Solved

Bonding 2 T1 lines

Posted on 2008-10-16
19
713 Views
Last Modified: 2011-09-20
I am little baffled with the idea of bonding to t1 lines.

I have 1 T1 from AT&T and another from XO communications  

I have 1 cisco 2811 router with 2 wic cards.

Is this even possible with the equipment that i have?
0
Comment
Question by:Jiggens
  • 9
  • 4
  • 3
  • +1
19 Comments
 
LVL 17

Expert Comment

by:Andres Perales
ID: 22732205
possible with your router, but your T1 lines would need to be terminated on the same router at your isp location.  You can not bond two t1's from separate providers.
0
 
LVL 3

Expert Comment

by:kf4zmt
ID: 22732266
I agree with peralesa. In order to bond multiple T1s they must be provisioned from the same carrier.
0
 
LVL 1

Author Comment

by:Jiggens
ID: 22732295
Well what are my options than?
0
 
LVL 1

Author Comment

by:Jiggens
ID: 22732302
Would load balancing help any?
0
 
LVL 17

Expert Comment

by:Andres Perales
ID: 22732342
What are you trying to do?
0
 
LVL 3

Expert Comment

by:kf4zmt
ID: 22732374
Its difficult to load balance in your situation unless you use BGP. What exactly are you trying to achieve with the two circuits? Fault tolerance? Load balancing? Increased bandwidth?

A possible solution to your question really depends on what you are trying to achieve.
0
 
LVL 1

Author Comment

by:Jiggens
ID: 22732408
I want to increase bandwidth mainly.
0
 
LVL 17

Expert Comment

by:Andres Perales
ID: 22732426
You might be better off, getting with your service provider and getting new circuits with increased bandwidth and do a migration.
Even if you asked to bond two T1's the will not give you one T1 they will want to give you two new ones, with new IP's and all...
0
 
LVL 3

Expert Comment

by:kf4zmt
ID: 22732490
The simplest solution to more bandwidth is to get two T1s from the same provider. If this isn't an option you might be able to load balance through your existing circuits by doing some "creative" router configs. I really don't recommend do this as its bound to create problems in the future.

A couple of T1s from the same carrier really is your best bet.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 43

Expert Comment

by:JFrederick29
ID: 22733193
First off, are these Internet T1's?  Is the 2811 doing NAT?  If so, you can use the following config to achieve load balancing of both T1's.

                 
ip nat inside source route-map xo interface serial0/0/0 overload  <--specify XO T1 interface                
ip nat inside source route-map att interface serial0/1/0 overload  <--specify ATT T1 interface            

access-list 1 permit 192.168.0.0 0.0.0.255     <--specify your LAN subnets                                
access-list 2 permit 192.168.0.0 0.0.0.255     <--specify your LAN subnets  

route-map xo permit 10
 match ip address 1
 match interface Serial0/0/0  <--again specify the XO T1 interface

route-map att permit 10
 match ip address 2
 match interface Serial0/1/0   <--again specify the ATT T1 interface

ip route 0.0.0.0 0.0.0.0 x.x.x.x    <--where x.x.x.x is the next hop to XO
ip route 0.0.0.0 0.0.0.0 y.y.y.y    <--where y.y.y.y is the next hop to ATT
0
 
LVL 1

Author Comment

by:Jiggens
ID: 22841212
Its not using NAT yet.  This is a new router configuration but i will give it a try.

thanks,
0
 
LVL 1

Author Comment

by:Jiggens
ID: 22851193
What is the correct  way to setup the NAT.  I am using NAT on my sonic wall though
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 22851329
Okay, well that is an issue.  The NAT load balancing won't work unless you moved your NAT to the router (off the Sonicwall) but that probably isn't ideal for your situation.

The fundamental problem with the T1's being from different providers is you can't bond them or achieve both inbound and outbound load balancing.  Plus in a failover situation, unless you change the NAT on the Sonicwall to the other ISP address space, your return traffic will never get back to you unless you were to run BGP with both providers and announce both ISP blocks of addresses to both ISP's.  With BGP, you can achieve load balancing.  If you truly don't need the ISP redundancy, you are better off getting two T1's from one ISP and either having them bond them or work with you to do MLPPP or equal cost routing to achieve inbound and outbound load balancing.
0
 
LVL 1

Author Comment

by:Jiggens
ID: 22851558
I agree, that having them from the same ISP would be ideal, but it will not work because unfortunately the configuration with XO is under contract and i cant afford to get another t1 from the other provider quite yet.

I have been having problems off and on with XO.  Do you think if i move my NAT to my Router that would better.  I can do that, that is not a problem.  I just want to still use the content filtering with my sonicwall still and other services that i have on it.

Is that possible?
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 22851668
What services other than Content Filtering are you running?  VPN?  Do you have inbound connections to servers (web, email, etc...) from the Internet?

In the end, if you are having problems with XO, you may just want to change your NAT statement(s) on the Sonicwall to AT&T address space.  You can then route outbound and inbound using the AT&T T1.  In a pinch, you can failover to the XO T1 manually.  I know you would like to utilize both T1's but in the end, you can only control outbound load balancing and that may not even work as XO may filter traffic sourced with an AT&T IP address and vice versa.  Moving NAT to the router will take care this issue but may overly complicate things depending on what you are doing with the Sonicwall.  Are you utilizing all the T1 bandwidth currently? or is it just a matter of "I am paying for the XO T1, I would like to use it" situation?
0
 
LVL 1

Author Comment

by:Jiggens
ID: 22851767
Thanks for getting back to me so quickly.

I am using VPN and Content Filtering.  all in all i would like to do away with the sonicwall but the content filtering is bought a paid for.  and like you said i want to utilize what i have with my 2 T1s .  

As for servers i have a Webserver and EXchange  that will need NAT for.  I am using my bandwidth right now and i would like to use both T1s so i can optimize my network a little more.
0
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 500 total points
ID: 22851865
This looks like a possibility...

http://www.sonicwall.com/downloads/Configuring_WAN_Failover_SonicOS_Enhanced.pdf

Do you have the enhanced license on the Sonicwall?  Looks like you can achieve the same functionality on the Sonicwall as the "NAT Load Balancing" on the router using the WAN Failover feature.  Looks like you can setup an active/active configuration and it should take care of the NAT portion.  You would need to connect one interface on the Sonicwall (AT&T IP address) to one FastEthernet port on the 2811 and a second interface on the Sonicwall (XO IP address) to the second FastEthernet port on the 2811.  Policy routing on the 2811 could then take care of the proper outbound routing.  The only caveat is the Sonicwall has no knowledge of the health of the two T1's so redundancy may not be the greatest with this setup (manual), i.e. if the XO T1 goes down, you would need to manually "shutdown" the FastEthernet port connected to the XO Sonicwall interface so all traffic goes out the ATT T1.

You can do NAT on the 2811 and turn NAT off on the Sonicwall.  You can readdress the Sonicwall external interface to a private IP address and setup routing on the Cisco to reach the internal networks.  You get better redundancy with this method but need to be comfortable with NAT on the 2811.
0
 
LVL 1

Author Comment

by:Jiggens
ID: 22851927
JFred,

You have been a great help, thank you so much.  I might need some help so i will open another case.

Thanks again,


Cory
0
 
LVL 1

Author Closing Comment

by:Jiggens
ID: 31506784
Awesome Job!!!
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now