Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1048
Views
0
Helpful
3
Replies

Redundancy/load balancing design considerations

BHPCI_2
Level 1
Level 1

‎04-04-2011 12:55 PM - edited ‎03-04-2019 11:58 AM

Given the attached diagram, we want to implement a redundant and load balanced environment between the EDGE_1 and EDGE_ 2 routers. From what I have read, GLBP would not be a good option because all the traffic coming from the ASA would be from the same MAC, therefore always forwarded to the same router (no load balancing).  So, would HSRP be the best option?  Any other considerations I need to be thinking about?  Thanks in advance for your thoughts.

Labels:
Preview file
61 KB
0 Helpful
3 Replies 3

Jon Marshall
Hall of Fame
Hall of Fame

‎04-04-2011 01:34 PM 

BHPCI wrote:
Given the attached diagram, we want to implement a redundant and load balanced environment between the EDGE_1 and EDGE_ 2 routers. From what I have read, GLBP would not be a good option because all the traffic coming from the ASA would be from the same MAC, therefore always forwarded to the same router (no load balancing).  So, would HSRP be the best option?  Any other considerations I need to be thinking about?  Thanks in advance for your thoughts.

HSRP won't work either because the traffic will always be sent to the HSRP active router.

If the EDGE_2 router is reached via the same interface on the ASA as the EDGE_1 router then you can use 2 default-routes on the ASA and point to the real address on the physical interfaces on the routers. Note though that you can only use 2 default-routes on the ASA if they are both pointing out of the same interface hence the point i made above.

If they are going to be reachable via the same interface on the ASA then this means you will have a switch between the ASA and the routers. In this case you will also need to track the routes from the ASA in case one of the routers fails.

Jon

0 Helpful

mvsheik123
Level 7
Level 7
In response to Jon Marshall

‎04-04-2011 07:21 PM

Hi,

In addition to Jon's suggestion you can also use both links with Cisco OER/PfR.

updated link:

http://docwiki.cisco.com/wiki/PfR:Home

hth

MS

0 Helpful

BHPCI_2
Level 1
Level 1
In response to mvsheik123

‎04-05-2011 05:44 AM

Thanks for the quick response. I have a couple follow up questions to help me understand this better.

After adding the second default route in the ASA, I will need to add tracking to determine if a route is available.  What is the best network object to monitor - the ISP's router interface facing me?   I assume I would want to test connectivity to my first hop upstream on each side.

After this is in place, how does this affect inbound traffic to the ASA?  For instance, if a VPN user connects to the ASA, I assume the traffic would go back out the same way it came in?  Should we talk to our ISP about load balancing the inbound traffic from their side?

Thanks again.

0 Helpful
Customers Also Viewed These Support Documents