Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Load balancing with 1841

Hello

i have 1841 Cisco router with 2 phisical ethernets and 2 phisical atm's.

I have 2 dsl modules on 1841 and 2 dsl connections.

And i have a dhcp and domain name server in 192.168.0.1 ip.

I d like to do load balancing per packet with 1841.

Can you help me please with config?

Thank you.

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: Load balancing with 1841

Are the dsl connection to the internet? Do they go to the same provider?

9 REPLIES
Silver

Re: Load balancing with 1841

Are the dsl connection to the internet? Do they go to the same provider?

New Member

Re: Load balancing with 1841

Yes.

Re: Load balancing with 1841

Hello,

this is what your configuration could look like:

ip cef

!

interface FastEthernet0/1

ip address 192.168.0.1 255.255.255.0

ip nat inside

!

interface ATM0/0

no ip address

no ip route-cache

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0/0.1 point-to-point

no ip route-cache

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

interface ATM0/1

no ip address

no ip route-cache

no atm ilmi-keepalive

dsl operating-mode auto

interface ATM0/1.1 point-to-point

no ip route-cache

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 2

!

interface Dialer1

description ISP1_Connection_1

ip address dhcp

ip mtu 1452

encapsulation ppp

dialer pool 1

dialer-group 1

ip load-sharing per-packet

ppp authentication chap pap callin

ppp chap hostname USERNAME

ppp chap password 0 PASSWORD

ppp pap sent-username USERNAME password PASSWORD

!

interface Dialer2

description ISP1_Connection_2

ip address dhcp

ip mtu 1452

encapsulation ppp

dialer pool 2

dialer-group 1

ip load-sharing per-packet

ppp authentication chap pap callin

ppp chap hostname USERNAME

ppp chap password 0 PASSWORD

ppp pap sent-username USERNAME password PASSWORD

!

ip nat inside source route-map ISP1_Connection_1 interface Dialer1 overload

ip nat inside source route-map ISP1_Connection_2 interface Dialer2 overload

!

access-list 1 permit 192.168.0.0

!

route-map ISP1_Connection_1 permit 10

match ip address 1

match interface Dialer1

!

route-map ISP1_Connection_2 permit 10

match ip address 1

match interface Dialer2

!

ip route 0.0.0.0 0.0.0.0 Dialer1

ip route 0.0.0.0 0.0.0.0 Dialer2

!

dialer-list 1 protocol ip permit

Be aware of the following"

- the use of two static routes will allow load-balancing over the two links and provide redundancy at the same time

- the NAT configuration will dynamically choose the NAT'ed address depending on which interface CEF has been chosen to send the packet out of

- enabling CEF on a router will load balance outgoing traffic only, not incoming traffic. If your ISP uses Cisco, you could ask for the ISP to enable CEF on their end as well, which would result in inbound load balancing.

To verify load balancing, use the EXEC command:

sh ip cef 0.0.0.0

Regards,

GNT

Gold

Re: Load balancing with 1841

I was not even sure if you could use dialers with load balance by packet but the NAT issue is where I still see issues.

With 2 pools if it does as you say and nat packets based on the outbound interface you will have all kinds of problems with your sessions.

If it does load balance you will get half your packets sourced from one ip and the other half sourced from another. You will never be able to get a session working since it must have a single source and destination. The destination will discard any packets from the other source address since it did not see a sync packet and will not have a session to associate it with.

I guess you might be able to load balance by session but you seldom get good load balancing

New Member

Re: Load balancing with 1841

I was speaking to a cisco rep and he said that what you are suggesting will not dynamically check the bandwidth of each WAN. Is that true?

Silver

Re: Load balancing with 1841

I think I was awarded points by mistake. I only asked a question so far. Note to Moderator, please deduct them from my profile if you see this post.

-mike

Re: Load balancing with 1841

Hello,

Tim is absolutely right, using per-packet load balancing can cause problems with e.g. voice applications. I guess that is why the default is per-destination load balancing. So, unless you have a specific reason to use per-packet load balancing, just use the default per-destination...

Regards,

GNT

New Member

Re: Load balancing with 1841

Hi,

I have the same load balancing question except our 1841 is connected to two different ISPs. ISP_2 has higher speed than ISP_1. We have an array of servers which has to use ISP_1 for inbound and outbound traffic.

By adding "ip load-sharing per-destination" in fa0/1 and vlan3, can I achieve load balancing? Or it won't work because the ISP are different? Thanks

Here is a partial config: (ip changed)

ip subnet-zero

no ip source-route

ip cef

!

!

ip tcp synwait-time 10

no ip dhcp use vrf connected

!

no ip bootp server

!

interface FastEthernet0/0

description TO-Internal-LAN

ip address 1.2.3.1 255.255.255.128

no ip redirects

no ip unreachables

no ip proxy-arp

ip nat inside

ip route-cache flow

ip policy route-map ama2telus

speed 100

full-duplex

no mop enabled

!

interface FastEthernet0/1

description To-ISP_1

ip address 5.6.7.83 255.255.255.248

no ip redirects

no ip unreachables

no ip proxy-arp

ip route-cache flow

duplex auto

speed auto

no mop enabled

!Added for load balancing

ip load-sharing per-destination

!

interface FastEthernet0/0/0

description To-ISP_2

switchport access vlan 3

duplex full

speed 10

!

interface Vlan1

description defa vlan1

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip route-cache flow

!

interface Vlan3

description Terago1

ip address 6.7.8.140 255.255.255.248

ip nat outside

!Added for load balancing

ip load-sharing per-destination

!

ip classless

ip route 0.0.0.0 0.0.0.0 6.7.8.142

ip route 0.0.0.0 0.0.0.0 5.6.7.81

ip route 24.76.252.253 255.255.255.255 5.6.7.81

ip route 24.79.224.251 255.255.255.255 5.6.7.81

ip route 1.2.3.0 255.255.255.0 1.2.3.5

ip route 206.45.126.190 255.255.255.255 5.6.7.81

i!

no ip http server

ip nat inside source list 1 interface Vlan3 overload

!

logging trap debugging

access-list 1 deny 1.2.3.20

access-list 1 remark INSIDE_IF=FastEthernet0/0

access-list 1 remark SDM_ACL Category=2

access-list 2 permit 1.2.3.100

access-list 2 permit 1.2.3.101

no cdp run

route-map me2ISP_1 permit 10

match ip address 2

set ip next-hop 5.6.7.81

!

Gold

Re: Load balancing with 1841

This has a better chance to work than load balance by packet.

Your policy routing and static routes will cause those selected machines and destinations to use the ISP you selected. The rest of your outbound traffic will load balance but you still have a couple of issues.

You need to define a second nat pool. ISP1 only really knows about 5.6.7.83/29 if you send a packet with source address of 6.7.8.140

he will most likely drop it. If he does take it then the return traffic will come back via ISP2 which is not the best.

Now even after you get a second nat pool so that traffic is sourced with the proper addresses you have another issue. Some application attempt to use the IP address for security. Say for example you open a session with server 1 which has a IP of 10.10.10.1 This server tells you to go to server 2 which has a ip address of 10.10.10.2 to continue the processs. Server 1 then tells server 2 that it should accept a session from your source ip for a period of time. With load balance by destination it is very likely that you will use the other path. Server 2 will reject the session becuase the source address is wrong.

732
Views
0
Helpful
9
Replies