cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1097
Views
0
Helpful
9
Replies

How to achieve Inbound Load Sharing between my 2 Internet Router Multi-Homed

vishwasjaiswal
Level 1
Level 1

Hi All,

Please help me to achive inbound load sharing on my 2 Internet Routers which are connected to 2 different ISP's Routers.

I tried to achive this via as-path prepend but not sure what mistake I am doing that still inbound traffic is going via one link only and no traffic on second link.

NOTE: As per ISP they have made one router as primary due to lower router ID of that router

Below is the config which  I have applied on my both the routers but still i am not able to see the load sharing happening on both the links.

NOTE: I have 2 subnets which are advertised to internet

199.63.1.0 /24

199.63.3.0/24

But subnet 199.63.1.0 /24 have more traffic as it is used for my VPN Cpnnectivity than 199.63.3.0 /24 which is used for B2B connectivity.

I tried to device the /24 subnet to 2 times /25 subnet and tried to load share.

Please help me and let me know if you need any more info to fix this issue.

===================

HGC Router

===================

route-map Primary_Prepend permit 10

match ip address 50

route-map Primary_Prepend permit 20

matach ip address 60

set as-path prepend 64779

!

access-list 50 permit 193.63.1.0 0.0.0.127

access-list 50 permit 193.63.3.128 0.0.0.127

!

access-list 60 permit any

!

router bgp 64779

neighbor 203.192.137.109 route-map Primary_Prepend out

!

++++++++++++++++++++++++++++++

PCCW Router

=====================

!

route-map Backup_Prepend permit 10

match ip address 50

route-map Backup_Prepend permit 20

match ip address 60

set as-path prepend 64779

!

access-list 50 permit 193.63.1.128 0.0.0.127

access-list 50 permit 193.63.3.0 0.0.0.127

!

access-list 60 permit any

!

router bgp 64779

neighbor 203.192.145.49 route-map Backup_Prepend out

!

==================================================

9 Replies 9

Sandeep Choudhary
VIP Alumni
VIP Alumni

Hi Vishwas,

Please check this link:

It not via BGP but still can hep to understand:)

https://supportforums.cisco.com/thread/2212769

Regards

Hi Vishwas,

You can implement OER/PFR rechnolgy which will help you share inbound and outbound load sharing of ISP link terminated on differemt routers. You will have to run BGP.

Regards,

Sathvik K V

Mahesh Gohil
Level 7
Level 7

Hello,

Both of your network (1.0/24 and 3.0/24) are seems to be originating from AS10026 (Pacnet) on internet which means either you are connected to single ISP or prefix from other ISP is not prefered.

Few query:

1/ Does this IP (199.63.1.024 and 199.63.3.0/24) was assigned by ISP or did you taken from internet registry. If it belongs to one ISP then other ISP will not accept it, so there is no way you can load share it.

2/ If you are attached to single ISP at two different location (or router) you may try below config.

ip prefix-list POOL-HALF-1 SEQ 5 permit 199.63.1.0/25
ip prefix-list POOL-HALF-1 SEQ 10 permit 199.63.3.0/25

ip prefix-list POOL-HALF-2 SEQ 5 permit 199.63.1.128/25
ip prefix-list POOL-HALF-2 SEQ 10 permit 199.63.3.128/25


route-map LINK1 permit 10
match ip address prefix-list POOL-HALF-1

route-map LINK1 permit 30
match ip address prefix-list POOL-HALF-2
set as-path prepend 64779 64779

router bgp 64779
neighbor 203.192.137.109 route-map LINK1 out

route-map LINK2 permit 10
match ip address prefix-list POOL-HALF-2

route-map LINK2 permit 30
match ip address prefix-list POOL-HALF-1
set as-path prepend 64779 64779

router bgp 64779

neighbor 203.192.145.49 route-map LINK2 out

Let me know if more help/understanding required

Regards # Mahesh

Thanks Mahesh for the details info and script.

1/ Does this IP (199.63.1.024 and 199.63.3.0/24) was assigned by ISP or did you taken from internet registry. If it belongs to one ISP then other ISP will not accept it, so there is no way you can load share it. -

Answer to your query is: These IPs are not provided by ISP , its my own internet registry IPs.

I have taken 2 Internet links from same ISP PACnet but itslocal PTT are HGC & PCCW.

The config you sent me , do I have to apply it on one CE router or on both of my CE routers ?

I  tried the same concept shown in my intial post but still i was not seeing inbound traffic on PCCW Link.

Please let me know if you need anything else from my side to make it working ?

Mahesh,

I tried your script and run it on my both the routers and unfortunately my whole traffic was stopped and not working.

I checked with my ISP PACnet and they informed me :

that we only accept /24 and for /25 its no longer routable towards the internet.

Is there any other way to load labalce the inbound traffic ?

Then I tried to sub devide 1.0/24 & 3.0/24 network one from each link. then also its not working

One more thing I observed that after creating teh access-list or prefix-list I don't get any matches on 199.63.1.0/24 and 3.0/24

Not sure why i am not getting any matches & thats the reason my traffic is not balanced on both the links.

Any idea why it is happening like this ?

Hello,

Since your ISP do not allow

something like below

ip prefix-list POOL1 SEQ 5 permit 199.63.1.0/24
ip prefix-list POOL2 SEQ 5 permit 199.63.3.0/24


route-map LINK1 permit 10
match ip address prefix-list POOL1

!
route-map LINK1 permit 30
match ip address prefix-list POOL2
set as-path prepend 64779 64779

!

route-map LINK1 permit 40

router bgp 64779
neighbor 203.192.137.109 route-map LINK1 out


route-map LINK2 permit 10
match ip address prefix-list POOL2

!
route-map LINK2 permit 30
match ip address prefix-list POOL1
set as-path prepend 64779 64779

!

route-map LINK2 permit 40

router bgp 64779

neighbor 203.192.145.49 route-map LINK2 out

Regards # Mahesh

Mahesh,

I have tried this as well. but still not working.

Below is the config taken from router:

============================

HK25-HGCrouter-60M#sh access-lists

Standard IP access list 50

    10 permit 193.63.1.0, wildcard bits 0.0.0.255

HK25-HGCrouter-60M#sh run | s route-map

  neighbor 203.192.137.109 route-map Primary_Prepend out

route-map Primary_Prepend permit 10

match ip address 50

set as-path prepend 64779 64779 64779

route-map Primary_Prepend permit 20

====================

HK25-PCCWrouter-60M# sh access-lists

Standard IP access list 50

    10 permit 193.63.3.0, wildcard bits 0.0.0.255

HK25-PCCWrouter-60M#sh run | s route-map

  neighbor 203.192.145.49 route-map Backup_Prepend out

route-map Backup_Prepend permit 10

match ip address 50

set as-path prepend 64779 64779 64779

route-map Backup_Prepend permit 20

Hello Vishwas,

When you announced two prefix to two different peering did you checked reverce trace from route-server (You may find it on traceroute.org website).

Based on above trace you may check whether reverce trace is coming back via,. two different path or not.

Alternately you may ask PACNET to provide reverse trace from their GW router.

Regards

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: