Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1502
Views
0
Helpful
14
Replies

EIGRP Load Balance traffic over 2 WANS

Go to solution
Mike Hogenauer
Level 1
Level 1

‎11-25-2013 10:47 AM - edited ‎03-04-2019 09:40 PM

Hi –

I have a new WAN link that I’m installing between our two Datacenters. Datacenter X and Datacenter Y. I need to load balance the traffic over both links and also so if one goes down the other will still forward traffic. I have an interesting environment as the side of the first WAN link goes directly into one of my cores – Datacenter X. The other end of the first WAN link terminates into an ASR1002 Router (Datacenter Y) with the inside interface of the ASR 1002 into the Core and the inside gateway is an HSRP priority VIP so traffic is already forced through a path based on the HSRP VIP.

The new (second) WAN link will have two ASR 1001 routers terminating each end of the WAN and the Inside interfaces will each then link into the cores at each datacenter.

Each datacenter is carved into a / 16 space

Datacenter X WAN Links:

-----------------------------------------

WAN link 1 is in subnet 10.10.1.0 /25  - the WAN facing interface for Datacenter X has an eigrp summary route of 10.2.0.0 /16 - telling all traffic in Datacenter Y that the 10.2.0.0 /16 space live in Datacenter X

WAN Link 2 is in subnet 10.10.1.128 /25 - the WAN facing interface for Datacenter X has an eigrp summary route of 10.2.0.0 /16 - telling all traffic in Datacenter Y that the 10.2.0.0 /16 space live in Datacenter X

The inside interface of WAN link 1 terminates into one of  two4507 Cores (core 1)

The inside interface of WAN link 2 terminates into an ASR 1001 and the inside interface terminates into one of two 4507 Cores. (core 2)

Datacenter Y WAN Links:

----------------------------------------

WAN link 1 is in subnet 10.10.1.0 /25 - the WAN facing interface for Datacenter Y has an eigrp summary route of 10.1.0.0 /16 - telling all traffic in Datacenter X that the 10.1.0.0 /16 space live in Datacenter Y

WAN Link 2 is in subnet 10.10.1.128 /25 - the WAN facing interface for Datacenter Y has an eigrp summary route of 10.1.0.0 /16 - telling all traffic in Datacenter X that the 10.2.0.0 /16 space live in Datacenter Y

The inside interfaces of each WAN router for Datacenter Y are in the same subnet 10.1.5.0 /24. Each WAN router inside interface terminates into a separate nexus 7K core running HSRP.

I need help with configuring traffic load balancing / sharing across both WAN links to each Datacenters. I'm concnered I can't achive what I want without either removing the HSRP configs and spinning up new VLANS or routed ports. I've attached a JPEG of the topolpgy.

Any help is greatly appreciated!

Thanks,

Hogie

Labels:
Preview file
107 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎11-25-2013 11:25 AM

Hogie

It is an interesting and somewhat complex situation  that you are describing to us and I believe that we do not yet have  sufficient understanding of your environment to give you good advice.

Based on what I think I understand so far I will offer these observations.

- It looks like both core routers in data center Y are on a common subnet with both of the ATT routers and so each Y core will have equivalent routes. Assuming that the summary advertised from X is received with the same advertised metric then both core Y routers should see equal cost paths to the data center X subnets and each data center Y router will attempt to load share the traffic that it receives from inside over the paths to X.

- the HSRP that you show in data center Y is active for the connection to thee ATT WAN routers and EIGRP is not affected by the HSRP. If you were using manually configured routes then HSRP could be a factor but not with EIGRP dynamically learned routes. In fact, based on what we currently know, I would wonder whether HSRP is doing much good.

- the situation at data center X is much more complicated and challenging to try to achieve load sharing. based on these factors

# each data center router has one EIGRP neighbor over the WAN and so will recieve 1 EIGRP summary advertisement directly and may learn the other path from its inside neighbor. But the metrics for this are almost certainly not going to be equal.

# this means that each router at data center X will prefer the summary that it learned directly and treat the summary that it learns internally as less desirable.

# so it becomes important to know how traffic from devices inside the network at X will try to get out.

# since one router at X is labeled as core and the other router is labled as Wave R4 is it logical to believe that most internal traffic from X will go through the core router at X?

So it looks to me like the routers at X will have an unbalanced view of how to forward outbound (will prefer the summary that they learn directly) and will receive unequal amounts of traffic from inside.

My thought is at this point that it is perhaps more effective to think of implementing some Policy Based Routing at the core of data center X that will identify some traffic and send it over the link to the Wave R4 as a way to achieve load sharing.

HTH

Rick

HTH

Rick

View solution in original post

0 Helpful
14 Replies 14

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎11-25-2013 11:25 AM

Hogie

It is an interesting and somewhat complex situation  that you are describing to us and I believe that we do not yet have  sufficient understanding of your environment to give you good advice.

