By using some policy routing and overloading NAT on the outbound interface you can be assured that packets will return in the same interface they go out. Also, there is no need to run BGP because all of the addresses are private, and (I'm assuming) there are no public servers. If the router is doing NAT to the interface IP address, each ISP is already advertising a path to that address. This would not necessarily be a simple configuration, but it would meet the requirements without the purchase of extra hardware.
-----Original Message----- From: Shannon Rush [mailto:[EMAIL PROTECTED]] Sent: Wednesday, December 12, 2001 2:02 PM To: Ben Setnick; [EMAIL PROTECTED] Subject: RE: Source-sensitive Routing ... I usually don't jump into the middle of discussions like this, but if you are sending traffic out to the internet, you are not only concerned with which interface your traffic leaves, but also which interface traffic comes back in on. The only way to maintain symmetry in your traffic is to either have some both connections to a single ISP and make some arrangements with them to load balance, or in the case of multiple ISPs, you have to run BGP. That is the only way that I'm aware of to advertise routes to a single block of addresses through multiple ISPs. The load balancing mentioned in the links below are on two links to the same place. That is not the case detailed in the initial e-mail. -----Original Message----- From: Ben Setnick Sent: Tue 12/11/2001 7:07 AM To: [EMAIL PROTECTED] Cc: Subject: RE: Source-sensitive Routing ... If your router has 2 serial ports there is no need for any other device to do load balancing. There is also no requirement that you run any type of dynamic routing protocol. The router will do per-destination load balancing across 2 equal cost static routes. Please take a look at this page on Cisco's website: How Does Load-Balancing Work? http://www.cisco.com/warp/public/105/46.html How Are Packets Routed for IP over Equal Paths? http://www.cisco.com/warp/public/105/27.html You will not need any additional equipment, and depending on your needs, by doing NAT on the router you may be able to eliminate the proxy server altogether. Ben Setnick -----Original Message----- From: Pradeep Kumar [mailto:[EMAIL PROTECTED]] Sent: Saturday, December 08, 2001 7:48 PM To: Eric Schroeder; [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: Source-sensitive Routing ... If I were you Rakesh, I would use a WAN link load balancing in this scenario. Can you spend $800 more for a load balancer. I tried brain storming this with a few collegues and someone suggested to do ospf on both and load balance. Do you have statics to the isp 1, 2 or are u routing ? Eric- can you do lb using BGP ? -Pradeep Kumar -----Original Message----- From: Eric Schroeder [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 06, 2001 10:18 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: Source-sensitive Routing ... One way to do this is to use BGP. This load balances ok if you have two Teir 1 providers, but will not load balance otherwise. The advantage is this is the only way to provide uptime if one of the ISPs goes down unless you do NAT on the Cisco 2514. You may have problems running BGP on a 2514, but I think this will work as long as you only get routes to connect hosts from each ISP, and then set the default route to the least used link. Hope this helps. Eric Schroeder [EMAIL PROTECTED] 12/05/2001 09:44 PM To: [EMAIL PROTECTED] cc: Subject: Source-sensitive Routing ... Dear memebers, I have the following network configuration: -------------------------------------------------------- | | | 10.x.x.x | | | -------------------------------------------------------- | | ---------------------- | Dual Homed Gateway | ---------------------- | | --------+------------- | Cisco 2514 Dual LAN | | Router | | | | wan1 wan2 | ---+------------+----- | | | | | | ISP1 | | ISP2 ======================================== + + + INTERNET + + + ======================================== All our clients in the private network address (10.x.x.x). Using the Proxy Server at Dual homed gateway, these clients get connected to Internet using ISP1 link. Recently we have received another link for Internet connection from ISP2. Hence we are planning to route some of the clients of private network address(10.x.x.x) through ISP1 link and the remaining ones through ISP2 link, using Cisco 2514 Dual LAN Router running IOS software 11.0. After reading the Cisco documents, I came to know that this is possible through SOURCE-SENSITIVE routing at the Router. I want to know the followings: 1. Is there any alternative way(s) to achieve this goal using the same router having two WAN interfaces? 2. What are the security issues related to SOURCE-SENSITIVE routing ? Waiting for your suggestions .... Rakesh Kumar ============ -------------------------------------------------
