espoke
asked on
Load balancing 4x ADSL MAX Lines on a Cisco 2811 Router
Hi there,
Basically what it says in the title, I'm completely new to this whole subject and I'm looking to get all 4 lines load balancing effectively.
I've got one friend who has taken a look at the server to no full solution.
My current config is as follows:
sh run
Building configuration...
Current configuration : 5098 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname **
!
boot-start-marker
boot system flash c2800nm-ipbase-mz.124-8a.b
boot-end-marker
!
logging buffered 8192 debugging
enable password **
!
no aaa new-model
!
resource policy
!
!
!
ip cef
!
!
ip name-server 135.196.0.6
ip name-server 135.196.0.14
!
username admin password 0 **
!
!
track 1 interface ATM0/0/0 line-protocol
!
track 2 interface ATM0/1/0 line-protocol
!
track 3 interface ATM0/2/0 line-protocol
!
track 4 interface ATM0/3/0 line-protocol
!
!
interface Loopback0
ip address 92.*.*.* 255.255.255.255
shutdown
!
interface FastEthernet0/0
description Customer LAN$ETH-LAN$
ip address 10.0.0.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
description Backup Interface (Unused)
ip address 10.0.1.1 255.255.255.0
ip nat inside
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
description ADSL connection
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface ATM0/1/0
description ADSL connection
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 2
!
!
interface ATM0/2/0
description ADSL connection
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 3
!
!
interface ATM0/3/0
description ADSL connection
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 4
!
!
interface Dialer1
description PPP for ATM0/0/0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer persistent
no cdp enable
ppp authentication chap callin
ppp chap hostname **
ppp chap password 0 **
!
interface Dialer2
description PPP for ATM0/1/0
ip unnumbered Loopback0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
shutdown
dialer pool 2
dialer idle-timeout 0
dialer persistent
no cdp enable
ppp authentication chap callin
ppp chap hostname **
ppp chap password 0 **
!
interface Dialer3
description PPP for ATM0/2/0
ip unnumbered Loopback0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
shutdown
dialer pool 3
dialer idle-timeout 0
dialer persistent
no cdp enable
ppp authentication chap callin
ppp chap hostname **
ppp chap password 0 **
!
interface Dialer4
description PPP for ATM0/3/0
ip unnumbered Loopback0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
shutdown
dialer pool 4
dialer idle-timeout 0
dialer persistent
no cdp enable
ppp authentication chap callin
ppp chap hostname **
ppp chap password 0 **
!
ip route 0.0.0.0 0.0.0.0 Dialer1 track 1
ip route 0.0.0.0 0.0.0.0 Dialer2 track 2
ip route 0.0.0.0 0.0.0.0 Dialer3 track 3
ip route 0.0.0.0 0.0.0.0 Dialer4 track 4
ip dns server
!
no ip http server
ip nat translation timeout 600
ip nat inside source route-map line1 interface Dialer1 overload
ip nat inside source route-map line2 interface Dialer2 overload
ip nat inside source route-map line3 interface Dialer3 overload
ip nat inside source route-map line4 interface Dialer4 overload
ip nat inside source static tcp 10.0.0.2 4444 92.*.*.* 4444 extendable
ip nat inside source static tcp 10.0.0.217 8291 92.*.*.* 8291 extendable
ip nat inside source static tcp 10.0.0.217 80 92.*.*.* 80 extendable
ip nat inside source static tcp 10.0.0.2 4444 92.*.*.* 4444 extendable
ip nat inside source static tcp 10.0.0.217 8291 92.*.*.* 8291 extendable
!
access-list 15 permit 192.168.50.0 0.0.0.255
access-list 15 permit 192.168.33.0 0.0.0.255
access-list 15 permit 10.0.0.0 0.0.0.255
access-list 15 permit 10.0.1.0 0.0.0.255
snmp-server community ** RO
no cdp run
route-map line4 permit 10
match ip address 15
match interface Dialer4
!
route-map line2 permit 10
match ip address 15
match interface Dialer2
!
route-map line3 permit 10
match ip address 15
match interface Dialer3
!
route-map line1 permit 10
match ip address 15
match interface Dialer1
!
!
control-plane
!
banner login ^CC
** Authorised Users Only **
^C
!
line con 0
login local
transport output none
line aux 0
transport output none
line vty 0 4
login local
transport output all
line vty 5 15
login local
transport output none
!
scheduler allocate 20000 1000
!
end
----------
As I say, please excuse my lack of knowledge I'm only just delving into the world of cisco! I'm just looking to be able to either attempt some solutions myself, or pass the suggestions onto someone more able than myself!
Thanks in advance.
