Internet Redundant & Load Balancing

Answered Question
May 12th, 2010

Friends,

Please find the attached,

I want redundancy for internet connection , corporate bought new internet router 2800  series of  2 fastethernet interfaces  & 1 No's Layer 3 switch, My existing setup was with cisco 1841 old Internet router having a lease line pointing to ISP router and a ISA with 2 NIC cards,1 for the outside pointing to OLD internet router and 1 NIC internal to core.

How i can achieve redundancy & if possible loadsharing between the 2 ISP links, The 2 links are from 1 ISP.

Thanks

I have this problem too.
0 votes
Correct Answer by Latchum Naidu about 6 years 8 months ago

Hi All,

Please see the below actions points can help...

1. Connect your routers to Core-switch.

2. Configure HSRP on routers.

3. Configure deafult route to virtual IP in core switch.

In this case, say if active router (1 ISP) fails still you can reach to internet on standby router (2 ISP) as you have a default route to VIP in core switch.

Giuseppe, please correct me if i am wrong.

Regards,

Naidu.

Correct Answer by rajatsetia about 6 years 8 months ago

Hi Estela,

You got the one of the best guy answering your post i.e.Giuseppe and I donnt know him in person or worked with him but the respect he has gained as Netpro Champ with his knowledgeable posts.

I am just want to add my two cents and request Giuseppe to correct me if I am wrong.

As you have ISA server's outside NIC which is getting connected to Old router should be moved to Core switch to achieve Internet router level redundancy.

Option 1

Core switch will have a default route to both the Internet routers and default cef based load balancing will be achieved. In case of any failure at WAN interface of router , you will face packet drop until unless you configure some tracking method.

or if you are ok with routing protocol, run a routing protocol between Internet routers (only on LAN interfaces) & core switch, distribute static route on Internet routers, so your core switch will see two static route, one from each router. if any of Internet router WAN interface is down or next hop is not reachable, router will withdraw the static route and core switch will not see the static route from the affected router.

Option 2

On your core switch, you will have two VLANs e.g. vlan A for ISA & vlan B will have both the Internet routers. Run HSRP between both the routers LAN interface (with tracking of WAN ).

core switch will point towards virtual IP address of LAN and redundancy will achieve but with this you will not be able to achieve load balancing, not sure if GLBP (donnt have much knowledge on this) will help you here.

* Also you connect branch router to core switch rather than on old internet router

Hope to help.

** Its better to have two core switch for redundancy.

Kind regards,

Correct Answer by Giuseppe Larosa about 6 years 8 months ago

Hello Estela,

as a minimum you need to connect new internet router to the core switch in order to take advantage of it.

the core switch needs to see two exit point to the internet and this can be achieved by two default static routes one pointing to old internet router and one pointing to new internet router.

Other designs are possible if core switch acts only at OSI layer2 putting the new link in the same vlan as old internet router you could implement GLBP to provide load balancing.

if end users have the core switch or other internal device as their default gateway GLBP will not be effective and the internal device(s) should point to both internet routers

for example:

ip route 0.0.0.0 0.0.0.0 internet_router_1

ip route 0.0.0.0 0.0.0.0 internet_router_2

both internet routers need to perform NAT of private addresses

see

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a0080091c8a.shtml

note:

to achieve a true fault tolerant design you would need a second core switch

Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Correct Answer
Giuseppe Larosa Thu, 05/13/2010 - 00:00

Hello Estela,

as a minimum you need to connect new internet router to the core switch in order to take advantage of it.

the core switch needs to see two exit point to the internet and this can be achieved by two default static routes one pointing to old internet router and one pointing to new internet router.

Other designs are possible if core switch acts only at OSI layer2 putting the new link in the same vlan as old internet router you could implement GLBP to provide load balancing.

if end users have the core switch or other internal device as their default gateway GLBP will not be effective and the internal device(s) should point to both internet routers

for example:

ip route 0.0.0.0 0.0.0.0 internet_router_1

ip route 0.0.0.0 0.0.0.0 internet_router_2

both internet routers need to perform NAT of private addresses

see

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a0080091c8a.shtml

note:

to achieve a true fault tolerant design you would need a second core switch

Hope to help

Giuseppe

Correct Answer
rajatsetia Thu, 05/13/2010 - 03:52

Hi Estela,

You got the one of the best guy answering your post i.e.Giuseppe and I donnt know him in person or worked with him but the respect he has gained as Netpro Champ with his knowledgeable posts.

I am just want to add my two cents and request Giuseppe to correct me if I am wrong.

As you have ISA server's outside NIC which is getting connected to Old router should be moved to Core switch to achieve Internet router level redundancy.

Option 1

Core switch will have a default route to both the Internet routers and default cef based load balancing will be achieved. In case of any failure at WAN interface of router , you will face packet drop until unless you configure some tracking method.

or if you are ok with routing protocol, run a routing protocol between Internet routers (only on LAN interfaces) & core switch, distribute static route on Internet routers, so your core switch will see two static route, one from each router. if any of Internet router WAN interface is down or next hop is not reachable, router will withdraw the static route and core switch will not see the static route from the affected router.

Option 2

On your core switch, you will have two VLANs e.g. vlan A for ISA & vlan B will have both the Internet routers. Run HSRP between both the routers LAN interface (with tracking of WAN ).

core switch will point towards virtual IP address of LAN and redundancy will achieve but with this you will not be able to achieve load balancing, not sure if GLBP (donnt have much knowledge on this) will help you here.

* Also you connect branch router to core switch rather than on old internet router

Hope to help.

** Its better to have two core switch for redundancy.

Kind regards,

Correct Answer
Latchum Naidu Thu, 05/13/2010 - 06:46

Hi All,

Please see the below actions points can help...

1. Connect your routers to Core-switch.

2. Configure HSRP on routers.

3. Configure deafult route to virtual IP in core switch.

In this case, say if active router (1 ISP) fails still you can reach to internet on standby router (2 ISP) as you have a default route to VIP in core switch.

Giuseppe, please correct me if i am wrong.

Regards,

Naidu.

Actions

This Discussion