Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
460
Views
0
Helpful
1
Replies

Load Balancing in Cisco Routers 2911 model for dual VPN connection

abhi18689
Level 1
Level 1

‎05-10-2016 09:56 PM - edited ‎03-05-2019 03:59 AM

Hello,

I have dual MPLS VPN connection for my location A & location B. I have configured IP SLA in both the routers. VPN 1 is primary and VPN 2 is secondary.

Whenever VPN 1 goes down traffic starts through VPN 2. As of now all the traffic is going through VPN 1 and VPN 2 is idle. Is it possible to configure load balancing on both the routers ie of LOC A & LOC B.

LOC A router details

W A R N I N G
PROPERTY of IOT Infracture & Energy Services Ltd.
Unauthorized access strictly prohibited.
By accessing and using this system you are consenting to system monitoring for
law enforcement and other purposes. Unauthorized use of this system may subject
you to criminal prosecution and other penalties.

+-------------------------------------------------------------------+
| This system is for the use of authorized users only. |
|Individuals using this system without authority or in excess |
|of their authority, are subject to having all of the activities |
|on this system monitored and recorded by system personnel. |
| |
| In the course of monitoring individuals improperly using |
|system, or in the course of system maintenance, the activities |
|of authorized users may also be monitored. |
| |
| Anyone using this system expressly consents to such |
|monitoring and is advised if such monitoring reveals possible |
|evidence of criminal activity, system personnel may provide |
|the evidence to law enforcement officials. |
+-------------------------------------------------------------------+

DC-MPLS-Router#sh run
Building configuration...

Current configuration : 10779 bytes
!
! Last configuration change at 20:31:57 BST Fri Apr 15 2016 by sysadmin
version 15.2
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname DC-MPLS-Router
!
boot-start-marker
boot system flash:c2900-universalk9-mz.SPA.152-4.M7.bin
boot-end-marker
!
!
logging buffered 51200 warnings
enable secret 5 $1$uC6w$Mj18E5B6wQMGv/KZ.EXY/0
!
aaa new-model
--More--  !
!
aaa authentication login default local-case
aaa authentication enable default enable
!
!
!
!
!
aaa session-id common
clock timezone BST 5 30
!
no ip source-route
ip cef
!
!
!
!


