Dual ISPs - Equal Cost Load-Balancing

Alexander Deems · ‎10-18-2012

Hello,

I am wondering if it is possible to provide equal cost load balancing between two ISPs via EIGRP/OSPF? I have read some things online and it states that you need to use a router/BGP setup, but why would you not be able to perform equal cost load-balancing between the two ISPs? If you are able to peer with them using EIGRP/OSPF, I don't see why it would not work.

Can someone please help me with understanding why this would not work?

Thanks,
Alex

Giuseppe Larosa · ‎10-18-2012

Hello Alex,

the answer depends on the type of service you purchase from the ISPs.

If you refer to an internet access service, the use of an IGP like OSPF or EIGRP is not considered a valid option by ISP that doesn't want to share their network internal details with the customer with the risk to have these informations exposed to competitors (all this under the hyphotesis that the internet full table of ISP is in the global routing table of their routers, things change slightly if the ISP providing internet services within a dedicated MPLS VPN).

BGP is an exterior gateway protocol and allows exchange of routing information without leaking important information about internal network details.

BGP provides also a rich set of policy features allowing to implement complex routing policies.

If you refer to a service like L3 MPLS VPN where you have purchased this service from both SPs and all of your VPN sites are multihomed to both ISPs, there is a chance to use OSPF or EIGRP as the PE-CE routing protocol and then to implement some load balancing over the two SP clouds in reaching remote VPN sites.

To be noted the use of OSPF or EIGRP as PE-CE protocol requires additional configuration and resources on the SP routers, so some SPs can ask an additional fee for their use and other SPs may implement only eBGP as dynamic PE-CErouting protocol ( depending on their own choices).

Edit:

Last but not least, the service that you can buy to interconnect different sites can be a L2VPN, in this case no routing interaction happens with the SP networks and you are free to use the IGP of your choice.

Edit2:

peering with an IGP to ISPs or MPLS SP is technically possible but in most cases is not considered for security and other policies.

Hope to help

Giuseppe

Alexander Deems · ‎10-19-2012

Thank you for the quick response, and it makes sense about the security/policies of the ISP not allowing this type of connection.

I am basically trying to achieve a scenario where an ASA can load-balance between two ISPs for basic Internet access, and this automatically rules out BGP and PBR. I know that it is stated that the ASAs can not load-balance, but was thinking of the possibilities of load-balancing via an IGP.

I am not familar with BGP, but to avoid the security issues, would the below scenario be a possibility for the ISPs?

SP runs BGP on the PE and uses customer facing interface to peer with CE using IGP. From there the SP could redistribute the IGP into BGP.

paolo bevilacqua · ‎10-19-2012

It seems to me you are taking a wrong path in believing you can use an IGP to load balance internet connections, as It can't be done.

If you don't have your own address space and AS, you can onlt load balance using NAT. In doing that, the best results are achieved using a device called "load balancer". Other makers have a best market share than Cisco for these.