2

Attached is a simple network diagram and some example public IP space I would have.enter image description here

The Cisco 1800 is currently not being used but can be used (or new hardware can be purchased) The firewall is a German firewall and documentation is a bit hard to find on it.

  • I don't think BGP is an option since there it is a small block of IP space.
  • NAT is currently being done by the firewall

As far as I know my only option would be to use 2 default routes with SLA tracking.

Any other ideas or suggestions?

evolvd
  • 1,374
  • 6
  • 33
  • 58
  • There's a lot of devices and [soft routers](http://doc.pfsense.org/index.php/MultiWanVersion1.2) that can do two ISP load balancing. It's usually just cheaper and easier to do failover though, one high-speed cheap connection (cable modem or dsl) and one expensive reliable connection (T1 et al). Depends on your exact requirements though. – Chris S Jan 05 '12 at 18:25
  • 2
    Take a look at http://serverfault.com/a/304266 - does that cover most of your questions? – Shane Madden Jan 05 '12 at 18:25
  • So, I take it my only option without BGP is using 2 default routes with SLA tracking? – evolvd Jan 05 '12 at 18:31

3 Answers3

4

99% of load-balancing is knowing what you're trying to balance.

If you're trying to simply balance ANY and ALL IP-based traffic between two separate ISPs... you'll definitely need BGP or other similar border-routing protocol. But this will have to be negotiated with BOTH ISPs in order to make it happen.

If you're trying to load balance outbound traffic... many high-quality routers will allow you to do this with minimal effort. Without details of the kind of router... and it's capabilities... I can only guess.

If you're trying to load-balance inbound traffic... you're in for a fight. Quick & dirty DNS-based stratigies for distributing load (round-robin DNS... geographic-based DNS... etc..) are quite abundant... but they do not distribute load evenly. Other solutions are less-than glamorous... and most are dependent on having the IPs available from both ISPs.

TheCompWiz
  • 7,349
  • 16
  • 23
  • I listed that I have a Cisco 1800... Failover is my main concern and load balance is next. As I stated also, with the option of BGP it seems that my best best is to use 2 default routes with SLA tracking. – evolvd Jan 05 '12 at 18:38
2

You could split up your lan in two and make two respecting NAT pools on the Bintec or the Cisco, and share the load (outbound only obviously).

This would be load-sharing and not load-balancing, ie one link may be saturated while the other could be idling.

Bintec routers are quite easy to set up if you compare with Cisco routers. Default username/pass: admin/bintec or admin/funkwerk (Bintec was bought by Funkwerk). All configuration can be done either with some quite obscure commands or the setup utility, which displays a text menu.

There is also webserver on the router to configure it, but I never used it (always working remotely) and I don't know if it's enabled by default.

Some commands (which can be abbreviated):

Displaying the mac table:

router> ipnettomedia
router> ia

Displaying the routing table:

router> netstat -r

Displaying interfaces:

router> netstat -i
router> ifconfig

ifconfig displays interface IDs, not names.

Setup utility:

router> setup

Setup utility hides passwords, by replacing them with asterisks. You can avoid this behavior with the -p switch:

router> setup -p
petrus
  • 5,287
  • 25
  • 42
  • A word of caution though, if the Bintec is not yours but one of the ISP's, you may not be allowed to log in or to change its configuration. – petrus Jan 05 '12 at 21:30
0

Since BGP is not an option I was looking for another solution to provide failover and load balancing. This site does not have any 1-to-1 NATs in place so the networking is pretty simple. I decided to go with a SonicWall TZ200 for the failover and load balancing.

evolvd
  • 1,374
  • 6
  • 33
  • 58