Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

wan links on router

Hi,

Our new location has two 2800-WAN router's. There will be two WAN links from different providers for backup(one primary & other secondary) in this location.

I have few doubts:-

1.Can we terminate both the links individually in two routers?

2.Is there a way to aggregate both link bandwidths together & use it during normal usage?

3.If one link fails, how would the other router know to start initiating traffic, is there any automatic way?

Appreciate all replies.

17 REPLIES

Re: wan links on router

Hello,

Are these point to point links with your own routers at either side?
What kind of service is the 'WAN link'

You could use a dynamic routing protocol like OSPF, this would take care of load sharing (making use of both links) with equal cost routes and also take care of your resiliency.

Same could be achieved with static routing with some intelligent IP SLA tracking.

Just depends on what service it is, then we can give you better, more accurate answer.

Hope this helps

Sent from Cisco Technical Support iPhone App

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Re: wan links on router

Hello

1.Can we terminate both the links individually in two routers?
Yes and run an (igp -rip-eigrp-ospf) and a first hop routing protocol such as hrsp/glbp between them for resiliency

2.Is there a way to aggregate both link bandwidths together & use it during normal usage?
If you mean the wan links then No -not between two different service providers

3.If one link fails, how would the other router know to start initiating traffic, is there any
As stated running enhanced object tracking with the above mentioned In item 1 would be applicable


Res
Paul

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

wan links on router

One of the wan link is point to point & other one is to the wan cloud.

Both these wan routers connect logically to a pair of ASA firewall downstream, in this case how would the traffic coming from core network understand where to route if one of the wan links fail?

Hall of Fame Super Gold

wan links on router

1.Can we terminate both the links individually in two routers?

Back in 2008, I was part of a team rolling out routers to upgrade existing FR connections to IP WAN.  So what we did was we ran HSRP between the two routers.  The HSRP address are the default gateways of the VLANs.  Now the link:  one link was costed so that traffic will always go one way.  The client had several applications which do not like outgoing traffic going one link and incoming traffic coming from another link.   Trying to get one ISP to accept your configuration proposal is one thing, getting two?  Not easy. 

Re: wan links on router

Hang on.. is this for internet connectivity or is this for site connectivity? I dont quite understand the topology... I think all the questions raised are actually entirely possible.

1.Can we terminate both the links individually in two routers? YES

2.Is there a way to aggregate both link bandwidths together & use it during normal usage? YES

3.If one link fails, how would the other router know to start initiating traffic, is there any automatic way? YES

But questions I have are, what are these routers used for?

What are the WAN links providing for these routers? [Internet access or corporate access, is it for as site or the whole company]

What is connected to these routers? [on WAN and the LAN]

What is the purpose of these routers? [Internet based routers or routers providing connectivity for a LAN]

I think its fair to say once these questions are answered in full, we'll be in a position to give an accurate answer instead of assuming for now.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.
Hall of Fame Super Gold

wan links on router

Hang on.. is this for internet connectivity or is this for site connectivity?

Branch site has two routers.  Each router connects to an ISP.  Each routers has two tunnels:  One going to the primary DC and the 2nd tunnel goes to the secondary DC. 

The routers have a ethernetswitch module so we can connect the two via HSRP. 

The 2nd port of each router goes to a stack of 3750E.  Layer 3 Etherchannel. 

Does this answer your question?

Re: wan links on router

Okay... But I didn't see internet service provider anywhere in the post...? Even though it might be the case. Where did the 3750E, etherswitch module and tunnel thing come from too? Have I missed a post somewhere?

Sent from Cisco Technical Support iPhone App

Please rate useful posts & remember to mark any solved questions as answered. Thank you.
New Member

wan links on router

Both these routers/links are for site connectivity & not Internet.

I believe Leo described the downstream flow, with regards to 3750.

Thanks to both of you.

Can i please request for small snippets of configuration to achieve this, specifically the costing etc and how the link moves the second way when required. Any manual intervention required or so?

Hall of Fame Super Gold

wan links on router

specifically the costing

Costing would be irrelevant because we were the routers were 2800 and 3750E. 