Based on what I think I understand so far I will offer these observations.

- It looks like both core routers in data center Y are on a common subnet with both of the ATT routers and so each Y core will have equivalent routes. Assuming that the summary advertised from X is received with the same advertised metric then both core Y routers should see equal cost paths to the data center X subnets and each data center Y router will attempt to load share the traffic that it receives from inside over the paths to X.

- the HSRP that you show in data center Y is active for the connection to thee ATT WAN routers and EIGRP is not affected by the HSRP. If you were using manually configured routes then HSRP could be a factor but not with EIGRP dynamically learned routes. In fact, based on what we currently know, I would wonder whether HSRP is doing much good.

- the situation at data center X is much more complicated and challenging to try to achieve load sharing. based on these factors

# each data center router has one EIGRP neighbor over the WAN and so will recieve 1 EIGRP summary advertisement directly and may learn the other path from its inside neighbor. But the metrics for this are almost certainly not going to be equal.

# this means that each router at data center X will prefer the summary that it learned directly and treat the summary that it learns internally as less desirable.

# so it becomes important to know how traffic from devices inside the network at X will try to get out.

# since one router at X is labeled as core and the other router is labled as Wave R4 is it logical to believe that most internal traffic from X will go through the core router at X?

So it looks to me like the routers at X will have an unbalanced view of how to forward outbound (will prefer the summary that they learn directly) and will receive unequal amounts of traffic from inside.

My thought is at this point that it is perhaps more effective to think of implementing some Policy Based Routing at the core of data center X that will identify some traffic and send it over the link to the Wave R4 as a way to achieve load sharing.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎11-25-2013 12:05 PM

Hogie

          

I agree with Rick in terms of how DC X will see routes to DC Y and that it will favour the link directly connected to the core. And if you want to keep the same connectivity then PBR may be a solution but the trouble with PBR is -

1) you need to have a good idea of traffic flows to know how to load balance

2) it requires extra config in terms of failing over etc. if the link fails.

A simpler solution (although it may not be that simple depending on fibre runs etc.) is to not use the wave router and simply run the connection back to core 2. This would then solve the issue of the extra hop although it assumes the 4500s are interconnected via a L2 trunk and not a L3 connection as a L3 connection would introduce another hop and you are back to the same problem.

The ideal solution though, as i'm sure you are aware, is not to terminate the WAN links directly into the core so really what you need is another ASR for the existing WAN connection into DC X.  If you did this because each router would have a single connection back to a 4500 they would have to share a common vlan ie. it cannot be routed ports otherwise this would introduce another hop and it still assumes a L2 interconnect between the 4500s. You could only use routed ports if each router had dual connections, one to each 4500.

I hope i haven't confused the issue.

Jon

0 Helpful

Go to solution
Mike Hogenauer
Level 1
Level 1
In response to Jon Marshall

‎11-25-2013 12:11 PM

All -

Thanks for the help. At least I have a few weeks to figure this out before it goes live.

This is why I posted this  scenario. First I was concerned with the HSRP at Datacenter but -as you  mentioned - my biggest concern is Datacenter X. I thought about using  the Variance command in EIGRP to help load balance the traffic but i need to see the traffic to load-share first.

I've  also though about terminating each internal Link at Datacenter X into a  separate 4507 switch with Dual Sups. That way I will have SUP redundancy  and the costs to reach DC Y will be the same from DC X. This would remove the ASR at DC X. My cores (dont laugh) at DC X are two 4507 R chassis. I have a single trunk link between the two. If I removed the ASR from DC X (wave RTR 4) I could in theory configure a L2 link from each WAN and configure the IP Summary address on each WAN link. That might solve my problem unitl I can get two ASR's for DC X

Thoughts

Thank you...

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Mike Hogenauer

‎11-25-2013 12:23 PM

If I removed the ASR from DC X (wave RTR 4) I could in theory configure a L2 link from each WAN and configure the IP Summary address on each WAN link. That might solve my problem unitl I can get two ASR's for DC X.

Yes, that's basically what i was suggesting as one option in my post.  Like i said, terminating your WAN links direct to the core is not recommended and is not ideal but you are doing it anyway on one link and like you say it could be temporary until you get another ASR.

What you need to be aware of is this. If you have server/client vlans on those 4500s and you are running HSRP for them then your interconnect between the switches could be quite heavily utilised eg. if 4500_1 is HSRP active for a server vlan and they send a lot of traffic then 4500_1 sees 2 equal cost paths to DC Y. One is direct via it's connection to the WAN, the other via the interconnect and the 4500_2 connection to the WAN. So the interconnect could be more heavily utilised than it already is. 

