Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Load Sharing--- Internet

Hello..

I have a internet router connecting two internet circuit provided by same ISP, BGP is running on this router, i am looking for load sharing/load balancing over both links. Could you pls help how this could achieve.

  • WAN Routing and Switching
1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: Load Sharing--- Internet

Hi Anukalp,

For egress load balancing, If you want to load balance using the default route, you can can install both default routes received from both upstream peers in the RIB and let CEF do the load balancing per flow. You would need to configure "maximum-paths 2" for that to happen.

For ingress load balancing, I would suggest you split the prefix you advertise to your ISP in two and advertise the first half through one link and the other half through the other link. For redundancy purposes, you would also need to advertise the whole prefix through both links. For the ingress load balancing to work, you would need to make sure that addresses are used out of both halves of the prefix that was assigned to you. There is only so much you can do to load balance the traffic ingress if all the traffic is going to the same destination address.

Regards

15 REPLIES
Hall of Fame Super Gold

Load Sharing--- Internet

That is automatically achieved by using BGP, in a statistical manner.

To fine tune traffic, refere to advanced BGC configuration guides and documents.

Cisco Employee

Re: Load Sharing--- Internet

Hi Anukalp,

For egress load balancing, If you want to load balance using the default route, you can can install both default routes received from both upstream peers in the RIB and let CEF do the load balancing per flow. You would need to configure "maximum-paths 2" for that to happen.

For ingress load balancing, I would suggest you split the prefix you advertise to your ISP in two and advertise the first half through one link and the other half through the other link. For redundancy purposes, you would also need to advertise the whole prefix through both links. For the ingress load balancing to work, you would need to make sure that addresses are used out of both halves of the prefix that was assigned to you. There is only so much you can do to load balance the traffic ingress if all the traffic is going to the same destination address.

Regards

New Member

Load Sharing--- Internet

Thanks so much..Harold

Hall of Fame Super Gold

Re: Load Sharing--- Internet

Harold Ritter wrote:

Hi Anukalp,

For egress load balancing, If you want to load balance using the default route, you can can install both default routes received from both upstream peers in the RIB and let CEF do the load balancing per flow. You would need to configure "maximum-paths 2" for that to happen.

Actually, that is not needed. Default maximum-path value is bigger that 2 already. So in practice, nothng needs to be done, as I had indicated above.

    

For ingress load balancing, I would suggest you split the prefix you advertise to your ISP in two and advertise the first half through one link and the other half through the other link. For redundancy purposes, you would also need to advertise the whole prefix through both links. For the ingress load balancing to work, you would need to make sure that addresses are used out of both halves of the prefix that was assigned to you. There is only so much you can do to load balance the traffic ingress if all the traffic is going to the same destination address.

Here you are omitting to mention using local-preference, community attributes, and other advance tecniques that are recommended over splitting prefixes. From that my recommendation above of studying the matter before doing anything, or even better, give the job to a qualified engineer.

Cisco Employee

Re: Load Sharing--- Internet

Paolo,

> Actually, that is not needed. Default maximum-path value is bigger that 2  already.

> So in practice, nothng needs to be done, as I had indicated  above.

The default value for maximum-paths is 1.

http://www.cisco.com/en/US/docs/ios/12_2/iproute/command/reference/1rfindp1.html#wp1019705

> Here you are omitting to mention using local-preference, community  attributes, and other

> advance tecniques that are recommended over  splitting prefixes. From that my

> recommendation above of studying the  matter before doing anything, or even better,

> give the job to a  qualified engineer.

Local preference is something you would use to influence egress traffic, not ingress traffic. Community attributes could be used assuming your ISP does something with it. Not all of them do. I agee there are some other ways to address the issue.

Regards

New Member

Load Sharing--- Internet

Hi Harold..

Since configuration to achieve this load sharing seems complicated so i want you to help me out on this.Below is my router config and i want splitting should be done in the way that starting 8-10 IPs should be flow over one link and rest over second circuit.

Also if any circuit goes down all prefixes should flow over active circuit.

Current i am using both circuits as primary and secondary.

----------------------------------------------------------------

interface GigabitEthernet0/0

description ##Primary link##

ip address x.x.x.x 255.255.255.252

duplex auto

speed auto

!

interface GigabitEthernet0/1

description ##Backup link##

ip address y.y.y.y 255.255.255.252

duplex auto

speed auto

!

interface GigabitEthernet0/2

description ### Public LAN Pool###

ip address 121.118.96.2 255.255.255.192

no ip route-cache cef

no ip route-cache

duplex auto

speed auto

!

router bgp 64512

no synchronization

bgp log-neighbor-changes

network 121.118.96.0 mask 255.255.255.192

neighbor x.x.x.x remote-as 4755

neighbor x.x.x.x update-source GigabitEthernet0/0

neighbor x.x.x.x weight 200

neighbor x.x.x.x prefix-list Out out

neighbor y.y.y.y remote-as 4755

neighbor y.y.y.y update-source GigabitEthernet0/1

neighbor y.y.y.y weight 100

neighbor y.y.y.y prefix-list Out out

ip prefix-list Out seq 5 permit 121.118.96.0/26

ip prefix-list Out seq 10 deny 0.0.0.0/0

----------------------------------------------------------------------------------

Cisco Employee

Load Sharing--- Internet

Hi Anukalp,

The overall config is really not that complicated. To address the egress traffic load balancing, you simply need to add "maximum-paths 2". To address the ingress traffic load balancing, you need to advertise 121.118.96.0/27 via the one link , 121.118.96.32/27 via the other and 121.118.96.0/26 via both links for redundancy.

router bgp 64512

maximum-paths 2

network 121.118.96.0 mask 255.255.255.192

network 121.118.96.0 mask 255.255.255.224

network 121.118.96.32 mask 255.255.255.224

neighbor x.x.x.x remote-as 4755

neighbor x.x.x.x prefix-list link1 out

neighbor y.y.y.y remote-as 4755

neighbor y.y.y.y prefix-list link2 out

!

ip prefix-list link1 seq 10 permit 121.118.96.0/26

ip prefix-list link1 seq 20 permit 121.118.96.0/27

ip prefix-list link1 seq 30 deny 0.0.0.0/0 le 32

!

ip prefix-list link2 seq 10 permit 121.118.96.0/26

ip prefix-list link2 seq 20 permit 121.118.96.32/27

ip prefix-list link2 seq 30 deny 0.0.0.0/0 le 32

!

ip route 121.118.96.0 255.255.255.224 GigabitEthernet0/2

ip route 121.118.96.32 255.255.255.224 GigabitEthernet0/2

This splits your /26 (64 addresses) in two blocks of 32 addresses. The first half will be preferred via link 1 and the second half via link 2. Again, make sure you discuss this with your ISP to ensure that they will not block the advertisement of the /27 prefixes.

Regards

Re: Load Sharing--- Internet

Can you elaborate on this if you don't mind please?

ip route 121.118.96.0 255.255.255.224 GigabitEthernet0/2

ip route 121.118.96.32 255.255.255.224 GigabitEthernet0/2

Why does he need to add the routes to the network that he just split via its own interface?

Also:

ip prefix-list link1 seq 10 permit 121.118.96.0/26 (Shouldn't this be also /27?)

ip prefix-list link1 seq 20 permit 121.118.96.0/27 (Shouldn't this be 121.118.96.32/27)

ip prefix-list link1 seq 30 deny 0.0.0.0/0 le 32

!

ip prefix-list link2 seq 10 permit 121.118.96.0/26

ip prefix-list link2 seq 20 permit 121.118.96.32/27

ip prefix-list link2 seq 30 deny 0.0.0.0/0 le 32

Cisco Employee

Re: Load Sharing--- Internet

Hi Mohammad,

>Can you elaborate on this if you don't mind please?

Sure.

>ip route 121.118.96.0 255.255.255.224 GigabitEthernet0/2

>ip route 121.118.96.32 255.255.255.224 GigabitEthernet0/2

>Why does he need to add the routes to the network that he just split via its own interface?

These two static routes are required for the BGP routes (the /27s) to be originated via the network statement.

>Also:

>

>ip prefix-list link1 seq 10 permit 121.118.96.0/26 (Shouldn't this be also /27?)

The /26 needs to be advertised in addition to the /27 for redundancy purposes. If one link should fails, all traffic for the entire /26 would converge to the remaining link.

>ip prefix-list link1 seq 20 permit 121.118.96.0/27 (Shouldn't this be 121.118.96.32/27)

In this example, link 1 advertises the first half of the /26 (.0/27) and link 2 advertises the second half (.32/27).

>ip prefix-list link1 seq 30 deny 0.0.0.0/0 le 32

>!

>ip prefix-list link2 seq 10 permit 121.118.96.0/26

>ip prefix-list link2 seq 20 permit 121.118.96.32/27

>ip prefix-list link2 seq 30 deny 0.0.0.0/0 le 32

Regards

488
Views
0
Helpful
15
Replies