Roman27
Premium
join:2006-07-17
Dundee, IL
|  [HELP] 2620 router with 2 T1's from 2 separate ISPs
My company is attempting to switch ISPs. Previously, we had 2 T1's from the same company bound together as a single trunk. In an effort to make a smooth transition to the new ISP, we thought it best to remove one of the T1's from the old ISP and replace it with one of the new T1's from the new ISP. In theory, we thought this would allow web traffic in/out over either line. Then we could easily migrate over our DNS domain entries to the new IP addresses without any downtime.
Our topology is very simple. Here's a basic diagram of it:
PCs/Servers < --- > Firewall < --- > Cisco 2620 Router < --- > 2 ISP links
Below is a copy of the config from the router.
version 12.3
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname xxxxxxxxxx
!
boot-start-marker
boot-end-marker
!
enable secret xxxxxxxxxx
!
no aaa new-model
ip subnet-zero
no ip cef
!
!
ip name-server 209.x.x.x
ip name-server 209.x.x.x
!
!
!
!
!
interface FastEthernet0/0
description LAN
ip address 12.x.x.129 255.255.255.240 secondary
ip address 209.x.x.177 255.255.255.240
duplex auto
speed auto
no keepalive
!
interface Serial0/0
description New ISP Link
ip address 12.x.x.162 255.255.255.252
encapsulation ppp
peer default ip address 12.x.x.161
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
!
interface Serial0/1
description Old ISP Link
ip address 209.x.x.6 255.255.255.252
encapsulation ppp
peer default ip address 209.x.x.5
service-module t1 timeslots 1-24
service-module t1 remote-alarm-enable
!
no ip http server
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0/1
!
!
no logging trap
banner motd
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
password xxxxxxxxxx
login
!
!
end
Our firewall handles all NAT functions and is currently configured with two separate IP addresses on it's external interface to communicate with the router: 12.x.x.130 and 209.x.x.178.
The moment I enter the configuration entry "ip route 0.0.0.0 0.0.0.0 Serial0/0" in our router to allow traffic to flow over the new ISP link, problems start to develop. For example, I can have a friend on an external PC ping the router IP of 12.x.x.129. But only 2 out of 5 pings receive a response. From the inside, I can refresh one page in my browser, but not another page. I believe that the router is splitting up the traffic between the two ISPs by packet, which will not work obviously. I would like it to divide up the load by session.
Anyway, I'm unsure how to get this situation straightened out. Any comments/suggestions/help would be appreciated. :) |
|
Roman27
Premium
join:2006-07-17
Dundee, IL
|  Nevermind. The silence here tells me this isn't gonna be an easy task.
I happen to have another 2620 chassis, so I took the T1 card with the old ISP and split it off into that box. Then plugged the EtherNet interfaces of both routers plus the firewall into a small 5 port unmanaged D-Link switch. I was hoping to do it all on the same box, but this is probably the easiest. And it works.  |
|
jdmatl
join:2000-04-27
Deerfield Beach, FL | reply to Roman27
try this:
ip route 0.0.0.0 0.0.0.0 Serial0/1
ip route 0.0.0.0 0.0.0.0 Serial0/0
It should work, but you won't be able to select what goes in/out of what pipe. kinda like a round-robin effect. |
|
Roman27
Premium
join:2006-07-17
Dundee, IL | reply to Roman27
Thanks for the response. See the 2nd to the last paragraph of my original post for the results of what happens when I do that. |
|
