WAN Connection using 2 Paths, one for up one for Down?

Discussion in 'Cisco' started by Scott Townsend, Apr 2, 2007.

  1. We have a remote office that is currently connected via Point to Point T1
    via T1. SO we have the 1.5meg connection.

    We'd like to get a DSL/Cable Internet connection for Faster Download access.

    We have a PIX that We'd like to add to the Mix. (already have one at HQ)

    What would be the best way to do the routing for this. I would want all
    upload traffic from the remote office to use the T1 to the Office and All
    traffic from the Office to use the Site to Site VPN on the Pix to the Remote

    Any Suggestions?
    Scott Townsend, Apr 2, 2007
  2. If all the traffic from the remote office is to go to HQ, and all
    traffic from HQ is to go to the remote office, then where does
    Internet access fit in? Is it to be handled independantly at the
    two offices, or is one office supposed to forward Internet-bound
    traffic to the other office for processing? If it is to be
    forwarded, then you would need PIX 7.x in order to get the forwarding

    If you intend to split traffic, two unidirectional branches, then
    you need to recombine the traffic before it enters the PIX, or else
    the PIX will only see one side of the conversation and will not be
    able to firewall properly (and so will drop all the TCP conversations.)
    The recombining is going to require a router of some kind.

    Once the router is in place, directing the traffic unidirectionally
    would be a simple static default route pointing through the desired ISP.

    On the other hand, if you want the configurations to notice that
    one of the paths has gone non-functional (DSL and cable don't have
    the greatest of reliability), then your configuration gets much more

    Using two unidirectional links is also a waste of bandwidth. What
    you'd prefer to do is use something like OSPF with Unequal Cost Routes
    so that the two possible routes are used in proportion to their capacities.
    Walter Roberson, Apr 3, 2007
    Not to mention Frame T1s are 1.5 mbit full duplex (we'll see if this
    turns into an argument as it has in the past). So while I won't say
    that applications will be impacted if one side gets eaten up, I agree
    that load balancing with your provider is what you want to do, not
    split up vs. down. But given the ambiguity in internet vs. site to
    site connections, I'm not really sure what you are trying to do.
    Trendkill, Apr 3, 2007
  4. The main reason for the T1 was to be able to send Backups of the Office Data
    Though the Remote office is really 3 homes. So the existing 1.5meg T1 is
    used for Internet Access mostly.

    We were thinking to use the Cable/DSL for all Internet Traffic.
    Use the T1 for all Inter Office Traffic.

    Though it would be nice at Night when the Backups happen, to take advantage
    of the 6meg Intetnet Connection and push the backup data to the remote
    location via the internet (HQ hads a 6Meg (4T1s) Connection to the Internet

    So taking Time out of the equation, Can I have HQ send all traffic to remtoe
    site via Internet/VPN
    Have remote Site send All Traffic to the Office via Point to Point T1
    Have remote Site use Local Cable/DSL for all Internet traffic.

    Seems like when we had a Remote Office in Sacramento, the Route the Packets
    took to get to the office went pretty much directly there. Though the Route
    it took to get to HQ went a state away as it connected via OC3 or something.

    Thanks for eveyone's help...

    Scott Townsend, Apr 3, 2007
    Trendkill, Apr 3, 2007
  6. Thanks for the Docs. I'll let them know what they are up against if we do
    this. I just wish the average internet connection was better then the
    typical 384K upload.

    We have other sites that have Local Internet access so they use Split
    tunnel, so that is already configured.

    Thanks again,
    Scott Townsend, Apr 3, 2007
