cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2710
Views
0
Helpful
4
Replies

Two Router two link OSPF Load-sharing

rfranzke
Level 1
Level 1

Netpros,

I will be setting up a new DC in the coming months. I will be moving core services from a branch office to this new DC. Users at the branch will access resources at the DC over a pair of 100MB point-to-point Ethernet connections. We will be using a pair of Catalyst 4507R switches at the DC and a pair of 3750E switches at the branch and connecting them using these 100MB links. Each pair at each side has an L2 trunk between them. We are currently using OSPF as our IGP. For redundancy I would like to  have each 100MB link connected to each 4507/3750 pair such that if a link or switch fails at either side, users will still have connectivity over the secondary link switch pair. I would at the same time like to be able to utilize both links in a per-destination load-balancing configuration. Since there are two seperate device at each end of each link, I cannot use any sort of L2 Etherchannel to achieve the load-balancing I need (3750E are not stacked and the 4507R do not support vPC anyway). At each site the two switch pairs utilize HSRP per SVI for first hop redundancy. I set up a test and configured OSPF between some test routers. The branch is set up using area 1 and the DC area 0. I can get everything routing OK but cannot seem to get OSPF to load-balance at all. If I adjust the cost on certain links I can get two routes to sometimes get entered into the route table but cannot get multiple routes entered on all devices. If I adjust the cost on one link it of course adjusts the costs on the other links so I can never totally get load balancing to occur on all routers.

My question here is there even a way to get this to work using OSPF at all before I go off and waste a bunch of time trying? Seems as though this load balancing is prevented because of split-horizon rules or some such. I am no OSPF expert and I am not sure what I am missing here. I am contemplating just using multiple HSRP groups at each end just to be able to get some type of load balancing going but using OSPF would be better. Another idea I had was trying to maybe adjust link costs at each end such that traffic outbound takes one link and traffic inbound takes another.

See my attached diagram, Thanks in advance.

Bob-

4 Replies 4

Richard Burts
Hall of Fame
Hall of Fame

Bob

What you are running into here are differences in trying to achieve two goals, which are somewhat mutually exclusive. First you are trying to achieve redundancy and doing this by having two switches at each site, and two links between sites and each link on a separate switch. This is highly redundant and will support failover nicely. But it is hard to do this and to do load sharing. The issue is that each switch will see its link to the other site as superior and the link to the other site through the other switch as inferior. And while you might be able to do something with metrics in EIGRP to get each switch to load share, there is not a good way to do this with OSPF.

My suggestion is to set up two HSRP groups at each site. Have switch A be active in one group and have switch B be active in the other group. Set up some host(s) with HSRP 1 as their gateway and set up other host(s) with HSRP 2 as their gateway. This should give you some degree of load sharing and also will provide redundancy.

As a note, unless there is considerable more to the network than what you have shown so far, I would suggest that you put everything into area 0. I do not see any benefit so far to having multiple areas, and it does introduce some complexity into OSPF that you do not seem to need.

And do not try to adjust link costs. If you have chosen OSPF and if you have implemented the rectangle (two switches each side and two links between sites) OSPF is no going to do native load sharing.

HTH

Rick

HTH

Rick

Joseph W. Doherty
Hall of Fame
Hall of Fame

Disclaimer

The     Author of this posting offers the information contained within this     posting without consideration and with the reader's understanding  that    there's no implied or expressed suitability or fitness for any   purpose.   Information provided is for informational purposes only and   should not   be construed as rendering professional advice of any kind.   Usage of  this  posting's information is solely at reader's own risk.

Liability Disclaimer

In     no event shall Author be liable for any damages whatsoever   (including,   without limitation, damages for loss of use, data or   profit) arising  out  of the use or inability to use the posting's   information even if  Author  has been advised of the possibility of such   damage.

Posting

You mention your DC is in area 0 and branch is in area 1.  OSPF prefers intra-area to inter-area routes, and there are routing implications based on OSPF area types and whether ABR route summarization is being used.  If you're unfamiliar with such issues, it's possible this is the cause of some of your routing difficulty getting equal cost load balancing to work.

Otherwise, it should not be difficult to load balance  from one "primary" router to other side and all you need to do is insure  the OSPF path cost is the same across both paths (from the "primary").   For example, the cost of the direct WAN link could be 10 and the sum of  the link to from "primary" to "secondary" link and "secondary"'s WAN link also 10.

The "primary" would be the normal "hot" HSRP gateway.  (In case of failure, followed by recovery, you need to insure "primary" will reclaim HSRP gateway.)

Although Rick recommends against manual costing of  OSPF links, I've done it, works fine, and sometimes balances a little  better than gateway balancing.  It does, though, increase the complexity  and maintenance factors, but so do some other solutions.

An alternate to HSRP and explicit link costing, would be to use GLBP, if supported, or stacking the 3750Es.  (Stacking solves/avoids other issues too.)  Rick's suggestion of alternating HSRP gateways works although whether two hosts on the same subnet can do this requires, I believe, mHSRP, which not all HSRP capable platforms support.

Beware that making for any symmetrical routing, on L3 switches, can expose you to unicast flooding.

Thanks for the replies guys. As mentioned I can get the load-balancing to work for the most part. I am doing with adjusting the link costs as you mentioned Joseph. AFAIK, that's what you would have to do to get any load-sharing to work with OSPF.

I set up the different areas based on reccomendations I have read regarding OSPF area deployments. We currently have an Area 0 for everything but since one site will be a branch and the other a DC I thought I would have different areas for each branch we may have down the road. So we can have a backbone area where other future offices would use as a transit area for connectivity to other future offices. Was just trying to get in front of that idea so we would not have to make significant routing changes in the future to accommodate new offices. I think you are suggesting that using a single area 0 is fine. Would love to hear any additional thoughts here.

Also with regards to the uni-cast flooding issues, I am not sure I understand. If the P2P Ethernet links are setup as L3 links/ports on the switches, would there still be the need to flood out those ports? I thought the flooding would only occur for the L2 switch ports and the L3 ports would only need the MAC of next hop?

Seems like I just need to try and tweak this again some to see if I can get it done.

Thanks again guys for the help here.

Bob.

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Regarding unicast flooding, you're correct L3 links should only need the next hop.  The issue is what's connected to these switches as part of your L2 topology and whether it's possible outbound traffic doesn't transit the same path as ingress traffic.  See http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00801d0808.shtml#cause1 for more information.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco