Dual ISP load balancing with 2 routers and 2 FW without using BGP

Similar Messages

• Load Balancing with OSPF and maximum-paths command

  Hello,
  Just a quick query really, we have a disribution layer 3 switch, in its routing table it has 3 default routes all with the same metric from the core router, this is because the core router is setup with the comamnd "default-information originate always metric 50" which obviously proagates the default route around the area and the metric never changes from 50.
  So i have a routing table that looks like this:
  O*E2 0.0.0.0/0 [110/50] via 77.95.176.9, 06:44:51, GigabitEthernet4/9
                 [110/50] via 77.95.176.17, 06:44:51, Vlan903
                 [110/50] via 91.203.72.5, 06:44:51, Vlan262
  Three default routes with the same metric, does this mean that the router IOS will load balance traffic over all three routes evenly?  I mean i have been reading up on it and appartemtly i dont have the command "maximum-paths 3" under my ospf process?
  I have been doing some traceroutes from this switch to the internet (various sites) and all the traffic seems to be going out over the first  route in the table that next hop is 77.95.176.9
  My question is how can i verify that load balancing is taking place, or if its not then i need to add this "maximum-paths 3" command to the ospf on the local switch?  I would say load balancing is not taking place but im sure i have seen traffic from one customer being routes over all 3 paths due to matching spikes on the SNMP sensors?
  Many Thanks.
  Matt

  Disclaimer
  The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
  Liability Disclaimer
  In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
  Posting
  Yes, your traffic should use all three paths, as Rick notes, OSPF, on Cisco, normally defaults to using up to 4 equal cost paths.
  As Rick also notes mentioning CEF, how actual traffic is forwarded across ECMP can vary.  Often, the device will keep all traffic for the same flow on the same egress port, and attributes selected for actual egress port selection might be deterministic.  I.e. it's possible same traffic flow will always be sent to the same egress port.  (This means even with ECMP, you may not see an equal load distribution.)

• Multihomed eBGP load balancing with 3 ISP's

  We currently peer with 2 ISPs using BGP in an active/failover configuration.  My company wants to move to a 3 ISP model where Internet traffic is split across the 3 providers so that bandwidth is equally distributed on outgoing traffic across our 2 /22 ARIN IP ranges.  This is from our 2 edge switches that have VSS.  
  Within my limited knowledge of BGP, I have determined that we could do load sharing pretty easily by adding multiple default routes and breaking up our /22's into /24 and advertising them that way.  However, I don't think this satisfies the request that downtime must be seamless, should one link drop.  
  Currently, our ISP's advertise default routes.  From the research that I've done, we could get close to load balanced links if we receive full BGP routes and community settings and definitions.  I'm nervous about this because it looks really complicated, and I don't want our AS to turn into a transit AS.  I've been told the same can be accomplished with only partial BGP routes and community settings and definitions.  
  Personally, I think we just need a WAN load balancer.  However, given the request, is there a thread out there that can explain this, or can someone discuss this requested scenario a little bit?  
  Thanks!

  Hi there
  First question would be what is the required reconvergence time for the applications using the Internet? Should an outage occur, when do they lose their state? Once you know that, you then have a target to aim for in terms of recovery
  With regards load-balancing, with BGP we are always talking inbound and outbound.
  The outbound solution is relatively simple - each ISP advertises a default route to your Internet edge router(s). Create an eBGP session from each edge router to the core, advertise the default route and redistribute into the IGP. Ensure the IGP cost to each BGP next hop is equal and you have ECMP for outbound routing.
  Inbound influence is usually via MED (not likely in this case given 3 ISPs), adjusting local-pref in the ISP via BGP EXT communities configured your end, or via AS-PATH prepending for longer prefixes from your /22. Prepending would be simplest, but your unlikely to get an exact inbound traffic split, however a relatively even distribution should be sufficient. 

• Cache and Load Balancing with Oracle APEX Listener

  Hi,
  I intend to use only HTTP access.
  How to implement a Cache and Load Balancing with the Oracle APEX Listener?
  Is it possible to do with the the standalone running APEX Listener?
  Thanks by advance for any tips/documentation/references.
  Kind Regards.

  Hi,
  I think this question is best asked in the APEX Listener forum:
  ORDS, SODA & JSON in the Database
  Kind regards
  Sandro

• ACE 4710 and load balancing with sticky cookie

  Configuring load balancing with SSL termination and stickiness for a couple of citrix xenapp servers.  I'm doing a source-NAT as the ACE resides in the DMZ and these particular servers reside on the inside arm of the firewall.  The ACE is in bridged mode to load balance web servers that reside in the DMZ.  Everything seems to work just fine, but the cookie stickiness does not seem to be working.

  Hi David,
  As you may know, using Wireshark to look at an HTTPS capture is only useful if you've installed the server SSL key.This is why I find it easier to use something like LiveHTTPHeaders or HTTPWatch.
  When using cookie-insert, the ACE will not create any dynamic cookie entries.  It will simply create one static entry for each rserver with a cookie value, such as R3911631338, and any client that gets load balanced to that rserver will receive a cookie with that value.  So what you see there is what is expected.
  You are correct in that when using location cookies that the server supplies, the ACE will create a dynamic entry when it sees the server response with the cookie.   The cookie is included in the server's response, and the ACE will look for the value as configured.  The cookie will also be sent to the client.  If the cookie is not in the server's first response, you will need enable persistence-rebalance so that it will look in subsequent server responses.  If the browser opens new connections with that cookie, then the ACE will stick to the same server.
  My suggestion would be to get sticky working with cookie-insert first.  Then if that meets your needs, go with that permanently.  If you need to use server cookies, then once cookie insert is working, migrate your sticky to cookie location.
  Sean

• Recommended configuration for load balanced Portal with load balancer, multiple gateways and multiple servers.

  Does anyone have a recommended network, hardware and software configuration guide for a Portal installation running with multiple gateways load balanced (ie one URL) that talk to multiple servers?

  David,
  We've used Resonate (software) to load balance the gateways. It allows
  you to group all the gateways under 1 virtual URL and load balance the
  incoming connections over each gateway depending on the rules that you
  define in Resonate. Look in the SUN portal whitepapers there is one that
  talks about it specifically.
  As far as load balancing the calls to the portals, the gateways will
  automatically load balance across all the portals that they know about
  using a simple round-robin rotation. You may be able to use Resonate in
  front of the portals but you may need to activate persistance within
  Resonate to ensure that the user always ends up on the portal that he
  established his initial connection on (if you want that), check with Sun
  on this one.
  David Broeren wrote:
  Recommended configuration for load balanced Portal with load balancer,
  multiple gateways and multiple servers.
  Does anyone have a recommended network, hardware and software
  configuration guide for a Portal installation running with multiple
  gateways load balanced (ie one URL) that talk to multiple servers?
  Try our New Web Based Forum at http://softwareforum.sun.com
  Includes Access to our Product Knowledge Base!

• OracleAS 10g (9.0.4.0.2) Load Balancing  Forms, Discoverer and reports

  I am having some problems trying to load balance with Oracle Forms, Discoverer and reports Oracle Application Server Release 10g (9.0.4.0.2) and I was wondering if you could help. Has any one ever got this to work consistently? We are an ERP product written mostly in forms (904) and are trying to implement are largest customer there performance issue so we need the load balancing to work. Will also accept other recommendation as cost effective as solutions.
  Site 1:
  A: SERVER –
  •     Host as1.xyzco.local
  •     Version 10.1.2.0.2
  •     Installation Type Identity Management and Metadata Repository
  •     Oracle Home E:\oracle\inf_1012
  •     Farm as1db.xyzco.net
  o     HTTP_Server
  o     Internet Directory
  o     OC4J_SECURITY
  o     Single Sign-On:orasso
  o     Management
  B SERVER –
  •     Host as2. xyzco.local
  •     Version 9.0.4.0.2
  •     Installation Type Business Intelligence and Forms
  •     Oracle Home E:\oracle\mid_904
  •     Farm as2db. xyzco.net
  o     Discoverer
  o     Forms
  o     home
  o     HTTP_Server
  o     OC4J_BI_Forms
  o     Reports Server
  o     Web Cache
  o     Management
  C SERVER –
  •     Host as3. xyzco.local
  •     Version 9.0.4.0.2
  •     Installation Type Business Intelligence and Forms – Discoverer and Reports
  •     Oracle Home E:\oracle\mid_904
  •     Farm as2db. xyzco.net
  o     Discoverer
  o     Forms
  o     home
  o     HTTP_Server
  o     OC4J_BI_Forms
  o     Reports Server
  o     Web Cache
  o     Management
  All servers Are:
  •     Windows 2003 Standard Server with current service packs
  •     Xeon Dual Processor with 4GB ram
  •     Raid 0 drives 2 for OS and 2 for Oracle
  Daniel Brody
  ([email protected])

  I have more then half decent results with webcache as load balancer, but it still is a round robin (as mentioned before). This means that a session will not be transfered from one application server to the other once the session has been created.
  So far I did not discover any benefits of a hardware loadbalancer over webcache, because (here it is again:) you are not able to transfer open sessions from one application server to the next. This has to do with the Oracle Forms architecture. In fact it is still client-server, only with the application server functioning as extra server ;)

• Load Balancing 2 routers

  Hi all
  Can someone tell me the best way to load balance between 2 routers, can someone post a typical config ?
  thanks a million
  Carl

  Hi Carl,
  You can use the following load-blancing methods between the routers.
  1. Static routes or default route load-balancing
  2. Multilink PPP
  3. Equal/unequal cost path load-balancing with Dynamic Routing protocol.
  4. CEF load-balancing.
  Please see the DOC below.
  http://www.cisco.com/en/US/products/hw/modules/ps2033/products_white_paper09186a0080091d4b.shtml
  I have multilink PPP and static route load-balancing config handy with me. Please see below :
  interface Multilink1
  ip address 193.193.193.1 255.255.255.252
  ppp multilink
  multilink-group 1
  interface Serial0/2
  no ip address
  encapsulation ppp
  ppp multilink
  multilink-group 1
  interface Serial0/3
  no ip address
  encapsulation ppp
  ppp multilink
  multilink-group 1
  interface Serial1/1:0
  ip address 192.168.170.1 255.255.255.0
  encapsulation ppp
  no ip route-cache
  interface Serial1/2:0
  ip address 192.168.180.1 255.255.255.0
  encapsulation ppp
  no ip route-cache
  ip route 172.28.20.0 255.255.255.0 192.168.170.2
  ip route 172.28.20.0 255.255.255.0 192.168.180.2
  HTH,
  -amit singh

• CF 10 Load-Balancing with Remote Instances

  I was reading an article on Clustering/LB/HA using CF8, but have not found any updates for CF10.
  Using VM VirtualBox to setup a few virtual servers, I am looking to setup a load balancing of ColdFusion 10 on 2 remote instances. The goal would be have ColdFusion Cluster Manager be able to point http request to one of the two servers based on load/availability. Not really having a hardware cluster/failover setup, just managing resources on two CF instances instead of a standalone.
  The servers are Windows Server 2008 R2 with IIS7.5 and ColdFusion 10 Enterprise on installed on 3 of these machines. Let's call them CF-LBManager, CF-Web1, and CF-Web 2. In the CF Docs, they show the Cluster Manager adding the local CF instance and "if you want" a remote instance. However, this scenario would require the main instance to be running and not fail for it to direct to the other instance.
  I am trying to set this up now with CF-LBManager as just a manager of the requests coming in. In the Enterprise Manager >> Instance Manager, the local instance is shown and I add the two remote instances with the correct Remote Port, JVM Route, etc. I also made sure the <Cluster>...</Cluster> block was added to the two remote instances (CF-Web1 and CF-Web2) \runtime\conf\server.xml file too, Jetty Services also is running. Now under the Enterprise Manager >> Cluster Manager I add the two remote instances to the cluster, not the local instance on CF-LBManager with Multicast Port and Sticky Sessions enabled. On Submit, I get a green message "You must restart all the server instances and any configured webservers for these changes to take effect.". I go ahead and reboot the servers and come back.
  I now browse to the ColdFusion page as a test on CF-Web1 and CF-Web2 to make sure CF is running properly, they do. I then browse the IP of the CF-LBManager, however it only returns the local IIS web site and not redirect to one of the two cluster members. I am not seeing any message on the coldfusion-out.log on the remote instances. Am I not setting this up correctly or not enabling the Cluster Manager to take over and pass along the requests to those in the cluster?

  Unfortunatley I don't have a lot of experience with CF10 on Windows, but if you are running CF behind IIS I think  you will need to update the Tomcat connector configuraiton to do load balancing. I'm not sure if re-running the wsconfig tool on all of the servers will do this or not, but that is what I would suggest trying first. If that doesn't work you will need to update the Tomcat connector configuraiton manually. You can find more information on load balancing with the Tomcat connector here: http://tomcat.apache.org/connectors-doc/generic_howto/loadbalancers.html.

• CSS Load Balancing with Cookies

  We are trying to load balance 2 backend servers hosted on Websphere with advance balance cookies method.
  Restrictions
  ServerA is unable to accept cookies generated from ServerB.
  ServerA and ServerB are generating random cookies
  Unable to modify cookie string with a constant.
  How can we load balance based on cookies considering the above restrictions?
  We have attempted to do hash based load balancing with cookies but the problem we run into is the servers do not accept cookies generated from another server.
  The configuration we tried is written below:
  service ServerA
  ip address 192.168.10.2
  keepalive type tcp
  keepalive port 80
  active
  service ServerB
  ip address 192.168.20.2
  keepalive type tcp
  keepalive port 80
  active
  content ABC
  url "/*"
  add service ServerA
  string prefix "JSESSIONID="
  advanced-balance cookies
  port 80
  add service ServerB
  string skip-length 5
  string process-length 16
  string operation hash-xor
  protocol tcp
  vip address 172.16.32.1
  active
  Can we change the string prefix to JSESSION instead of JSESSIONID= ?
  The only place the app guys can add a constant string to match on is before the = sign.
  Is it possible for CSS to match on a constant string before = sign e.g below:
  service ServerA
  ip address 192.168.10.2
  keepalive type tcp
  keepalive port 80
  string id567=
  active
  service ServerB
  ip address 192.168.20.2
  keepalive type tcp
  keepalive port 80
  string id123=
  active
  content ABC
  url "/*"
  add service ServerA
  string prefix "JSESSION"
  advanced-balance cookies
  port 80
  add service ServerB
  string skip-length 0
  string process-length 6
  protocol tcp
  vip address 172.16.32.1
  active

  It should work.
  There is no reason for it not to work...
  This is the best method you can have on the CSS for stickyness.
  Get a sniffer trace on the client and server with arrowpoint cookie configured on the CSS and capture a failure so we can see what is going on.
  also send me the config so I can verify everything is ok.
  If you have a service request open with the TAC, you can also give the SR # so I can review what has been done.
  Gilles.

• CSS Load Balancing with Billing Server

  Hi Gilles
  Could I have a CSS load balancing two servers and also have it communicate with a billing server across the network. If yes then how can I do it?
  Regards,
  Sushil

  the CSS does not have the notion of billing server. A separate device - like the CSG - should be used if you need to collect billing info.
  Gilles.

• Load balancing with JSP

  Anyone and everyone,
  When configuring load balancing with Weblogic clusters, does load
  balancing take effect for all services or just EJB and RMI? Or another
  way of saying the same thing, can I setup weighted load balancing for
  the JSP engines across 2 weblogic servers.
  Thanks in advance,
  Mike

  The load-balancing documentation you read describing the different algorithms only applies to RMI stubs (e.g., EJB clients). Please see http://www.weblogic.com/docs51/cluster/concepts.html#1026091 for a description of how load-balancing/clustering works with servlets/JSPs.
  The short answer is that in using servlet clustering, most people want/need/use in-memory replication for HttpSession objects. In WLS 5.1 (and before), in-memory replication requires one or more proxy servers be set-up in front of the cluster. Typically, most people use something like BigIP to load-balance
  across the proxy servers and let the weblogic plug-in for the proxy server handle the routing to the cluster. The plug-in uses round-robin until an HttpSession is established for a user, then it always tries to route to the server where the user's session is located.
  Hope this helps,
  Robert
  Brian Lin wrote:
  All,
  I have a quesiton here regarding load balancing with DNS round robin. As of Chapter Adminstration of Clustering Weblogic server, Weblogic can be configured to balance by weight. How about Weblogic handle weight based balancing after DNS round robin ip response? or just can choose one way instead of both?
  What's the big difference between choosing BigIP and software balancing (WL)?
  Brian
  "Wei Guan" <[email protected]> wrote:
  I don't think you can configure this load balancing in weblogic in current
  release. However, if you have Big-IP or LocalDireoctr, you can set up
  weighted load-balancing there. Otherwise, weblogic proxy will use DNS round
  robin to do the load-balancing between JSP engins.
  My 2 cents.
  Cheers - Wei
  Michael Yakimisky <[email protected]> wrote in message
  news:[email protected]...
  Anyone and everyone,
  When configuring load balancing with Weblogic clusters, does load
  balancing take effect for all services or just EJB and RMI? Or another
  way of saying the same thing, can I setup weighted load balancing for
  the JSP engines across 2 weblogic servers.
  Thanks in advance,
  Mike

• Load-balancing with OCI connections

  Gurus,
  Oracle Identity Federation (OIF) can leverage an Oracle database as its transient data store in which case it uses JDBC-OCI connections to connect. However, there is no provision in OIF of defining multiple databases for load-balancing purposes.
  Is this achievable using some load-balancer in front of multiple database instances and using a virtual hostname/IP in tnsnames.ora which OIF refers to?
  -Vinod

  I would say that using two seperate databases (with replication)
  as the backend would mean that one database, at any time,
  might be lagging the other, depending on which tables are updated
  and how replication is implemented.
  Connect Time Failover, rather than Load Balancing, might be an
  implementation -- to handle Instance Failure (eg node / site has gone down).
  Instead of Load Balancing.
  Load Balancng between two seperate databases would be usable
  if you are sure that either of
  a. The underlying data doesn't change
  OR
  b. The application and users are aware that they might see different data
  if there ARE changes to the data, not yet synchronised between the two DBs.

• Load Balancing with BigIP / SSL question

  I have an oddball question. We're load balancing ColdFusion
  MX7 across 3 servers using a BigIP load balancing server. We
  decided to go the hardware approach and it has been great except
  for one small configuration issue.
  We use a mix of SSL and non SSL pages, prior to the switch
  from a single server to a load balanced setup I used to script that
  would determine if a page that was supposed to be SSL had the
  variable CGI.HTTPS turned on or off. If it was off, the page would
  redirect back to itself with the SSL turned on.
  The problem we have is that we followed BigIP's instruction
  to secure the load balancing hardware instead of the three servers
  running behind it. So what happens is that the traffic goes to the
  load balancer port 441, but then the calls from the load balancer
  to the individual servers is port 80. So even if a page is called
  as HTTPS://... the coldfusion server says that CGI.HTTPS is "off"
  since the traffic is port 80.
  This isn't much of a problem, our SSL pages are linked as
  HTTPS:// and the only problem would actually arise if someone was
  to type in the URL and call it as HTTP rather than HTTPS.
  My questions is this, does anyone know of a way that I can
  detect if the page should be HTTPS and is not without changing our
  configuration and putting SSL certificates on each individual
  server?

  Hey,
  Well the load balancing with the BigIP device is really very
  amazing. I think
  what i liked most was swapping out servers when their lease
  was up, through the
  BigIP manager I just stopped all traffic to a server, shut it
  down, plugged in
  the new one and turned traffic back on. It was really very
  easy.
  The SSL stuff still gives me a headache to think about. but
  I should mention I
  no longer work where I was, plus now I'm all .net C# but
  that's a different
  story.
  I think if I was going to do this all again I would not have
  secured the bigIP
  unit. It was nice to buy one SSL cert for all the servers I
  attached rather
  than one per server, but getting the SSL sites to work
  properly was a headache.
  We also use windows file replication where now I would go
  with like a pair of
  Dell MD1000's mirrored for storage and just have tons of ram
  and cpu on the
  front end units. Depends what you want to spend I guess. I
  think the bigIP unit
  we bought was like 20 grand, i think they are cheaper now
  though.
  Hope I helped.

• How does load-balancing with WebCache work - is there still a bottleneck?

  Hello,
  We're migrating an old Forms 6i app to 10.1.2.0.2 (apps servers = Redhat Linux), and are starting to consider using WebCache to loadbalance between two application servers.
  My question is this - say we have apps servers A and B, both running Forms and Reports Services. We use Webcache on server A (don't have the luxury of a third apps server...) to load balance between A and B. So all initial requests come into A, which in some cases may then be diverted to start a new Forms session on B.
  For those users whose middle-tier sessions are now running on B - will all network traffic for their Forms session continue to be routed through Webcache on A, then to B, over the course of the session? Or does Webcache somehow shunt the whole connection to be straight between the client PC and server B, for the duration of that Forms session?
  If the former, does that mean that the server hosting Webcache can still be a significant bottleneck for network traffic? Have people found load-balancing with Webcache to be useful..?
  Thanks in advance,
  James

  Hi gudnyc,
  Thanks for posting on Adobe forums.
  For HDPI you do not have to do any It will adjust automatically.
  http://helpx.adobe.com/photoshop-elements/using/whats-new.html
  Regards,
  Sandeep