I need to terminate 8 ADSL (POTS) connections at a cisco router. Currently i am using a Netasq device that "tries" to load-balance 8 speedtouch adsl modems that terminate telephone lines.
Please advice on a cisco router type that i can plug 8x ADSL (POTS) WICs. Having a fiber port (or available slot for fiber interface) is a plus.
Thank you paolo, 1 more question
If I use 2x2801, I believe i should use glbp right? And within routers, i have to enter static routes with same metric to achieve equal cost load sharing? I remember that that static route becomes inactive when the interface is down, but what happens if interface is up but its gateway is down? Is there somethine like sla service monitor in PIX and ASA?
Btw i checked 2801 specifications and saw the following
(2) HWIC/VWIC/WIC/VIC Slots, (1) VWIC/WIC/VIC Slot, and (1) VWIC/VIC Slot
So one slot is not suitable for ADSL WIC? I can use only 3?
This is not a nice design that you're going to do.
First of all as you correctly noted, the 2801 only takes 2x hwic, so you have to use 2x 2811.
Second, devices below the two router will have to use two static default routes, in practice you will need a third router unless you don't reuse one of the above said for the purpose.
Then, you have to configure IP SLA to avoid black-holes, and that in conjunction with NAT is know can cause problems.
All this said, the router will just try to balance like the device you're using now, but is a pseudo-balancing only, as the router doesn't even consider the actual traffic to decide on which link to send a new flow.
So I would suggest either convince the customer to lease a true high speed link, or stay with a balancer and the external modems.
Thank you for your helpful response. Let me elaborate more.
We are providing metro ethernet connections to campuses. But untill the metro ethernet arrives, we have to provide an internet solution. by purchasing 8x8mbit ADSLs and a NETASQ u120, we provide that service. But here is the deal.
1)Netask is not doing well.
2)Once the metro ethernet arrives, we completely remove netasq since it doesnt have fiber port
Thats why, buying a cisco router makes sense. I can place 2x2811 and plug 8 ADSL WICs and once ME arrives, I remove one router and all ADSL WICs, Plug 1 SFP module and terminate ME. This is a scalable solution.
"Second, devices below the two router will have to use two static default routes" As far as i know, you can use GLBP (Gateway loadbalancing protocol) to create a virtual hop that has an IP address so that device below (a L3 switch) will only have 1 route to 1 Ip address.
Hope that makes sense. Btw can you please elaborate pseudo-balancing?
>> As far as i know, you can use GLBP (Gateway loadbalancing protocol) to create a virtual hop that has an IP address so that device below (a L3 switch) will only have 1 route to 1 Ip address
No, GLBP is good for client vlans with multiple clients it provides different MAC addresses in ARP reply for different ARP requests of GLBP VIP.
Having a single device the core switch defeats GLBP.
So you would need two static routes on the core switch with object tracking / IP SLA if possible.
Load balancing would work well if NAT is not in the picture:
CEF load balancing uses an exor of IP SA, IP DA and a seed hash to decide what link to use.
This would allow for decent load balacing outbound.
The problem can be with NAT:
the 2811 has to decide :
how to NAT the packet
this decision involves also the choice of the exit point:
that is out DSL link1 all packets should be sourced with a public ip address = DSL link1 ip address (physical or dialer the question is the same).
So if you haven't a public address block routable on all these links (and this is likely) you can only nat using overload of dialers.
But this then would require you to do tricks like:
divide the private space in 4 parts.
using ACLs and route-maps the border router decides to use link X for a given private ip address.
This is the sense of pseudo load balancing under these conditions.
Also you should take in account how to handle failover: what to do when a DSL link fails.
This would require some links to be left as hot standby the opposite of trying to use all of them.
Hope to help
Thank you for that awsome response. Couple of questions
"CEF load balancing uses an exor of IP SA, IP DA and a seed hash to decide what link to use"
Can you elaborate this more? What is SA and DA?
"Load balancing would work well if NAT is not in the picture"
Lets say that i configured 2 nat rules, they bot include 0.0.0.0 as source list, one includes dialer0 other includes dialer1 interface. And two default routes, specifying interface, (not next hop) entered with same metric.
So when the packet is routed to d0 interface, the net rule that contains d0 kicks in, when packet is routed to d2, other nat rule kicks in. And router does equal cost load sharing in a round-robin fashion, so packet is routed round robin to interfaces. Once one dsl interface is down, route will switch to floating state and become inactive untill interface status is up. And dialer interfaces will have public IP addresses.Am I correct?
Thanks a bunch
>> Can you elaborate this more? What is SA and DA?
SA= source address
DA= destination address
I mean CEF choices a path making the EXOR of less significant digits of IP source address and ip destination address
and a value called hash.
it is not so easy to do load balancing with NAT.
you can use a route-map but this implies an order in matching that means a hierarchy in usage of DSL links.
to overcome this as I wrote you can divide the address space in subsets to have each served by a different dialer.
It is not really a load balancing.
NAT requires translation of source ip address.
Translation has to be done using dialer public ip address if no public block has been allocated to your company by ISP.
from that comes all the problems described in my previous post
Hope to help
In my experience, NAT load balancing works even without route-map.
The real problem is the translations not being removed when a route is invalidate by a tracking.
thank you for your time guys. I will test the behaviour in dynamips lab and see what is going on. Apperantly cisco cant do a simple load-balancing. That arp issue in GLBP is a frustration, somewhat makes it useless.