There is Cisco router of 7200 series with 4 FastEthernet interfaces (FE) and 2 serial ports. It should act as load balancer and failover for LAN connected to it via one FE 1/0 interface while two identical Internet connections are going to FE 0/0 and FE 0/1 (let’s name these connections as ISP_1 and ISP_2).
No dynamic routing protocols are used by ISPs but only static routing. The primary task is to ensure quick failover between two Internet connections so LAN users are automatically switched to ISP_2 if ISP_1 fails and vice versa. When both ISP_1 and ISP_2 are online the traffic of LAN users should be shared between two links to double available bandwidth on uplink (Tx) and downlink (Rx), in other words the router should be configured for load balancing between the links. You can see a network diagram below:
Load balancing setup description
There are two basic options available: per-destination or per-packet load balancing. Since ISP_1 and ISP_2 connections have almost the same link characteristics including delay, jitter and bandwidth, it is reasonable idea to pick per-packet option. In comparison to per-destination load balancing approach per-packet uses more router’s hardware resources but makes it possible to share traffic between connections more evenly. For better forwarding performance the router will be configured for Cisco Express Forwarding or simply CEF per-packet load balancing.
Failover description
Every 30 seconds the router will ping two IP addresses through ISP_1 and two other IP addresses via ISP_2. If both IPs via ISP_1 becomes unreachable (we assume that ISP_1 connection fails in this case) the router will delete ISP_1’s route from its routing table so ISP_2 becomes the only Internet connection for LAN users. Meantime the router still continues pinging two ISP_1’s IP addresses and once they become reachable back ISP_1 is added to ISP_2 as an active Internet connection link. Such failover scenario works in absolutely the same way for ISP_2. Usually this is reasonable idea to ping IP addresses of each provider’s DNS servers when monitoring availability of each ISP.
Miscellaneous details
Notice that CEF per-packet load balancing requires IOS version of 12.0+ while failover setup described above needs 12.4+ IOS version so you have to make sure your Cisco router runs at least 12.4 version of operating system. E.g. c7200-ik9o3s-mz.124-12c.bin would be ok.
Cisco router’s configuration with comments
! This line enables Cisco Express Forwarding (CEF) ip cef ! ip sla monitor 1 type echo protocol ipIcmpEcho 10.0.0.100 source-interface FastEthernet0/0 ! IP address 10.0.0.100 is primary DNS of ISP_1 timeout 1000 threshold 250 frequency 30 ip sla monitor schedule 1 life forever start-time now ip sla monitor 2 type echo protocol ipIcmpEcho 10.0.0.101 source-interface FastEthernet0/0 ! IP address 10.0.0.101 is secondary DNS of ISP_1 timeout 1000 threshold 250 frequency 30 ip sla monitor schedule 2 life forever start-time now ! ! ip sla monitor 3 type echo protocol ipIcmpEcho 20.0.0.100 source-interface FastEthernet0/1 ! IP address 20.0.0.100 is primary DNS of ISP_2 timeout 1000 threshold 250 frequency 30 ip sla monitor schedule 3 life forever start-time now ip sla monitor 4 type echo protocol ipIcmpEcho 20.0.0.101 source-interface FastEthernet0/1 ! IP address 20.0.0.101 is primary DNS of ISP_2 timeout 1000 threshold 250 frequency 30 ip sla monitor schedule 4 life forever start-time now ! ! track 1 rtr 1 reachability track 2 rtr 2 reachability track 3 rtr 3 reachability track 4 rtr 4 reachability ! ! Tracker for ISP_1 track 10 list boolean or object 1 object 2 ! ! Tracker for ISP_2 track 20 list boolean or object 3 object 4 ! ! Interface connected to ISP_1 interface FastEthernet0/0 ip address 10.0.0.2 255.255.255.0 ip load-sharing per-packet duplex auto speed auto ! ! Interface connected to ISP_2 interface FastEthernet0/1 ip address 20.0.0.2 255.255.255.0 ip load-sharing per-packet duplex auto speed auto ! ! Interface connected to LAN interface FastEthernet1/0 ip address 192.168.100.2 255.255.255.0 ip load-sharing per-packet duplex auto speed auto ! ! Two equal cost static routes to ISP_1 and ISP_2 ip route 0.0.0.0 0.0.0.0 10.0.0.1 track 10 ip route 0.0.0.0 0.0.0.0 20.0.0.1 track 20 !
You are almost correct. This looks good in theory but does not actually work. The reason being your SLA statements are not an accurate representation of the actual connectivity. In order for this to work, you must also add static PERMINANT routes for each of the DNS servers that the SLAs track out their perspective gateways. Without this addition you will never get this to work. I know because I do this all day long every day.
Hi Karl,
Can you please send a sample config with the static permanent route for two ISP
along with the natting for two wan interface with same Lan subnet and Interface.
Thanks in advance
Thanks to all who can help with the sample config Paste !
What does threshold do?
Dear all,
can we have the step by step config on how to finish this configuration like it was done above by
“Cisco Load Balancing with Failover setup example”
Your time is very appreciated.
Regards Mokhtar
hi all,
Excellent jobs. I try this configuration On may router with one LAN interface it was successful. But with two LAN interface it was not success. In my case a have 2 ATM interface for ISP connection, 1 with PPPoE configuration the 2nd with Bridge Group, 1st LAN for User and 2nd LAN for the Server access only from Bridge Group. The First LAN can’t sharing connection on the two Internet ISP.
Some one can have recommendation for me !!!