Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Simple Redundant Internet Connection

We currently have two offices connected by a point to point dedicated circuit. A primary internet connection at OFFICE A provides internet connectivty to both offices currently. We are looking to put another internet kink at OFFICE B and utilize them both for traffic and in teh event of a failure, push all traffic to one. What would the best way to configure this for teh load sharing / failover? I cannnot use HSRP since the routers reside on seperate LANs correct?

Will rate posts.

2 REPLIES
Super Bronze

Re: Simple Redundant Internet Connection

Best is often subjective, but for load sharing and failover, what you might want is as follows:

A different router, from the p-2-p router, at office A to terminate one end of site-to-site VPN tunnel across the Internet.

Likewise at office B.

Both office A and B "different" routers must be visible as an alternative gateway to the existing p-2-p routers.

Both the new "different" routers and both the existing p-2-p routers must know there's an alternative path between the two offices. (Ideally, all also knowing about both Internet connections.)

Load balancing could be done at the gateway level using GLBP or via HSRP and routing path metrics.

Done correctly, you should normally use both the p-2-p and VPN for interoffice traffic, the local office's Internet connection for that office's Internet traffic.

There won't be any single point of failure, including Internet access. Further, failover is automatic.

Depending on topology, the "different" router could be the Internet router at one or both offices.

Silver

Re: Simple Redundant Internet Connection

I have to give it some more thought on a better engineered solution, but you could set it up this way.

ip route 0.0.0.0 0.0.0.0 serial0/0 (whatever your main interface is to the internet)

ip route 0.0.0.0 0.0.0.0 serial 0/1 100 (whatever your direct p2p circuit is on)

since it is not permanent you might not want or need to have both T's in use. What this does is prefer all internet traffic out your main interface. In the event the interface has problems or the ckt goes down your traffic will be shifted because the next static route with the metric of 100 will be the prefered route. It will be sent to your office B and out to the internet.

162
Views
0
Helpful
2
Replies