design question

mattsthe2mattsthe2 Member Posts: 304
Folks im intertested in hearing your coolest ideas for this design.
I have two edge routers. Each router has a pipe to the internet.
The edge routers connect to one core switch (a 6509).

Can i load balance the outbound internet traffic? if so how (im running BGP to the ISP's) and OSPF internally.

Also I have MPLS WAN connection to my provider on one of the edge routers and a backup MPLS WAN connection on the other. The backup MPLS is pay-per-use and need only be used if the primary fails.

I'm messing around with HSRP SLA Object tracking but now sure of the coolest and most effective zero-touch solution.


  • Ryan82Ryan82 Member Posts: 428
    I was going to suggest GLBP but that would utilize your backup link equally and would cost you money. I guess the best option I could think of would be HSRP while utilizing object tracking for your outbound interfaces to your isp for seamless failover.
  • networker050184networker050184 Mod Posts: 11,962 Mod
    I'm a little confused, you are asking if you can load balance, but then you say you want to just use one link?

    What kind of routes are you getting from your provider? If you are receiving a BGP default route from the provider, you can prefer the one on the main link with local preference. You can then have both the routers inject a default into OSPF. The routers should use the default route off the router with the higher local preference set (because that route will be in the routing table). If that BGP session goes down and the default is lost it will automatically switch over to the other default route. When the main router gets its default back it should go back into the table and be used automatically also.

    If you are not receiving a default route from your provider, then you will have to work a little more magic with static routes and tracking them to be removed.

    Inbound traffic will be a little harder to manage. You can prepend out the back up link, but you may need to work with your provider to get all the traffic off if you haven't already.
    An expert is a man who has made all the mistakes which can be made.
  • jason_lundejason_lunde Member Posts: 567
    Do you have a default route on your 6509 now leading out to the internet? SLA is a pretty good idea for this type of situation (outbound at least, inbound is another beast). You can basically have a sla monitor/tracker pinging your ISP gateway on the link that you want to use, and if it receives no response you can kill the default route and use a route with a higher metric. Cisco blog had a good article on it a while back. Cisco Blog: Dynamic Failover with IP SLA

    I have used it on an ASA and never had to touch it after the initial config.
  • cisco_troopercisco_trooper Too many Member Posts: 1,442 ■■■■□□□□□□
    Is there a firewall between your core switch and edge routers?

    If you are BGP peered between your two ISPs the goal isn't always load balancing so much as optimum paths for your internet bound traffic, and the obvious benefit of maintaining your Internet connectivity when one of your ISPs experiences an outage.

    I assume your MPLS connectivity is providing connectivity to one or more remote sites...and you have no need to load balance these services...?
  • mattsthe2mattsthe2 Member Posts: 304

    No we have dual internet connections we can use at any time.
    We also have dual WAN connections (2) DS-3 Connections however one is only pay-per-use.
    Any so we only want to use the other DS-3 when the primary connection goes down.


    No firewall between the edge and the core. The ASA hangs off of the core router. However the traffic flow will start at the edge enter the core on a vlan and hit the ASA where it will u-turn back to the core.

    Will repsond to more of the questions later, Im not being told to turn off all electronic devices and prepare for take off. lol.
Sign In or Register to comment.