Basically what it says in the title, I'm completely new to this whole subject and I'm looking to get all 4 lines load balancing effectively.
I've got one friend who has taken a look at the server to no full solution.
My current config is as follows:
sh run
Building configuration...
Current configuration : 5098 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname **
!
boot-start-marker
boot system flash c2800nm-ipbase-mz.124-8a.b
boot-end-marker
!
logging buffered 8192 debugging
enable password **
!
no aaa new-model
!
resource policy
!
!
!
ip cef
!
!
ip name-server 135.196.0.6
ip name-server 135.196.0.14
!
username admin password 0 **
!
!
track 1 interface ATM0/0/0 line-protocol
!
track 2 interface ATM0/1/0 line-protocol
!
track 3 interface ATM0/2/0 line-protocol
!
track 4 interface ATM0/3/0 line-protocol
!
!
interface Loopback0
ip address 92.*.*.* 255.255.255.255
shutdown
!
interface FastEthernet0/0
description Customer LAN$ETH-LAN$
ip address 10.0.0.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
description Backup Interface (Unused)
ip address 10.0.1.1 255.255.255.0
ip nat inside
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
description ADSL connection
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface ATM0/1/0
description ADSL connection
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 2
!
!
interface ATM0/2/0
description ADSL connection
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 3
!
!
interface ATM0/3/0
description ADSL connection
no ip address
no ip route-cache cef
no ip route-cache
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 4
!
!
interface Dialer1
description PPP for ATM0/0/0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer persistent
no cdp enable
ppp authentication chap callin
ppp chap hostname **
ppp chap password 0 **
!
interface Dialer2
description PPP for ATM0/1/0
ip unnumbered Loopback0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
shutdown
dialer pool 2
dialer idle-timeout 0
dialer persistent
no cdp enable
ppp authentication chap callin
ppp chap hostname **
ppp chap password 0 **
!
interface Dialer3
description PPP for ATM0/2/0
ip unnumbered Loopback0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
shutdown
dialer pool 3
dialer idle-timeout 0
dialer persistent
no cdp enable
ppp authentication chap callin
ppp chap hostname **
ppp chap password 0 **
!
interface Dialer4
description PPP for ATM0/3/0
ip unnumbered Loopback0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
shutdown
dialer pool 4
dialer idle-timeout 0
dialer persistent
no cdp enable
ppp authentication chap callin
ppp chap hostname **
ppp chap password 0 **
!
ip route 0.0.0.0 0.0.0.0 Dialer1 track 1
ip route 0.0.0.0 0.0.0.0 Dialer2 track 2
ip route 0.0.0.0 0.0.0.0 Dialer3 track 3
ip route 0.0.0.0 0.0.0.0 Dialer4 track 4
ip dns server
!
no ip http server
ip nat translation timeout 600
ip nat inside source route-map line1 interface Dialer1 overload
ip nat inside source route-map line2 interface Dialer2 overload
ip nat inside source route-map line3 interface Dialer3 overload
ip nat inside source route-map line4 interface Dialer4 overload
ip nat inside source static tcp 10.0.0.2 4444 92.*.*.* 4444 extendable
ip nat inside source static tcp 10.0.0.217 8291 92.*.*.* 8291 extendable
ip nat inside source static tcp 10.0.0.217 80 92.*.*.* 80 extendable
ip nat inside source static tcp 10.0.0.2 4444 92.*.*.* 4444 extendable
ip nat inside source static tcp 10.0.0.217 8291 92.*.*.* 8291 extendable
!
access-list 15 permit 192.168.50.0 0.0.0.255
access-list 15 permit 192.168.33.0 0.0.0.255
access-list 15 permit 10.0.0.0 0.0.0.255
access-list 15 permit 10.0.1.0 0.0.0.255
snmp-server community ** RO
no cdp run
route-map line4 permit 10
match ip address 15
match interface Dialer4
!
route-map line2 permit 10
match ip address 15
match interface Dialer2
!
route-map line3 permit 10
match ip address 15
match interface Dialer3
!
route-map line1 permit 10
match ip address 15
match interface Dialer1
!
!
control-plane
!
banner login ^CC
** Authorised Users Only **
^C
!
line con 0
login local
transport output none
line aux 0
transport output none
line vty 0 4
login local
transport output all
line vty 5 15
login local
transport output none
!
scheduler allocate 20000 1000
!
end
----------
As I say, please excuse my lack of knowledge I'm only just delving into the world of cisco! I'm just looking to be able to either attempt some solutions myself, or pass the suggestions onto someone more able than myself!
Thanks in advance.
ASKER
Hi there,
Apologies but is it possible you could explain the above configuration a bit further? As far as I gather won't it just stick all traffic down the first one..being dialer4?
