Internet link load balancing

Posted on 2006-06-22
Last Modified: 2010-03-19

We are hosting few application servers on DMZ using Cisco PIX firewall. These applications are accessed by the users from Internet. We have one 2 Mbps Internet connection for this purpose. However, due to availability issue of ISP link, we are planning to add second ISP link from different provider. please suggest any economical product available to do inbound and outbound load balancing between two ISP links


Question by:nessmssit
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
LVL 77

Accepted Solution

Rob Williams earned 125 total points
ID: 16963232
The Linksys RV042 works very well for this. It will allow you to have 2 independent WAN/Internet connections and automatically balance the network requests over the 2 connections. In the event of a failure it will automatically force all traffic to the working connection. They tend to run about $150-$200 US
Support for this product would also be through Cisco's Linksys division.

Assisted Solution

papimichel earned 125 total points
ID: 16963674
i'm not sure i understood you..
those DMZ servers have valid IP addresses.. right ?
how are those addresses are routed to you ? do you use DSL/Frame relay connection ?
if you do, the suggestion above is not good for you, but anyway be more specific about the use of those servers.. there might be another way to give you better redundancy.

anyway, i don't think there's a way to have the kind of load-balancing that you mentioned..
LVL 77

Expert Comment

by:Rob Williams
ID: 16963906
Good point papimichel, if users are to connect from the outside, names can only resolve to one IP.
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 16969633
Hi Papimichel ,

The servers that we have hosted in DMZ has a private IP addressess which are natted to the Public IP ones given by the Internet Service Provider . The Natting is done on the Cisco-Pix Firewall .We have an internet leased line connection for the internet and the same is terminated on a Cisco ISP Edge router.



Author Comment

ID: 16969711
Hi Rob will,

I have a query regarding two independent ISP connections.

How will the failover happens when the users URL is resolved (by the DNS ) into an public IP of the Internet Link-01 and after that the internet link fails

With Regards
LVL 77

Expert Comment

by:Rob Williams
ID: 16969844
>>"How will the failover happens "
It won't. That is why I mentioned papimichel, had a good point. It is an ideal solution for "inside" users but will not resolve the problem for those on the outside of the firewall. Sorry, I know of no solution that will work in this situation.

Expert Comment

ID: 16973209
in order to have that kind of redundancy you can do something else:
you can point your registered DNS to a dynnamic DNS address that'll map by default to one of the ISP's address. if that line fails, you'll be still online because the other ISP's line is on (that you'll have to configure on your router) thus, the dynamic DNS record'll change its map to the other ISP's ip address, and all users on the outside'll still be able to use your services with your original DNS name.


Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This past year has been one of great growth and performance for OnPage. We have added many features and integrations to the product, making 2016 an awesome year. We see these steps forward as the basis for future growth.
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question