Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
189
Views
2
Helpful
2
Replies

WAN Loadbalancing with two default routes from two ISPs

udo.konstantin
Level 1
Level 1

‎07-25-2017 01:13 AM - edited ‎03-05-2019 08:53 AM

Hello,

a customer has two ISPs and it's own AS. For each ISP we use a router which is connected with BGP to the ISP. 

The LAN has it's default route pointing to the firewall which in turn uses the default routes which comes from the (two) ISPs via BGP. 

What will be the best practice recommendation to use loadbalancing between the two ISPs. When we configure for example HSRP between the routers only one router will be the active. So if the firewall is pointing to the VIP of the HSRP we have no loadbalancing because only one route is the active one.

Regards

Udo 

Labels:
0 Helpful
2 Replies 2

Georg Pauwen
VIP
VIP

‎07-25-2017 03:33 AM

Hello Udo,

have a look at the link below, in your case scenario 4,5, and 6 in particular:

http://showipbgp.com/bgp-configurations/cisco.html

Raja_D
Level 1
Level 1

‎07-25-2017 11:28 AM

I would suggest you  to go with below steps:

1. Break the Lan pool subnet into two halves  

2. Define one of the ISP as  Primary ISP by making use of Bgp Attribute Local preference. 

3. Define the second ISP as secondary ISP by making use of the BGP Attribute AS Path prepend. 

4. Advertise the entire lan Pool and half among the entire Lan pool as second subnet in bgp. 

5. Define policy based routing and set the next hop of the second half lan pool as the Secondary wan ip on the secondary router as seen in below config:

Example:

Primary link

neighbor 10.24.X.X route-map LOCALPREFERENCE_IN_LP in (Defines the traffic that is going from inside to outside)
neighbor 10.24.X.X route-map LOCALPREFERENCE_OUT out (Defines the reverse traffic that is comming from outside to inside)
=================
Secondary link

neighbor 10.25.X.X route-map ASPATH_IN in (Defines the traffic that is going from inside to outside)
neighbor 10.25.X.X route-map ASPATH_OUT_PREPEND out(Defines the reverse traffic that is comming from outside to inside)

Actual Lan segment : 10.160.55.128 255.255.255.192.

Here the second half of the Lan segment is 10.160.55.160 255.255.255.224.

ip access-list standard SECOND_HALF
permit 10.160.55.160 0.0.0.31
deny any

route-map LOADSHARING
match ip address SECOND_HALF
set ip next-hop verify-availability 10.25.X.X

Apply the above policy based route-map statement in Lan interface. 

This should enable the second half of the subnet to pass through Secondary and First half through Primary wan link among the 2 available routers and when traffic passes by through second link you should see the policy based matches on route-map LOADSHARING

James.. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card