[c-nsp] Need some guidance for T1 / wireless ethernet handoff load balancing/failover setup

Gert Doering gert at greenie.muc.de
Tue Aug 19 04:20:58 EDT 2008 

Hi,

On Mon, Aug 18, 2008 at 06:36:20PM -0500, Scott Lambert wrote:
> I have a customer who went directly to cisco to ask about how to load
> balance two WAN connections 

I see two key issues here:

 - how to load *balance*.

 - how to reliably detect "wireless is down" if there is no end-to-end
   routing possible

The first one is hard - if you have two routers involved, VRRP (or GLBP,
if there is only a single client) will not provide load balancing, but
only failover.  That is: while one of the boxes is working, it will 
receive all the traffic from the PIX, and if it breaks, all the traffic
goes to the other box.

One possible approach to do this might be via "manual balancing", as
in "route all the VPN connections over one path, and all the web surfing
over the other path", but that's not overly easy to maintain.  The other
approach might be with Cisco OER - let the boxes figure out what 
destinations have the most traffic, and balance these flows over both
links.  But that will only work outbound from the customer to you - from
the ISP (you) to the customer, you also need to decide upon the balancing
criteria, if any.

"Just failover" is easy :)


The second part (how to diagnose that the wireless is down) is easier - you
could use a BGP session from the customer router to your edge router, just
sending "customer routes" and "default" back and forth.  If the wireless
mesh breaks, the BGP session will also break, and routing will fall over
to the other link.   (The StarOS routers would need to know the customer
routes statically, but that's not a problem, unless the customer changes
their IP addresses frequently).

If BGP is not an option, you could do it with IP SLA ("ping testing") and
static route tracking ("if it doesn't ping, withdraw the route") on both 
ends, but that's less elegant than BGP - and much more configuration work.

gert
-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert at net.informatik.tu-muenchen.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 304 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20080819/be806dd0/attachment.bin>

More information about the cisco-nsp mailing list