|
Re: How to do load-balancing with multiple uplinks
On Sun, 28 Aug 2011 15:04:01 +0200, "Elia S."
<admin@NOSPAMspadhausen.com> wrote: >Hello >I am in this situation: > >I have two DSL Routers, doing NAT on the following IP: > >R1: >WAN: pppoe dialup adsl >LAN: 192.168.27.1/24 > >R2: >WAN: pppoe dialup adsl with ISP #2 >LAN: 192.168.27.2/24 > >I have one Cisco router 2621 that does NAT and "manages" a pool of wi-fi >users. > >I have this routers configured as the following: >FAST0/0 192.168.27.100/24 ("WAN" SIDE) >FAST0/1 10.0.0.1/24 (LAN SIDE) >I do NAT between fast0/0 and fast0/1, I do DHCP, and an ACL. > >My question is: > >is there a way to let my c2621 to connect to the internet, sharing load >between R1 and R2? > >I dont want per-packet load sharing because it can broke HTTPS connections, >or SIP calls. > >Anyone has suggestions? >thank you you can try allocating different users / IP addresses to the 2 routers http://www.cisco.com/en/US/prod/coll...sentation.html anything that help an individual PC is going to need session load balancing.... -- Regards stephen_hope@xyzworld.com - replace xyz with ntl |
Re: How to do load-balancing with multiple uplinks
Elia S. <admin@NOSPAMspadhausen.com> wrote:
> Hello > thank you for your answer. > The problem actually is that I have no control on R1 and R2. I just have my > 2600 router behind them, and I would like to balance my users (in NAT, DHCP > behind the 2600) to go out someone via R1 and others via R2 in a balanced > manner... There are cheap routers from companies like Draytek that perform this function out-of-the-box. To do it on a Cisco is possible, but quite a bit more difficult. If you do not want to buy something else, you will need to setup the router in such a way that half of the addresses go out via one link and half via the other (you will need to setup policy routing where a different default gateway is chosen depending on the source address of the traffic). There are solutions from Cisco that claim to do what you need, like: http://www.cisco.com/en/US/tech/tk64...80950834.shtml While I have not tested this particular solution on recent IOS software, my experience in general with having two default routes in IOS is that it does not work in practice, because it sends internet trafic randomly over the two interfaces specified as default, without looking at the source address. Your internet provider will likely block the traffic you send on one link with the source IP address of the other. That is why the policy routing is (in my experience) always required. |
Re: How to do load-balancing with multiple uplinks
Elia S. <admin@NOSPAMspadhausen.com> wrote:
> Hello Rob. > > After well reading your message I think that this could be an idea: > > > R1: 192.168.27.1 > R2: 192.168.27.2 > > R1 and R2 do NAT. > > c2651XM: > WAN side: 192.168.27.200/24 > LAN side: 192.168.0.254/24 > DHCP enabled. > > I have a pool of DHCP addresses from > > 192.168.0.1 to 200 > > I would like to create a route map that does this: > > route-map PBR permit 100 > match ip address TO-R1 > set ip next-hop 172.16.0.1 > > route-map PBR permit 100 > match ip address TO-R2 > set ip next-hop 172.16.0.2 I thin you must mean 192.168.27.1 as your next hop... > ip access-list extended TO-R1 > permit ip host 192.168.0.1 any > permit ip any host 192.168.0.1 > permit ip host 192.168.0.2 any > permit ip any host 192.168.0.2 > > > ip access-list extended TO-R2 > permit ip host 192.168.0.100 any > permit ip any host 192.168.0.100 > permit ip host 192.168.0.101 any > permit ip any host 192.168.0.101 It should be sufficient to have only the permit ip host x.x.x.x any lines. > The route-map PBR should be enabled to the LAN interface of the c2651XM. > > My question now is how about NAT ? > > > How can I setup NAT ? With NAT you can use route-map as well. Like this: ip nat inside source route-map map-1 interface ... overload ip nat inside source route-map map-2 interface ... overload route-map map-1 permit 10 match ip address adsl-1-overload set interface ... set ip next-hop ... route-map map-2 permit 10 match ip address adsl-2-overload set interface ... set ip next-hop ... ip access-list extended adsl-1-overload permit ip host 192.168.1.2 any permit ip host 192.168.1.4 any ip access-list extended adsl-2-overload permit ip host 192.168.1.3 any permit ip host 192.168.1.5 any |
Re: How to do load-balancing with multiple uplinks
Elia S. <admin@NOSPAMspadhausen.com> wrote:
> Wich default route do I put in the router? Just R1... because NAT is handled > by route map. > > right? This route-map directs the traffic that you are NATting the right way. Any default route that you put in is only used for other traffic from the router. (e.g. when you have setup ntp) When you want to balance all the traffic you can use a loopback interface and use a route-map as you have made before for traffic flowing via that loopback interface and then route default to the loopback interface. |
Re: How to do load-balancing with multiple uplinks
Elia S. <admin@NOSPAMspadhausen.com> wrote:
> Hello > I would like to balance the traffic between R1 and R2, but my fear is that > some connections go out from R1 and others via R2, and for example an HTTPS > connection will be broken. > > I would like to do a load balancing but source-based... When I used it some years back (the examples are cut from my config of that time) I concluded after a lot of reading that such a static mapping was the only possibility on IOS. With a Linux system it would not have been a problem to balance based on "sessions", so that each TCP or UDP session would be fixed to a single external connection, but outgoing sessions would be dynamically allocated to the two connections. (e.g. a webpage with several images would be loaded partly over one and partly over the other connection). The "out of the box" solutions also do that. It seems that the mechanisms to do this were not present in IOS, but it looks like this has been improved later. It may well be that with a modern IOS version you can do this. I have seen examples of configs that improve on the static mapped config in that they perform a "failover", i.e. when one of the lines is down it does not mean half your internal computers have no internet, but all the internet traffic is routed over the other line. However, I have become wary of configs that solve it using two default routes, as my experience is that two default routes means all outgoing traffic is packet-by-packet balanced over the two outgoing interfaces. This does not work unless the two lines as sold by one ISP specifically for the purpose of balancing. And of course you buy your two lines from two different ISPs anyway. But maybe this problem has been solved as well... |
| All times are GMT. The time now is 05:52 PM. |
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.