The issues we were having is that it's just not working when we either bind the 4 ATM interfaces to 1 Dialer, OR bring all 4 dialers up with the 4 seperate interfaces, there's just ridiculous packet loss.
Maybe you or someone else may be able to advise me?
Thankyou.
Apologies but is it possible you could explain the above configuration a bit further? As far as I gather won't it just stick all traffic down the first one..being dialer4?
The issues we were having is that it's just not working when we either bind the 4 ATM interfaces to 1 Dialer, OR bring all 4 dialers up with the 4 seperate interfaces, there's just ridiculous packet loss.
Maybe you or someone else may be able to advise me?
Thankyou.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks lrmoore, I'll give it a go now and get back to you
ASKER
Still got the issue with packet loss, whenever we bring up another dialer interface there's 50% packet loss.
Hmm...
Hmm...
Sounds like it is still trying to do per-packet load balancing...
ASKER
Me again!
I've just been speaking to the guy that's working on the router, he tried to implement the route maps you said above but I believe changed it in the end because it still wasn't working effectively.
What he has changed is the access-list apparently it was set to standard and has now changed it to extendable which has helped a great deal.
It seems to be load balancing the 3 lines we have up (other one is setup on a static route so that we can work on the router)...
I've pased the config, interface summaries and nat statistics. So yeah, it does seem to be load balancing the lines.....by the looks of it, not too effectively, but then that might just be because not many people are using it.
The problem we're now having is that pinging outside in to any of the IP's that are up, we're getting about 65-70% packet loss.
Where as from the router to outside it's perfect, 100%.
Have you any idea why it would be doing this with the config shown? Also if you have any advice on the load balancing side.
Thank you expert(s)!
I've just been speaking to the guy that's working on the router, he tried to implement the route maps you said above but I believe changed it in the end because it still wasn't working effectively.
What he has changed is the access-list apparently it was set to standard and has now changed it to extendable which has helped a great deal.
It seems to be load balancing the 3 lines we have up (other one is setup on a static route so that we can work on the router)...
I've pased the config, interface summaries and nat statistics. So yeah, it does seem to be load balancing the lines.....by the looks of it, not too effectively, but then that might just be because not many people are using it.
The problem we're now having is that pinging outside in to any of the IP's that are up, we're getting about 65-70% packet loss.
Where as from the router to outside it's perfect, 100%.
Have you any idea why it would be doing this with the config shown? Also if you have any advice on the load balancing side.
Thank you expert(s)!
on 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname **
!
boot-start-marker
boot system flash c2800nm-spservicesk9-mz.124-3g.bin
boot-end-marker
!
logging buffered 8192 debugging
enable password **
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
!
!
ip name-server 135.196.0.6
ip name-server 135.196.0.14
!
voice-card 0
no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
!
username admin password 0 **
!
!
track 1 interface ATM0/0/0 line-protocol
!
track 2 interface ATM0/1/0 line-protocol
!
track 3 interface ATM0/2/0 line-protocol
!
track 4 interface ATM0/3/0 line-protocol
!
!
!
interface FastEthernet0/0
description Customer LAN$ETH-LAN$
ip address 10.0.0.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
description Backup Interface (Unused)
ip address 10.0.1.1 255.255.255.0
ip nat inside
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
description ADSL connection to Exa Networks
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface ATM0/1/0
description ADSL connection to Exa Networks
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 2
!
!
interface ATM0/2/0
description ADSL connection to Exa Networks
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 3
!
!
interface ATM0/3/0
description ADSL connection to Exa Networks
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 4
!
!
interface Dialer1
description PPP for ATM0/0/0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer persistent
no cdp enable
ppp authentication chap callin
ppp chap hostname **
ppp chap password 0 **
!
interface Dialer2
description PPP for ATM0/1/0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
dialer pool 2
dialer idle-timeout 0
dialer persistent
no cdp enable
ppp authentication chap callin
ppp chap hostname **
ppp chap password 0 **
!
interface Dialer3
description PPP for ATM0/2/0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
dialer pool 3
dialer idle-timeout 0
dialer persistent
no cdp enable
ppp authentication chap callin
ppp chap hostname **
ppp chap password 0 **
!
interface Dialer4
description PPP for ATM0/3/0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
dialer pool 4
dialer idle-timeout 0
dialer persistent
no cdp enable
ppp authentication chap callin
ppp chap hostname **
ppp chap password 0 **
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1 track 1
ip route 0.0.0.0 0.0.0.0 Dialer2 track 2
ip route 0.0.0.0 0.0.0.0 Dialer3 track 3
ip route 213.230.209.0 255.255.255.0 Dialer4
!
ip dns server
!
