Re: Two ISPs load sharing - Page 2

bansal.ojasvi · ‎02-25-2009

Hello Experts,

I am trying to use two DSL ISPs to share my VOIP traffic of about 19 SIP phones using G711. I am thinking about using one 2811 router with three Fa interfaces. One interface will go to ISPA, second will go to ISPB and third will go to LAN.

As per my thought process, use two LANs and direct half the traffic through ISPA and half through ISPB. Do I have to use PBR for doing this. If yes, any suggestion or working configuration.

Thanks

OJ

Tshi M · ‎03-02-2009

Hi Bansal,

I actually thought that you were using two VLANs from the switch and using a trunk between the router and the switch.

rgds,

bansal.ojasvi · ‎03-02-2009

No, I didn't use two vlans initially but after your suggestion I used two vlans. I still have issues with it.

Any ideas?

OJ

Marwan ALshawi · ‎03-03-2009

can you post your current config plz

bansal.ojasvi · ‎03-03-2009

Here's the config.

Mohamed Sobair · ‎03-03-2009

Hi,

The Only way to do that with your current connectivity is to have (reliable Staic routing backup using object tracking).

PBR always chooses on next hop , so it wouldnt help.

Configure 2 Static routes using Object tracking in order to perform loadsharing as well as redundancy methods.

Pls have alook at this document:

http://www.cisco.com/en/US/docs/ios/12_3/12_3x/12_3xe/feature/guide/dbackupx.html

HTH

Mohamed

bansal.ojasvi · ‎03-03-2009

Mohamed,

Thanks for you input. I went through the document and it says that it has to be used for failover and not for load sharing. I got failover working using IP sla and route-map. I am not able to get the load sharing working.

My understanding is that a device connnected to the internal network goes through any default gateway but there is no return path to that gateway.

I would appreciate your further input on this.

OJ

Tshi M · ‎03-03-2009

Bansal,

my suggestion was to setup two VLANs on a switch and to configure a trunk from your edge router to the switch to allow both vlans. once that is done, you will use route-map to load share the traffic based on the source vlan.

bansal.ojasvi · ‎03-03-2009

Thanks for you drawing.

Could you please send me little more config about this on NAT and configuring default route.

I would really appreciate that.

Tshi M · ‎03-03-2009

are you using any firewalls in your setup? If so, let your firewall do the NAT. Your route to the outside will be based on the PBR you are using. traffic from VLANx will go out to ISP1 and traffic from VLANy will go to ISP2.

bansal.ojasvi · ‎03-03-2009

No I am not using any firewall. Also, how do I configure the routes?

Mohamed Sobair · ‎03-03-2009

oj,

The link i have provided should be useful for loadsharing and redundancy purposes. WHY and HOW?

The object tracking ensures a static route is valid and presesnt ONLY and ONLY if the next-hop is reachable. As you know, If you configure 2 Static default route , traffc will be load shared but will never be failed over incase of a failure cause a static route is never removed from the routing table.

So still traffic will take one of the failed pathes and result in packet being dropeed.

How? The solution of having 2 default route with Object tracking ensures traffic will be load shared ONLY if both next-hops are reachable and would provide redundancy method if one of the static route failed.

Hope it helps,

Mohamed

bansal.ojasvi · ‎03-03-2009

Hey Mohamed,

I don't need redundancy. I only need load sharing.

I have few confusions.

interface FastEthernet 0/0

description primary-link

ip address 10.1.1.1 255.0.0.0

ip nat outside

interface Dialer 0

description backup-link

ip address 10.2.2.2 255.0.0.0

ip nat outside

Interface ethernet 0/1

description Internal-Lan

ip address 192.168.1.1 255.255.255.0

ip nat inside

<>

ip sla monitor 1

type echo protocol ipIcmpEcho 172.16.23.7

timeout 1000

frequency 3

threshold 2

ip sla monitor schedule 1 life forever start-time now

track 123 rtr 1 reachability

access list 101 permit icmp any host 172.16.23.7 echo

route map MY-LOCAL-POLICY permit 10

match ip address 101

set interface dialer 0 null 0

!

ip local policy route-map MY-LOCAL-POLICY

ip route 0.0.0.0 0.0.0.0 10.1.1.242 track 123

ip route 0.0.0.0 0.0.0.0 10.2.2.125 254

Please help me on this.

OJ

r.zagorodnev · ‎03-13-2009

ip route 0.0.0.0 0.0.0.0 10.1.1.242 track 123

ip route 0.0.0.0 0.0.0.0 10.2.2.125 254

in this case it is redundancy.

you need two route to 0.0.0.0 with the same distance, two route map and two nat:

ip route 0.0.0.0 0.0.0.0 10.1.1.242

ip route 0.0.0.0 0.0.0.0 10.2.2.125

route map MY-LOCAL-POLICY permit 10

match ip address 10

match interface dialer 0

route map MY-LOCAL-POLICY-2ISP permit 10

match ip address 10

match interface FastEthernet 0/0

access list 10 permit 192.168.1.0 0.0.0.255 - your LAN here

ip nat inside source route-map MY-LOCAL-POLICY interface dialer 0 overload

ip nat inside source route-map MY-LOCAL-POLICY-2ISP interface FastEthernet0/0 overload

ip cef

try this. whit two ethernet and two isp it works on my 1841