I've been researching the Internet to find the best solution for this scenario:
1. One router connected to two ISP's.
2. Receiving full Internet routes from both ISPs.
3. Link to each upstream provider is 10MB.
I would like to know the best option to obtain:
1. Redundancy - If one link to any provider goes down, clients behind us should still be able to reach the Internet, and inbound connection to our clients should still be available.
2. How to obtain load balancing. If load balancing is not possible how to load share between both links.
I am confused on what is the best option to get redundancy and/or load balacing-sharing.
Any ideas will be appreciated.
Office Of Management And Budget
Commonwealth Of Puerto Rico
You can set the maximum-paths to 2 under BGP, to configure load balancing. This will help in load balancing between the two links. By default, without this command configured, for the same given route, from both the ISPs, if all BGP parameters, such as weight, local pref, origin etc are same, then BGP will choose the route provided the ISP router wth lowest router ID. (note that router ID is the highest IP address configured on the router)
Assuming all the routes in the internet are being provided by both ISPs, you should have redundancy for all routes to Internet. Even if one fails, the other should be able to route to the destination.
This command will work when both connections are going to the same provider. Right?, we are peering with two ISP's, different AS numbers.
Well redundancy is not there, because some time ago provider 2 went down and we lost connection to some destinations. Also access from outside was not working neither.
I'm assuming you have your own address space, if you do go to something like digex's looking glass and see what it has for routes for you back and thru which as's the routes go, make sure that they are learning about your address space via both isp's. If you have an address space from isp1, make sure that they are advertising is out with the correct mask, i.e. thier address space may be 184.108.40.206/8, you have 220.127.116.11/24, in this case isp 1 would not only have to advertise its summary 12/8, but also your /24 otherwise return traffic would always take isp2. Another issue with load balancing is assymetric routing, may cause problems, may not, depends on what kind of traffic. Finally, where were the sites that you lost connectivity to, were they somewhere on isp 2's network, if so, then you couldn't reach them because of isp 2's network problems.
Ignoring load balancing for a second and concentrating more on redundancy, you can simply configure a secong gateway of last resort ie.
0.0.0.0 via 1st ISP
0.0.0.0 via 2nd ISP
The router will always use the first entry, and if unavailable will fall back and use the second. Providing one of the two ISP connections are available you will have seemless failover.
Some suggested to use:
ip route 0.0.0.0 0.0.0.0 isp1 250
ip route 0.0.0.0 0.0.0.0 isp2 250
I think the metric is so the router use this as last resort in the event BGP peering goes down on one of the links, right?.
This isn't a metric, but rather an administrative distance.
It will keep the static routes from being used as long as there are bgp routes in the table. My question would be, however, if you are learning defaults through bgp, and bgp failed, wouldn't that indicate that the connection to the isp is down, as well? In that case, do you really want the default to be there?
I went and check over broadwing looking glass site. I found out that isp1 is not advertising our own blocks.
Isp2 is advertising our address space. So I called isp1 technical support to find out why...
We have asymetric routing in our environment.
I think that when isp1 start advertising our addresses then I can do load sharing on both links.
You can use the backup interface commands and backup ISP1 with ISP2. you can then use the Load Threshholds and set a limit on the utilisation of ISP1.
This will mean when your primary ISP link reaches a pre-set threshold, the router will fall back and use your second connection to avoid either being saturated.
even if you get isp1 to advertise your routes, load sharing may result in asymmetric routing, which may or may not be an issue, usually not unless load balancing via round robin, and not via per destination. Reason being if I source my packet thru isp1, to isp5, isp5's shortest route may be back thru isp 2. If this is acceptable, then no big deal. If load balancing via destination, all packets go out isp1, and come back via isp2, same latency, etc. If round robin, one packet goes out isp 1, then 2, but all come back via isp2 (because destination doesn't load balance returning traffic)this may cause out of order packets causing problems with some apps. God, I hope that made sense