Router Balancing

rbaldanzi · ‎04-15-2002

I have 2 V35 connection of 2 different ISP with 2 different IP classes.

Can i load balance this 2 link with 1 router?

I have to connect behind 1 firewall and user the router as firewall's default fw.

I don't know if ISPs can support me to use routing protocol.

Thank you

bacarpenter · ‎04-15-2002

You can balance the packet load by making both links the same cost to the internet. Then turn off ip route cache on both links. Depending on the class of router your using, the CPU load may increase significantly.

bhedlund · ‎04-15-2002

Load balancing needs to be looked at in both directions, to internet (outbound), and from internet (inbound). Outbound traffic is the easiest direction to load balance because you have total control. Your router is making the decision which link to use. However, inbound traffic is more difficult to load balance they way you want because you have no direct control over the routers making those decisions. For example, in your case, consider for a moment how the Internet is going to return traffic to your firewall. With outbound traffic, your firewall is going to perform NAT (changing the source address of the traffic to that of a public ISP address assigned to you).

This means that all of your outbound traffic, no matter which ISP link you send it out on, will appear to the internet routers to have only come from the ISP whose address space you are using for NAT on your firewall. Thus, all of the return traffic (inbound) will come in through a single link. And, in most cases, inbound is the majority of traffic. When I click on a hyperlink in my web browser I am sending a small http connection request (outbound traffic), then my browser downloads all the pictures and text of the page I want to view (inbound trafic).

Your solution may involve a method of using both of your ISP assigned addresses to NAT your outbound traffic.

Regards,

Brad H.

rbaldanzi · ‎04-16-2002

Thank you,

in this way wich IP address i have to configure on the Router Ethernet (as default gw of my firewall)....an IP address of ISP1 or ISP2 or an private class IP and then let doing NAT to the router (setting 2 nat, one for link)?

Thank you

Regards,

Riccardo

Gilles Dufour · ‎04-16-2002

you could use whatever address.

If you go for private addresses, you don't need to do nat on the router unless you want to be able to ping the pix outside address from the internet.

Make sure you have static routes on the router for your ISP addresses pointing to the pix.

rbaldanzi · ‎04-17-2002

Ok, let's do one example.

My ISP1 has IP addresses 100.100.100.0/24 and my ISP2 has IP addresses 200.200.200.0/24.

Who decides to nat my webserver with ip address 100.100.100.10 instead of 200.200.200.10 if link of ISP2 is down?

Often this type of trick are competence of Radware Linkproof.

In this case infact i use as def gw the Linkproof (a.e. with ip address 10.1.1.1) and then it decides to nat with the right ip class.

How can i do something like this with Cisco routers?

Thanks

Gilles Dufour · ‎04-17-2002

you should not need to change the nat translation.

You just need to make sure you advertise both subnets to both ISP.

If you do not run BGP between you and your ISPs, you need to ask them to advertise both subnets for you.

If they don't want to do it, go for BGP and do it yourself