Load-balancing across four T1's on 2 routers

What is the make and model of the layer 3 switch

If it is Cisco what is the IOS version ?

It is a Cisco 3750 switchstack running the latest - 12.2(25)SEE2

Merv wrote:

Interesting idea. I'll have to see if i can do something like that.

Thanks! Sean

Merv wrote:

Is there any flexibility with respect to the IGP routing protocol ?

Which routing protcols will your ISP support over your T1 links ?

What IOS is/will be used on the 2800 's ?

BTW how does the ISP intend to deal with this issue as it affects your inbound traffic ???

Would your ISP support BGP to you with a private AS number ?

Would you consider using BGP instead of OSPF ?

If you ever want to install redundant firewalls that are both active at the same time, then BGP is a good choice becuae it use TCP sessions and traffic to neighbour is unicast.

see Cisco doc

OBTW it is possible to support ECMP with BGP, the magic knob is max paths

router bgp maximum-paths eibgp 4

Sean

Thanks for the reply, but now it's even more "puzzling". Just out of curiosity, since you have everything redundant (2 routers from an ISP +

Sure. With your current setup, I'd get rid of L3 pair and use OSPF on the firewall (assuming it's a Cisco pix failover pair with more or less new version).

You are absolutely right. And as always there is a "BUT" Most likely client will be using just ONE T1 for any current session, unless you do some "serious magic" like "per-packet" or "no ip load-sharing per-destination". And some times people just want to download stuff faster then 180kB/s. If you would use MLPP - any given session is capable of getting up to 360kB/s guaranteed. And yes, if you lose a T1 - you lose the "whole" router because of OSPF. But there are always other ways of doing things (keeping in mind that T1 would be fixed within reasonable period of time). For example you can use BGP with link bandwidth feature between you and ISP. (using EIGRP between you and ISP would be unconventional, but possible). Or even better scenario - get two ISP with 2 T1 each. MLPP with each ISP. BGP (default

• local routes) towards you from each ISP. GLBP/HSRP/VRRP or OSPF on routers.

just my 2c Roman

Sean-Usenet wrote:

Hi Roman

On the one ISP thing, that is just how they want it - this is just a small contract job i'm doing.

My experience is mainly related to OSPF not BGP. I'll start looking at BGP, it sounds like it may be a better fit? If you have any pointers on setting it up using BGP let me know!

Thanks Sean

snipped-for-privacy@gmail.com wrote:

There is probably some flexiblity in regards wo which IGP routing protocol we use.

Do you think a different routing protocol would work better in this scenario?

The 2800's will run the latest 12.4 IOS

Merv wrote:

They might, although I'll have to do some quick reading on BGP, as my routing experience is mainly OSPF.

I'll check out the link, if you have any pointers on how to set this up using BGP let me know!

Thanks again for your help Sean

Merv wrote:

I would defintiely use BGP if I were implementing this network scenario.

BGP via route maps provides a great dealing of flexiibility with respect to route manipulation and filtering. Filtering routes in OSPF can only be done in some special cases.

BGP has the ability to do equal cost multi-path load balancing ( requires configuration). It would allow you to address the issue I raised about getting blackholed if the ISP access router becomes partitioned, etc, etc.

BGP has the ability to establish its TCP session thru a firewall and this is must useful in case of having two active firewalls.

The ISP can advertise just default or default + the ISP routes (ie .partial BGP routes).

If you need to change ISP providers in the future the new provider might not be willing to support OSPF. ALL ISP's that I have encountered will support BGP.

I would also take another look at MLPPP - at least find out if the ISP will support.

Sean

In you case (one ISP) BGP scenario will be really easy. You will have a luxury of using BGP on low-end boxes just because you need only default from your provider. Also (as Merv pointed earlier) you need "maximum-paths" configured

Something like this (for v12.4):

router bgp bgp log-neighbor-changes neighbor remote-as neighbor remote-as maximum-paths 4

address-family ipv4 neighbor activate neighbor activate no auto-summary no synchronization network mask {your provider will decide about your BGP route announce} exit-address-family

In case of MLPP use - here is the link

Roman Nakhmans> Hi Roman

Great, thanks for the detailed information. Does BGP support UNequal-cost load-balancing? Something like if we lose one T1, one router will receive 2/3 of the traffic and the other will receiving 1/3 of the traffic?

EIGRP supports UNequal-cost load-balanc> Sean

Sean

Yes, just add couple more command to your BGP config

EIGRP between you and ISP? Not a good practice, but possible It's OK to use MLPP between you and ISP anyway, especially if you have BGP load bandwidth configured

If you have 2 routers with multilink connection (2 T1 bundle) Your BGP part would be something like this:

router bgp bgp log-neighbor-changes neighbor remote-as neighbor remote-as maximum-paths 2

address-family ipv4 bgp dmzlink-bw neighbor activate neighbor dmzlink-bw neighbor activate neighbor next-hop-self neighbor send-community both no auto-summary no synchronization network mask {your provider will decide about your BGP route announce} exit-address-family

Roman Nakhmans> Great, thanks for the detailed information. Does BGP support

It is not clear that when a link within an MLPPP bundle drops, that the BGP link bandwidth feature woud re-advertise all the affected external routes to its internal BGP neighbours.

Since the EBGP external link bandwidth are carried within extended communities this would have to occur in order for the iBGP neighbors to load bancing accordingly.