Another thing is our ISP's, Telstra and Optus, are notoriously charges an arm-and-a-leg for a pathetic link. 

Configuration, hmmmmm ... Gotta look for them.

wan links on router

I would disagree that costing/metrics are irrelevant, I think it makes the entire solution work.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Re: wan links on router

Hello Bilal

"Our new location has two 2800-WAN router's. There will be two WAN links from different providers for backup(one primary & other secondary) in this location"

I interrupted this as two service providers!

"2.Is there a way to aggregate both link bandwidths together & use it during normal usage?"

I answered No but your answer was Yes - Do you mean you can aggregate wan links from two different routers running on different service providers?

Can you clarify what you mean on this.

Res
Paul

Please don't forget to rate any posts that have been helpful. Thanks.

Re: wan links on router

Hello Paul,

If you look at the requirement which was 'aggregate both link bandwidths together' you can via load sharing across these links. e.g. possible via equal cost routes or other methods...

I look at this from this point of view - as making use of both links since the reference was the 'bandwidth' side of it.

Hope that makes sense?

But yes, if its bundling physical nics together then no, not really possible i guess. It's just how the requirements were stated, we make different meanings out of it

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Re: wan links on router

Also I'd like to mention and remind, one link is point to point. The service provider therefor can be taken out of this aspect to this particular link as this is connection from end to end.

Sent from Cisco Technical Support iPhone App

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Re: wan links on router

Thanks for the clarification Bilal?

Res
Paul

Sent from Cisco Technical Support iPad App

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

wan links on router

1.Can we terminate both the links individually in two routers? Yes --- There is no issue at all. Just terminate them on the layer 3 interfaces.

2.Is there a way to aggregate both link bandwidths together & use it during normal usage?Yes use PBR (Policy based routing on the Lan side to push some traffic from secondary link and rest from primary.).

3.If one link fails, how would the other router know to start initiating traffic, is there any automatic way? IPSLA can be configured for the failover, also with the PBR.

*The above solution is good if you are planning to use static routes. You may use other options also using BGP.

Let me know if you need sample configuration.

Amant

-Amant

Re: wan links on router

Hello


2.Is there a way to aggregate both link bandwidths together & use it during normal usage?Yes use PBR (Policy based routing on the Lan side to push some traffic from secondary link and rest from primary.-YES

This answer should be NO - Its not feasible- the definition of aggregation in this post could be confusing to others.

Aggregation is combining multiple links or ports together preferably on the same device unless something like vss is available which in this it isn't -so load balancing or load sharing would be a much applicable description and in this scenario load sharing would be the correct definition


Res
Paul


Sent from Cisco Technical Support iPad App

Please don't forget to rate any posts that have been helpful. Thanks.

Re: wan links on router

There are many ways of doing this, this is just one of them. I will be using OSPF to complete all the requirements.

Below is a diagram of my topology.

I have made all MPLS networks with the prefix begining 172.16.x.x

I have made all Corporate networks with prefix begining 10.10.x.x

Rest of the links are point to point as depicted.

You will see in routing tables on R1 and R2 just in case you wonder what they are.

Screen Shot 2014-01-12 at 11.23.11.png

Config - ASA [Not really using an ASA as I no longer have one (Juniper is my thing in security). Just using a router to simulate the routing process on the ASA]

interface FastEthernet0/0

ip address 10.0.0.1 255.255.255.252

ip ospf 1 area 0

!

interface FastEthernet0/1

ip address 172.16.0.1 255.255.255.252

ip ospf 1 area 0

!

router ospf 1

log-adjacency-changes

redistribute connected subnets

default-information originate

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Loopback100

I am generating the default route into ospf with default-information originate command. This advertises the default route downstream if I have a valid default route. In which case I have a static default dummy route pointing towards l100 for demonstration purposes.

ASA has a neighborship with R1 since its point to point. It also has a neighborship with the MPLS CE router at the HQ and this router will advertise to the ASA all the routes learned via the cloud.

