cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2012
Views
100
Helpful
15
Replies

Active active load balancing between 2 ports of ISR4221/K9

Is it possible to configure active-active load balancing between 2 ports of 4221 router? Both the routers are connected via VPN tunnel (P2P connection). 

1 Accepted Solution

Accepted Solutions

Hello
Yes L/B is possible, but can you elaborate on this a little please?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

15 Replies 15

Hello
Yes L/B is possible, but can you elaborate on this a little please?


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

I am having 2 routers ISR4221/K9 which are connected with P2P connections. There are 2 different ISPs. Both the links are running in Active-passive mode. But my requirement is to segregate the traffic over both the ISPs and link should be act as Active-Active mode. Right now, only one link is acting as a active and other one is acting as passive.

How can I do this? 

Is it possible on the mentioned router model?

Hello,

 

glad that you got the issue resolved. Can you post the final, working config for reference ?

By mistake I had clicked on the accept solution.

Issue is not resolved yet.

Hello,

 

basically, and that is without having seen you actual configuration, all you need to achieve load balancing is two default static routes. You might want to configure IP SLAs as well to make sure the routes are removed when the respective VPN is down.

 

Post your running configuration so we can get a better picture and come up with suggestions.

Hello


@AnkushPatwari6649 wrote:

But my requirement is to segregate the traffic over both the ISPs and link should be act as Active-Active mode. Right now, only one link is acting as a active and other one is acting as passive


Maybe Policy based routing would be applicable, In which you would have a default path via ISP1 and then you policy route certain traffic via ISP2 and if either ISP fail routing would failover via the active path, However this would be only for egress traffic as the return path could utilize just a single ISP

Another alternative could be to utilize routing path metrics/attributes to manipulate egress/ingress traffic between both ISP links, but this depends on what routing processes you are running and how its currently setup between your wan rtr and its isp connections

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Can you help me with the configuration commands?

On which model the ingress and egress traffic we can segregate?

To segregate the egress traffic would be a solution for me. Pl help with the commands that how can I apply it?

 

Hello,

 

do you have the running configuration of your 4221 ?

Hello,

 

how are both routers connected internally ? If you don't have the configs, post a diagram of the topology, so we can see how everything is linked together...

Joseph W. Doherty
Hall of Fame
Hall of Fame

"Both the routers are connected via VPN tunnel (P2P connection)."

BTW, generally a VPN tunnel is considered a single flow and would flow across just one link.

However, if you have more than one VPN tunnel, they might be balanced across links.  Although, unless you do something like PBR (and force particular VPN tunnels to "prefer" one link over another) or use something like PfR (which does dynamic load balancing), multiple VPN tunnels might use the same and/or busier link.

 

I'm having only one tunnel. I have configured IP-SLA for the failover. But unable to divide the traffic over both the ISP links.

PBR means do I have to create ACLs for the traffic flow based upon the protocols? 

Hello,

 

is it actually you configuring the router(s) ? I am just asking because you say you do not have access to the router configs.

 

It is difficult to give any advice, since you say you have only one tunnel, is that one tunnel on each router ?

 

As asked before, we need to see a diagram of your topology.

Review Cisco Networking for a $25 gift card