!
!
!
--More--  !
no ip bootp server
no ip domain lookup
ip domain name ioties.intra
no ipv6 cef
multilink bundle-name authenticated
!
!
!
crypto pki trustpoint TP-self-signed-1705515981
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1705515981
revocation-check none
rsakeypair TP-self-signed-1705515981
!
!
crypto pki certificate chain TP-self-signed-1705515981
certificate self-signed 01
30820253 308201BC A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31373035 35313539 3831301E 170D3132 31303032 31343037
32395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37303535
--More--   31353938 3130819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C8A6 CB13D832 576CCA7A E6E54D5C 79F27CBF 5EEFF936 D1C98233 BF8A2B6D
BACC2E90 94001120 793F1B3A DBBE566A 9A86B48F 93E32B80 A7A0F161 E7589324
511D3F3B 80CF85EE 4B2694E8 4C69FBC9 62CB00DE EDB33FB1 A20D0BC4 1D221F1E
61419474 A58E12F8 F2E01E80 E5BE7A47 586FF573 301E25CC FF58D5BC 5B614260
BB770203 010001A3 7B307930 0F060355 1D130101 FF040530 030101FF 30260603
551D1104 1F301D82 1B44432D 4D504C53 2D526F75 7465722E 696F7469 65732E69
6E747261 301F0603 551D2304 18301680 1467608F AC8A3D7E CF9C5CAB 28BA1CA5
D70FA4DC 50301D06 03551D0E 04160414 67608FAC 8A3D7ECF 9C5CAB28 BA1CA5D7
0FA4DC50 300D0609 2A864886 F70D0101 04050003 8181000A 8BDE05B2 4E138D9A
AA8A6F9A 98BC0E2E 789ED1FD 8F456653 41E4895D F2F7E6DB 4A049F7B 7154BA70
B7C161B7 E0D6FC74 EF01A62B 3306D1A6 A091C9AF 7554EA9C BF9352C9 8A6E3EA3
213553E6 CC870C65 835BDA5F 65590089 1C36F16D 89EEC2FA 8DBD4C70 E3321489
E07CD684 5635CA6F 4FF3217A 54068B09 AFAA77F8 CC5D34
quit
license udi pid CISCO2911/K9 sn FTX1426A1W7
license boot module c2900 technology-package datak9
hw-module sm 1
!
!
!
username harshal.bhujbal privilege 15 secret 5 $1$E7au$AsB1hQEKvSQYNTlgo9k/u1
username sysadmin privilege 15 secret 5 $1$DGNj$N1apMI5ZQ.A.4nSUCs8zZ.
--More--  !
redundancy
!
!
ip ftp username cisco
ip ftp password 7 0822455D0A16
ip ssh version 2
!
track 1 ip sla 1 reachability
!
track 2 ip sla 2 reachability
bridge irb
!
!
!
!
interface Loopback0
ip address 10.2.5.60 255.255.255.255
!
interface Loopback1
ip address 10.99.99.98 255.255.255.0
!
interface Embedded-Service-Engine0/0
--More--   no ip address
shutdown
!
interface GigabitEthernet0/0
description "TATA MPLS"
ip address 10.1.106.66 255.255.255.252
ip accounting output-packets
duplex full
speed 100
!
interface GigabitEthernet0/1
description "connected to internal-PRI-L2-SW-gig1/0/3"
ip address 172.16.250.5 255.255.255.0
duplex auto
speed auto
!
interface GigabitEthernet0/2
description "Reliance MPLS"
ip address 97.208.109.57 255.255.255.252
load-interval 30
duplex auto
speed auto
!
--More--  interface FastEthernet0/0/0
description "connected to internal-PRI-L2-SW-gig1/0/3"
ip address 10.10.10.30 255.255.255.0
duplex full
speed auto
no mop enabled
!
interface FastEthernet0/0/1
description **Sify MPLS VPN**
ip address 192.168.207.202 255.255.255.252
duplex auto
speed auto
!
interface IDS-Sensor1/0
ip unnumbered Loopback0
service-module fail-open
no mop enabled
hold-queue 60 out
!
interface BVI1
no ip address
shutdown
!
--More--  !
router bgp 64896
bgp log-neighbor-changes
neighbor 10.1.106.65 remote-as 4755
neighbor 192.168.207.201 remote-as 9583
!
address-family ipv4
network 4.2.2.0 mask 255.255.255.0
network 10.1.1.0 mask 255.255.255.0
network 10.10.10.0 mask 255.255.255.0
network 10.16.0.0 mask 255.255.0.0
network 10.17.0.0 mask 255.255.0.0
network 10.17.190.0 mask 255.255.255.0
network 62.159.57.91 mask 255.255.255.255
network 172.16.79.0 mask 255.255.255.0
network 172.16.81.0 mask 255.255.255.0
network 172.16.92.0 mask 255.255.255.0
network 172.16.192.0 mask 255.255.255.0
network 172.16.196.0 mask 255.255.255.0
network 172.16.250.0 mask 255.255.255.0
network 172.16.251.0 mask 255.255.255.0
network 172.16.252.0 mask 255.255.255.0
network 172.16.254.0 mask 255.255.255.0
--More--   network 172.17.1.0 mask 255.255.255.0
network 172.17.9.0 mask 255.255.255.0
network 172.17.190.0 mask 255.255.255.0
network 172.17.191.0 mask 255.255.255.0
