×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ISP & MPLS - how to load balance/prioritze traffic between them

Unanswered Question
Nov 1st, 2011
User Badges:

Current:
We have 2mb mpls network between three sites. Each site also  has its own internet connection for hosting webserver and internal users to access internet. Each site has a few internal subnets. Each site currently has a  2800 series ISR.

Goal / Proposed:


1) Increase Internet connection to 10mbps  and configure site-to-site VPNS in a mesh

configuration so that each site has a vpn to each other site. This would create six vpn tunnels.


2) Configure so that only Exchange and VoiP traffic use the MPLS network under normal conditions.

All other traffic (backup/misc apps) should be routed to use the Internet VPNs. If the MPLS fails

of course we would like the Exchange and VoiP traffic to fail over to the VPN connections as well

until the MPLS comes back up. This is where I need help with what features to configure.


Questions:
In regards to Question 1: Does this seem fairly common? Any gotchas/feedback?

In regards to Question 2: How would I configure this? What features/configurations, etc.?

As much detail as possible would be appreciated and I can research from there.


Thank you,

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Joseph W. Doherty Tue, 11/01/2011 - 09:44
User Badges:
  • Super Bronze, 10000 points or more

Disclaimer


The      Author of this posting offers the information contained within this      posting without consideration and with the reader's understanding   that    there's no implied or expressed suitability or fitness for any    purpose.   Information provided is for informational purposes only  and   should not   be construed as rendering professional advice of any  kind.   Usage of  this  posting's information is solely at reader's own  risk.


Liability Disclaimer


In      no event shall Author be liable for any damages whatsoever    (including,   without limitation, damages for loss of use, data or    profit) arising  out  of the use or inability to use the posting's    information even if  Author  has been advised of the possibility of   such  damage.


Posting


#1 you could do it with a full mesh of p2p tunnel or you might also use DMVPN.  Full meshes are not that common since they don't scale well.  More common is have hub-and-spoke.  However, for only 3 sites shouldn't be an issue.


One gotcha is if you intend to have VoIP fail-over to VPN, you cannot really easily manage bandwidth nor effectively manage it at all if you're going to share the Internet connection with "raw" Internet traffic.


#2 likely could be done with PBR.  Might also be done with PfR.


PS:

I've found you can often have VPN across the Internet rival dedicated cloud circuit performance if you use the Internet circuit only for VPN.  If you want general Internet, get a second Internet circuit.

Marwan ALshawi Tue, 11/01/2011 - 23:31
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Best Publication, December 2015

the simplest and more scalable way to go with DMVPN as mentioned above by Joseph


where you can have dynamic routing to be run over the DMVPN tunnels which gives you the ability to control routing preference by using routing metrics rather than PBR which is less CPU intensive


see the below link for better understanding, but in your case you need to make the DMVPN tunnel path as a preferred path for certain subnets


https://supportforums.cisco.com/docs/DOC-8356


Hope this help

if helpful Rate

Actions

This Discussion