cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
475
Views
0
Helpful
5
Replies

ASAP i need help on designing internet loadbalancing with 2 same or different isp and having public bgp AS number and public ip pool /24 at my end

i need help on designing internet load balancing with 2 same  or different isp and having public bgp AS number and public ip pool /24 at my end , i have attached diagram for example to have the design reference

any standard generic document with config please or any solutions doc ?

5 Replies 5

Dear,

I hope you are looking this document.

http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13762-40.html

this link will also help you to make better design.

https://supportforums.cisco.com/discussion/11138456/bgp-multihoming-dual-enterprise-routers-diagram-attached

hope it will help you,

Kazim Abbas

thanks for the reply syed,  but i am more looking on outbound traffic load sharing , i need the example config related to attached diagram, mean on edge internet router and more on asa firewall, how i can configure configure the firewall to send traffic to edge router , either i need to run GLBP on edge router ? so i can send the traffic to glbp vip ?

If this is a normal ASA system only one firewall is active at a time.  So you only need to provide first hop protection.  Because one one asa is active at a time, you wont get any benefit from the use of glbp, so I would use the very mature Cisco HSRP.

You can use normal BGP load balancing.  If you think you need something more precise then consider using Pfr (Performance Routing):

http://docwiki.cisco.com/wiki/PfR:Solutions:InternetOutboundLoadBalancing

thanks philip, whe i have public subnet between firewall and ISP A & B, glbp works i hope ?

so the user outbound traffic from firewall will hit to glbp vip then will have ibgp between isp A&B then will go via ISP A or B is this works fine ?

I don't think GLBP will load balance effectively, and you shouldn't rely on that mechanism.

The active firewall will arp for the default gateway.  GLBP will respond with one of the routers.  The ASA will then send all of its traffic until the ARP entry responds.  When the arp entriy expires it will arp again for the default gateway and GLBP might respond with the same router or the other router - but this will be quite some time down the track.

You should rely on BGP to do the load balancing, and Pfr if you need it to tweak the load balancing even further,

Review Cisco Networking for a $25 gift card