) will take the default at the Main site. The higher AD at DR is the back up if the Main site is down (for the 50% without the longest match).

I am saying per packet in your situation will not work (NAT'ed with 2 different sets of public IP). Per flow should work, but you will not able to achieve 50/50.



Marwan ALshawi Tue, 01/05/2010 - 01:27


I would love to hear your manager easy way to do the loadbalncing 50/50 !!

you can do loadbalcing using routing as you know it

or specialized loadbalncer

or by useing cisco performance routing feature

the bellow documents will give you some backgrounds and also config examples, then you may be able to search and configure the suitable solution



good luck

if helpful Rate

Jerry Ye Tue, 01/05/2010 - 10:28

Hi marwanshawi,

I would love to know what type/brand of load balancer you are referring? And where will you position the load balancer when the different ISP's WAN links are located at two different facilities?



Marwan ALshawi Wed, 01/06/2010 - 21:50

i think in this case won't work

i was only listing ways of loadbalncing in general

you may use ACE or CSM model to loadbalnce traffic to differnt links in differnt routers using VIP but i do not think its a common deployment but possible

thank you


This Discussion