I am trying to configure a Cisco 1811 ISO version 12.4 router to do load balancing between two cable modems via Ethernet. I am unsure the best way to go about it and understand if the modems are fed via Ethernet to the router fail over may not work the best. The primary objective is to achieve load balancing on outbound traffic.
Cable modem 1's ETH port will connect to the Cisco FE/0 interface, Cable modem 2 will connect to the FE/1 interface. The lan servers/routers will connect to the additional ethernet interfaces on the 1811 and will utilize public ip addresses from both subnets/modems.
Cable Modem 1: PUblic IP range: 1.2.3.72--1.2.3.76 255.255.255.248 gateway=1.2.3.71
Cable Modem 2: Public IP Range: 4.4.4.5--4.4.4.9 255.255.255.248 gateway= 4.4.4.10
Would enabling CEF be a good choice for load balancing? Per destination Any reason route cache should be turned off?
In that case how would you setup the static routes? I have two setup below that are supposed to be the default routes to load balance, however I believe somewhere i have to have the entire range of IPs statically routed to take traffic destined for the public IPs and route it to the lan if that makes sense. I am not sure the syntax for these routes if I need them.
For instance I have a firewall that will go behind the 1811 (Internet to cable modems to 1841 FE/0 and FE/1. Then from FE/3 of the 1841 to firewall) and it will have the routable IP of 1.2.3.72. My assumption is that I need static routes for all of the addresses the isp is already routing, and one static IP from each subnet has been assigned to two FE interfaces directly, which will then be the new default gateway of the firewall and other servers.
If I wanted to have load balancing setup for inbound traffic I assume the ISP would have to broadcast both subnets on their routers and I cannot configure this locally?
You can see by my config the default gateway router of each modem is configured in the static route for each interface, I am not sure if this is the correct way to go about it. My concern is that if I have a routable ip configured on my firewall and its default gateway is an ip assigned to FE/0 then the outbound traffic will always route out of FE/0 instead of balancing.
Thanks in advance for your help!!
Current configuration : 4262 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco1811
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
!
!
ip cef
no ip dhcp use vrf connected
!
!
!
no ip domain lookup
ip domain name yourdomain.com
ip name-server 4.2.2.1
!
!
crypto pki trustpoint TP-self-signed-4061126891
!
!
interface FastEthernet0
ip address 1.2.3.72 255.255.255.248
duplex auto
speed auto
!
interface FastEthernet1
ip address 4.4.4.5 255.255.255.248
duplex auto
speed auto
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
!
interface FastEthernet9
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-
FE 2$
ip address 10.10.10.1 255.255.255.248
ip tcp adjust-mss 1452
!
interface Vlan100
no ip address
!
interface Async1
no ip address
encapsulation slip
!
!
ip route 0.0.0.0 0.0.0.0 FastEthernet0 1.2.3.71
ip route 0.0.0.0 0.0.0.0 FastEthernet1 4.4.4.10
!
no ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
access-list 23 permit 10.10.10.0 0.0.0.7
!
!
!
!
control-plane
!
!
line con 0
login local
line 1
modem InOut
stopbits 1
speed 115200
flowcontrol hardware
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
end
