06-12-2011 10:23 AM - edited 03-04-2019 12:41 PM
Dear Experts,
I have a requirement of configuring Lad sharing between two MPLS link i.e. TATA and Airtel CE router.
At present I have configured VRRP between the same in Active/Standby mode.
In Network Topology Routing protocol used is Static Routing and between PE-CE is BGP. Both MPLS link has different AS nos.
THe More details are mentioned in the attached Topology diagram.
Can you please suggest teh configuration for Active Active Load sharing between two MPLS link CE router.
Regards,
06-12-2011 05:14 PM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Not 100% clear to me where exactly you have VRRP. Is there a reason why your can't statically route to both CEs? If the issue is, static routing wouldn't know the backside of the CE path has been lost, i.e. your possible purpose for using VRRP, there are several approaches. Normally, you might use dynamic routing. Or, depending on equipment, you might tie SLA tests to your static routes. But, mHSRP could also be used for static routing (don't know if VRRP can be used same way).
For the mHSRP approach each CE router has a hot HSRP address and acts as standby for the other router's HSRP address. You then can statically route to each HSRP address. If either CE fails, or backside fails with HSRP tracking, the other good CE router becomes hot for both HSRP addresses.
PS:
From reading the subsequent posts, the mHSRP approach might still work for you. If you're unfamiliar with mHSRP, or what I'm describing is unclear, let me know.
Message was edited by: JosephDoherty
06-13-2011 03:08 AM
Hello Dipesh,
if behind the two CE routers you have a set of client Vlans you can use multiple VRRPs groups per subnet or GLBP ( one per client vlan/IP subnet)
if behind the CE nodes there are other network devices, it is enough to have two default static routes one pointing to CE1 and one pointing to CE2 to achieve flow based outbound load sharing.
Be aware that this for outbound direction only, load sharing on inbound depends on how you configure all the remote sites.
if most of remote sites are multihomed you achieve some load balancing in both directions, but different SPs can be used for the two directions.
Example:
for a given pair oh hosts H1 of site A and H2 of site B you can achieve:
site A -> site B can use SP 1
site B -> site A can use SP 2
This is not an issue if there are no firewalls on the path.
Hope to help
Giuseppe
06-13-2011 04:16 AM
Dear Giuseppe,
After such a long time (1 year) communicating with you.
Ok. In todays case, I have tried Multi Group VRRP i.e. Group 1 and Group 2 and hence I will get two different Gateways for Reaching 2 CEs.
But here I have to manually select traffic on both the side. Our Sire is very Huge with aroind 60 nos of Branch locations and 4 nos of CORE locations. All are working on Static Routingas IGP and BGP as EGP.
Is it Possible GLBP ? I havd tried it but was unsuccessful. From the Host behind L3 switch I can not ping GLBP Virtual IP address.
By reading the guides from Net I have found that there may be some issue related to switchng process. Need to disable Fast switching on Switches and Router.
Can you guide me on this ?
Can you suggest any other method for load sharing in my case? GLBP is better if the problem was resolved?
Regards,
06-13-2011 06:15 AM
Hello Dipesh,
nice to hear from you I hope you are well.
Looking at your network diagram you have a core switch connecting to the CE pair of nodes: you just need two default static routes or set of static routes on core switch
ip route x.x.x.0 255.255.255.0 CE1_lanIP
ip route x.x.x.0 255.255.255.0 CE2_lanIP
you can also use a dynamic routing protocol and both CE nodes should advertise networks with the same parameters
you don't need VRRP or GLBP as client Vlans are not directly connected to CE nodes
Hope to help
Giuseppe
06-13-2011 08:11 AM
Dear Giuseppe,
I understand to point the two CEs using two static routes but in this case there will not be any redundancy. If CE1 will goes down than what?
I had also tried Dynamic Routing - EIGRP. But in that case also it choosing only one MPLS link. Second will remain ideal.
Thats why I have decided to go for GLBP.
Can you propose the best solution with GLBP in my case?
Regards
06-13-2011 08:32 AM
Hello Dipesh,
GLBP provides no benefit in your case because GLBP works on changing the ARP reply for different clients sending an ARP request for the VIP address
in your case once the core switch has sent out an ARP request for GLBP VIP to be used as next-hop it receives one answer pointing to a single virtual forwarder and GAME OVER until next ARP request.
or you use a dynamic protocol but both CE nodes have to advertise routes with same metric or only one will be used or you use forms of static routes with object tracking.
I would go for a dynamic protocol
with EIGRP you need to set the seed metric and you need to use the same set of values
router eigrp 100
redistribute bgp xx
default-metric 10000 10 255 1 1500
the default-metric values must be the same on both CE nodes to achieve load sharing
the EIGRP AS number must be the same on all devices
Hope to help
Giuseppe
06-13-2011 08:49 AM
Thanks Giuseppe,
Is it ok if I will configure EIGRP (Dynamic Routing) on Brabch location and keep as it is (VRRP) on CORE locations?
