Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

ISP & MPLS - how to load balance/prioritze traffic between them

We have 2mb mpls network between three sites. Each site also  has its own internet connection for hosting webserver and internal users to access internet. Each site has a few internal subnets. Each site currently has a  2800 series ISR.

Goal / Proposed:

1) Increase Internet connection to 10mbps  and configure site-to-site VPNS in a mesh

configuration so that each site has a vpn to each other site. This would create six vpn tunnels.

2) Configure so that only Exchange and VoiP traffic use the MPLS network under normal conditions.

All other traffic (backup/misc apps) should be routed to use the Internet VPNs. If the MPLS fails

of course we would like the Exchange and VoiP traffic to fail over to the VPN connections as well

until the MPLS comes back up. This is where I need help with what features to configure.

In regards to Question 1: Does this seem fairly common? Any gotchas/feedback?

In regards to Question 2: How would I configure this? What features/configurations, etc.?

As much detail as possible would be appreciated and I can research from there.

Thank you,

Super Bronze

ISP & MPLS - how to load balance/prioritze traffic between them


The      Author of this posting offers the information contained within this      posting without consideration and with the reader's understanding   that    there's no implied or expressed suitability or fitness for any    purpose.   Information provided is for informational purposes only  and   should not   be construed as rendering professional advice of any  kind.   Usage of  this  posting's information is solely at reader's own  risk.

Liability Disclaimer

In      no event shall Author be liable for any damages whatsoever    (including,   without limitation, damages for loss of use, data or    profit) arising  out  of the use or inability to use the posting's    information even if  Author  has been advised of the possibility of   such  damage.


#1 you could do it with a full mesh of p2p tunnel or you might also use DMVPN.  Full meshes are not that common since they don't scale well.  More common is have hub-and-spoke.  However, for only 3 sites shouldn't be an issue.

One gotcha is if you intend to have VoIP fail-over to VPN, you cannot really easily manage bandwidth nor effectively manage it at all if you're going to share the Internet connection with "raw" Internet traffic.

#2 likely could be done with PBR.  Might also be done with PfR.


I've found you can often have VPN across the Internet rival dedicated cloud circuit performance if you use the Internet circuit only for VPN.  If you want general Internet, get a second Internet circuit.

ISP & MPLS - how to load balance/prioritze traffic between them

the simplest and more scalable way to go with DMVPN as mentioned above by Joseph

where you can have dynamic routing to be run over the DMVPN tunnels which gives you the ability to control routing preference by using routing metrics rather than PBR which is less CPU intensive

see the below link for better understanding, but in your case you need to make the DMVPN tunnel path as a preferred path for certain subnets

Hope this help

if helpful Rate

CreatePlease to create content