Internet Traffic Load Balancing/Fail-over

Answered Question

Building A

ASA Outside interface 207.158.106.2 à ISP router Ethernet0

Inside interface 10.20.30.1 à 6509

Building B,

ASA Outside interface 63.48.50.2 à to ISP router Ethernet0

Inside interface 10.20.40.1 à 6509

Building A & B, Ethernet connection from 6509 -àASA à ISP router has no 

Dynamic routing.

From 6509 in Bldg A & B.  I added statement below to direct Internet traffic to both ASA

(load balancing)

ip route 0.0.0.0 0.0.0.0 10.20.30.1

ip route 0.0.0.0 0.0.0.0 10.20.40.1

In theory, this should work.

The goal is to have a design that does load-balancing and fail-over for the Internet traffic.

The question I have is, how I make this set up for fail over without spending lots of  $$$.

Thanks,

Correct Answer by Rick Arps about 6 years 9 months ago

If you want to have more control over it, you can use the static route tied to an sla tracker.  Here's a quick example:



ip sla 1
icmp-echo x.x.x.x
timeout 1000
frequency 2
ip sla schedule 1 life forever start-time now


track 1 rtr 1
delay down 10 up 20


ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/2.210 track 1


This will insert the route only when the ip address is reachable with a ping, and you can adjust the delay down and up timers.


Hope this helps

Rick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.

Hi Rick,


Thanks for the answer. If one of the static route gets removed from the 6509's routing table once the next hop is not reachable then that would be my prefered design. I have been wondering about it, I didn't think the static route will get removed when the next hop is unreacheable because it's static, I guess the 6509 is smart enough to do it even the static was hard coded.


Vinnie,

Ganesh Hariharan Wed, 05/26/2010 - 22:50

Hi Rick,


Thanks for the answer. If one of the static route gets removed from the 6509's routing table once the next hop is not reachable then that would be my prefered design. I have been wondering about it, I didn't think the static route will get removed when the next hop is unreacheable because it's static, I guess the 6509 is smart enough to do it even the static was hard coded.


Vinnie,


Hi Vinnie,


Check out the below link for active/passive configuration related to your secnarios in ASA


http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00807dac5f.shtml


Hope to help !!


Ganesh.H


Remember to rate the helpful post

Correct Answer
Rick Arps Thu, 05/27/2010 - 09:32

If you want to have more control over it, you can use the static route tied to an sla tracker.  Here's a quick example:



ip sla 1
icmp-echo x.x.x.x
timeout 1000
frequency 2
ip sla schedule 1 life forever start-time now


track 1 rtr 1
delay down 10 up 20


ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/2.210 track 1


This will insert the route only when the ip address is reachable with a ping, and you can adjust the delay down and up timers.


Hope this helps

Rick

Actions

This Discussion