?
Solved

Redundant Routers - Suggestions Needed

Posted on 2005-04-23
11
Medium Priority
?
1,336 Views
Last Modified: 2013-11-29
Hey all,

I'm shopping around for bandwidth and have decided to go with two - two bonded T1's.  I'm thinking with the cutover though, it might be a good time to look at our router setup - since I've just inherited this funky network.  Right now we have one Cisco 3660 running BGP to two different ISP's through two T1's.  I was thinking of maxing out a couple of 2851's and using them in a redundant setup.  What I'm struggling to understand is how the two router's would provide redundancy.  I've been researching HSRP, but don't think it does what I'm looking for.

Current Setup:

                                                          | ----ISP A T1
                                                          |
PIX ---- Outside Switch 3500XL ---- 3660-
                                                          |
                                                          |----ISP B T1




Desired Setup:


                                             |- 2851 ===== 2 T1's Bonded - ISP A
                                             |
PIX ---- Outside Switch 3500XL -
                                             |
                                             |- 2851 ===== 2 T1's Bonded - ISP B


I guess my first question is, is it possible to have two pairs of cables plugged into both routers?  I mean, if ISP A provides two T1's and I use MLPPP to configure it, and I do the same for ISP B into the same router, how to I get four more WAN links to the other router - without paying for four more T1's?  I know this isn't the clearest way to put it and I apologize!

If that can't be done, then this question comes up:  

If run one ISP into one router and the other ISP into the other router, is there a method that will let me utilize both router's bandwidth, but still allow me to occasionally bring one down for maintenance?  I'm not concerned with losing half my bandwidth during this maintenance period...I just want to make sure that the devices understand one router is down and should pass all traffic through the active router.


0
Comment
Question by:cory_spence
11 Comments
 
LVL 20

Expert Comment

by:Lazarus
ID: 13852497
There are many models of routers that are capable of bonding. You just have to look for the one thats right for you.
0
 
LVL 13

Assisted Solution

by:gpriceee
gpriceee earned 750 total points
ID: 13852520
Hi.  I've worked on this type of resolution before.  You can see: http://www.experts-exchange.com/Operating_Systems/FreeBSD/Q_21373883.html

Or, I've cut the pertinent section for you from the above link:

"The following document about redundant routing protocols not only explains a bit about the differences between HSRP (Hot Standby) and GLBP (Gateway Load Balancing) but also lays out some designs and provides some configs: http://www.infocellar.com/networks/Routers/HSRP-GLBP-VRRP.htm

If you have Cisco # WS-C3550-48-EMI, you can use EIGRP load balancing: I know you don't want to load balance ;-)
Check out unequal cost path sharing: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008009437d.shtml"
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 750 total points
ID: 13853436
My first instinct would be to keep things as simple as possible and just add the two more t1's to the 3660 and keep running BGP. Assuming that you "own" your own class C public IP space and have your own BGP AS number, then the most obvious answer is purely BGP. That's exactly what it was designed for.

Adding a 2nd router into the mix really complicated matters. The primary reason is that the PIX can have only one default gateway. In order for dual routers to appear with one gateway requires HSRP or GLBP as gpriceee noted above.

Since your 3550 switch in between the PIX and the routers is a layer 3 switch, it can be the default gateway for the PIX and it can have two same-cost floating static defaults...one to each router, without needing the Enhanced Image...

0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:cory_spence
ID: 13854472
Alright, sounds good.  

I'll give those links a look, gpriceee.  

lrmoore, I'm stuck with a Cat 3500XL as our 'outside' switch for now...may be able to free up a Cat 3750 soon.  Something to look into doing.

Any negitave feedback on the 2851's?

Thanks for your help, guys.

C
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 13854591
>I'm stuck with a Cat 3500XL
D'oh! I mis-read that as 3550.... Yes, a 3750 would be good, or even a less-expensive 3550 would work just fine..
Nothing negative about the 2851's. I think they even come with enough default RAM to handle full BGP tables, and the 2nd FastEthernet port will help you. Cross-connect the two routers via their spare FE interface and run an internal routing protocol between them, exchanging BGP tables.  GLBP would be my choice for setting them up with a single inside IP and load-sharing/failover..

0
 

Author Comment

by:cory_spence
ID: 13859739
So I think I'll start planning around two 2851's using GLBP.  Are there any problems with GLBP with BGP and/or MLPPP?  

The other question I had was what benifit would I get by cross-connecting the two routers to exchange BGP tables if they are getting them from their respective ISP peers?

Is there anyway to increase the points on a question?

C
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 13859815
>Are there any problems with GLBP with BGP and/or MLPPP?  
Not that I'm aware of.....

>The other question I had was what benifit would I get by cross-connecting the two routers to exchange BGP tables if they are getting them from their respective ISP peers?
This is for extra measure of redundancy, and preferred routing. If router A has a better route to network X, I might want to hand off to Router B. If ISP A loses peering connection and can't get to some networks, I'll know to send through Router B/ISPB. The two routers really do need to let each other know about their own route tables. Using a direct cross-connected path makes this much more efficient.

>Is there anyway to increase the points on a question?
No, but you can always post another question "Points for Expert xxxx"  "for extra effort in answering additional/followup questions in this thread <link to previous thread>"
The wording and the link to the original is the key to not being accused of "point passing" or going over the 500 point per question limit.

0
 

Author Comment

by:cory_spence
ID: 13869423
lrmoore, thanks again!  I'll be sending some points your way soon.  Had another question that's related to this, though.

From reading more on GLBP, I understand that devices will arp for the router's MAC.  Then, the AVG will answer the ARP with different virtual MAC's to balance the traffic.  This is cool and it makes sense to me.  

I'm confused about the the device's arp cache, though.  I've got a switch inbetween my router(s) and the pix.  So won't the switch cache the virtual mac as what the AVG delclares it to be the first time an arp takes place?  Then, once it's cached, the switch will forward traffic to that virtual mac everytime, thus sending all my traffic to only one router?

Thanks,
C

 
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 13869488
Your 3500XL is layer 2 and does not keep an ARP cache. It keeps mac-address tables only.
You should not have any problems with your switch.
0
 

Author Comment

by:cory_spence
ID: 13870146
oh yeah!  duh!  

thanks, g-money.  i'll be posting some points for you soon.

C
0
 

Author Comment

by:cory_spence
ID: 13997839
lrmoore,

i'm still doing my homework on this, so i've got another question for ya.

i'm worried about how the pix will arp.  specifically, won't it arp every 14400 secs?  when it does, it will grab one vmac and run with it until another arp takes place?   if it works this way, it will send traffic out one router for four hours while the other router does jack.  

so do i change the arp timeout on this pix and risk performance problems?  if not, do you have any thoughts on how i could remedy this?

oh, by the way, i did 'ask an expert' on this for 500 points.  not sure how that works, but if you can't get the points, then let me know.

big thanks,
c
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question