Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
541
Views
6
Helpful
8
Replies

Host Based Load Balancing on Multihomed Networks

Go to solution
brberg05
Level 1
Level 1

‎02-26-2024 07:01 PM

I've been struggling to understand the best practice for load balancing (per host) on multi-homed networks. Ensuring that the load balancing is based on the host is crucial because sessions do not work properly if split between separate ISPs. I am working on an example network at my school and have had this issue discussed in interviews.

I have an example network that I made in packet tracer of the network at my school. The design is funky because of the limited ethernet ports on the routers and the lack of servers. My idea is that the middle router will be the DHCP service, while the Edge Routers will run NAT and VRRP.

Some possible solutions that I have seen are:

dCEF: This solution seems like the best, but I am worried that some of the equipment is too old to support this and this solution is not vendor-neutral.

anycast: I am not sure that you can use anycast IPs on interfaces connected to a LAN because flooded traffic will reach all of the anycast interfaces.

NAT with Source IP Affinity: This solution maps NAT IPs statically. I'm not sure that this works with PAT or on a distributed NAT design.

PBR: I am unsure how to configure this so that it load balances per host and can also support failover.

BGP ECMP: I don't believe that this works for host-based load balancing.

 

brberg05_0-1709001755251.png

 

All suggestions are appreciated.

 

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP
In response to brberg05

‎02-26-2024 09:40 PM

If the host use router in middle as GW then you can use pbr and load balance as I mention above 

If the GW is edge routers connect to two isp then the mhsrp is solution which also need split yours host to two vlan 

Make one edge router hsrp active of one vlan and standby of other.

In hsrp ypu can use track 

In pbr verify reachability you can use

MHM

View solution in original post

Go to solution
brberg05
Level 1
Level 1
In response to MHM Cisco World

‎02-26-2024 10:01 PM - edited ‎02-26-2024 10:09 PM

Wow, I did not realize multigroup FRHPs were a thing! I believe multigroup FHRPs are the solution, except if you are using Cisco equipment that supports GLBP because GLBP supports host-based load balancing without messing with the default gateways in DHCP. However, if you are using vendor-neutral equipment your best bet would be to use multigroup VRRP for L2->L3 interfaces and PBR for L3 interfaces.

PBR (based on route maps)

multigroup FHRPs (based on VLANs)

GLBP (Cisco Proprietary, based on hosts)

View solution in original post

0 Helpful
8 Replies 8

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎02-26-2024 08:06 PM

one thing not clear  "host-based load balancing" is this for incoming from outside or inside to outside ?

inside to  outside :

Do you have many IPv4 subnets ? or only Large one subnet ?

if you many large subnets you can split the load different providers based on source.

check below example setup :

https://www.balajibandi.com/?p=1982

https://www.balajibandi.com/?p=1643

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
brberg05
Level 1
Level 1
In response to balaji.bandi

‎02-26-2024 08:29 PM

Because I have two separate Routers running NAT, the outside connection can only come in through one Router. Therefore, the host-based load balancing is for the hosts in the LAN (inside to outside). To answer your questions about subnets, I have many smaller subnets that can be described in one large summary network. You mentioned "you can split the load different providers based on source," but how do you do this while ensuring failover?

I do not see a solution for load balancing in what you provided. I see that you provided how to have Dual ISP Failover without an FHRP, but even that solution is limited in your design because of your single point of failure.

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to brberg05

‎02-26-2024 08:50 PM

Load balance with two ISP the solution is PBR' 

What you need is split hosts into two group each group will use specific ISP 

The PBR ISP1 will

Match host group 1

Set ip nexthop ISP1

And PBR ISP2 

Match host group 2

Set ip next-hop ISP 2

 

MHM

Go to solution
brberg05
Level 1
Level 1
In response to MHM Cisco World

‎02-26-2024 09:24 PM

So to understand correctly, to configure PBR I would need to:

(1) configure ISP SLAs for failover or have backup default routes

(2) configure a route map for PBR on both edge routers

(2b) or if preemption is enabled on VRRP, a route map is only necessary on the master router

(3) apply the PBR to the LAN interfaces

The only concern I have with this is that there isn't much guarantee of traffic being semi-equally distributed, which cannot be easily solved because it would likely be too cumbersome to track traffic usage and continuously create extensive policies. Also, VRRP would be sending all of the traffic through one router, which can become overloaded in a bigger network.

My other options would be to use GLBP or a dedicated Load-balancing system which would provide a much more equal distribution of traffic and be easier to configure. It seems like ideally, you would want a dedicated server cluster that handles a DHCP service that has built-in traffic monitoring and load balancing to determine the default gateway from a list.

Go to solution
MHM Cisco World
VIP
VIP
In response to brberg05

‎02-26-2024 09:40 PM

If the host use router in middle as GW then you can use pbr and load balance as I mention above 

If the GW is edge routers connect to two isp then the mhsrp is solution which also need split yours host to two vlan 

Make one edge router hsrp active of one vlan and standby of other.

In hsrp ypu can use track 

In pbr verify reachability you can use

MHM

Go to solution
brberg05
Level 1
Level 1
In response to MHM Cisco World

‎02-26-2024 10:01 PM - edited ‎02-26-2024 10:09 PM

Wow, I did not realize multigroup FRHPs were a thing! I believe multigroup FHRPs are the solution, except if you are using Cisco equipment that supports GLBP because GLBP supports host-based load balancing without messing with the default gateways in DHCP. However, if you are using vendor-neutral equipment your best bet would be to use multigroup VRRP for L2->L3 interfaces and PBR for L3 interfaces.

PBR (based on route maps)

multigroup FHRPs (based on VLANs)

GLBP (Cisco Proprietary, based on hosts)

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to brberg05

‎02-27-2024 10:35 AM

I am sure you can find the solution for PBR if you like to use both the ISP for outgoing.

for incoming you need to have DNS manipulation or 2 ISP address in DNS Address with different weight  to use when other failed to retrieve.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎02-27-2024 11:46 AM

A real world solution I've used, assuming you have your own public AS, is use PfR to outbound dynamically load balance flows, both based on link loading and end-to-end response time.

PfR can also try to provide inbound load balancing but practically that's much more difficult to achieve.

Customers Also Viewed These Support Documents