Config on R1

interface FastEthernet0/0

ip address 10.0.0.2 255.255.255.252

ip ospf 1 area 0

!

interface FastEthernet0/1

ip address 10.0.1.1 255.255.255.252

ip ospf 1 area 1

!

router ospf 1

log-adjacency-changes

area 1 nssa default-information-originate

R1 has an OSPF adjacency with the ASA and the switch. Area 1 is nssa - but also injecting the default route towards itself from this area. Same will be done on R2.

Config on R2

interface FastEthernet0/0

ip address 172.16.1.2 255.255.255.252

ip ospf 1 area 0

!

interface FastEthernet0/1

ip address 10.0.2.1 255.255.255.252

ip ospf 1 area 1

!

router ospf 1

log-adjacency-changes

area 1 nssa default-information-originate

R2 has an adjacency with the MPLS CE [Customer Edge] Router. All the MPLS sites in the cloud connect to our MPLS VPN. Then the Service Provider advertises those routes back to us.

Config on SW

!

interface Loopback192

ip address 192.168.1.1 255.255.255.0

ip ospf 1 area 1

!

interface FastEthernet0/0

description *** Unused for Layer2 SW ***

ip address 10.0.2.2 255.255.255.252

ip ospf 1 area 1

!

interface FastEthernet0/1

description *** Unused for Layer2 SW ***

ip address 10.0.1.2 255.255.255.252

ip ospf 1 area 1

!

router ospf 1

log-adjacency-changes

area 1 nssa

passive-interface Loopback192

On SW thers just normal adjacency with R1 and R2, it will get the default route from both with the same metric - therefor will load-balance for anything that there is not a specific route for in the routing table, e.g. internet bound traffic.

192 network is our 'LAN' that we are advertising outbound. With this, all external type routes will be filtered from this area.

However if you wish to load balance for absolutely everything the on R1 and R2 instead of implementing the command:

router ospf 1

area 1 nssa default-information-originate

Filter all routes but the default routes... do this instead

router ospf 1

area 1 nssa default-information-originate no-summary

I will show the differences later...

See the routing tables now...

ASA:

ASA-HA#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

     100.0.0.0/32 is subnetted, 1 subnets

C       100.0.0.1 is directly connected, Loopback100

     172.16.0.0/16 is variably subnetted, 7 subnets, 2 masks

O E2    172.16.4.0/24 [110/20] via 172.16.0.2, 00:01:01, FastEthernet0/1

O E2    172.16.5.0/24 [110/20] via 172.16.0.2, 00:01:01, FastEthernet0/1

O E2    172.16.6.0/24 [110/20] via 172.16.0.2, 00:01:01, FastEthernet0/1

C       172.16.0.0/30 is directly connected, FastEthernet0/1

O       172.16.1.0/30 [110/20] via 172.16.0.2, 00:01:02, FastEthernet0/1

O E2    172.16.2.0/24 [110/20] via 172.16.0.2, 00:01:02, FastEthernet0/1

O E2    172.16.3.0/24 [110/20] via 172.16.0.2, 00:01:02, FastEthernet0/1

     10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks

C       10.10.2.0/24 is directly connected, Loopback2

C       10.10.3.0/24 is directly connected, Loopback3

C       10.10.4.0/24 is directly connected, Loopback4

O IA    10.0.2.0/30 [110/30] via 172.16.0.2, 00:01:03, FastEthernet0/1

                    [110/30] via 10.0.0.2, 00:01:03, FastEthernet0/0

C       10.10.10.0/24 is directly connected, Loopback1

C       10.0.0.0/30 is directly connected, FastEthernet0/0

O IA    10.0.1.0/30 [110/20] via 10.0.0.2, 00:01:03, FastEthernet0/0

     192.168.1.0/32 is subnetted, 1 subnets

O IA    192.168.1.1 [110/21] via 10.0.0.2, 00:01:03, FastEthernet0/0

S*   0.0.0.0/0 is directly connected, Loopback100

On the ASA we can see the routes for the MPLS being the 172.16 networks... note we can also see the 192.168. network from our site A... pings work both ways.

