Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

IPsec EIGRP Clarification

We are running EIGRP  as routing protocol in our network. IPSec was configured for encrypring the packets. I am attaching sample topology.

CPC-Central processing unit. All production users are working this location

DC- All Servers are installed in this location.( CPC users accessing these servers application from CPC unit)

DR- Its Just Back up.

  Bandwidth utilization of CPC site was 12 Mbps... so due to this Primary link getting fully utilized and users are facing issue.. secondary link was free.

1. can i go equal load balancing. So that we 6 Mbps will utilized on primary and 6 Mbps on Secondary..

For eg. If i  downloading 10 GB file. 5 GB file should use primary link and 5 GB should use secondary Link. any issue happend for single file travelling in two path.

2. Can i configure in such way if 80% level reached on primary link then rest of packets should travel through secondary link.(unequal load balancing)

3. If  we done such configuration any changed need to done on IPSec.

4. Whenever the Primary link was goes down. IPSec was not establishing until clearing the crypto session.what we need to do.  Based on topolgy some one provide the sample configuration it will good  for me..

VIP Super Bronze

IPsec EIGRP Clarification

By default, load balancing is per destination:

You can set load-balancing to work per-destination or per-packet. Per-destination load balancing means the router distributes the packets based on the destination address. Given two paths to the same network, all packets for destination1 on that network go over the first path, all packets for destination2 on that network go over the second path, and so on. This preserves packet order, with potential unequal usage of the links. If one host receives the majority of the traffic all packets use one link, which leaves bandwidth on other links unused. A larger number of destination addresses leads to more equally used links. To achieve more equally used links use IOS software to build a route-cache entry for every destination address, instead of every destination network, as is the case when only a single path exists. Therefore traffic for different hosts on the same destination network can use different paths. The downside of this approach is that for core backbone routers carrying traffic for thousands of destination hosts, memory and processing requirements for maintaining the cache become very demanding.

link for more info: