I just attached the diag.

VRRP is an option if it will accomplish what we need. Its been a while since I used VRRP. Will VRRP allow us to use 3 IP address instead of 2 as is the case with hsrp?

Hello,

my bad, I actually meant GLBP, which does load-balancing. You can put all three routers in the same GLBP group, and use one single virtual address.

https://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html

Attachment was re-attached.

"When you running HSRP, its going to be Active / Standby mode right ? are you able to utilize exiting 2 ISP equally?"

A- We are able to utilize both existing ISPs; however, I am not sure if we are using them equally. What would be the best way to find out?

"How is your E and I BGP config to load-balance between ISP ?"

A- We are not using any type of BGP load-balancing solutions or techniques. I open to any suggestions.

"what is the Goal or expectation of adding 3rd ISP ? to best utilize the load equally with all 3 ISP and Failover if any of the ISP fails to other 2 ISP, what is your existing arrangement?

A- We experienced an extended outage with one of our ISPs (week and 1/2) and we were running a single connection to the Internet. The goal is to add a 3rd so if one of the 3 connections to the Internet were to fail, we would still have 2 connections for performance and load-balancing purposes.

Thanks, ~zK

i would like to see some of the configuration of yours how you have set up to suggest better.

My prefer method is to use all 3 ISP equally when they available  - so you have good performance and value for money.

If one of the ISP Gone down the same load will be shifted to the other 2 ISP so on.

Will you consider changing the design to best practice with minimal downtime and test, or you like to just add 3 ISP Router and go on with the existing arrangement, (may have some implication and limitation).

George Pauwen provided a great solution the above thread.

So, my proposed design would be to interconnect edge router 3 (new router connected to ISP3 to edge rtr 1 or edge rtr 2 and use iBGP between them; connect edge rtr 3 to the edge switch 1 via L2 (the same as as edge rtr 1 and edge rtr2); change hsrp to GLBP and create a group of three routers (edge_rtr_01: 10.10.10.102; edge_rtr_02: 10.10.10.103; edge_rtr_03: 10.10.10.103; and VIP: 10.10.10.101).  

Yes, we will consider changing the design. I am interested in learning more about your suggested ideas of creating load-balancing between the 3 bgp on the edge routers.

Hello @zekebashi ,

I am sorry to give you bad news but GLBP protocol load balancing is based on ARP activity.

This means that if the underlying active firewall ARPs for the GLBP VIP address 10.10.10.101 to be used as next-hop for a single static default route it will get a single answer per time. So for each time interval equal to the max time an ARP entry can stay on the firewall a single edge router / GLBP forwarder will be used.

This is not load balancing in outgoing direction.

GLBP works on user facing VLANs where different users are redirected to different AVG forwarders achieving load balancing.

Here what you can do on the firewall it to use three default static pointing directly to the three edge routers

ip route 0.0.0.0 0.0.0.0 10.10.10.102

ip route 0.0.0.0 0.0.0.0 10.10.10.103

ip route 0.0.0.0 0.0.0.0 10.10.10.104

This can be used in combination with iBGP full mesh between the three edge routers.

Edit:

because there are L2 LAN switches between the firewalls and the edge switches you have two options to detect a single edge router failure either you deploy an IGP like OSPF with each router generating a default route in OSPF or you need IP SLA on the firewall to track availability of the edge router next-hops 10.10.10.102, 10.10.10.103, 10.10.10.104.

Hope to help

Giuseppe

We experienced an extended outage with one of our ISPs (week and 1/2) and we were running a single connection to the Internet. The goal is to add a 3rd so if one of the 3 connections to the Internet were to fail, we would still have 2 connections for performance and load-balancing purposes.