cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3928
Views
10
Helpful
12
Replies

Cisco 2811 infrastructure question

Hello guys,

I'm a little new to Cisco tech. So i have this question:

I have a 2811 router witch by default has 2 FE ports witch can be configure 1 for WAN (ISP) and 1 for LAN (internal network). My question is this: what module / solution do i have to take to have let's say ... 2 more WAN interface. I would like to  have backup lines for my internet connection, and when one becomes unavailabe the traffic will be routed on the second and so on. I'm intrested in 2 more WAN ports.

Best regards,

Gabriel Tudoran

12 Replies 12

Kevin Brennan
Level 1
Level 1

Hi Gabriel,

From a hardware perspective, the HWIC-2FE should suit your needs - Just be sure to check your IOS version for support.

http://www.cisco.com/en/US/prod/collateral/routers/ps5854/product_data_sheet0900aecd80581fe6_ps5855_Products_Data_Sheet.html

Note that you wont actually get anywhere near fast ethernet routing speeds in the 2811.

You could also use a HWIC-4ESW and vlan interfaces. This would be cheaper, but would have less flexiability as the L2 interfaces don't have the same range of features that the L3 ones have

With respect to failover, you might look at dynamic routing with your ISP or using PBR with tracking (http://www.cisco.com/en/US/products/ps6637/products_ios_protocol_option_home.html)

HTH

Kevin

Message was edited by: brennan.k

Hello brenan.k and thank you a lot for your quick answer.

I didn't understand this sentance: "Note that you wont actually get anywhere near fast ethernet routing speeds in the 2811.".

I don't have the same ISP for my 2 WAN connections, i have 2 optic fibers from 2 different ISP.

And another quick question that come in mind: could i use the 2 buildin ports from 2811 (FE0 and FE1) as WAN connections and then buy a much cheaper module for LAN - sitch module (like HWIC-4ESW)?

Best regards,

Gabriel Tudoran

Gabriel

The 2811 with CEF switch can support throughput of approx 62Mbps so you won't get anywhere near 1Gbps throughput. That's normal for routers, if you need very high throughput you use L3 switches.

Yes you could use inbuilt ports for both WAN connections if you want and then use an ethernet switch module.

Jon

That is a excellent news. So i will use the 2 buildin ports FE0 and FE1 as WAN ports (2 connect @ 2 different ISP) and i will buy a switch module HWIC-4ESW to connect the LAN (does it suport VLAN on SW ports ? if not that is not a big problem).

The 60Mbs is ok in the terms of speed.... is more then enough if i remember well.

ciscobisbucharest wrote:

That is a excellent news. So i will use the 2 buildin ports FE0 and FE1 as WAN ports (2 connect @ 2 different ISP) and i will buy a switch module HWIC-4ESW to connect the LAN (does it suport VLAN on SW ports ? if not that is not a big problem).

The 60Mbs is ok in the terms of speed.... is more then enough if i remember well.

They do support vlans but as Kevin says you need to be careful when buying them to make sure that they have all the features you need eg. some of the ethernet switches can set their ports to either routed or switched mode whereas others can only be switched.

The link i sent previously has a Q&A as well as a data sheet for each module so it would be a good idea to have a read and there are many posts on these forums about these modules where someone wants a routed port but got the wrong module so just do a bit of investigation before you purchase.

Jon

So, all in all to make a conclusion:

My network infrastructure looks this way:

ISP 1 --------   >  FE0                                                        |      CLIENT 1

                            CISCO 2811 router with HWIC-4ESW > |      CLIENT 2

ISP 2 --------   >  FE1                                                        |      CLIENT 3

The scope of this is is:

1. provide the clients 1,2 and 3 with internet link trough NAT

2. provide a level of failover for clients 1,2 and 3 (if one link is down then 1,2 and 3 will still be able to access internet trough ISP2) - as far as i can figure it out... a i could implement that useing metric like metric 1 for primary route and metric 10 for secondary route.

3. provide access from internet to internal computers useing site to site VPN (i do have some CISCO 800 series that will be on the remote sites)

As far as i read i saw that 4ESW does not provide any routing ports (that is ok with me as far as i can use the tow buildin ports for ISP connectons)

So as far as i'm concerned ... that could be a viable network structure. As long as i can isolate the 4 ports in 4 different Vlans and every Vlan could access the internet (and i didn't saw any limitation regarding this).

Best regards,

Gabriel Tudoran

Hi Gabriel,

Yes, your plan looks okay.

Point 1 is fine.

Point 2 - You mentioned that your circuits were delivered via fiber? If they are ethernet and then go through a transceiver to give you copper ports you may have a small problem with detecting when a link is down. (Some of them will not pass on a no carrier condition). If this is the case, you can track the next hop ip address for that ISP.

Point 3, you might have some difficulity with because of how NAT and VPN technologies interact. WIll you be using BGP with your ISP's? and do you have your own PI address space?

HTH

Kevin

No we don't use BGP and we only have one IP address from our ISP (one from ISP 1 and one from ISP 2)

Hi Gabriel,

In that case it might be an idea to create two GRE over IPSEC tunnels from your remote 800 series router to the 2811 and then run a dynamic routing protocol. You'll get load balancing with EIGRP.

Kevin

Hi Gabriel,

The HWIC-2FE has two fast ethernet ports. The 2811 is not fast enough to be able to route between 2 fast ethernet ports (ie at the full 100Mbs per port)

This PDF will show you the max performance figures of the router (http://www.cisco.com/web/partners/downloads/765/tools/quickreference/routerperformance.pdf)

With respect to your second question, yes you could do that. A port can only be called LAN or WAN once you decide what you want to do with it!

I'd recommend that you read the HWIC-4ESW (and HWIC-9ESW) datasheets carefully before you decide to use them. I tried using them some time ago and they have some small, but potentially significient, limitations depending on how you want to use them.

HTH

Kevin

Jon Marshall
Hall of Fame
Hall of Fame

Gabriel

You don't say what type of port you need ie. ethernet/serial etc.. Assuming ethernet see the attached link. The link is for all modules that can go in the 2800/2900 series routers so if it isn't ethernet you should be able to find what you are looking for. When you find the correct module have a look at the data sheet for that module as it tells you in there whether it can be run in your model of router, how many you can have and what IOS version you will need -

http://www.cisco.com/en/US/products/ps5854/products_relevant_interfaces_and_modules.html#ethernetrouted

Jon

shailesh.h
Level 1
Level 1

I suggest pl. share the current and future requirement.. and state why u want to stick to 2811 router when other options available..

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco