[c-nsp] Load Balancing two different ISP's

Matthew Crocker matthew at crocker.com
Fri Sep 15 09:26:23 EDT 2006 


Take a look at www.fatpipeinc.com

It is expensive and does nasty things with DNS TTLs but it can load  
balance (to a certain extent) inbound & outbound traffic over  
different ISPs with different IP number blocks,

Basically, it is 2 NAT firewalls load balancing outbound traffic  
streams onto the two ISPs (sourcing packets from each IP address).  
And A DNS server doing DNS round-robin for A,MX records with a short  
TTL (10 seconds ??)

-Matt


On Sep 15, 2006, at 7:40 AM, Paul Stewart wrote:

> Thanks again to everyone for your replies.... We're going to setup a
> test link and see where it goes.  BGP is not an option... This concept
> is driven by a customer who wants a connection via  us (as the ISP)  
> and
> also via another ISP for redundancy.....
>
> All the best!
>
> Paul
>
>
> -----Original Message-----
>
>>>
>
> I wouldn't enable per-packet load-balancing on the interfaces, this  
> can
> sometimes foul up voip calls and video stuffs.  Especially since your
> going out 2 different providers as one path will inevitably be longer
> than the other and you'll get lots of of out of order packets.
> With just 2 static routes it should use per-session or a hash-based
> source ordering.  Where one session or source/dest pair will use one
> link the next one will use the other link.  If you're just going to  
> nail
> up a single VPN session outbound you won't get any balancing but if  
> you
> have lots of destinations outbound you'll have better balancing.
>
> Also note that after you get things up and running for a bit, if one
> circuit goes down it can take a bit to come back to a balance as your
> CEF cache gets re-ordered.  But hey, auto-failover is a heckuva lot
> better than doing it manually!
>
> Also, if you do end up with a BGP peer to each provider you can then
> tweak your incoming traffic a bit better, as Frances said.  If you  
> don't
> use BGP then if both providers are roughly the same Tier level (ugh I
> hate to mention tiers, I don't wanna start that discussion) your  
> traffic
> should somewhat even out over time.  Day to day you may see large
> differences but over time it should be somewhat close.  The other side
> of that is if you peer with say AT&T on one link and a customer of a
> customer of a customer of UUnet/MCI/Verizon on the other you may see
> traffic heavily favoring your ATT link inbound without some judicious
> use of communities and prepends.  You'll just have to dive in and work
> with it until you've gotten things somewhat close.
>
> --chip
>
> --
> Just my $.02, your mileage may vary,  batteries not included, etc....
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

--
Matthew S. Crocker
Vice President
Crocker Communications, Inc.
Internet Division
PO BOX 710
Greenfield, MA 01302-0710
http://www.crocker.com

More information about the cisco-nsp mailing list