On R1:

R1#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.0.0.1 to network 0.0.0.0

     100.0.0.0/32 is subnetted, 1 subnets

O       100.0.0.1 [110/11] via 10.0.0.1, 00:06:04, FastEthernet0/0

     172.16.0.0/16 is variably subnetted, 7 subnets, 2 masks

O E2    172.16.4.0/24 [110/20] via 10.0.0.1, 00:03:23, FastEthernet0/0

O E2    172.16.5.0/24 [110/20] via 10.0.0.1, 00:03:23, FastEthernet0/0

O E2    172.16.6.0/24 [110/20] via 10.0.0.1, 00:03:23, FastEthernet0/0

O       172.16.0.0/30 [110/20] via 10.0.0.1, 00:06:04, FastEthernet0/0

O       172.16.1.0/30 [110/30] via 10.0.0.1, 00:06:06, FastEthernet0/0

O E2    172.16.2.0/24 [110/20] via 10.0.0.1, 00:03:24, FastEthernet0/0

O E2    172.16.3.0/24 [110/20] via 10.0.0.1, 00:03:24, FastEthernet0/0

     10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks

O E2    10.10.2.0/24 [110/20] via 10.0.0.1, 00:03:24, FastEthernet0/0

O E2    10.10.3.0/24 [110/20] via 10.0.0.1, 00:03:24, FastEthernet0/0

O E2    10.10.4.0/24 [110/20] via 10.0.0.1, 00:03:24, FastEthernet0/0

O       10.0.2.0/30 [110/20] via 10.0.1.2, 00:03:24, FastEthernet0/1

O E2    10.10.10.0/24 [110/20] via 10.0.0.1, 00:03:24, FastEthernet0/0

C       10.0.0.0/30 is directly connected, FastEthernet0/0

C       10.0.1.0/30 is directly connected, FastEthernet0/1

     192.168.1.0/32 is subnetted, 1 subnets

O       192.168.1.1 [110/11] via 10.0.1.2, 00:03:24, FastEthernet0/1

O*E2 0.0.0.0/0 [110/1] via 10.0.0.1, 00:03:24, FastEthernet0/0

Here we see the default route from the ASA.

On R2

R2#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 172.16.1.1 to network 0.0.0.0

     100.0.0.0/32 is subnetted, 1 subnets

O       100.0.0.1 [110/21] via 172.16.1.1, 00:08:02, FastEthernet0/0

     172.16.0.0/16 is variably subnetted, 7 subnets, 2 masks

O E2    172.16.4.0/24 [110/20] via 172.16.1.1, 00:05:16, FastEthernet0/0

O E2    172.16.5.0/24 [110/20] via 172.16.1.1, 00:05:16, FastEthernet0/0

O E2    172.16.6.0/24 [110/20] via 172.16.1.1, 00:05:16, FastEthernet0/0

O       172.16.0.0/30 [110/20] via 172.16.1.1, 00:08:02, FastEthernet0/0

C       172.16.1.0/30 is directly connected, FastEthernet0/0

O E2    172.16.2.0/24 [110/20] via 172.16.1.1, 00:05:18, FastEthernet0/0

O E2    172.16.3.0/24 [110/20] via 172.16.1.1, 00:05:18, FastEthernet0/0

     10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks

O E2    10.10.2.0/24 [110/20] via 172.16.1.1, 00:05:18, FastEthernet0/0

O E2    10.10.3.0/24 [110/20] via 172.16.1.1, 00:05:18, FastEthernet0/0

O E2    10.10.4.0/24 [110/20] via 172.16.1.1, 00:05:18, FastEthernet0/0

C       10.0.2.0/30 is directly connected, FastEthernet0/1

O E2    10.10.10.0/24 [110/20] via 172.16.1.1, 00:05:18, FastEthernet0/0

O       10.0.0.0/30 [110/30] via 172.16.1.1, 00:08:04, FastEthernet0/0

O       10.0.1.0/30 [110/20] via 10.0.2.2, 00:05:18, FastEthernet0/1

     192.168.1.0/32 is subnetted, 1 subnets

O       192.168.1.1 [110/11] via 10.0.2.2, 00:05:18, FastEthernet0/1

O*E2 0.0.0.0/0 [110/1] via 172.16.1.1, 00:05:18, FastEthernet0/0

On R2 we see the default route from the ASA however this is recieved via the MPLS CE router. The MPLS router advertises the same routes that are learned to us at R2.

