Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Outgoing load balancing with dual ISP

Hi,

I have a few questions on load balancing OUTGOING internet traffic through the ASA5540 firewall running code version 7.2. My company has 2 internet links going to the same ISP and the firewalls are running in active/standby mode. I would like to load balance OUTGOING internet traffic through 2 different edge routers. The outside interface of the firewall and the internal interface of both edge routers are on the same subnet. Here's a quick diagram of

my setup:

---------------->Router A -->internet connection A, same ISP as B

asa5540

---------------->Router B -->internet connection B, same ISP as A

Questions:

1. Can I use 2 static routes on the ASA5540 to do outgoing load balancing? If so, is there a way to configure the firewall to track internet link failure.

2. Code 7.x supports OSPF and RIP. If I use OSPF, is it recommended to inject a default route through both edge routers into my internal network to do load balancing?

3. What is the recommended way to configure outgoing load balancing with dual internet links going to the same ISP.

7 REPLIES
Cisco Employee

Re: Outgoing load balancing with dual ISP

--you cannot configure load balancing on ASA

It cannot have two default gateway to route/load balance/traffic-shape at the same time

Though ISP fall back is supported :-

http://cisco.com/en/US/docs/security/asa/asa72/configuration/guide/examples.html#wp1038632

--Place a small scale 1841 upstream to your ASA, to load balance your traffic point the entire traffic from ASA to the router and on 1841 you may do a policy based routing or load balancing

Cisco Employee

Re: Outgoing load balancing with dual ISP

thanks for da HIGH 5 !!!;-)

New Member

Re: Outgoing load balancing with dual ISP

My 5 cents for this.

Why don't you configure glbp on your routers?

Didn't test but looks like a simplest solution.

Cisco Employee

Re: Outgoing load balancing with dual ISP

5 cents ?..

..NO !! GLBP is not a feasible solution here..Gateway Load Balancing Protocol feature provides automatic router backup for IP hosts configured with a single default gateway on an IEEE 802.3 LAN....just like VRRP/HSRP..moreover not supported on 1800 series

we are not looking for router backup failure...we are looking for load sharing rather

New Member

Re: Outgoing load balancing with dual ISP

Difference between hsrp and glbp that instead of hsrp, glbp can operate like active/active solution. Well, can be useful for this.

As I see in feature navigator 1800 series supports glbp.

Requester, you can check this links:

http://cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6600/product_data_sheet0900aecd803a546c.html

http://cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6550/prod_presentation0900aecd801790a3_ps6600_Products_Presentation.html

there is noticed that 18xx not supported, but in feature navigator i see different info.

Cisco Employee

Re: Outgoing load balancing with dual ISP

New Member

Re: Outgoing load balancing with dual ISP

As I said, in documents noticed that 18xx not support glbp, but in feature navigator I see:

http://img227.imageshack.us/img227/4702/fnglbphc9.jpg

Any way, why did you decide that requester has 18xx routers? In original post it doesn't mentioned. He has just one asa5540 and two of "who knows" routers.

374
Views
18
Helpful
7
Replies