our3blessings
asked on
Cisco 1721 Paying for two t1's but only able to use 1 t1. Same provider on T's.
Looking for a solution to use 2nd t1. Currently it does not even hit 1% bandwith. Config could be worked on for possible solution? Current setup is as follows: 2 seperate t1 lines going into 2 wic cards on 1721 router....then to a switch...then to a pix 501. Serial 0 runs 95% consistenly, Serial 1 is pretty much dead 0%. Current config file below. Maybe I can get a 2nd router and throw in in the switch as well? As you can see I am clueless? Thank you
version 12.3
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname HB1721RTR
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 warnings
clock timezone NewYork -5
clock summer-time NewYork date Apr 6 2003 2:00 Oct 26 2003 2:00
no aaa new-model
ip subnet-zero
!
!
ip tcp synwait-time 10
ip name-server 209.144.50.127
ip name-server 209.144.50.140
!
!
no ip bootp server
ip cef
!
!
!
!
interface FastEthernet0
description $FW_INSIDE$
ip address 64.243.182.65 255.255.255.224
no ip redirects
speed auto
full-duplex
no cdp enable
!
interface Serial0
description $FW_OUTSIDE$
ip address 64.240.176.242 255.255.255.248
ip access-group 101 in
no ip redirects
encapsulation frame-relay IETF
no fair-queue
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
frame-relay map ip 64.240.176.241 211 broadcast IETF
frame-relay lmi-type ansi
!
interface Serial1
description $FW_OUTSIDE$
ip address 64.242.15.110 255.255.255.252
ip access-group 101 in
no ip redirects
encapsulation frame-relay IETF
no fair-queue
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
frame-relay map ip 64.242.15.109 210 broadcast IETF
frame-relay lmi-type ansi
!
ip classless
ip route 0.0.0.0 0.0.0.0 64.240.176.241
ip http server
ip http authentication local
ip http timeout-policy idle 600 life 86400 requests 10000
!
!
access-list 1 permit 10.10.0.0 0.0.255.255
access-list 10 permit 64.243.182.66
access-list 10 permit 206.117.136.91
access-list 10 permit 206.117.136.88
access-list 101 remark SDM_ACL Category=17
access-list 101 permit udp host 209.144.50.140 eq domain any
access-list 101 permit udp host 209.144.50.127 eq domain any
access-list 101 deny tcp any any eq 135
access-list 101 deny udp any any eq 135
access-list 101 deny udp any any eq netbios-ns
access-list 101 deny udp any any eq netbios-dgm
access-list 101 deny tcp any any eq 139
access-list 101 deny udp any any eq netbios-ss
access-list 101 deny tcp any any eq 445
access-list 101 deny tcp any any eq 593
access-list 101 deny tcp any any eq 4444
access-list 101 permit ip any any
access-list 101 permit icmp any any
access-list 120 permit udp any any eq 1813
no cdp run
version 12.3
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname HB1721RTR
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 warnings
clock timezone NewYork -5
clock summer-time NewYork date Apr 6 2003 2:00 Oct 26 2003 2:00
no aaa new-model
ip subnet-zero
!
!
ip tcp synwait-time 10
ip name-server 209.144.50.127
ip name-server 209.144.50.140
!
!
no ip bootp server
ip cef
!
!
!
!
interface FastEthernet0
description $FW_INSIDE$
ip address 64.243.182.65 255.255.255.224
no ip redirects
speed auto
full-duplex
no cdp enable
!
interface Serial0
description $FW_OUTSIDE$
ip address 64.240.176.242 255.255.255.248
ip access-group 101 in
no ip redirects
encapsulation frame-relay IETF
no fair-queue
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
frame-relay map ip 64.240.176.241 211 broadcast IETF
frame-relay lmi-type ansi
!
interface Serial1
description $FW_OUTSIDE$
ip address 64.242.15.110 255.255.255.252
ip access-group 101 in
no ip redirects
encapsulation frame-relay IETF
no fair-queue
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
frame-relay map ip 64.242.15.109 210 broadcast IETF
frame-relay lmi-type ansi
!
ip classless
ip route 0.0.0.0 0.0.0.0 64.240.176.241
ip http server
ip http authentication local
ip http timeout-policy idle 600 life 86400 requests 10000
!
!
access-list 1 permit 10.10.0.0 0.0.255.255
access-list 10 permit 64.243.182.66
access-list 10 permit 206.117.136.91
access-list 10 permit 206.117.136.88
access-list 101 remark SDM_ACL Category=17
access-list 101 permit udp host 209.144.50.140 eq domain any
access-list 101 permit udp host 209.144.50.127 eq domain any
access-list 101 deny tcp any any eq 135
access-list 101 deny udp any any eq 135
access-list 101 deny udp any any eq netbios-ns
access-list 101 deny udp any any eq netbios-dgm
access-list 101 deny tcp any any eq 139
access-list 101 deny udp any any eq netbios-ss
access-list 101 deny tcp any any eq 445
access-list 101 deny tcp any any eq 593
access-list 101 deny tcp any any eq 4444
access-list 101 permit ip any any
access-list 101 permit icmp any any
access-list 120 permit udp any any eq 1813
no cdp run
The default route is out serial 0 so if it is heading out of your network the router only sees one link... if the serial 1 is going to a different provider then you need to look into running BGP and that would help balance the load.
Thanks
Scott
Thanks
Scott
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
CEF (Cisco Express Forwarding) is already enabled on your router and just add the 2 routes as mentioned above. Then call up your service provider and talk to them, say that 'you need load balancing done on these 2 links using cisco cef'. They will configure it on their side router. Once done, the traffic should go 50% split on each links...
Cheers,
Rajesh
Cheers,
Rajesh
Thanks
Scott