HUSupport
asked on
Load Balancer - Internet
Hello,
We have been trying to use a sonicwall or other load balancer between our 2 WAN, T1 and DSL line - both are from same ISP.
Also, ISP as provided us Router, Cisco 891 that is connected to our LAN switch and 2 WAN port is conncted to T1 & DSL. So, how do we use our Load Balancer, in between WAN link and router? We don't have any IP from ISP for Cisco. We only know gateway, i.e, x.x.1.1.
We used load balancer, peplink before but that is the router directly connected with EVDO card.
Appreciate your help, thanks!
We have been trying to use a sonicwall or other load balancer between our 2 WAN, T1 and DSL line - both are from same ISP.
Also, ISP as provided us Router, Cisco 891 that is connected to our LAN switch and 2 WAN port is conncted to T1 & DSL. So, how do we use our Load Balancer, in between WAN link and router? We don't have any IP from ISP for Cisco. We only know gateway, i.e, x.x.1.1.
We used load balancer, peplink before but that is the router directly connected with EVDO card.
Appreciate your help, thanks!
To use the Sonicwall for load balancing you must have access to the individual circuits. That is, each must have its own modem/router and ip address, and each of these would go on a separate X interface on the Sonicwall.
ASKER
My understanding is same.
1. If we have access to cisco 891, we can do that. But our ISp can help for that.
But engineer of our partner company says that load balancing would be internal, I don't get it. What does it mean internal load balancing, inside cisco 891 router.
Thank you.
1. If we have access to cisco 891, we can do that. But our ISp can help for that.
But engineer of our partner company says that load balancing would be internal, I don't get it. What does it mean internal load balancing, inside cisco 891 router.
Thank you.
to balance something you need at least two links. your ISPs CISCO has two links, so, it is the point where balancing should be done. if for some reason you need to do balancing somewhere else - you should throw those links through CISCO router, and keep the traffic separated (either through vlans, or split IPs with source based routing, or whatever) right to the machine that will do balancing. if you do not, then there is no place for balancing - you can not balance on single _logical_ link.
hope, now it's a bit clearer ? :)
hope, now it's a bit clearer ? :)
ASKER
You are absolutely correct!
If you have access to 891, or if your ISP needs assistance with the configuration, just ask. It is easy to do.
ASKER
I have talked to our ISP. They will change some configuration on Router. Now, DSL and T1 are connected to WAN ports of 891. I think they will remove WAN ports and we will put Sonicwall LB in between.
Can we use Peplink Balance20 instead of Sonicwall tz205?
Thanks,
Can we use Peplink Balance20 instead of Sonicwall tz205?
Thanks,
Yes, you can use the Peplink if you want. Put both ISP circuits into that, and the output to a single X interface on the Sonicwall.
ASKER
In fact we will be using either one.
Internal network (swithch) ------>Cisco891-------->So
Internal network (swithch) ------>Cisco891-------->So
I suspect your load balancer does not have T1 ports, so you may want to keep the Cisco connected on the T1.
The DSL line you can connect via ethernet directly from DSL modem to load balancer.
That way the load balancer will have two ethernet uplinks; one to cisco/T1 and the other to modem/DSL.
The DSL line you can connect via ethernet directly from DSL modem to load balancer.
That way the load balancer will have two ethernet uplinks; one to cisco/T1 and the other to modem/DSL.
ASKER
I have contacted Peplink, it has 2 WAN port one for T1 and another one for DSL.
I have just got the soniwall.
it says,
X0 - LAN
X1 - WAN
X2, X3, X4 - says configurable, can be used for T1 or DSL
Thank you
I have just got the soniwall.
it says,
X0 - LAN
X1 - WAN
X2, X3, X4 - says configurable, can be used for T1 or DSL
Thank you
I just want to make sure you are clear on this: the 891 would have worked just fine without the extra equipment and cost. all you needed was two default routes: one to each of your wan links.
you had mentioned that your ISP is providing the 891 and the links. so, if you put your equipment after their router and before their circuit, how would they support the links and their routed?
you had mentioned that your ISP is providing the 891 and the links. so, if you put your equipment after their router and before their circuit, how would they support the links and their routed?
ASKER
One support engineer has just contacted me today. They are working on that and get back to me. My understanding, the network flow would be as below.
Internal network (swithch) ------>Cisco891-------->So
Internal network (swithch) ------>Cisco891-------->So
I just want to make sure you know lb can be achieved with the 891. no need for extra devices and complexity. your ISP would also have hard time troubleshooting their circuits if not terminated on their equipment.
HUSupport
i seriously doubt, that any sane ISP would accept it this way. after al, they're either providing you with links OR complete solution, that they have to support. there should be a clear border for area of responsibility. usually, it's the last port on operators equipment (ethernet port on switch/router or media convertor). if they want/agree to implement the load balancer (as a separate hardware device), then they are responsible for it, and it shouln be your problem no more :)
naderz LB is not just two default routes. it's alternative routes + algorythm for route choice/balancing + watchdog, that looks, what is happening on those alternative links. is that cisco able to do that ?
My understanding, the network flow would be as below.
Internal network (swithch) ------>Cisco891-------->Sonicwall or peplink---------> to WAN circuit (T1 and DSL).
i seriously doubt, that any sane ISP would accept it this way. after al, they're either providing you with links OR complete solution, that they have to support. there should be a clear border for area of responsibility. usually, it's the last port on operators equipment (ethernet port on switch/router or media convertor). if they want/agree to implement the load balancer (as a separate hardware device), then they are responsible for it, and it shouln be your problem no more :)
naderz LB is not just two default routes. it's alternative routes + algorythm for route choice/balancing + watchdog, that looks, what is happening on those alternative links. is that cisco able to do that ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
just looked at cisco manual, and, honestly, could not find how CEF might get aware of different cost for those two uplinks. maybe there is a way, however, these links are not equal. so equal cost multipath choice algorithms (that seem to be used by CEF), do not seem for me to be a best choice.
naderz, could you, please, comment ?
naderz, could you, please, comment ?
corower: true, you do have a point. CEF load-balancing will "alternate" outgoing traffic between the T1 and the DSL. This is in a sense called load-balancing.
We don't know the bandwidth of the DSL. That may or may not be a big factor. And, yes, depending on that factor of difference the T1 could saturate quickly, but only for the same destination. Traffic for a different destination would be placed on the DSL. So, in essence we would be load-balancing.
Given the fact that the ISP is providing the T1 and the DSL and the 891 router if one wanted to setup a load-balancing scheme in that environment quickly, then CEF per-destination would be a good candidate. My response was to the original question and given setup.
If the DSL's speed is way much larger than the T1, I would actually not bother with the load-balancing schemes and just use the T1 as backup and at some point drop the T1 altogether and go with two DSLs. The cost would probably be less actually with two DSLs.
We don't know the bandwidth of the DSL. That may or may not be a big factor. And, yes, depending on that factor of difference the T1 could saturate quickly, but only for the same destination. Traffic for a different destination would be placed on the DSL. So, in essence we would be load-balancing.
Given the fact that the ISP is providing the T1 and the DSL and the 891 router if one wanted to setup a load-balancing scheme in that environment quickly, then CEF per-destination would be a good candidate. My response was to the original question and given setup.
If the DSL's speed is way much larger than the T1, I would actually not bother with the load-balancing schemes and just use the T1 as backup and at some point drop the T1 altogether and go with two DSLs. The cost would probably be less actually with two DSLs.
ASKER
T1 speed is 6M/6M - primary
DSL is 6M/768K - backup
DSL is 6M/768K - backup
HUSupport:
Please clarify: your T1 is 6Mbps download and upload? Is it bundled T1s?
Please clarify: your T1 is 6Mbps download and upload? Is it bundled T1s?
ASKER
Upload and download same, bonded T1
In that case, what I have commented above for the 891 will get you per-destination load-balancing. This is not fancy, but it will get the job done.
ip route 0.0.0.0 0.0.0.0 T1-termination-IP
ip route 0.0.0.0 0.0.0.0 DSL-termination-IP
And, for the sake of completeness make sure CEF is enabled:
ip cef
ip route 0.0.0.0 0.0.0.0 T1-termination-IP
ip route 0.0.0.0 0.0.0.0 DSL-termination-IP
And, for the sake of completeness make sure CEF is enabled:
ip cef
naderz: as far as i understood, CEF gives only round-robin like load balancing, and single given connection always goes through single link. my concern is - as CEF does not have any capability to weight those links, it might introduce some problems. i.e. if said client heavily uses up his upload channel, filling his 768K at DSL, what happens on T1 side ? if that was simple RR, it would be impossible to get more than 768K on other link too. as enduser is almost unable to interact with CEF routing cache table, it is hardly predictable which way traffic will take. for some connections it would be a killer to go through loaded asymmetric link.
i would strongly suggest to look for another balancing solution, that will take in consideration that one of the balancing links is highly asymmetric. one of the ways could be directing asymmetric part of traffic (like HTTP and incomming file transfers) to DSL, and leave symmetric traffic (SIP, servers, outgoing traffic in general) to T1 line.
HUSupport: to understand better the situation i would like to ask -- what kind of traffic you have ? are you filling up your tube or 768K uplink has enough space for you ? as DSL and T1 is provided by single provider, are you hiding behind NAT, or are you using two independant IP ranges, or single IP range (on your side of router)? is your ISP giving you any options for load balancing / dynamic routing at all ?
i would strongly suggest to look for another balancing solution, that will take in consideration that one of the balancing links is highly asymmetric. one of the ways could be directing asymmetric part of traffic (like HTTP and incomming file transfers) to DSL, and leave symmetric traffic (SIP, servers, outgoing traffic in general) to T1 line.
HUSupport: to understand better the situation i would like to ask -- what kind of traffic you have ? are you filling up your tube or 768K uplink has enough space for you ? as DSL and T1 is provided by single provider, are you hiding behind NAT, or are you using two independant IP ranges, or single IP range (on your side of router)? is your ISP giving you any options for load balancing / dynamic routing at all ?
ASKER
Our ISP is configuring the cisco router 891 for load balancing.
Any load-balancing between the T1 and the DSL line has to be configured in the Cisco 891 since both the T1 and the DSL are connected to it. You can not load-balance circuits connected to the 891 from a device sitting behind it.
Do you have access to the Cisco 891 for configuration? If not, can your ISP configure the 891 to your needs?
What is the average bandwidth of your DSL?