[c-nsp] VPN failover / load sharing using IOS?

Brian Feeny signal at shreve.net
Tue Feb 8 23:31:43 EST 2005 

thanks, although that looks to be for sites with multiple routers and  
multiple links.  Each of these sites is only going to have one router,  
that takes in 2 T1's.  I don't think that will work in that scenrio.

Brian

On Feb 8, 2005, at 10:07 PM, Cameron.Dry at didata.com.au wrote:

> Check out:
>
> http://www.cisco.com/en/US/products/sw/iosswrel/ps5012/ 
> products_feature_
> guide09186a00800ed370.html
>
> Cameron
>
>
>
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of
> signal at shreve.net
> Sent: Wednesday, 9 February 2005 11:50 AM
> To: 'cisco-nsp'
> Subject: [c-nsp] VPN failover / load sharing using IOS?
>
>
> Has anyone done any type of VPN failover and/or load balancing using
> IOS?
>
> For example something like a 2 1700 routers, each with 2 T1 cards in
> them,
> Each T1 card would be connected to a different ISP, each with its own
> IP space
> (no BGP).  Either T1 would be able to go down, and the VPN could
> re-establish
> itself over the remaining T1.  Both T1's would be load balanced over
> for VPN
> connectivity.
>
> Is it possible to establish 2 VPN's, 1 over each link, with the same
> source/destination private networks defined, and have the router load
> balance these and also work in failover?
>
> Another thought, which is kind of ugly (but maybe not), is 2 GRE
> tunnels, and then dual static routes over the tunnels:
>
> Router 1 T1 #1  <----------------------- GRE Tunnel #1
> -------------------> Router 2 T1 #1
> Router 2 T1 #2 <------------------------ GRE Tunnel #2
> -------------------> Router 2 T1 #2
>
> ip route <insert vpn endpoint ip> 255.255.255.255 Tunnel1
> ip route <insert vpn endpoint ip> 255.255.255.255 Tunnel2
>
> Then establish the VPN on top of the above.  I don't particular like
> the idea of building a tunnel on top of 2 other tunnels, so if anyone
> has experience in doing this type of setup, please share what you used
> to do it.
>
> Brian
>
>
>
> Brian Feeny, CCIE #8036, CISSP
> Network Engineer
> ShreveNet Inc.
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
>
> *********************************************************************** 
> *******
>  - NOTICE FROM DIMENSION DATA AUSTRALIA
> This message is confidential, and may contain proprietary or legally  
> privileged information.  If you have received this email in error,  
> please notify the sender and delete it immediately.
>
> Internet communications are not secure. You should scan this message  
> and any attachments for viruses.  Under no circumstances do we accept  
> liability for any loss or damage which may result from your receipt of  
> this message or any attachments.
> *********************************************************************** 
> *******
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

Brian Feeny, CCIE #8036, CISSP
Network Engineer
ShreveNet Inc.

More information about the cisco-nsp mailing list