Jon

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Mike Hogenauer

‎11-25-2013 12:26 PM

Hogie

I do not believe that using variance will help you with this. What you really need is to have some router/layer 3 switch that receives traffic from inside and that sees two paths over the WAN to the summary from the other side. I am still a bit confused about your suggestion of how the 4507 will work for this. But if there is a single layer 2 vlan that connects both WAN routers and each 4507 has an SVI in that vlan and runs EIGRP then both 4507 would share equal cost paths to data center Y. I hope that I am just describing the same thing as you but with different terminology.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Mike Hogenauer

‎11-25-2013 12:58 PM

First I was concerned with the HSRP at Datacenter ?

Presumably that was meant to say Y ?  If so, your diagram is a bit confusing based on your description -

The other end of the first WAN link terminates into an ASR1002 Router (Datacenter Y) with the inside interface of the ASR 1002 into the Core and the inside gateway is an HSRP priority VIP so traffic is already forced through a path based on the HSRP VIP.

Edit - what is the device with the HSRP VIP of 10.1.5.1  ?

Jon

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Jon Marshall

‎11-25-2013 01:12 PM

Based on the drawing I believe that 10.1.5.1 is the VIP for HSRP running on the two core routers. Note that it is running in the subnet that connects the two core to the two ATT routers for the WAN connection. As I commented in a previous post I do not understand why HSRP is here since running EIGRP does not pay any attention to the VIP. And based on the drawing I do not see any other traffic on this subnet that would use the VIP.

HTH

Rick

[edit] It seems to me that this is one of several things where the verbal description and the drawing do not match up very well.

HTH

Rick
0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Richard Burts

‎11-25-2013 01:21 PM

Rick

That makes sense now. So the ATT-US-WAVE-  routers are actually the ASRs. That was why i was getting confused because in the diagram i expected to the see the above routers within DC Y rather than outside of it. It was the statement about traffic being forced through the HSRP VIP that made me think there might be a static or default in use on the cores in DC Y which might need removing for EIGRP to work properly.

I agree that if using the EIGRP summary routes the HSRP VIP does not matter in terms of traffic forwarding to DC X.

Jon

0 Helpful

Go to solution
Mike Hogenauer
Level 1
Level 1

‎11-25-2013 12:15 PM

BTW - i forgot to answer RIck's question.

Yes, the CORE RTR is a 4507 R Core (which has a secondary 4507 config as HSRP Peer) - my existing WAN terminated directly into that device. The new WAN will terminate into WAVE RTR 4 then into the core. Although based on this thread I might have to rethink that option.

Do you see an issue with just terminating both WAN links - one into Core 1 and the other into Core 2?

Thanks

Hogie

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Mike Hogenauer

‎11-25-2013 12:29 PM

Hogie

Thanks for getting back to the question that I had asked.

Yes I believe that you and Jon and I are now looking at it in the same way and that it is a viable solution - at least as a workaround until you can get matching ASR routers.

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
Mike Hogenauer
Level 1
Level 1
In response to Richard Burts

‎11-25-2013 01:23 PM

Hi Jon,

I'm sorry, didnt mean to confuse you. Yes the HSRP VIP is at Datacenter Y. Actually we're running HSRP at both DC's so actually if I term DC X into each core it too will have a Layer 3 VIP for the Subnet. At DC Y there's other devices in that subnet so that's why HSRP is configured. Also to clear any confusion DC Y Vlan 5 is for the edge devices and DC X Vlan 2 id for the Edge devices. ( i inherited a mess ) -->

I think like we discussed,  if I configure an IP SUMM route on each interface on each Core at DC X that summarizes the 10.2 subnet and a summary on the WAVE routers for DC Y - that will solve my problem for now...

Thank you.

Hogie

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Mike Hogenauer

‎11-25-2013 01:29 PM

I'm sorry, didnt mean to confuse you

It's alright, i'm easily confused so it's not really your fault

Thankfully Rick cleared it up for me.

Jon

0 Helpful

Go to solution
Mike Hogenauer
Level 1
Level 1
In response to Jon Marshall

‎11-25-2013 01:44 PM

First of all, I'm very thankful for the input. This one has been keeping me up at night ever since I bought the gear.

Second, both replies were very helpful and helped clear my head. Having said that I feel compelled to mark Rick's post as the correct answer, simply because he replied first. No disrespect though Jon...

Regards,

Hogie

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to Mike Hogenauer

‎11-25-2013 02:04 PM

Hogie

It has been a very interesting discussion. I can see how this would have kept you up at night. I am glad that our suggestions have been helpful. I thank you for marking my response as the correct answer and will point out that the forum does allow you to mark more than 1 response as correct. So it is really more of marking "a" correct answer and not necessarily "the" correct answer.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card