Showing results for 
Search instead for 
Did you mean: 

GLBP & First Hop Redundancy Issues

So here is the background:

I need to get a fully redundant network setup.  We have 2 cisco 1841's and 2 L3 switches (i dont know the model off the top of my head).  We also have 2 different ISP connections and 2 different WAN IP addresses.  This network is going to be used to host several servers that remote offices will connect to through VPN tunnels.  It will also have some users connecting through RDP connections, and hosting exchange.

Right now we have 1 ISP going to each router, then each router goes to one of the switches.  The switches have 2 vlans on them, one for a SAN network that is independent of everything else, and the other for all the network traffic.  The switches are connected by two LAG ports and allow the network vlan traffic. Setup GLBP on the routers to provide a redundant gateway.  My idea going forward was to setup OSPF on the routers and use VTI's for the VPN tunnels.  I would also need to configure OSPF on the remote routers, but then i would be able to acheive redundant VPN tunnels.

Here is my issue:

First i had configured GLBP using a weighted load-balancing method.  I soon noticed that my RDP sessions would quickly timeout and not reconnect.  I would have to use the other external IP address to get back in.  Again, that would only stay connected for a short time before kicking me off and making me switch ip addresses. I assumed that the ARP cache on the servers was timing out and sending another ARP request witch was returning a different virtual MAC address (in this case the other router) so the RDP session was being sent to the other router.

I decided to swithc the load-balancing method to host dependent.  This allowed my RDP sessions to stay connected, but i could only connect using one of the external IP address.  I would imagine thats because when the incoming packets come in on the "wrong" router, the server sends its RDP replys to its gateway (or active forwarder), and that active forwarder is a different router then the packets came in on.  So one of the external IP's allows RDP's to some servers, and the other allows RDP's to the other server.

My Question:

Is there a way to get things setup so traffic can come in on ether router (ether external IP address), and that traffic can find its way back out the ISP it came from (if nessicary like with a RDP session)?  I used GLBP over HSRP and VRRP because i was hoping it would allow this traffic in on ether ISP, I didnt even thing that session traffic would still not work because it might get sent back out the wrong router.

Thanks for any Advice/Ideas



   Have you been able to resolve the issue? I have similar problem at a customer.


Content for Community-Ad