LoadBalancing Two T1's from Same ISP on one 2610 router.

Posted on 2004-04-27
Last Modified: 2010-04-17
Planning for a network change in the near future:

I have two T1’s, from the same ISP, connected to two T1 WIC cards on a 2610 internet router. Each T1 is on its’ own subnet. The ISP uses CEF per packet load balancing on all incoming packets. They have assigned us a block of public IP’s pointed to the two subnets. I’ve one inside Ethernet interface installed pointed back toward our Pix. The IP assigned to e0/0 is from the block of IP’s provided from the ISP. I’ve included a copy of the simple config from the router. Any suggestions on how I might use CEF on the outgoing packets?   I was originally leaning toward ppp multilink, but now now.

interface Ethernet0/0
bandwidth 1536
ip address 64.XX.XXX.65
no ip directed-broadcast
no fair-queue
no cdp enable
interface Serial0/0
ip address 64.XX.XXX.170
no ip directed-broadcast
encapsulation ppp
no ip mroute-cache
no fair-queue
interface Serial0/1
ip address 64.XX.XXX.174
no ip directed-broadcast
encapsulation ppp
no ip mroute-cache
no fair-queue
ip classless
ip route Serial0/0
ip route Serial0/1
no ip http server

I mentioned that the ISP uses per packet load balancing. We receive an enormous amount of incoming FTP traffic to DMZ FTP servers.  Since a lot of these files are over 500MB compressed would it not be wise to use per destination over per package?

Thanks for the Help!
Question by:jhhaley
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 79

Expert Comment

ID: 10933920
I would strongly discourage you from trying multilink ppp. CEF is much faster.
Have you enabled CEF? I don't see it in your config snippet.
If the ISP is doing per-packet, you should match on your end. This will keep the load balanced whereas if you use per-destination, you might peg out one line with a 500Mb upload...
My suggestion would be to use MRTG or something to monitor the two interfaces to see if you are getting true load balancing.

LVL 79

Expert Comment

ID: 10935106
>ip route Serial0/0
>ip route Serial0/1

Also suggest that you use the upstream IP address vs the interface

ip route 64.XX.XXX.169
ip route 64.XX.XXX.173
LVL 12

Expert Comment

ID: 10939994
What about using a routing protocol with the ISP... even if you use BGP and only recieve partial routes or just a default route it would help with your soltion....

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 10940587
Thanks for both comments...I'm in process of enabling CEF. I'll then post a new config later today.
LVL 11

Expert Comment

ID: 10944518
> Also suggest that you use the upstream IP address vs the interface


Cisco in fact recommends the interface form for point-to-point connections, since it (a) saves the effort of resolving the address to an interface, and (b) will only be added to the running route table when the interface is up.

So I'd be interested in any reasons you have for recommending otherwise.

LVL 79

Accepted Solution

lrmoore earned 500 total points
ID: 10945578
Au contrair, my friend:
Quote from:

If you point a static route to a broadcast interface, the route will be inserted into the routing table only when the broadcast interface is up. This configuration is not recommended because when the next hop of a static route points to an interface, the router considers each of the hosts within the range of the route to be directly connected through that interface. For example, ip route Ethernet0.

With this type of configuration, a router will perform Address Resolution Protocol (ARP) on the Ethernet for every destination the router finds through the default route because the router will consider all of these destinations as directly connected to Ethernet 0.

This kind of default route, especially if it is used by a lot of packets to many different destination subnets, can cause high processor utilization and a very large ARP cache (along with attendant memory allocation failures).

Specifying a numerical next hop on a directly connected interface will prevent the router from performing ARP or each destination address.


Expert Comment

ID: 10945596
BGP (or any routing protocol) isn't going to make a difference for load balancing. If the ISP is doing per-packet load balancing, the T1's must be terminating on one router. Since there is only one ISP, a routing protocol won't help anything.

ppp multilink might work fine, except you need to have your ISP run it on their side too. 2xT1 will not create enough load to worry about. Plus, a sufficiently new IOS will have a fast switching implementation of ppp multilink.

Finally, static routes that go out an interface will not be in the routing table if the interface is down. For frame relay, you wouldn't want to use the interface since a PVC might be down but not the interface.


Author Comment

ID: 10992933
I've been side tracked by another project, but back to this one.
I've upgraded the IOS from 12.0 to 12.2. CEF has been enabled. ip load-sharing per-packet has been enable on e0/0, s0/0, and s0/1. After doing the show adjacency command I can see the attached serial interfaces (*.169 and *.173) for the ISP.

Is there anything you would recommend turning on or off on on the interfaces?
I've removed the ppp encapsulation. I'm not using ip route-cache cef.

This looks pretty straight forward. I've read the comment on Cisco's site pertaining to the static addressing and I can change the  ip route to reflect the destination ip instead of the serial interface.

I am going to try to bring this up live tomorrow.  I'll let you know how it goes.

If you've anyother suggestions please let me know.  

Thanks a Bunch!!

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month11 days, 9 hours left to enroll

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question