Now for the SW

SW1-SW#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.0.2.1 to network 0.0.0.0

     100.0.0.0/32 is subnetted, 1 subnets

O IA    100.0.0.1 [110/21] via 10.0.1.1, 00:13:48, FastEthernet0/1

     172.16.0.0/30 is subnetted, 2 subnets

O IA    172.16.0.0 [110/30] via 10.0.2.1, 00:10:34, FastEthernet0/0

                   [110/30] via 10.0.1.1, 00:13:48, FastEthernet0/1

O IA    172.16.1.0 [110/20] via 10.0.2.1, 00:10:34, FastEthernet0/0

     10.0.0.0/30 is subnetted, 3 subnets

C       10.0.2.0 is directly connected, FastEthernet0/0

O IA    10.0.0.0 [110/20] via 10.0.1.1, 00:13:49, FastEthernet0/1

C       10.0.1.0 is directly connected, FastEthernet0/1

C    192.168.1.0/24 is directly connected, Loopback192

O*N2 0.0.0.0/0 [110/1] via 10.0.2.1, 00:10:36, FastEthernet0/0

               [110/1] via 10.0.1.1, 00:13:50, FastEthernet0/1

Here notice that we see all O IA routes and a single default route by making this a not so stubby area. None of the E2 type routes are showing towards the MPLS cloud e.g. 172.16.2.0 and 172.16.3.0

Since we have two default routes here, for any outbound traffic that the router doesnt have a route for, the router will end up sending traffic via both of these routes.

Anyway im going to inject the default in this not so stubby area by implementing - area 1 nssa default-information-originate no-summary on R1 and R2. This will filter out routes and advertise the default only.

SW1-SW#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.0.2.1 to network 0.0.0.0

     10.0.0.0/30 is subnetted, 2 subnets

C       10.0.2.0 is directly connected, FastEthernet0/0

C       10.0.1.0 is directly connected, FastEthernet0/1

C    192.168.1.0/24 is directly connected, Loopback192

O*IA 0.0.0.0/0 [110/11] via 10.0.2.1, 00:00:23, FastEthernet0/0

               [110/11] via 10.0.1.1, 00:00:05, FastEthernet0/1

SW1-SW#

Now we have a case where absolutely everything that this site does not how to route to will make use of both links.

If the metrics were different we would not able to use both links. Because they are the same we can.

For failover now. ASA is advertising the 100.0.0.1 network out, I will subsequently find which path is taking to get there and shut it down.

SW1-SW#traceroute 100.0.0.1

Type escape sequence to abort.

Tracing the route to 100.0.0.1

  1 10.0.2.1 32 msec

    10.0.1.1 20 msec

    10.0.2.1 44 msec

  2 10.0.0.1 52 msec

    172.16.1.1 56 msec *

Seems to be going via MPLS for now, I will shut the MPLS link down from R2. Then we should be left with one default route via R1.

SW1-SW#show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.0.1.1 to network 0.0.0.0

     10.0.0.0/30 is subnetted, 2 subnets

C       10.0.2.0 is directly connected, FastEthernet0/0

C       10.0.1.0 is directly connected, FastEthernet0/1

C    192.168.1.0/24 is directly connected, Loopback192

O*IA 0.0.0.0/0 [110/11] via 10.0.1.1, 00:09:36, FastEthernet0/1

SW1-SW#

SW1-SW#traceroute 100.0.0.1

Type escape sequence to abort.

Tracing the route to 100.0.0.1

  1 10.0.1.1 20 msec 20 msec 24 msec

  2 10.0.0.1 40 msec *  28 msec

SW1-SW#

Here we can still get to 100.0.0.1, its the same if we failover the other way, shutting the path down from R1 but having R2 as active. We have full resiliency and also making use of both links bandwidth available.

Thats all 3 requirements met, but there are many ways to accomplish this.

hth.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.
372
Views
15
Helpful
17
Replies
CreatePlease login to create content