Assuming you have a dual ISP connection to the internet, the best thing
may not be automatic fail-over. Instead of having one ISP connection lying
there, just waiting for the primary link to fail, you can configure load
balancing to have some of your traffics go through that link. This will help
speed up your connections and avoid congesting your primary link. To do this, I
am going to use route-maps and ACLs. It is very easy and straight forward.
Let’s do it.
may not be automatic fail-over. Instead of having one ISP connection lying
there, just waiting for the primary link to fail, you can configure load
balancing to have some of your traffics go through that link. This will help
speed up your connections and avoid congesting your primary link. To do this, I
am going to use route-maps and ACLs. It is very easy and straight forward.
Let’s do it.
For this test, I have a Cisco router with the following details:
f0/0 connects to ISP1 on IP 192.168.1.2/30
f0/1 connects to ISP2 on IP 192.168.2.2/30
f1/0 connects to the LAN on IP 192.168.3.1/24
We have two hosts on the LAN. Host A has IP 192.168.3.2/24 while host B
has IP 192.168.3.3/24.
has IP 192.168.3.3/24.
Objective: my objective is to load balance across the two ISP links such
that host A internet-bound traffics will go through ISP1 while those of host B
will go through ISP2
that host A internet-bound traffics will go through ISP1 while those of host B
will go through ISP2
Implementation:
On my router, I will do the followings:
>> Create an access-list to match host A’s IP address (to be
called ISP1-Users)
called ISP1-Users)
>> Create an access-list to match host B’s IP address (to be
called ISP2-Users)
called ISP2-Users)
>> Create a route-map to match host A’s traffics and set his
gateway to ISP1
gateway to ISP1
>> Create a route-map to match host B’s traffics and set his
gateway to ISP2
gateway to ISP2
Access-list
I will use a named extended access-list. This will make it easy to add
more IP addresses depending on how many hosts you want to give internet access
through ISP1 or ISP2 as the case may be.
more IP addresses depending on how many hosts you want to give internet access
through ISP1 or ISP2 as the case may be.
R1(config)#ip
access-list extended ISP1-Users
access-list extended ISP1-Users
R1(config-ext-nacl)#permit
ip host 192.168.3.2 any
ip host 192.168.3.2 any
R1(config-ext-nacl)#exit
R1(config)#ip
access-list extended ISP2-Users
access-list extended ISP2-Users
R1(config-ext-nacl)#permit
ip host 192.168.3.3 any
ip host 192.168.3.3 any
Next, we create a route-map
R1(config)#route-map
ISP1-Users
ISP1-Users
R1(config-route-map)#match
ip add ISP1-Users
ip add ISP1-Users
R1(config-route-map)#set
ip next
ip next
R1(config-route-map)#set
ip next-hop 192.168.1.1
ip next-hop 192.168.1.1
R1(config-route-map)#route-map
ISP2-Users
ISP2-Users
R1(config-route-map)#match
ip add ISP2-Users
ip add ISP2-Users
R1(config-route-map)#set
ip next-hop 192.168.2.1
ip next-hop 192.168.2.1
R1(config-route-map)#
The two IP addresses referenced in the route-map statements are the two
ISP gateways. 192.168.1.1 is the gateway to ISP1 while 192.168.2.1 is the
gateway to ISP2. The disadvantage to this kind of setup is that hostA will remain down when ISP1 goes down even though ISP2 is up. The setup can be updated to allow hostA switch switch to ISP2 whenever ISP1 is observed down. I will be sharing this in a different setup. Thanks for reading and remain safe.
ISP gateways. 192.168.1.1 is the gateway to ISP1 while 192.168.2.1 is the
gateway to ISP2. The disadvantage to this kind of setup is that hostA will remain down when ISP1 goes down even though ISP2 is up. The setup can be updated to allow hostA switch switch to ISP2 whenever ISP1 is observed down. I will be sharing this in a different setup. Thanks for reading and remain safe.