In this case it may be the case, Some traffic will go from one link but return from different link.
IS it ok?
Regards,
06-13-2011 08:52 AM
Hello dipesh,
if no firewalls are on the path asymmetric routing is not an issue
However you should look for EIGRP or other IGP in the central office too or you will be using only one SP from HQ to branch offices
don't be lazy
Hope to help
Giuseppe
06-13-2011 09:03 AM
No not a Lazy,
But there is very Critical location. Nobody will allow to change the routing.
Thats why.
Firewall is not in MPLS way. It's only for Internet connectivity.
Ok Can you suggest me the Configuration for EIGRP?
Purpose :
Phase - 1 : to convert routing in to Dynamic between CORE SW to CE Router.
1. BGP to EIGRP Reditribution allowing only Organization Routes not SP routes. - On CE router
2. EIGRP to BGP Redistribution for load sharing. - On CE Router
3. EIGRP cofiguration and Static to EIGRP redistribution - On CORE switch.
Phse 2 : to convert routing in to Dynamic between Dist. SW to CORE SW.
1. EIGRP Routing Comfiguration
Or Suggest the Proccedure in Production network to migrate in to Dynamic Rotuting without affecting the Connectivity.
Regards
Regards
06-13-2011 09:50 AM
Hello Dipesh,
lazy was a joke sorry if this looked like not respectful, I understand the location is critical
But you have already made a list of requirements and this is a good starting point.
1) means to use appropriate route-maps in order to control redistribution
prefix-lists invoked in the route-map are the best tool for this task
2) you can use network command in BGP instead of implementing mutual redistribution. BGP network command looks for the prefix in the IP routing table and works also for routes learned by EIGRP. This allows to simplify your configuration and to make the setup safer. Highly recommended.
3) once EIGRP is active between CE and core you don't need to redistribute static routes anymore.
you can make static routes floating with AD > 170 = EIGRP D EX routes AD so if a route is missing in EIGRP you can pick up the floating static route instead.
you can even verify the EIGRP topology on internal switches before making the static routes floating on core switch.
First of all you build EIGRP neighborships on all required links
CE1- core switch
CE2 -core switch
core switch -distrib1
core switch-distrib2
no redistribution is performed at this point all routing to remote sites use the static routes.
on CE1 and CE2 under router bgp you add network commands for all prefixes of central site with the correct subnet mask ( important if auto-summary is disabled).
internal prefixes are not learned via EIGRP at this point keep the redistribute static in BGP for now
on remote site A you configure a new subnet A.B.C.D for testing purposes with only SVIs or subifs on it.
On CE1 and CE2 you redistribute this prefix A.B.C.D from BGP to EIGRP t
on core switch you verify using EIGRP topology the presence of A.B.C.D prefix
show ip eigrp topology all-links
at this point if core switch has a static route for A.B.C.D the sh ip route A.B.C.D shows two static routes one to CE1 and one to CE2.
now you make these two static routes floating by rewriting them with a 201 at the end of the line (new AD)
at this point the EIGRP route for A.B.C.D should be installed on core switch
the same should be received and installed on distrib1 and distrib2.
the same process can be used for a test subnet on core site:
prefix E.F.G.H is a subnet of core site connected to distrib1 and distrib2. it can be an existing one, or one you use for testing.
have the prefix advertised in EIGRP using
router eigrp
network
+
passive-interface command
on distrib1, distrib2
under router bgp on CE1 and CE2 add a network statement for prefix E.F.G.H
the prefix should be advertised to PE nodes and received on remote site CE node(s).
on site A where A.B.C.D is defined you should see E.F.G.H
now pinging from A.B.C.D to E.F.G.H should work both directions and using EIGRP at central site and eventually on remote site A.
if all this has worked you have the working configuration and you need just to extend it to cover all prefixes in core site and on all remote sites (if necessary, this may be already in place)
Hope to help
Giuseppe
01-17-2014 11:52 AM
Dear Giuseppe,
Asking on very old post sorry for that , however i have a simlar problem and with a twist too.
My network is almost same where my remote location (Spoke ) router is having 2 MPLS link terminating from different SPs (SP1 and SP2) and SP1 is being preffered for SAP, SMTP etc traffic. Traffic initation happens mostly from Spoke locations
At my HQ site i have two core routers , with each router having 2nos of MPLS link from SPs (SP1 and SP2).
Everything works fine here.
What i want now "at my HQ also, i want SP1 to be preffered for SAP, SMTP etc traffic. "
Q1) how do i confgiure for return traffic
Q2) suppose its configured , what if my SP1 link goes down at spoke location my router at HQ will keep on forwarding to SP1 MPLS cloud
I hope my questions are clear.
Thanks
Rajeev
01-18-2014 10:47 AM
Request if some one could also share some info
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide