At 5:41 PM +0000 3/10/03, Logan, Harold wrote: >I have a question about this setup, but it's more deisgn-oriented than >configuration. What's the benefit of having redundant ISPs if they both >connect to one router?
Single router with multiple ISPs: Protects you against failure in the ISP routing system. Both ISPs still may get bad routing data. No guard against router or local loop failure. Multiple routers to different POPs of the same ISP: Protects you against local loop failure, lets you contract for physical route diversity within the ISP. No guard against ISP-wide routing failure. You may be able to negotiate multiple upstreams. Multiple routers to different ISPs: may or may not protect against local loop failure, depending on how far apart you place the routers. Potentially decent protection against routing failure. Still vulnerable if there is a common upstream. >I realize that a WAN circuit is more likely to have >problems than the router hardware is, but it seems like both the >configuration problem and the single point of failure can be addressed by >adding a second router. From there, I see two options. #1, break up the LAN >into two DHCP scopes (if DHCP is used) and assign the IP's of both routers >as the default gateway, but alternate them. Scope 1 would have R1's IP as >the primary default gateway, and R2's as the secondary, and vice versa for >scope 2. #2, Use a layer 3 switch at the core of the LAN, and configure >routed ports. Give the switch two default routes with the same AD, and it >will load balance between the two routers. > >Does either of these sound feasible? > >Hal > >> -----Original Message----- >> From: Terry Oldham [mailto:[EMAIL PROTECTED] >> Sent: Monday, March 10, 2003 11:07 AM >> To: [EMAIL PROTECTED] >> Subject: Re: Load Balancing and NAT [7:64904] >> >> >> The T1's are from different providers, Qwest and Sprint. And >> no we will not >> be running BGP... >> >> >> ""Troy Leliard"" wrote in message >> news:[EMAIL PROTECTED] >> > First big question, are your T1's from the same provider, or from a >> > different provider, and thus different "public" ip address >> space? If it >> is >> > from a different provider, you may well run into some >> problems with NAT. >> > >> > Say for example, client A connects to your webserver (via >> ISP A's public >> IP >> > address that is assigned to you, say x.x.x.x) which is then >> Nat'd to your >> > internal RFC1918 address That will work all fine and >> dandy, but what >> about >> > if your default gateway is ISP B's T1. Outbound packets, >> returning to >> > Client A, will be NAT'd to ISB B's outside address, say y.y.y.y. If >> Client >> > A is behind a stateful firewall, return packets will be >> dropped, as it >> will >> > have ISP B's SRC address, and it will be expecting ISP A's. >> > >> > There are a number of ways around this, but I will wait for >> more detauls >> > before going on. Presumably you are not / will not be >> running BGP, and >> have > > > your own AS? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=64989&t=64904 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]