Hello, I want to use GLBP and have a question. I have two ISPs that the two routers will be independently setup on, however, one router will have an extra connection for the Fiber links we have for 3 smaller remote offices. So One router will have and extra connection. My question is, with the Routers load balanced would this cause issues for the sites that need the SES fiber connection that is live on only One of the routers?
If the 2 routers have a link between them then no there should not be a problem. If they don't then yes it will.
To be honest unless the links go the same places, which they don't in that they both go to the internet ? but one also has remote site connections load-balancing might not be the best solution.
How is the internal network connected to the 2 routers ie. do you have anoher router or L3 switch within your LAN that then connect to the 2 WAN routers or are the clients in the same LAN as the internal interfaces of your WAN routers. If the former you may be able to do something with routing/PBR to load-balance for internet and then send the traffic for the specific sites to the correct router.
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
If your asking about branch traffic to/from the fiber spokes, traffic coming from those branches, once they hit your ISP edge (with the fiber connections), should route directly to where they need to go. Normally they would not take advantage of any load balancing (although with a dedicated link and/or PBR [and/or OER/PfR], this can be changed, as described by Jon).
Also, normally traffic going to those branches that hits your ISP WAN edge router w/o the fiber links will redirect the traffic to the other ISP WAN edge router. I don't recall whether, by default, GLBP will send the redirect information to the sending host.
Basically we have a hub n spoke like this:
MainBranch with servers - L3 Switch - Router - Wan - Branch offices
All branch offices come to the main office for internet and server services.
I'm looking for the Best way to gain some redundancy. I've thought about using the L3 switch to route between two routers each with a different wan connection that goes to our two firewalls (Sonicwalls setup for HA) What was recommended by an outsidfe security guy was to bring in two switches , each with a different wan connection to hook up the Firewalls, this would work however one of our connections is a MPLS circuit and it would require a L3 switch to program the sub-ifs for the VRF connection......I'm just torn between the options, I dont want to have to redo the whole topography for a sound solution but it may have to come to that.
This suddenly sounds a lot more compilcated. Perhaps a topology diagram would help. Where it is unclear is where your firewalls sit in relatio to your WAN links ?
Also what is the L3 switch ie. make/model and just as importantly feature set being used. You may be able to use PBR on the L3 switch to send traffic to the correct router. But it is still unclear where the firewalls sit in your network.
In addition you talk of vrfs, are you extending the vrfs from the MPLS network back into your LAN ?