[c-nsp] MPLS/VPN Loadbalancing with 2 CPE routers

Tony td_miles at yahoo.com
Sun Dec 22 20:42:21 EST 2013 

I know it's not the answer you're looking for, but we have the similar situation where we have two links coming into the SAME PE. In which case at the CPE end we run OSPF + HRSP.

HSRP is weighted so that the router designated as "primary" will always be the default gateway (if it is up). OSPF is then configured with manual weights so that on CPE1 the two paths (CPE1-PE & CPE1-CPE2-PE) "look" to be the same and so it loads shares. That is for upstream traffic, downstream is load shared because both CPE's advertise the LAN range to PE. If the first link goes down, CPE1 is still HRSP active and routes traffic via CPE2 (using OSPF). If CPE1 goes down entirely then CPE2 takes over HSRP address and routing works via the 2nd link.

If your two links go to two different PE's, then to achieve load balancing over the two links you need to make the links look "equal" to routing protocols. It also depends a bit on upstream traffic paths to the two PE's. Can you have equal paths through your core, or is it all going to end up at one PE first anyway. If you can move both links to the same PE, that would make it easier (the setup I described above).

An alternative might be to switch to using BGP as your routing protocol and advertise a subnet of the traffic on each link, but this depends a lot on what your traffic is and your distribution. Eg. Advertise half of a /24 as a /25 on each link and also advertise the /24 on both links. If both links up, the /25 for that link be preferred. If one link goes down, then it's /25 will be covered by the /24 on the other link.

I've never used it before, but this also looks to be what you are wanting to do:
http://www.cisco.com/en/US/docs/ios/12_2sx/feature/guide/fsxeibmp.html

Which allows you to load share outbound (ie. from PE's) between both iBGP & eBGP routes.




regards,
Tony.



________________________________
 From: Nicolas KARP <liste at karp.fr>
To: Chris Stand <cstand141 at gmail.com> 
Cc: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net> 
Sent: Saturday, 21 December 2013 11:37 PM
Subject: Re: [c-nsp] MPLS/VPN Loadbalancing with 2 CPE routers
 

Hi Chris,

I'm the service provider :) I manage the MPLS VPN cloud for this customer
and he asked us to loadbalance the traffic between the 2 WAN links...
That's why I said that I can use the protocol I want (eigrp / ospf / bgp)
between the CPE and the PE.

Regarding the Lan architecture, the default gateway of all the servers on
the LAN are the L3 switch and then the L3 switch has a default gateway
pointing to the HSRP address shared between both CPE's..  So in this case,
the GLBP can't handle the loadbalancing because there would be only one
"client" which is going to perform an ARP request and then only one router
will be used.

Thanks again.


# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - -
# - -   Nicolas KARP
# - -   Network and Security Engineer
# - -    Email : liste at karp.fr <nicolas at karp.fr>
# - -    Linkedin :  http://www.linkedin.com/in/nicolaskarp
# - -    Viadeo : http://www.viadeo.com/fr/profile/nicolas.karp
<http://www.viadeo.com/fr/profile/nicolas.karp%20>
# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - -





2013/12/21 Chris Stand <cstand141 at gmail.com>

> Is there "too much" traffic on one leg ?  Does PE2 & PE1 connect into the
> same provider cloud or are they different ( orange, AT&T ).
>
> I think maybe you might need to let PE1 and PE2 talk directly to each
> other and if you do not care about BGP/AS paths ( I analyzed the paths of
> close to 500K remote networks from our 2 different service provider BGP
> feeds  [ since converted to default as there was no gain; everybody talks
> to everybody and TATA talks to the rest ] and statistically they were the
> same) ... just make both of them learn a default route from their next hops
> and handle the link1, link2, link1, link2 route that way.
>
> ??
>
>
>
>> Message: 8
>> Date: Sat, 21 Dec 2013 06:10:51 -0600
>> From: Chris Stand <cstand141 at gmail.com>
>> To: cisco-nsp at puck.nether.net
>>
>> Subject: [c-nsp] MPLS/VPN Loadbalancing with 2 CPE routers
>> Message-ID:
>>         <
>> CAJYExY8jYuavV3Gd3G9f6SsbAvSS4CYJw89nJ+ewUMep4_1o2g at mail.gmail.com>
>> Content-Type: text/plain; charset=ISO-8859-1
>>
>>
>> Bonjour,
>>
>>    I do not know your exact topology well enough, but could you run GLBP
>> on
>> a vlan that goes through the L3 switch ( I am not aware of a switch that
>> ONLY does L3 and does not allow you to pass L2 through at the same time.
>>  I
>> do GLBP on 7K & VSS links that run through other 6500s.
>>
>> Or, again not being fully knowledgeable on your network , could you do 2
>> HSRP groups on the LAN and use both default gateways at the same time on
>> devices that point to the existing HSRP ".1"
>>
>> If you have not done this before you make routerA active in group1,
>> standby
>> in group2; routerB standby in group1, active in group2.
>>
>>
>>
>> Message: 10
>> > Date: Fri, 20 Dec 2013 16:35:43 +0100
>> > From: Nicolas KARP <liste at karp.fr>
>> > To: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net>
>> > Subject: [c-nsp] MPLS/VPN Loadbalancing with 2 CPE routers
>> > Message-ID:
>> >         <
>> > CAELGAXcJQ1EEnLEcZaUsy-EWDsMFZRT+00KKnPu2jEte+4ogRQ at mail.gmail.com>
>> > Content-Type: text/plain; charset=ISO-8859-1
>> >
>> > Hi Guys,
>> >
>> > We have a customer who has 2 CPE routers. We have 2 uplinks, the first
>> one
>> > attached to the first router CPE1, the second one attached to the second
>> > router CPE2.
>> >
>> > We have ebgp configured with 2 different PE's and IBGP between the
>> CPE's.
>> > HSRP is configured on the LAN. Unfortunately, we can't use GLBP because
>> > there is a L3 switch behind the CPE's.
>> >
>> > How can we achieve the loadbalancing between the 2 links ?
>> >
>> > PE1            PE2
>> >   |                |
>> >   |                |
>> > ebgp           ebgp
>> >   |                |
>> >   |                |
>> >  CE1 --Ibgp--- CE2
>> >
>> >
>> > Thanks and Best Regards,
>> >
>> > # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>> - -
>> > - - - - - - - - - - - - - - - - - - -
>> > # - -   Nicolas KARP
>> > # - -   Network and Security Engineer
>> > # - -    Email : liste at karp.fr <nicolas at karp.fr>
>> > # - -    Linkedin :  http://www.linkedin.com/in/nicolaskarp
>> > # - -    Viadeo : http://www.viadeo.com/fr/profile/nicolas.karp
>> > <http://www.viadeo.com/fr/profile/nicolas.karp%20>
>> > # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>> - -
>> > - - - - - - - - - - - - - - - - - - -
>> >
>>
>>
>
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list