05-24-2013 02:58 PM - edited 03-04-2019 08:00 PM
Hi,
We have two internet Edge in Site A and Site B in Active Standby mode. Currently we have one ISP link connected to site A router and another to Site B router. AS path prepending is used to make Link 2 less preferred for incoming traffic. VRRP is also running on inside interface of routers connected to Firewall with Router A being primary. Default route is being received through BGP on both links. We are advertising our subet say 100.100.100.0/24 . FW A and B are also in actve/standby mode with a default route poitng to VRRP address
ISP Link 1 =======Router A========FW A
|
|
|
|
ISP Link 2 =======Router B========FW B
Now we want to connect a new link(ISP Link 3) on Site A router and we want load balancing in such a way that only international countries traffic comes in and out through this new link on RouterA and only the local country traffic flows through ISP Link1. ISP Link 2 should serve as a backup standby to ISP Link 1 like in current scenario.
ISP Link 1 =======Router A========FW A
|
ISP Link 3======== |
|
|
ISP Link 2 =======Router B========FW B
How I can configure load balacning on Router A (Cisco) so that Link 1 and Link 3 both would be active and keep loadbalancing IN and OUT traffic countr wise (Local country through Link 1 and rest of the world through Link 3 ). While keeping ISP Link 2 on Router B as standby Link for ISP link 1?
Solved! Go to Solution.
05-25-2013 08:59 AM
Hello Syedraheel,
as explained by Blau Grana you need to receive more detailed routing information on eBGP session on new Link3 in order to route to international destinations over it.
However, unless the ISP builds for you some special aggregate routes. you should be prepared to receive a great portion of a BGP full table on Link3.
Can Router1 handle 300,000 of routes or more ?
This is the question. If R1 cannot handle all the routes that would describe international destinations you can only make a workaround using static routes build by yourself and pointing to Link3 next-hop. But you would need to know what IP prefixes are allocated to your country.
You can use looking glasses and RIR web sites to learn this.
see
www.traceroute.org
www.ripe.net
www.arin.net
www.apnic.net
Hope to help
Giuseppe
05-27-2013 05:23 AM
Hello,
It is hard to say exact number, in my case it depends on my laziness . 500 static routes is a lot to configure, but if you do not mind to do it manually, it is way to go for you.
Best Regards
Please rate all helpful posts and close solved questions
05-24-2013 11:32 PM
anyone?
05-25-2013 01:07 AM
Hello,
I think this is not possible.
First of all, you have control over outband traffic, so with some non-trivial configuration (maybe using BGP/PIC) you can achieve that one link will be used for intranational traffic and other one for international traffic.
But for inbound traffic you have no control to do this. Traffic is routed to you based on destination IP, best BGP prefix is instaled in routing table and used. Nobody will check source IP address and based on that (intranational/international) will be routed via particular link to your BGP AS.
Best Regards
Please rate all helpful posts and close solved questions
05-25-2013 01:26 AM
Hi,
The inbound traffic will be taken care by the ISP like they will blackhole our subnet for international on link 1 and for intranational on link 2. I am concerned about outgoing. How can I achieve it through BGP? We are receiving only default route through our ISP.
05-25-2013 01:51 AM
Hello,
ISP like they will blackhole our subnet for international on link 1 and for intranational on link 2.
Does this means that ISP will inspect src and dest IP? Could you please explain little bit more how your ISP will do this, I am very interested in solution. thanks.
How can I achieve it through BGP? We are receiving only default route through our ISP.
Why dont you ask your ISP to send you intranational prefixes via link you want to use for intranaitional traffic, for other traffic will be used defualt route. I think it will not be mane prefixes and so you should be able to manage it unlike case with full bgp table.
I dont know about any other possibility to do this besides static configuration.
Best Regards
Please rate all helpful posts and close solved questions
05-25-2013 08:59 AM
Hello Syedraheel,
as explained by Blau Grana you need to receive more detailed routing information on eBGP session on new Link3 in order to route to international destinations over it.
However, unless the ISP builds for you some special aggregate routes. you should be prepared to receive a great portion of a BGP full table on Link3.
Can Router1 handle 300,000 of routes or more ?
This is the question. If R1 cannot handle all the routes that would describe international destinations you can only make a workaround using static routes build by yourself and pointing to Link3 next-hop. But you would need to know what IP prefixes are allocated to your country.
You can use looking glasses and RIR web sites to learn this.
see
www.traceroute.org
www.ripe.net
www.arin.net
www.apnic.net
Hope to help
Giuseppe
05-27-2013 12:09 AM
Hi,
Thnaks for your replies guys.
Its a 3825 with 256 MB memory so I guess it will not be able to handle 0.3 million routes.
OK so If I can get a list of prefixes allocated to my country , is there an option to use Policy based routing in this case while I receive defaults from all the links?
Kind Regards,
Raheel
05-27-2013 12:16 AM
Hello,
In my first post I mentioned BGP/PIC which was wrong, I wanted to say Cisco PfR. Take a look at that.
http://blog.ine.com/2011/11/01/cisco-performance-routing-pfr-optimized-edge-routing-oer/
Also if ISP will send you just intranational routes, it will not be 400k (full table) but probably few thousand depends on where are you from.
Best Regards
Please rate all helpful posts and close solved questions
05-27-2013 12:59 AM
PFR is a new thing to me. I was just wondering why can't I do thge normal PBR and apply a route map on inside router interface allowing all of my country prefexes and setting default interface to 1st link. ?
05-27-2013 01:07 AM
Hello,
You can use PBR, but I think that using PBR with combination of few thousand routes can degrade your router performance.
In this case, better solution will be configuring static routes with IP SLA for failover.
Best Regards
Please rate all helpful posts and close solved questions
05-27-2013 02:50 AM
Hi,
My question is why do I need few thousand routes present in the routing table anyway? to get default routes from the provider on all links and just PBR with an access list of 200 or so prefixes of my country won't do?
As per Cisco Website, for one of PBR options it says:
List of default interfaces—If there is no explicit route available to the destination address of the packet being considered for policy routing, then route it to the first up interface in the list of specified default interfaces.
05-27-2013 03:04 AM
I do not know exact number (hundreds or thousands) of prefixes local for your country. Lets say that there is 2500 prefixes in your country. Then you will have to configure ACL with 2500 entries, using PBR every packet has to be compared to each entry in ACL, which can take time and degrade your router performance.
I am just saying that configuring 2500 static routes instead of ACL with 2500 entries can be more effective regarding router performance, though I do not even know if 2500 static routes is possible to configure.
Maybe these prefixes can be summarized so their number can be lowered.
Best Regards
Please rate all helpful posts and close solved questions
05-27-2013 03:11 AM
so if the required number of prefexis are under 500 , there is no need to receive routes from the provider, Can route it through static or PBR right?
05-27-2013 05:23 AM
Hello,
It is hard to say exact number, in my case it depends on my laziness . 500 static routes is a lot to configure, but if you do not mind to do it manually, it is way to go for you.
Best Regards
Please rate all helpful posts and close solved questions
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide