Configure Cisco 2620 using 2-T1, and load balance 4

[leungr]

I have two Cisco 2620 routers with 2-T1 cards. Originally it was configured as a bridge, but we are changing it to work as a router. I have reconfigured it, but do not know how to load balance. Also the systems using the new ip addresses that need to see the server across the router, has a problem when they use their dialup for internet. It loses the network connection to the server until the dialup session s completed.
Here is my running configuration for both routers:


Router-W1
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router-W1
!
enable secret 5 $1$YzVt$Pj1OKqVsXIx1U0FholWAi1
enable password xxxxx
!
no ip subnet-zero
!
!
!
!
interface FastEthernet0/0
ip address 10.40.100.253 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
!
--More--
interface Serial0/0
ip address 10.40.101.1 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial0/1
ip address 10.40.101.3 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.40.100.250
ip route 10.40.200.0 255.255.255.0 10.40.101.4 10
no ip http server
!
snmp-server engineID local 000000090200003080B9B8E0
snmp-server community public RO
!
line con 0
transport input none
line aux 0
line vty 0 4
--More--
password xxxxxxxxx
login
!
end

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Router-W2
Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router-W2
!
enable secret 5 $1$eTHJ$IqVnl0VZO9jnrGUb9U5311
enable password xxxxxxxx
!
no ip subnet-zero
!
!
!
!
interface FastEthernet0/0
ip address 10.40.200.253 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
!
--More--
interface Serial0/0
ip address 10.40.101.2 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial0/1
ip address 10.40.101.4 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.40.100.250
ip route 10.40.100.0 255.255.255.0 10.40.101.3 10
ip route 10.40.100.0 255.255.255.0 10.40.101.1 10
no ip http server
!
snmp-server engineID local 000000090200003080B9B860
snmp-server community public RO
!
line con 0
password cij1998
transport input none
line aux 0
--More--
line vty 0 4
password xxxxxxx
login
!
no scheduler allocate
end

 

[lui3]

ip route 0.0.0.0 0.0.0.0 serial 0 50
ip route 0.0.0.0 0.0.0.0 serial 1 50

this will load balance. remove the other ip route statement. make sure these routing statements are present on both sides.

you can also use a routing protocol like eigrp if you like but it looks like u are using static here.

if you want eigrp i can send it to you

Lui3
CCNP,CCDA,A+/Net+
Cisco Wireless Specialization

 

[reverendo]

Try using multilink interface, this is a group of your 2 WAN interfaces that works as one. You can see more details in cisco.com page, only search for PPP multilink Interface.

Also you can make load-balancing with eigrp and other routing protocol, but you have take care that apply
int f0/0
no ip route-cache !(if you want per-packet load balancing)

Some version of Cisco IOS has other comands to make load-balancion over routing protocol to select load balancing per-packet or per-session

 

[leungr]

Lui3
I tried making the changes you suggested, however when I type in the command
ip route 0.0.0.0 0.0.0.0 serial 0 50
I get the error " Invalid input detected at ^ marker.
The marker is sitting at the space between the 0 and 50.
Is there something that i am missing??

 

[leungr]

Lui3
I think I corrected the error.
I have to use the following statement
ip route 0.0.0.0 0.0.0.0 serial 0/0 50
ip route 0.0.0.0 0.0.0.0 serial 0/1 50

Unfortunately I will have to apply the changes tomorrow as time ran out today.

 

[jdl508]

By using multilink PPP you will allow the router to load balance at the packet level the traffic over the T1's. Also if you have a failed T1 the traffic will continue to flow just at half the speed. We have multiple sites using multilink T1's running at 3+ MBps.

 

[lui3]

only thing with ppp multilink is that both sides have to be configured the same in order to use it. if you can do that then that is always an option.

Lui3
CCNP,CCDA,A+/Net+
Cisco Wireless Specialization

 

[jcurtiss]

This will work? You can put 2 static default routes in?

 

[lui3]

as long as they are equal admin distances they will load balance. yes

Lui3
CCNP,CCDA,A+/Net+
Cisco Wireless Specialization

 

[jcurtiss]

i didn't know that. and the no ip route-cache command on the ethernet interface will make it per-packet?

 

[jcurtiss]

is the 50 absolutely necessary?

 

[lui3]

no just an example of equal admin distances

i don't do per packet but i believe that is correct.

Lui3
CCNP,CCDA,A+/Net+
Cisco Wireless Specialization

 

[mufka]

Does this scenario actually load balance or does it just use round robin for packet delivery?

 

[jeter]

Have you thought about load sharing per packet?

“Reserve your right to think, for even to think wrongly is better than not to think at all”

Fisher CCNP,CCNA Network+

 

[3wsparky]

i'm currently looking into a project at work and think i might have created a rod for my own back

at my last employment we had configured a linux box to packet filter , it had five network cards in the back of it and was configured with round robin to divide the users across 4 adsl links ie 60 per adsl line as an example

now i have moved jobs and mentioned that idea there due to poo internet speeds , they mentioned it as being a great idea but want to implement it using some 2600 routers , so i am again looking to try an do this using round robin - worked great in the last job , had the odd issue if a line fellover you would find every few mins your page won't load but once removed from the robin rule was good again.

i have looked through endless sites for this and have had no joy , are static fowardings the only way of doing this ?
also does the static route used lock you to that route for that session ?

i would like to fit the 2600 with adsl wics to keep it all in one box and was also wondering if the nat translations
would be a problem ?

many thanks

Terry

*The man that don't ask don't get - the man that did ask didn't get ! but lives happy in the knowledge that he tried*

 

[rtfmdude]

for load-sharing/balancing, etc - I think ppp multilink is the best option. The fragmentation happens at layer 2, and breaks packets into even fragments and sends 'em down the line. This is true load-sharing(with frag - it can be disabled) and not per-packet load-balancing(which can have varying results).

Since everything is managed at L2, you don't have to worry about:

-multiple ip addresses (though you could go unnumbered or something - more complex)

-managing multiple static routes/routing protocols/variance issues

-scalability. IIRC, IOS is limited to 6 routes for the same destination network, so, you could never go over 6 t1s for equal cost routing(there may be some other creative solutions).

-=-=-=-=-=-=-=-=-

load balancing over dsl/cable, on the other hand - that would have to be handled by multiple static routes. frankly, that would suck - I'd just be waiting for a situation where 1 of the broadband connections takes a dump(like, cable is dead, but link is up between cable 'modem' and router ethernet interface), but the local interface stays 'up.' You'd be sending packets down a black hole - making tcp retransmit like crazy and totally borking udp connections.

maybe you can just get business class broadband? at least you'd have SLAs to hold 'em to.

 

[3wsparky]

like i say at my last employment it was done using linux which worked very very well , this is not about a single user pulling the power of all the adsl line , just allowing users to be distributed evenly across the 2,3,4 lines that are there .

the fact that adsl is very cheap and will only be used for users to browse the web means that any down time is considered acceptable as the web access is a tiny part of there job.

this will leave a large amount of cash to be invested in our corprote pipe where our mail , vpn , etc services wont be crippled every lunch time.

Terry

 

[rtfmdude]

3wsparky,

Ah - that definitely makes sense. If you did this with Cisco boxes, I would recommend getting some dsl wics to terminate the circuits in(easier to see a downed circuit that way) though you might be able to use the SAA(service availability agent - i think) feature built into IOS to see downed links if you use ethernet(wic-1e or something). As long as you keep fast switching/cef turned on, you'd do a per destination load balancing, rather than a per packet. NAT shouldn't be a problem, then.

 

[3wsparky]

i have read , please correct me where i'm wrong ...

if i have to static routes to the adsl wics with equal cost then it will load share providing that the route cache is turned off = fine
but i have also read in alot of places that with the route cache turned off you are inspecting the header of every packet and putting a different desternation mac address in each packet which is VERY cpu intensive is this as bigger problem as people sugest ? , i would like for trial sakes to have a 2600 of some breed with 2 adsl wics in it to keep things tidy and simple , any ideas what ios i should go for & ways this can be achived without killing the cpu ?

what does the "cef" command do ?

many thanks

Terry

 

[rtfmdude]

basically,

cef is 'cisco express forwarding' - it's a fast switching technique that stays stable even with a high number of routes/adjacencies or something. Leave it on, if you can. fast switching(config 'ip route-cache') is a prerequisite of enabling cef.

assuming you have mutiple equal cost routes to a destination:

cef on = per destination load-balancing
cef off/fast sw on = per destination load-balancing
cef off/fast sw off = per packet load-balancing

just leave fast switching and cef on, you'll quasi-load balance. even with per-packet load-balancing, you're not really load balancing(as you're not taking into account the size of each packet) - plus you could break tcp if you load-balance and nat on the same box.