Friend of mine has a setup out in the sticks, currently with two ISPs: Hughesnet satellite, and a line-of-sight WiFi provider; they're also getting a cel tower within range soon and he's looking at adding an HSPA/LTE connection via that as well.the first gives him a static IP and ridiculous speed and bandwidth at night... but far less speed and a painfully low bandwidth cap during the day (you go over, you pay through the nose).
The second gives lots of bandwidth but poor speeds (difficult to even watch a YouTube video) and a constantly-changing dynamic IP.The third, once implemented, will give him good speeds and decent bandwidth (I believe up to 10GB/mo) but again, will get spendy if he goes over that limit.Right now, I've got him set up with both routers plugged into the same network, multi-homed the NICs on his machines (192.168.0.* for Hughes, 192.168.1.* for LOS) and a little script on each computer that will change the default gateway to let him select which ISP he wants to use... however, it's going to get trickier with a third, and will make it even tougher to keep track of the bandwidth used on each one... especially with multiple computers, a DVR, and two users.
So I'm looking for some way to automate all this... something that will, say, use the HSPA feed most of the time for his whole home network, switch to LOS if it gets near the cap, and switch everything over to the satellite automatically during "unlimited" hours. Again, I'm not opposed to setting up something PC-based with the appropriate software, although for my own sanity, it would really need to be Windows-based (I'm way below n00b with Linux).
I want to link ASA 5505 to two ISP's for backup purpsose. I can see this configuration example here url...
Question - does the ASA 5505 do load balancing as well for both connections - is there an example somewhere? (I do not want to buy two ASA 5505's!) which seems the only way I could find configuration details for!
what you're doing to load balanace internet traffic? I'm interested in load balancing internet traffic (outbound -AND- INBOUND) using multiple (at least 2) ISPs. Some of the methods I have used in the past have certain weaknesses.. basic DNS load balancer (relies on multiple IP addresses per host), OER/PFR (ability to control INbound is limited unless complex configuration and coopearation with ISPs)... This is kind of a broad open ended question.. It seems like something that would be a common issue and am wondering what other are doing with the capabilities 2800, 2900, 3800, 3900 series routers..
I came up with a few ideas to Load Balance based on multiple ISPs. In our network setup we have a distribution layer of 3750s going to an ASR 1000 Series Router, which goes out to multiple ISPs, ISP1 and ISP2.
we also have a virtual fortinet appliance behind the 3750. If I say all traffic going to 0 - 126 goto ISP1, and 128 - 254 goto ISP2,and then obviously whatever NATd IP the customer has (ISP1 or ISP2), the return traffic will have to go to that specific IP. The traffic will allgo back to the virtual fortinet on the same interface, so I would assume I would be safe with uPF.I don't know of any ways to load balance based on Link Optimization, without implementing a load balancer?
Is it possible to configure multiple ISPs in 3560? and These ISPs traffic should be forward different vlans & different ports. i need configure port wise DHCP also and using different ip addresses please, which device supports this application
Looking to replace an "all-in-one" type firewall (UTM/Firewall, SSL VPN) with a cisco product - the issue i'm running into is that we have multiple ISPs plus WAN and DMZ - overall more than 5 ports on mid-range ASA devices - and from what i read, adding 4-port module precludes me from adding CSC module.
Is there an solution to that other than going for 5585-x model? (kind of over our budget, granted we need 2 for failover)
i'm trying to accomplish the following:I want to trasport a bunch of vlan layer 2 etherchannel on a pair of layer3 connections, using L3 to load balance.i was considering a pair of options:
1) bridging + gre (non applicable since i cant bridge 2 interface beloging to a etherchannel to a tunnel)
2) L2TP is it possible to accomplish this with the above tecnology? any reference, configuration example?
3) AoMLPS is it possible to accomplish this with the above tecnology ? any reference, configuration example?
I cant modify topology, the routers used are ASR1001 It is mandatory that both sites have a layer2 connection between them.
I have a Cisco 2811 router with two HWIC-ADSL cards configured for dsl connection. I have two lines from the same ISP and i am load balancing between them. I have created a couple of SLA's to check the state of the connections and add to the routing table the two default routes if both are up or any one of them is up.My problem is that when i try to download big files (especially antivirus updates) the download at some point stops (especially the antivirus exits with an error of unreachability). If i shut down one line everything works fine.Could i use something (configuration-wise) to prevent this problem from happening?????Is there any way i can combine the two lines? They are simple ADSL connctions with static ip's.
One of our customer just purchased ASR1002 router, they have three internet links from different ISPs and they dont have any remote site, they have three different public IP pool as their respective ISPs. So, is it possible to load balance the internet traffic using all three link on Cisco ASR router ( IOS - Advance Enterprise Services)
I need to configure DSL Load Balancing on Core Cisco Switch 4506-E. I have a Router Cisco 2811 with 2GE Ports and a Firewall Cisco ASA5505. I have 8 Physical DSL Connections with 1Mb each. I need to combine that 8 Mb on Core Switch and allow each end user to access the Internet via the available DSL connection which means that every user has 8 Mb available.
We have an ASA5520 pair that we will be installing to load balance SSLVPN connections. Below is a portion of our configs pertaining to the VPN load-balancing feature (configured on both ASAs):My specific question is related to routing of return traffic to load-balanced VPN sessions. Is there some kind of persistence function that tells the return traffic which ASA to route back to? For instance, if ASA1 has a VPN connection having IP address 10.211.112.1 associated to it, and ASA2 has a VPN connection having IP address 10.211.112.100, how does the return traffic for each connection know which ASA to route back to?
Currently we have deployed site to site vpn between 2 asa 5510 model. one is corporate site and one is remote site. now we plan to use radware load balancer in which 2 isp will terminate. now if at a remote site wecreate only 1 ipsec tunnel and mention sigle isp peering. if one isp fails at corporate how remote site will be access by site to site vpn through 2 isp vpn. what thing we need to do over asa as well as load balancer at both end.
We have plans for multiple ISPs and need to pick the correct device/architecture for that. single site: 3 ethernet hand offs (1 From ATT Fiber/10Mb pipe via their managed router, another one from ATT via Copper T1 via a separate circuit & managed router and the 3rd/last from Cable Modem/Comcast)
1.WAN hand off from another ISP from I will use ASA 5510 (already have) to use all the above 4 as inputs and then use the internal interface of the ASA 5510 as the default gateway for all the employees to browse the internet etc. so that1. If one one or more of the ISP lines die, we continue to operate (albeit lower bandwidth)
2. Also, we take advantage of the added bandwidth (even though it may not be the arithmetic sum of all the above).
We have Cisco CSS 11501 and connected in One-Arm way.Currently there are 4 source sending traffic and 3 server to receive the request. We are using Advance-balancing with Source IP. So the ratio become 2:1:1 or 1:2:1 or 1:1:2.But our target is to do the load balancing in equal ratio.
this router (RV016v3, Firmware: v4.1.1.01-sp (Dec 6 2011 20:03:18)) in regards to it not properly directing UDP packets out of the right WAN, as per the settings stored in Protocol Binding section of [System Management, Multi-WAN].I use the section to direct all traffic from desktop computers (192.168.5.100 ~ 192.168.5.199) through WAN4, and all VoIP related traffic (192.168.5.200 ~ 192.168.5.239) through WAN2(PPPoE).Everything seems to be working well except for some of the UDP traffic from 192.168.5.200 which is seen in the log going out of WAN4 instead of WAN2.I have even created a new entry for [UDP/5060~5060]->192.168.5.200~192.168.5.200(0.0.0.0~255.255.255.255)WAN2, and placed it at the very top of the list.Here are a few lines that I've observed in the log: (Refreshed the registration of two SIP Trunks configured in our PBX)
Feb 23 18:11:47 2012 Connection Accepted UDP 192.168.5.200:5060->184.72.227.214:5060 on eth4 Feb 23 18:11:46 2012 Connection Accepted UDP 192.168.5.200:5060->50.56.59.168:5060 on ppp2 Feb 23 18:11:46 2012 Connection Accepted UDP 192.168.5.200:5060->184.72.227.214:5060 on eth4 Feb 23 18:11:46 2012 Connection Accepted UDP 192.168.5.200:5060->50.56.59.168:5060 on ppp2
There are no static routes configured, so i'm baffled by what could cause some of the UDP packets to go through the wrong WAN.All TCP Traffic from 192.168.5.200 is seen going though WAN2 as it should.
I want to load balance my Internet traffic between two ASR 1001 routers that are connected to our core switches. Both routers are connected to the same ISP (Comcast) going to the same BGP AS on different /30 subnets. Is there a way for me to load balance my Internet traffic using both connections with BGP rather than having one of these connections sitting idle? If not, the only solution I see is to configure my layer 3 devices to split internet traffic between both routers (i.e. default routes with same AD).
