Dual ADSL WICs in a 2811? 1

[bosseye]

Hi,
Our problem is location - we can only get regular contended ADSL lines (ie. 2Mbps / 256Kbps) - so we have a bandwidth problem. We make extensive use of CME4/Asterisk, but this all falls apart when our Exchange/Web servers and users load the WAN.

We have a 2811 with one ADSL-WIC, and we have another spare WIC right here ready. We're not necessarily after load balancing or anything fancy, just the ability to have two ADSLs into our 2811 and the ability to split traffic (statically) between them. Does anyone have a proven config?

I'm imagining that NAT and the (single) default gateway addr of the router might cause a problem here, also re: some posts elsewhere state the 2 x WICs weren't an envisaged solution.

Appreciate any help - TIA.

 

[MDW19873]

Do you have a second line with your current DSL provider? If not, we can't really use the second WIC, or you'll have to get another line.

Does the ADSL line use PPPoE, PPPoA, or RBE?

Also, there are some QoS options available to you.

A+, i-Net+

 

[plshlpme]

at home i have a 1760 with two wic-1enet's and i have two dsl connections running into it no problem.. (6mb/800k and 4mb/800k) two different providers.

i dont see any reason why you couldnt run two adsl wics..
but as mentioned above you will need a seperate phoneline per dsl service.

i have one connection dedicated for hosting services and one dedicated for internet use so instead of a default route i used a route map..
if both your connections are simply for web access and you have no incomming connections that you could probably just use two equally weighted default routes to load share over both links..

 

[bosseye]

Sorry - I should have been more clear - we do have a second ADSL line from the same provider (Metronet / PlusNet), we're just waiting on some clarity re: 2 x ADSL-WICs before connecting it. Our ADSL is PPPoA. We tried both WICs at the same time and could get both lines up, but the second line appeared unused - we're looking for a way to make sure traffic uses it. br

 

[MDW19873]

Route maps are probably your best bet as you want to control what traffic goes where.

Here is some documentation on them:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/qos_c/qcpart1/qcpolicy.htm

You're going to have to do something similar to this:
-----
access-list 100 permit tcp 192.168.1.0 0.0.0.255 any eq www
access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq telnet

route-map NAME permit 10
match ip 100
set interface ATM0/0
route-map NAME permit 20
match ip 101
set interface ATM0/1

interface FastEthernet 0/0
ip policy route-map NAME
-----
Basically you have to configure your access lists based on what traffic you want to use what ADSL line.

Then you configure your route map to match and route the traffic.

Then you have to apply the policy on your local networks FastEthernet interface.

I'm pretty sure that should do the trick.

A+, i-Net+, Network+, CCNA, CCNP

 

[bosseye]

Ok I'm reading it now - and thanks - but elsewise - is all I need additional the following:

ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 0.0.0.0 0.0.0.0 Dialer1
!
ip nat inside source list 101 interface Dialer0 overload
ip nat inside source list 101 interface Dialer1 overload

Obviously we have to get both ATM interfaces and Dialers up, but can you think of anything I've missed, or would be good as an addition.

br + thanks.

 

[MDW19873]

Something I would suggest with your default route would be finding the next hop IP address. I would assume it would be the same for both lines. Remember, only one default route will be put in the routing table.

Also, you can always set a default interface in your route-map. That might take care of it instead of using the default route, but I'm not sure. I'd have to test it. Its been a while. All you would have to do is
-----
access-list 111 permit ip 192.168.1.0 0.0.0.255 any

route-map NAME permit 30
match ip 111
set default interface dialer0
-----

As for the NAT, I do believe that is all you would have to do. Just make sure you have "ip nat outside" on both of the dialer interfaces as well.

A+, i-Net+, Network+, CCNA, CCNP

 

[bosseye]

Thanks - will try this over Easter when we can afford to down the network. Sincere thanks for your help - much appreciated. br

 

[voltron1011]

This is how I set up my lab router... One interface is our corperate lan (which goes to the internet). The next interface is a DHCP Cox cable connection. The last is the actual LAN that I was testing from:


!
!
!
interface FastEthernet0/0
description Test-LAN
ip address 192.168.1.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet1/0
description ISP-A (our corp lan to internet)
ip address 10.100.7.200 255.255.255.0
ip nat outside
duplex auto
speed auto
!
interface FastEthernet2/0
description ISP-B (COX Cable DHCP add.)
ip address dhcp
ip nat outside
duplex auto
speed auto
!
ip nat inside source route-map ISP_A interface FastEthernet1/0 overload
ip nat inside source route-map ISP_B interface FastEthernet2/0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet1/0 10 name ISP_A
ip route 0.0.0.0 0.0.0.0 24.234.232.65 251 name ISP_B
ip http server
!
route-map ISP_A permit 10
match interface FastEthernet1/0
!
route-map ISP_B permit 10
match interface FastEthernet2/0
!
tftp-server flash:

 

[voltron1011]

One thing to take into account is that the NAT translations take a little while to clear out, so you won't notice an INSTANT failover. However, if you really wanted to, you script the "clear ip nat translations forced" command.

 

[bosseye]

Hi Voltron,
Thanks - this is very helpful. A question - how are you determining which traffic goes through which interface? I ask because I see you've set different administrative distances for the outside interfaces. I'm looking at some of the possible ways I might direct traffic - current favourites are balanced traffic vs. routing specific protocols (ie. Voip) on a dedicated interface. Also, in the event that one of your outside interfaces fails (say ISP problem), have you made any provision to use the other instead (resilience)? br/

 

[voltron1011]

The config I have is only for a backup interface..

ip route 0.0.0.0 0.0.0.0 FastEthernet1/0 10 name ISP_A
ip route 0.0.0.0 0.0.0.0 24.234.232.65 251 name ISP_B

If you look at my administrative distances, you can see that ISP_A is the prefered route (ad=10), while ISP_B is the backup route (ad=251). You can theoretically load ballance them if you had equal admin distances... However, the problem is the NATing. The translation tables can only hold one interface at a time, so even if you did have equal admin distances there would still be one route stuck in the NAT table.

 

[voltron1011]

One other thing about this config... For the ISP_B route, I used the default gateway of for Cox.
With the administrative distances that I assigned, ISP_A will always be the prefered route. So, in the event that ISP_A went down, ISP_B would takeover... As soon as ISP_A came back (with it's lower admin distance), it would immediately retake the prefered route.