Load-balancing across four T1's on 2 routers

Perhaps you could use .1Q trunking between the 2800 routers and the
layer 3 switch.

On each 2800 define two sub-interfaces on the FastEthernet major
interface - 1 for each T1 - if a T1 is up advertise only the default
route for that T1 over the corresponding FE sub-interface (VLAN) to the
layer 3 switch.

If all four T1 are up, the layer 3 switch will have 4 default routes
and will load balance on a per destination basis over these four
routes.

Need to figure out if reliable static routing using object tracking or
something similiar can accomplish the above routing scenario.

 

What is the make and model of the layer 3 switch

If it is Cisco what is the IOS version ?

 

It is a Cisco 3750 switchstack running the latest - 12.2(25)SEE2

 

Interesting idea. I'll have to see if i can do something like that.

Thanks!
Sean

 

Is there any flexibility with respect to the IGP routing protocol ?

Which routing protcols will your ISP support over your T1 links ?

What IOS is/will be used on the 2800 's ?

BTW how does the ISP intend to deal with this issue as it affects your
inbound traffic ???

 

Would your ISP support BGP to you with a private AS number ?

Would you consider using BGP instead of OSPF ?

If you ever want to install redundant firewalls that are both active at
the same time, then BGP is a good choice becuae it use TCP sessions and
traffic to neighbour is unicast.

see Cisco doc

http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008009487d.shtml

 

OBTW it is possible to support ECMP with BGP, the magic knob is max
paths

router bgp <AS>
maximum-paths eibgp 4

 

Sean

Thanks for the reply, but now it's even more "puzzling". Just out of
curiosity, since you have everything redundant (2 routers from an ISP +
2 switches + firewall with failover) why ONE ISP? ;-)

Sure.
With your current setup, I'd get rid of L3 pair and use OSPF on the
firewall (assuming it's a Cisco pix failover pair with more or less new
version).

You are absolutely right. And as always there is a "BUT"
Most likely client will be using just ONE T1 for any current session,
unless you do some "serious magic" like "per-packet" or "no ip
load-sharing per-destination". And some times people just want to
download stuff faster then 180kB/s. If you would use MLPP - any given
session is capable of getting up to 360kB/s guaranteed. And yes, if you
lose a T1 - you lose the "whole" router because of OSPF. But there are
always other ways of doing things (keeping in mind that T1 would be
fixed within reasonable period of time). For example you can use BGP
with link bandwidth feature between you and ISP. (using EIGRP between
you and ISP would be unconventional, but possible). Or even better
scenario - get two ISP with 2 T1 each. MLPP with each ISP. BGP (default
+ local routes) towards you from each ISP. GLBP/HSRP/VRRP or OSPF on
routers.

just my 2c
Roman

 

Hi Roman

On the one ISP thing, that is just how they want it - this is just a
small contract job i'm doing.

My experience is mainly related to OSPF not BGP. I'll start looking at
BGP, it sounds like it may be a better fit? If you have any pointers
on setting it up using BGP let me know!

Thanks
Sean

 

There is probably some flexiblity in regards wo which IGP routing
protocol we use.

Do you think a different routing protocol would work better in this
scenario?

The 2800's will run the latest 12.4 IOS

 

They might, although I'll have to do some quick reading on BGP, as my
routing experience is mainly OSPF.

I'll check out the link, if you have any pointers on how to set this up
using BGP let me know!

Thanks again for your help
Sean

 

I would defintiely use BGP if I were implementing this network
scenario.

BGP via route maps provides a great dealing of flexiibility with
respect to route manipulation and filtering. Filtering routes in OSPF
can only be done in some special cases.

BGP has the ability to do equal cost multi-path load balancing (
requires configuration). It would allow you to address the issue I
raised about getting blackholed if the ISP access router becomes
partitioned, etc, etc.

BGP has the ability to establish its TCP session thru a firewall and
this is must useful in case of having two active firewalls.

The ISP can advertise just default or default + the ISP routes (ie
..partial BGP routes).

If you need to change ISP providers in the future the new provider
might not be willing to support OSPF. ALL ISP's that I have encountered
will support BGP.


I would also take another look at MLPPP - at least find out if the ISP
will support.

 

Sean

In you case (one ISP) BGP scenario will be really easy.
You will have a luxury of using BGP on low-end boxes just because you
need only default from your provider. Also (as Merv pointed earlier)
you need "maximum-paths" configured

Something like this (for v12.4):

router bgp <private AS number that ISP and you agreed upon>
bgp log-neighbor-changes
neighbor <ip of the first T1 ISP router1> remote-as <AS number of you
ISP>
neighbor <ip of the second T1 ISP router2 or router1> remote-as <AS
number of you ISP>
maximum-paths 4

address-family ipv4
neighbor <ip of the T1 ISP router1> activate
neighbor <ip of the T1 ISP router2 or router1> activate
no auto-summary
no synchronization
network <"your" subnet> mask <"your" mask> {your provider will
decide about your BGP route announce}
exit-address-family


In case of MLPP use - here is the link
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t2/ftbgplb.htm


Roman Nakhmanson

 

Great, thanks for the detailed information. Does BGP support
UNequal-cost load-balancing? Something like if we lose one T1, one
router will receive 2/3 of the traffic and the other will receiving 1/3
of the traffic?

EIGRP supports UNequal-cost load-balancing in that manner, what do you
think about a solution using EIGRP and MLPP?

 

Sean

Yes, just add couple more command to your BGP config
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t2/ftbgplb.htm

EIGRP between you and ISP? Not a good practice, but possible
It's OK to use MLPP between you and ISP anyway, especially if you have
BGP load bandwidth configured

If you have 2 routers with multilink connection (2 T1 bundle)
Your BGP part would be something like this:

router bgp <private AS number that ISP and you agreed upon>
bgp log-neighbor-changes
neighbor <ip of the first multilink ISP router1> remote-as <AS number
of your ISP>
neighbor <ip of your router2> remote-as <private AS number that ISP and
you agreed upon>
maximum-paths 2

address-family ipv4
bgp dmzlink-bw
neighbor <ip of the T1 ISP router1> activate
neighbor <ip of the T1 ISP router1> dmzlink-bw
neighbor <ip of your router2> activate
neighbor <ip of your router2> next-hop-self
neighbor <ip of your router2> send-community both
no auto-summary
no synchronization
network <"your" subnet> mask <"your" mask> {your provider will decide
about your BGP route announce}
exit-address-family


Roman Nakhmanson

 

It is not clear that when a link within an MLPPP bundle drops, that the
BGP link bandwidth feature woud re-advertise all the affected external
routes to its internal BGP neighbours.

Since the EBGP external link bandwidth are carried within extended
communities this would have to occur in order for the iBGP neighbors to
load bancing accordingly.