We have a network topology like 2821 router with MPLS link and 881 Router with DSL Connection(DMVPN).
MPLS Link runs in BGP DSL Connection runs in EIGRP.
So the existing scenario is like When ever MPLS link goes down Traffic will be moved to DSL connection. and once it come again it will be moved back to DSL using HSRP we are doing this. in this case most of the times my DSL connection will be in standby mode.Now my management decided to use both the links in active state and want to do some load balance between the links for some specific traffic like Internet, WSUS Updates, Antivirus updates need to go through the DSL connection even the MPLS is up and running.
I have a rv042 router with two internet connections. I have setp the WAN1 and WAN2 and set the load balance mode. Surfing on internet is then not a problem and I checked that I was using the two internet connection.However if I try to connect to my corporate (OWA) outlook web access i am looping on the first page where I should provide my credentials.I know that most of the load balancer could be set up with a sticky bit to keep the session on the same WAN connection.
I have two Internet connections which are connected to two ISR 2951s. Also I have two ASAs 5545-Xs, which I want to use in Active/Active failover mode with multicontext. The question is: how can I configure ASAs to perform ISP load-balancing as well?
I'm setting up a warehouse near Dayton, OH which will require a high level of network availability as there will be no local IT staff. To that end I've decided that a router that supports load balancing of 2 WAN connections, HA, and a T1 interface would be ideal. To clarify the load balancing requirement, the location will have redundant internet access plus a point to point T1 to the main office to facilitate low latency connectivity between a warehouse management system and ERP back-end. Total user count at the warehouse is 5 and 20 at the main office. Neither location has tremendous bandwidth requirements.
I have little practical experience in this area, but I have come up with 2 solutions thus far.
The Juniper solution is likely a safer route given access to vendor support, however, this option becomes rather spendy as I'd like to use the same configuration at the main office which will require 4 units. The Vyatta option, although probably less proven and a bit more risky, could run on a pair of Sun x4100 systems at each location which I can purchase for around $200 each plus the cost of the Sangoma cards.
SIP Load balancing Issue with ACE 4710?I have a Cisco ace 4710 with vesion Version A4(2.2). i configued simple SIP load balancing first without stickiness. without stikeiness we are having a problem because bye packet at the was not going to the same server all the time that left our port in used even though user hang up the phone. its happen randmly. i have a total 20 licenced ports and its fill out very quickly. so i dicided to use the stickiness with call-ID but still same issue. below is the config
rserver host CIN-VOX-31 ip address 172.20.130.31 inservice rserver host CIN-VOX-32 ip address 172.20.130.32 inservice
I bought one of these I am very disappointed by the management interface which is very limited/restricitve.I completely agree with Antonio here. In my case, most of my traffic is HTTPS sobinding https ports to a given WAN port makes the load balancing completely useless!!I also hope there will be a software update including the possibility to keep the session on the same WAN connection.
We have two asa5520 configured as primary and standby unit in fail over configuration, and all is working properly. Is it possible, with this configuration (fail over), to configure vpn load balancing/clustering?
To start with following is our architectural request flow:
Load Balancer --> Webseal /(reverse proxy) --> HTTP Server --> Portal Server
We have Hardware Load Balancer Cisco ACE20. When we access our portal from Webseal server it works totally fine without any issue, but when we access the same application using ACE we face the following issues:
1) Some of the links on do not work. For eg: We have a link "subscribe" which points to [URL], whenever we click on this link, the request is directed to [URL] i.e homepage
2) URL redirection does not work We have some links which have a url forwarding or redirection for example when we open [URL] it forwards the requests to [URL] opendocument....., but this redirection fails and again the request is thrown to homepage i.e., [URL]
3) The response of the request and the overall portal when accessed via ACE is very sluggish and it takes 20 seconds for homepage to load, whereas the homepage loads in 4 secs when accessed via webseal.
We have an ASA5510 with two ADSL lines connected and the auto fail-over set up - this is all tested and if the main line fails, the backup line is used in it's place - no problem there.
However, I'd like to increase our connection speed, and one way I've done this in the past is to add a couple of extra ADSL lines to a router that is capable of load balancing.
I'm aware that the ASA5510 does not load balance (seems a waste as we've got the backup line just sitting there doing nothing!), but would it be feasible to add another router in front of the ASA device to perform this load balancing function?
