Re: WAN Architech with Dual ISPs

cedar_lee · ‎11-12-2008

We need connect our two data centers to 3 other remote sites via two ISPs MPLS WAN. Each ISP pipe will be running 200Mbps. Basically we have 4 classes of traffic, Email, Images, VOIP/Vedio and Others. Email and Images are heavy traffic. which of the following could be the better solution?

1. Split the traffic into two IPSs WAN pipes, such as Email and Images go to ISP A and the rest go to ISP B.

2. Load balance between these two IPSs

CriscoSystems · ‎11-12-2008

Since all pipes are running at the same speed, I'd say load-balance.

Giuseppe Larosa · ‎11-13-2008

Hello Cedar,

load balancing but you need to ask the two providers to accept your QoS markings and to treat traffic according to the four traffic classes.

Configuration of QoS features like scheduler and congestion avoidance (WRED) completes the solution

Hope to help

Giuseppe

Joseph W. Doherty · ‎11-13-2008

Using QoS and both ISPs, I believe, is the better solution than spliting type of traffic across different paths. One reason, dealing with an ISP failure.

Actual QoS solution depends on whether your traffic flows logically across a mesh, and if it does, whether your MPLS vendors support a QoS model. Most should, although you may need to request it, select it (from various profiles), and perhaps pay extra for it.

[edit]

BTW: I'm assuming your MPLS is L3 not L2.

cedar_lee · ‎11-13-2008

Thanks to Joseph, Giuseppe and CriscoSystems. It sounds all of you agreed that Load Balance is a better solution.

But it brings up other questions.

1. From maintenance and troubleshooting perspective, lots of people said Load Balance is hard to monitor and trace traffic. Is it worthy?

2. What are the options regarding routing protocols to do the load balancing? Assume all the edge devices are cisco ASR1002; WAN is L3 MPLS; Most probably encryption/tunneling would not be allowed.

Giuseppe Larosa · ‎11-13-2008

Hello Cedar,

thanks for your kind remarks

1) there are commands that help to understand which path a specific flow with a given IP source and IP destination will take between the available paths

something like

sh ip cef exact-route

other commands can help on multilayer switches like

sh mls cef exact-route

So this shouldn't be an issue.

It has to be cleared that you cannot expect load-balancing to be perfect: it will not be exact outbound and can be unbalanced inbound.

2) if the WAN is L3 VPN you have some choiced about the protocol to use but your router will peer on each link with the SP PE node not directly with your remote sites.

eBGP or OSPF or EIGRP can be used but if using the latter two the SP will do the job for you of carrying EIGRP/OSPF routes within MP BGP

Hope to help

Giuseppe

Joseph W. Doherty · ‎11-13-2008

"1. From maintenance and troubleshooting perspective, lots of people said Load Balance is hard to monitor and trace traffic. Is it worthy?"

I guess that depends much on the capabilities of the people involved and just what the configuration required. I've never thought using something like PBR to split different traffic across different paths particularly simple especially when dealing with path failures.

If someone was thinking of dynamic load balancing using OER or PfR, that does raise the complexity, although just interface load balancing isn't too complex.

Routing options depend on what routing you're doing. You could have something as simple as two static defaults routes, one pointing to each vendor.

IGPs like OSPF and EIGRP support equal cost multiple paths. The latter also supports unequal cost paths.

BGP could be an issue; although it supports multiple paths, there are multiple condidions involved it getting it to use more than one.

If you have two WAN routers, GLBP could split the outbound gateways.

cedar_lee · ‎11-13-2008

Giuslar and Joseph,

Thanks for the valuable information. I enjoy this forum so much.