After doing that:ping 8.8.8.8

vvujicevic · ‎04-15-2015

Im trying to achieve load balancing with 2 ISP's, cable (dhcp) and ADSL. I have a cisco 2821 router with an HWIC-1ADSLI module.

LAN is a single C class subnet. I have tried following this cisco advisory to the letter:

http://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/99427-ios-nat-2isp.html

But with that setup...nothing works, i have no internet access, no routes in routing table, and both tracks are down.

Then i tried using this:

track 1 interface Dialer0 ip routing

track 2 interface GigabitEthernet0/1 ip routing

ip route 0.0.0.0 0.0.0.0 Dialer0 track 1

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 track 1

And NAT with route maps. This way i got both routes in the routing tables, and tracks are up, but all clients are getting internet access trough one of the ISP's, and when i disconnect it it takes cca 20 seconds to other one to kick in....so there is no load balancing and even as a failover its a crappy solution because downtime is so long. And also:

ping 8.8.8.8 repeat 110
Type escape sequence to abort.
Sending 1000, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
!.!...!....!..!.!.!.!..!...!.!..!...!.!.!..!..!...!.!.!.!!.!......!.!.
.!.!.!...!!.!.!....!.!.!.!.!...!..!..!..
Success rate is 36 percent (40/110), round-trip min/avg/max = 32/32/36 ms

My original idea was to use PBR, but since i dont have fixed next-hop (i have to use set interface) address i cant use "verify-availability".

If you have any advice how to achieve 50-50 load balancing with this setup please help. Thanks in advance.

Sam Smiley · ‎04-15-2015

The way I resolved a similar issue was with Policy Based Routing (PBR), here is a link to a discussion I started. This has a working config with the described error. If you use PBR you will only need one default route in the table. PBR will route the clients until the link fails, the only thing you need to do is determine which link is the more reliable. I would make the sole default route to this ISP.

https://supportforums.cisco.com/discussion/12400601/routing-issues-ip-sla

Hope this helps.

Regards,

Sam

vvujicevic · ‎04-15-2015

Using PBR would be awesome, like i said it was my first idea, but since IPs are dynamic for both ISP links i cant use the command :

 set ip next-hop verify-availability

So i wont have failover.

paul driver · ‎04-16-2015

Hello

Your tracking config it doesnt seem correct-.

If your using two static default routes then apply track on the priamry default only.and apply a lower admin distance to that primary than the secondary default.

You can either use ip sla with tracking , or just track on the interface.

ip sla 1
icmp-echo x.x..x source-ip y.y..y
frequency 5
ip sla schedule 1 life forever start-time now

track 1 ip sla 1 reachability

or

track 1 interface dialer 0 line-protocol

ip route 0.0.0.0 0.0.0.0.0 Dialer0 track 1 200
ip route 0.0.0.0 0.0.0.0.0 GigabitEthernet0/1 250

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

vvujicevic · ‎04-16-2015

there ws mistake in typing in my post, should be:

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 track 2

Anyway, your suggestion would mean i have failover, but no load balancing. i want to achieve both.

paul driver · ‎04-16-2015

Hello

ip route 0.0.0.0 0.0.0.0.0 Dialer0 track 1 200
ip route 0.0.0.0 0.0.0.0.0 GigabitEthernet0/1 200

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

vvujicevic · ‎04-16-2015

After doing that:

ping 8.8.8.8 repeat 10
Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
..!!.!.!..
Success rate is 40 percent (4/10), round-trip min/avg/max = 28/28/28 ms

:(

paul driver · ‎04-16-2015

Hello

I would say reason being is the return traffic -if you close one link down this doesnt occur?

Without dyanmic routing in place such as BGP or OER - I cannot see how you can maniulate the return traffic from the isp's for specific prefix preferance

Is this what you require?

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

vvujicevic · ‎04-16-2015

If i close one link it takes 20 seconds of downtime and then ping goes without loses.

In the end i decided to go with PBR, since the deadline for our project was surpassed.

I set up acl that matched every other 32 adress block:

10 permit ip 192.168.100.32 0.0.0.31 any
20 permit ip 192.168.100.96 0.0.0.31 any
30 permit ip 192.168.100.160 0.0.0.31 any
40 permit ip 192.168.100.224 0.0.0.31 any

50 deny ip any any

Set a route map that sends that traffic trough one of the interfaces (Gi0/1) and let routing do the rest:

track 1 interface dialer 0 line-protocol

ip route 0.0.0.0 0.0.0.0.0 Dialer0 track 1
ip route 0.0.0.0 0.0.0.0.0 GigabitEthernet0/1 10

Its not exactly what i wanted but its close enough:)

Thanks for your advices.

Load balancing on Cisco 2821 Router