Multiple acitve ISP's

Reply
L2 Linker

Multiple acitve ISP's

We would like implement multiple active ISP's. There would be two ISP with each being a different provider.

It appears you can have a redundant setup with multiple ISP, but can you have two active?

Tags (4)

Accepted Solutions
Highlighted
L6 Presenter

Re: Multiple acitve ISP's

@bwilliams2:

You can certainly have two active ISP connections and route traffic to each ISP using Policy Based Forwarding and/or dynamic routing protocols.

What are you hoping to accomplish with your two ISP setup?

-Benjamin

View solution in original post


All Replies
Highlighted
L6 Presenter

Re: Multiple acitve ISP's

@bwilliams2:

You can certainly have two active ISP connections and route traffic to each ISP using Policy Based Forwarding and/or dynamic routing protocols.

What are you hoping to accomplish with your two ISP setup?

-Benjamin

View solution in original post

Highlighted
L0 Member

Re: Multiple acitve ISP's

Will you be setup on BGP multihoming or will you just have two 0.0.0.0/0 routes?

Highlighted
L2 Linker

Re: Multiple acitve ISP's

@bpappas:

The goal is to ensure we are "always" connected. With the shift to the cloud we do not want to limit our connection to one ISP.

@cityofkindsland

I am not sure about the routing at this point. I think I am going to push for a failover connection as apposed to an active-active connection. I am hoping to find an ISP that will allow us to use them on a retainer basis and only pay full price when we reach X amount of data or something along though lines.

Thanks.

Highlighted
L0 Member

Re: Multiple acitve ISP's

failover is a great way to go!  cost savings are great compared to paying for another full service line.

to do this you will go to your virtual router, enter in a 0.0.0.0/0 route out to your failover line with a higher administrative distance than that of your existing link (which should be already set to be 1)

This tells the router use the primary link until it it no longer reachable, after that link goes down use backup link.

Good Luck, let me know if you need anymore help configuing this!

Highlighted
L2 Linker

Re: Multiple acitve ISP's

The plan now is move forward with dual ISP's and have both active and load balanced.

Is it possible to load balance outgoing connections?

Highlighted
L0 Member

Re: Multiple acitve ISP's

Currently there is no way to load balance outgoing connections.

You can use PBF for failover but nothing more.

Highlighted
L3 Networker

Re: Multiple acitve ISP's

I think with PBF you can only load-balance manually, e.g. choose which (apps/source/destinations) to send via which route. We looked into this in the past and realized that to do this properly you need another device, like an F5 box.

Highlighted
L5 Sessionator

Re: Multiple acitve ISP's

Proper load balancing would require ECMP or per-packet/per-flow load balancing. PAN does not support that at this time. So that means unless you want to use PBF to selectively route traffic over one link or the other, you cannot utilize both ISP links at same time.

-Richard

Highlighted
L1 Bithead

Re: Multiple acitve ISP's

Helo rkim...

 

Is is still not possible to implement dynamic load balancing with PAN? What about ECMP in PAN OS 7.0.3?

 

Even when Palo Alto Networks is a visibly higher security solution,  many of our competitors offers load balancing and fault tolerance with their NGF boxes.

 

Best Regards

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!