Round Robin Routing

**Gingerwerewolf** · 2015-02-10

Hi all

Im wondering if it is possible to get a round robin style load balancing like Cisco, but on an internal network.

This seems to be similar to other posts but their individual requirements were not the same as mine, also the closest post is from 2013.

Current design

Code:

Cisco Core Switch A           Cisco MPLS Router A - 2 Mb
               |                   |              \
              HSRP ---(VLAN A)--- HSRP             >---(MPLS)--- 10.0.0.0/8 Network
               |                   |              /
Cisco Core Switch B           Cisco MPLS Router B - 2 Mb

Each Cisco Core has 2 Routes for the 10.0.0.0/8, First Cisco MPLS Router A, then Cisco MPLS Router B

This leads the core switch to Round robin requests between the two Cisco MPLS Routers and provides simple load balancing.

We are about to install a Cluster of R77.10 Checkpoints into the diagram, using Cluster XL, in High Availability, with no NATing occurring.

Proposed Design

Code:

Cisco Core Switch A              Checkpoint A             Cisco MPLS Router A - 2 Mb
                |                  |        |                 |                 \
              HSRP ---(VLAN 10)---VIP      VIP---(VLAN 20)---HSRP                >---(MPLS)--- 10.0.0.0/8 Network
                |                  |        |                 |                 /
Cisco Core Switch B              Checkpoint B             Cisco MPLS Router B - 2 Mb

Of note, that the Checkpoints will also have an Interface that is directly Linked to the Internet. It is via this Interface that they will be remotely managed over (The SMS is miles away in a Datacentre)

Simple routing below

Code:

 Single ISP
   Router    
     |
 (VLAN 66)
     |
 Checkpoint -(VLAN 20)- MPLS Routers
  Cluster
     |
 (VLAN 10)
     |
Core Switch
  Cluster

How can I get round robin routing from the Checkpoint Cluster in High Availability to the MPLS Routers?

Is this ISP redundancy or is there another way?

**mcnallym** · 2015-02-10

You wouldn't as that is definitely not ISP Redundancy, you should also note that ISP Redundancy relies on NAT to work correctly.

Nearest I can think of would be Dynamic Routing with OSPF and then Equal Cost Pathing option.

**jflemingeds** · 2015-02-11

Not sure i'm following your current design. You said the core has a 10/8 route to mpls router A and B, but your drawing shows HSRP which is a active/standby protocol. Can you explain your 10/8 routes? How did you get them? Static or dynamic.

If they are static what are the gateways for the 10/8 routes? Just saying your drawing makes it seem like the gateway is an HSRP address.

splitting hairs here.. but its technically flow based not round robin. Pretty sure cef handles this unless you've disabled it, which means processor based routing which is like running checkpoint without securexl, which in itself is like school in the summer time.

**Gingerwerewolf** · 2015-02-11

Thanks for the Replies guys

Originally Posted by mcnallym

You wouldn't as that is definitely not ISP Redundancy, you should also note that ISP Redundancy relies on NAT to work correctly.

Nearest I can think of would be Dynamic Routing with OSPF and then Equal Cost Pathing option.

Right, I think Im going to need to contact my MPLS provider and see if they will support this - thanks!

Originally Posted by jflemingeds

Not sure i'm following your current design. You said the core has a 10/8 route to mpls router A and B, but your drawing shows HSRP which is a active/standby protocol. Can you explain your 10/8 routes? How did you get them? Static or dynamic.

If they are static what are the gateways for the 10/8 routes? Just saying your drawing makes it seem like the gateway is an HSRP address.

splitting hairs here.. but its technically flow based not round robin. Pretty sure cef handles this unless you've disabled it, which means processor based routing which is like running checkpoint without securexl, which in itself is like school in the summer time.

Sorry - the HSRP in both cases is there for legacy reasons and emergencies. We use static routes

ip route 0.0.0.0 0.0.0.0 10.49.160.11
ip route 0.0.0.0 0.0.0.0 10.49.160.14

Where 10.49.160.11 is MPLS A and 10.49.160.14 is MPLS B

What's cef?