If you can do (private) BGP, this document may help: http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example0918 6a00800945bf.shtml#conf3
Frank -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gert Doering Sent: Tuesday, August 19, 2008 3:21 AM To: [email protected] Subject: Re: [c-nsp] Need some guidance for T1 / wireless ethernet handoff load balancing/failover setup Hi, On Mon, Aug 18, 2008 at 06:36:20PM -0500, Scott Lambert wrote: > I have a customer who went directly to cisco to ask about how to load > balance two WAN connections I see two key issues here: - how to load *balance*. - how to reliably detect "wireless is down" if there is no end-to-end routing possible The first one is hard - if you have two routers involved, VRRP (or GLBP, if there is only a single client) will not provide load balancing, but only failover. That is: while one of the boxes is working, it will receive all the traffic from the PIX, and if it breaks, all the traffic goes to the other box. One possible approach to do this might be via "manual balancing", as in "route all the VPN connections over one path, and all the web surfing over the other path", but that's not overly easy to maintain. The other approach might be with Cisco OER - let the boxes figure out what destinations have the most traffic, and balance these flows over both links. But that will only work outbound from the customer to you - from the ISP (you) to the customer, you also need to decide upon the balancing criteria, if any. "Just failover" is easy :) The second part (how to diagnose that the wireless is down) is easier - you could use a BGP session from the customer router to your edge router, just sending "customer routes" and "default" back and forth. If the wireless mesh breaks, the BGP session will also break, and routing will fall over to the other link. (The StarOS routers would need to know the customer routes statically, but that's not a problem, unless the customer changes their IP addresses frequently). If BGP is not an option, you could do it with IP SLA ("ping testing") and static route tracking ("if it doesn't ping, withdraw the route") on both ends, but that's less elegant than BGP - and much more configuration work. gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany [EMAIL PROTECTED] fax: +49-89-35655025 [EMAIL PROTECTED] _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