network 172.17.203.0 mask 255.255.255.0
network 172.17.254.0 mask 255.255.255.0
network 172.19.154.0 mask 255.255.255.0
network 172.20.213.0 mask 255.255.255.0
network 172.20.214.0 mask 255.255.255.0
network 199.223.208.0
network 202.162.0.0 mask 255.255.0.0
neighbor 10.1.106.65 activate
neighbor 192.168.207.201 activate
exit-address-family
!
ip forward-protocol nd
!
no ip http server
ip http access-class 55
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
--More--  ip route 172.16.91.0 255.255.255.0 192.168.207.201 track 1
ip route 172.16.85.0 255.255.255.0 192.168.207.201 track 1
ip route 172.16.251.0 255.255.255.0 192.168.207.201 track 1
ip route 172.16.197.0 255.255.255.0 10.1.106.65 track 2
ip route 172.16.200.0 255.255.255.0 10.1.106.65 track 2
ip route 172.16.253.0 255.255.255.0 10.1.106.65 track 2
ip route 10.3.3.0 255.255.255.0 10.1.106.65 track 2
ip route 10.1.1.0 255.255.255.0 172.16.250.1
ip route 10.3.3.0 255.255.255.0 97.208.109.58 10
ip route 10.10.10.0 255.255.255.0 172.16.250.3
ip route 10.16.0.0 255.255.0.0 172.16.250.3
ip route 10.17.0.0 255.255.0.0 172.16.250.3
ip route 10.17.190.0 255.255.255.0 172.16.250.3
ip route 62.159.57.91 255.255.255.255 172.16.250.1
ip route 97.24.25.108 255.255.255.252 97.208.109.58
ip route 97.48.15.192 255.255.255.252 97.208.109.58
ip route 97.208.115.56 255.255.255.252 97.208.109.58
ip route 172.16.79.0 255.255.255.0 172.16.250.3
ip route 172.16.81.0 255.255.255.0 172.16.250.3
ip route 172.16.83.0 255.255.255.0 10.1.106.65
ip route 172.16.85.0 255.255.255.0 97.208.109.58 10
ip route 172.16.90.0 255.255.255.0 10.1.106.65
ip route 172.16.91.0 255.255.255.0 97.208.109.58 10
--More--  ip route 172.16.92.0 255.255.255.0 172.16.250.3
ip route 172.16.93.0 255.255.255.0 10.1.106.65
ip route 172.16.192.0 255.255.255.0 172.16.250.3
ip route 172.16.193.0 255.255.255.0 172.16.250.3
ip route 172.16.195.0 255.255.255.0 10.1.106.65
ip route 172.16.196.0 255.255.255.0 172.16.250.3
ip route 172.16.197.0 255.255.255.0 97.208.109.58 10
ip route 172.16.198.0 255.255.255.0 97.208.109.58
ip route 172.16.199.0 255.255.255.0 172.16.250.3
ip route 172.16.200.0 255.255.255.0 97.208.109.58 10
ip route 172.16.249.0 255.255.255.0 172.16.250.3
ip route 172.16.251.0 255.255.255.0 97.208.109.58 10
ip route 172.16.252.0 255.255.255.0 172.16.250.3
ip route 172.16.253.0 255.255.255.0 97.208.109.58 10
ip route 172.17.1.0 255.255.255.0 172.16.250.3
ip route 172.17.9.0 255.255.255.0 172.16.250.3
ip route 172.17.190.0 255.255.255.0 172.16.250.3
ip route 172.17.191.0 255.255.255.0 172.16.250.3
ip route 172.17.203.0 255.255.255.0 172.16.250.3
ip route 172.17.254.0 255.255.255.0 172.16.250.3
ip route 172.19.154.0 255.255.255.0 172.16.250.3
ip route 172.20.213.0 255.255.255.0 172.16.250.3
ip route 172.20.214.0 255.255.255.0 172.16.250.3
--More--  ip route 192.168.0.0 255.255.0.0 172.16.250.3
ip route 199.223.208.0 255.255.255.0 172.16.250.1
!
ip sla auto discovery
ip sla 1
icmp-echo 192.168.207.206 source-interface FastEthernet0/0/1
threshold 1000
timeout 1000
frequency 3
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 10.1.248.246 source-interface GigabitEthernet0/0
threshold 1000
timeout 2000
frequency 5
ip sla schedule 2 life forever start-time now
access-list 55 permit 10.10.10.0 0.0.0.255
access-list 55 permit 172.16.0.0 0.0.255.255
access-list 55 deny any
access-list 80 permit 172.16.81.165
access-list 99 permit 10.1.1.25
access-list 99 deny any
access-list 101 permit tcp any any eq 22
--More--  access-list 102 permit ip host 10.1.1.26 any precedence priority
!
!
snmp-server group IOTSNMP v3 priv access 99
snmp-server enable traps entity-sensor threshold
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
!
banner exec ^C
W A R N I N G
PROPERTY of IOT Infracture & Energy Services Ltd.
Unauthorized access strictly prohibited.
By accessing and using this system you are consenting to system monitoring for
law enforcement and other purposes. Unauthorized use of this system may subject
you to criminal prosecution and other penalties.

+-------------------------------------------------------------------+
| This system is for the use of authorized users only. |
--More--  |Individuals using this system without authority or in excess |
|of their authority, are subject to having all of the activities |
|on this system monitored and recorded by system personnel. |
| |
| In the course of monitoring individuals improperly using |
|system, or in the course of system maintenance, the activities |
|of authorized users may also be monitored. |
| |
| Anyone using this system expressly consents to such |
|monitoring and is advised if such monitoring reveals possible |
|evidence of criminal activity, system personnel may provide |
|the evidence to law enforcement officials. |
+-------------------------------------------------------------------+
^C
!
line con 0
session-timeout 30
exec-timeout 5 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
--More--   transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 67
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
speed 115200
line vty 0 4
session-timeout 30
access-class 55 in
exec-timeout 5 0
privilege level 15
transport input ssh
line vty 5 15
session-timeout 30
access-class 55 in
exec-timeout 5 0
privilege level 15
transport input ssh
!
--More--  scheduler allocate 20000 1000
ntp server 172.16.81.10 prefer
!
end

DC-MPLS-Router#sh ip sla summary
IPSLAs Latest Operation Summary
Codes: * active, ^ inactive, ~ pending

ID Type Destination Stats Return Last
(ms) Code Run
-----------------------------------------------------------------------
*1 icmp-echo 192.168.207.206 RTT=24 OK 2 seconds ago




*2 icmp-echo 10.1.248.246 RTT=12 OK 2 seconds ago


DC-MPLS-Router#
DC-MPLS-Router#exit

LOC B details

W A R N I N G
PROPERTY of IOT Infracture & Energy Services Ltd.
Unauthorized access strictly prohibited.
By accessing and using this system you are consenting to system monitoring for
law enforcement and other purposes. Unauthorized use of this system may subject
you to criminal prosecution and other penalties.

+-------------------------------------------------------------------+
| This system is for the use of authorized users only. |
|Individuals using this system without authority or in excess |
|of their authority, are subject to having all of the activities |
|on this system monitored and recorded by system personnel. |
| |
| In the course of monitoring individuals improperly using |
|system, or in the course of system maintenance, the activities |
|of authorized users may also be monitored. |
| |
| Anyone using this system expressly consents to such |
|monitoring and is advised if such monitoring reveals possible |
|evidence of criminal activity, system personnel may provide |
|the evidence to law enforcement officials. |
+------------------------------------------------------------------

DR-MPLS-Router#sh run
Building configuration...

Current configuration : 6877 bytes
!
! Last configuration change at 10:36:45 IST Wed May 11 2016 by sysadmin
version 15.2
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname DR-MPLS-Router
!
boot-start-marker
boot system flash:c2900-universalk9-mz.SPA.152-4.M7.bin
boot-end-marker
!
!
enable secret 5 $1$mxgY$KXj1.Zc7au5QSELjDkm.u1
!
aaa new-model
!
!
--More--  aaa authentication login default local-case
aaa authentication enable default enable
!
!
!
!
!
aaa session-id common
clock timezone IST 5 30
!
no ip source-route
ip cef
!
!
!
!


!
!
!
!
ip domain name ioties.intra
--More--  no ipv6 cef
multilink bundle-name authenticated
!
!
!
crypto pki trustpoint TP-self-signed-2669732083
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2669732083
revocation-check none
rsakeypair TP-self-signed-2669732083
!
!
crypto pki certificate chain TP-self-signed-2669732083
certificate self-signed 01
30820253 308201BC A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32363639 37333230 3833301E 170D3134 30363132 30383037
35345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 36363937
33323038 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100BB69 0A9F9EA2 DA9A82DA DBF2A554 D07A4EA4 76E0F04B 19B7CD03 B0AF4C41
739185C9 3E06B243 B4745837 6275DDA8 D2336942 247F1AB4 CEE635C0 6B9F6621
1272C49E DB25DAD2 64209F85 18AAEF26 EEDDD46C A2671D7B 78B45DDF BA5B6B5B
--More--   93205455 5892471B FE5C9B60 80695B68 D55816D8 30876F48 F69FA249 50844DD3
EEEB0203 010001A3 7B307930 0F060355 1D130101 FF040530 030101FF 30260603
551D1104 1F301D82 1B44522D 4D504C53 2D526F75 7465722E 696F7469 65732E69
6E747261 301F0603 551D2304 18301680 142E4500 454553ED FCBA0882 735C1E52
DFB512A4 C7301D06 03551D0E 04160414 2E450045 4553EDFC BA088273 5C1E52DF
B512A4C7 300D0609 2A864886 F70D0101 04050003 8181002E 33663D0F 155576CF
A11AEF10 F452E5C5 09E50598 EACBBD42 38C1EFC6 6E4130CB 630BF31B A7CC23D9
64B34A3A 56FD452C 65A343BC 8B7BFDE6 6AC18E45 01482D77 11CA2AA5 7F323B16
88B8846A BF79919F 82CB09ED A5E50BCD 69A8BA99 EB2BBABB 22623FCA 4E5DD619
9D490668 6428BE45 598A267A D4F1EFA7 470907C8 E75AF6
quit
license udi pid CISCO2911/K9 sn FTX1423A1FE
license boot module c2900 technology-package datak9
hw-module sm 1
!
!
!
username harshal.bhujbal privilege 15 secret 5 $1$..Jm$ERP5E3XHv1.UjBsPa6XJW/
username sysadmin privilege 15 secret 5 $1$..xI$l26HcB5J2pKozAXfurpSn/
!
redundancy
!
!
--More--  ip ftp username cisco
ip ftp password 7 110A1016141D
ip ssh rsa keypair-name sysadmin
ip ssh version 2
!
track 1 ip sla 1 reachability
!
!
!
!
interface Loopback0
ip address 10.2.7.60 255.255.255.0
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description ***Sify MPLS VPN***
ip address 192.168.207.206 255.255.255.252
load-interval 30
duplex auto
speed auto
--More--  !
interface GigabitEthernet0/1
description "Connected to Internal L2-Switch"
ip address 172.16.91.250 255.255.255.0 secondary
ip address 172.16.251.3 255.255.255.0
duplex auto
speed auto
ids-service-module monitoring inline access-list 101
!
interface GigabitEthernet0/2
description "Connected to Reliance RTR-MPLS"
ip address 97.208.115.57 255.255.255.252
ip accounting output-packets
load-interval 30
duplex auto
speed auto
!
interface IDS-Sensor1/0
ip unnumbered Loopback0
service-module fail-open
no mop enabled
hold-queue 60 out
!
--More--  !
router bgp 64896
bgp log-neighbor-changes
network 172.16.91.0 mask 255.255.255.0
network 172.16.251.0 mask 255.255.255.0
neighbor 192.168.207.205 remote-as 9583
!
ip forward-protocol nd
!
no ip http server
ip http access-class 55
ip http authentication local
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 192.168.207.205 track 1
ip route 0.0.0.0 0.0.0.0 97.208.115.58 10
ip route 172.16.85.0 255.255.255.0 172.16.91.253
ip route 172.16.91.0 255.255.255.0 172.16.91.253
ip route 172.16.251.0 255.255.255.0 172.16.91.253
ip route 172.19.154.0 255.255.255.0 192.168.207.205
!
ip sla auto discovery
ip sla 1
--More--   icmp-echo 192.168.207.202 source-interface GigabitEthernet0/0
threshold 1000
timeout 1000
frequency 3
ip sla schedule 1 life forever start-time now
access-list 55 permit 10.10.10.0 0.0.0.255
access-list 55 permit 172.16.0.0 0.0.255.255
access-list 55 deny any
access-list 55 permit 172.17.0.0 0.0.255.255
access-list 55 permit 172.20.0.0 0.0.255.255
access-list 99 permit 10.1.1.25
access-list 99 deny any
access-list 101 permit tcp any any eq 22
access-list 101 permit tcp any any eq 443
!
!
snmp-server group IOTSNMP v3 priv access 99
snmp-server enable traps entity-sensor threshold
!
!
!
control-plane
!
--More--  !
banner exec ^C
W A R N I N G
PROPERTY of IOT Infracture & Energy Services Ltd.
Unauthorized access strictly prohibited.
By accessing and using this system you are consenting to system monitoring for
law enforcement and other purposes. Unauthorized use of this system may subject
you to criminal prosecution and other penalties.