ip http server
no ip http secure-server
ip nat inside source route-map di1 interface Dialer1 overload
ip nat inside source route-map di2 interface Dialer2 overload
ip nat inside source route-map di3 interface Dialer3 overload
ip nat inside source static tcp 10.0.0.217 80 92.*.*.* 80 extendable
ip nat inside source static udp 10.0.0.217 161 92.*.*.* 161 extendable
ip nat inside source static tcp 10.0.0.217 1300 92.*.*.* 1300 extendable
ip nat inside source static tcp 10.0.0.217 2210 92.*.*.* 2210 extendable
ip nat inside source static tcp 10.0.0.2 4444 92.*.*.* 4444 extendable
ip nat inside source static tcp 10.0.0.217 8291 92.*.*.* 8291 extendable
!
access-list 115 permit ip 192.168.0.0 0.0.255.255 any
access-list 115 permit ip 10.0.0.0 0.0.0.255 any
access-list 115 permit ip 10.0.1.0 0.0.0.255 any
snmp-server community ** RO
no cdp run
route-map di1 permit 10
match ip address 115
match interface Dialer1
!
route-map di3 permit 10
match ip address 115
match interface Dialer3
!
route-map di2 permit 10
match ip address 115
match interface Dialer2
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
banner login ^CC
** Authorised Users Only **
^C
!
line con 0
login local
transport output none
line aux 0
transport output none
line vty 0
logging synchronous
login local
transport output all
line vty 1 4
logging synchronous
login local
transport output none
line vty 5 15
logging synchronous
login local
transport output none
!
scheduler allocate 20000 1000
!
end
Interface Summaries
* ATM0/0/0 0 0 0 0 2414000 240 62000 105 0
* ATM0/1/0 0 0 0 0 1124000 139 232000 118 0
* ATM0/2/0 0 0 0 0 1044000 108 60000 69 0
NAT Statistics
[Id: 14] route-map di1 interface Dialer1 refcount 262
[Id: 15] route-map di2 interface Dialer2 refcount 619
[Id: 16] route-map di3 interface Dialer3 refcount 204
Looks like it is working as designed. I have a note to self about the extended acl vs standard acl...
That's about as close to perfect load sharing as you'll ever get with this type setup. The CEF is balancing on a per-connection bases. Some connections are downloads, some connections are quick dns querries or web page hits. For true load balancing, you have to own both ends of all 4 links, or the ISP has to support multilink PPP.
The inbound pings probably get lost as the router responds to them and load-shares the responses, so when replies come back from the wrong IP, they get lost.
That's about as close to perfect load sharing as you'll ever get with this type setup. The CEF is balancing on a per-connection bases. Some connections are downloads, some connections are quick dns querries or web page hits. For true load balancing, you have to own both ends of all 4 links, or the ISP has to support multilink PPP.
The inbound pings probably get lost as the router responds to them and load-shares the responses, so when replies come back from the wrong IP, they get lost.
match ip address 15
match interface Dialer4
!
route-map MYMAP1 permit 20
match ip address 15
match interface Dialer2
!
route-map MYMAP1 permit 30
match ip address 15
match interface Dialer3
!
route-map MYMAP1 permit 40
match ip address 15
match interface Dialer1
!
Interface FastEthernet0/0
ip policy route-map MYMAP1
Interface FastEthernet0/1
ip policy route-map MYMAP1
If that doesn't work, I would take it a step further:
access-list 16 permit 10.0.0.0 0.0.0.255
access-list 17 permit 10.0.0.0 0.0.0.255
access-list 18 permit 10.0.0.0 0.0.0.255
access-list 19 permit 10.0.0.0 0.0.0.255
access-list 10 permit 10.0.1.0 0.0.0.255
access-list 11 permit 10.0.1.0 0.0.0.255
access-list 12 permit 10.0.1.0 0.0.0.255
access-list 13 permit 10.0.1.0 0.0.0.255
route-map MYMAP1 permit 10
match ip address 16
match interface Dialer4
!
route-map MYMAP1 permit 20
match ip address 17
match interface Dialer2
!
route-map MYMAP1 permit 30
match ip address 18
match interface Dialer3
!
route-map MYMAP1 permit 40
match ip address 19
match interface Dialer1
route-map MYMAP2 permit 10
match ip address 10
match interface Dialer4
!
route-map MYMAP2 permit 20
match ip address 11
match interface Dialer2
!
route-map MYMAP2 permit 30
match ip address 12
match interface Dialer3
!
route-map MYMAP2 permit 40
match ip address 13
match interface Dialer1
Interface FastEthernet0/0
ip policy route-map MYMAP1
Interface FastEthernet0/1
ip policy route-map MYMAP2