• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 665
  • Last Modified:

LoadBalancing Two T1's from Same ISP on one 2610 router.

Planning for a network change in the near future:

I have two T1’s, from the same ISP, connected to two T1 WIC cards on a 2610 internet router. Each T1 is on its’ own subnet. The ISP uses CEF per packet load balancing on all incoming packets. They have assigned us a block of public IP’s pointed to the two subnets. I’ve one inside Ethernet interface installed pointed back toward our Pix. The IP assigned to e0/0 is from the block of IP’s provided from the ISP. I’ve included a copy of the simple config from the router. Any suggestions on how I might use CEF on the outgoing packets?   I was originally leaning toward ppp multilink, but now now.

interface Ethernet0/0
bandwidth 1536
ip address 64.XX.XXX.65
no ip directed-broadcast
no fair-queue
no cdp enable
interface Serial0/0
ip address 64.XX.XXX.170
no ip directed-broadcast
encapsulation ppp
no ip mroute-cache
no fair-queue
interface Serial0/1
ip address 64.XX.XXX.174
no ip directed-broadcast
encapsulation ppp
no ip mroute-cache
no fair-queue
ip classless
ip route Serial0/0
ip route Serial0/1
no ip http server

I mentioned that the ISP uses per packet load balancing. We receive an enormous amount of incoming FTP traffic to DMZ FTP servers.  Since a lot of these files are over 500MB compressed would it not be wise to use per destination over per package?

Thanks for the Help!
1 Solution
I would strongly discourage you from trying multilink ppp. CEF is much faster.
Have you enabled CEF? I don't see it in your config snippet.
If the ISP is doing per-packet, you should match on your end. This will keep the load balanced whereas if you use per-destination, you might peg out one line with a 500Mb upload...
My suggestion would be to use MRTG or something to monitor the two interfaces to see if you are getting true load balancing.

>ip route Serial0/0
>ip route Serial0/1

Also suggest that you use the upstream IP address vs the interface

ip route 64.XX.XXX.169
ip route 64.XX.XXX.173
What about using a routing protocol with the ISP... even if you use BGP and only recieve partial routes or just a default route it would help with your soltion....

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

jhhaleyAuthor Commented:
Thanks for both comments...I'm in process of enabling CEF. I'll then post a new config later today.
> Also suggest that you use the upstream IP address vs the interface


Cisco in fact recommends the interface form for point-to-point connections, since it (a) saves the effort of resolving the address to an interface, and (b) will only be added to the running route table when the interface is up.

So I'd be interested in any reasons you have for recommending otherwise.

Au contrair, my friend:
Quote from:

If you point a static route to a broadcast interface, the route will be inserted into the routing table only when the broadcast interface is up. This configuration is not recommended because when the next hop of a static route points to an interface, the router considers each of the hosts within the range of the route to be directly connected through that interface. For example, ip route Ethernet0.

With this type of configuration, a router will perform Address Resolution Protocol (ARP) on the Ethernet for every destination the router finds through the default route because the router will consider all of these destinations as directly connected to Ethernet 0.

This kind of default route, especially if it is used by a lot of packets to many different destination subnets, can cause high processor utilization and a very large ARP cache (along with attendant memory allocation failures).

Specifying a numerical next hop on a directly connected interface will prevent the router from performing ARP or each destination address.

BGP (or any routing protocol) isn't going to make a difference for load balancing. If the ISP is doing per-packet load balancing, the T1's must be terminating on one router. Since there is only one ISP, a routing protocol won't help anything.

ppp multilink might work fine, except you need to have your ISP run it on their side too. 2xT1 will not create enough load to worry about. Plus, a sufficiently new IOS will have a fast switching implementation of ppp multilink.

Finally, static routes that go out an interface will not be in the routing table if the interface is down. For frame relay, you wouldn't want to use the interface since a PVC might be down but not the interface.

jhhaleyAuthor Commented:
I've been side tracked by another project, but back to this one.
I've upgraded the IOS from 12.0 to 12.2. CEF has been enabled. ip load-sharing per-packet has been enable on e0/0, s0/0, and s0/1. After doing the show adjacency command I can see the attached serial interfaces (*.169 and *.173) for the ISP.

Is there anything you would recommend turning on or off on on the interfaces?
I've removed the ppp encapsulation. I'm not using ip route-cache cef.

This looks pretty straight forward. I've read the comment on Cisco's site pertaining to the static addressing and I can change the  ip route to reflect the destination ip instead of the serial interface.

I am going to try to bring this up live tomorrow.  I'll let you know how it goes.

If you've anyother suggestions please let me know.  

Thanks a Bunch!!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now