+-------------------------------------------------------------------+
| This system is for the use of authorized users only. |
|Individuals using this system without authority or in excess |
|of their authority, are subject to having all of the activities |
|on this system monitored and recorded by system personnel. |
| |
| In the course of monitoring individuals improperly using |
|system, or in the course of system maintenance, the activities |
|of authorized users may also be monitored. |
| |
| Anyone using this system expressly consents to such |
|monitoring and is advised if such monitoring reveals possible |
|evidence of criminal activity, system personnel may provide |
|the evidence to law enforcement officials. |
--More--  +------------------------------------------------------------------
^C
!
line con 0
session-timeout 30
exec-timeout 5 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line 67
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
speed 115200
line vty 0 4
session-timeout 30
--More--   access-class 55 in
exec-timeout 5 0
privilege level 15
transport input ssh
line vty 5 15
session-timeout 30
access-class 55 in
exec-timeout 5 0
transport input all
!
scheduler allocate 20000 1000
!
end

DR-MPLS-Router#sh ip sla summary
IPSLAs Latest Operation Summary
Codes: * active, ^ inactive, ~ pending

ID Type Destination Stats Return Last
(ms) Code Run
-----------------------------------------------------------------------
*1 icmp-echo 192.168.207.202 RTT=12 OK 2 seconds ago


DR-MPLS-Router# exit

Please suggest how to configure load balancing on cisco router 2911 for dual MPLS VPN connection between LOC A & LOC B.

Labels:
0 Helpful
1 Reply 1

Mark Malone
VIP Alumni
VIP Alumni

‎05-11-2016 02:29 AM

Hi

If you want both routers to be active you need to manipulate the BGP paths using BGP metrics to influence which path is more preferable for certain routes , basically use a route-map attached to the neighbour statement in BGP process then set the conditions to be more preferable for certain subnets by matching against an acl

Please see this doc go to section ---Load Sharing When Multihomed to Two ISPs Through Multiple Local Routers

http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13762-40.html#conf5

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card