dslreports logo
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
9306
share rss forum feed


keevill

@3bb.co.th

Cisco RV042 Load Balancing Router problems configuring

I have recently installed a Cisco RV042 Load Balancing Router. I have 2 different ISPs ADSL . One of which is faster than than the other even though both are supposed to provide 4mbs/ down.
Both are PPPoE and are giving different fixed external IP addresses.
When I configured the Cisco for LB mode, there were problems with https websites which I understand is caused by IP change during the session.
However, I find that the speed to pretty well ALL websites was unreliable and generally slower under LB mode.
Users ( there are about 50 all with fixed IP ) gave me a hard time so I switched it over to Faildown mode.
The speed of surfing improved substantially.
But the problem now was with some https sites such as Hotmail and Facebook.
Gmail , for example worked fine. I could workaround the Hotmail login by manually changing the https to http and this worked.
So even though I was NOT using Load Bal mode, it seemed that https settings still were being affected.
In order to test, I made some settings in the Bandwidth management binding the primary and secondary https ports to just one PC.
Hotmail worked !
So, I went ahead and increased the binding to most of the IP subnet.
Then, the speed of other websites dropped substantially. I changed the binding back to just one machine and speed of websites was back to normal.

Since I am not using Load Bal mode, I don't really understand why this behaviour is occurring.
I am also at a loss to understand why the LB mode drags the perf down.
Perhaps my settings in the Upstream/Downstream are incorrect.
I have configured 512 / 4092 .
However , in the manual they say that the defaults of 512 kb/sec and 12 kb/sec. I took this to be a misprint.
Could this setting be really what I need ? Downstream of just 12kb/sec ???


NetFixer
Bah Humbug
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
I found with my RV082 that whenever I changed the operating mode from either Load Balance or Smart Backup mode to WAN1/DMZ mode , or even switched between Load Balance and Smart Backup, I had to do a factory default reset. It seems that when those mode changes occurred, some settings (that were no longer visible) were still active, and interfered with operation.

For example, when I changed from two load balanced DSL lines to a primary Comcast HSI connection with a backup DSL connection, my top download speed was only about 1.5 mbps even though I had a 12 mbps primary connection. That happened even with QoS settings disabled. After doing a factory default reset everything worked as expected. If you have not already tried a factory default reset, you may want to try it.

As for your https problems when doing load balancing, you just need to do a protocol binding for https to one WAN interface. Doing that will not keep the automatic backup feature from working should that interface go down (when that happens, the port/protocol rule is just ignored by the router).

I was going to provide a link to Cisco on-line documents that explained how the dual WAN feature is managed, as well as a description of how to do the protocol binding, but Cisco in their great wisdom has pulled that documentation from their web site. I suspect that the reason is that the user interface (and many of the options) are different on the current hardware version 3 devices, and the old on-line documentation showed the old hardware version 1 and 2 user interface. So, rather than just provide additional documentation for the newer devices, they simply pulled all of the documentation... problem solved.

The best I can do is to show you an old screen shot that I had posted in another thread that showed how I setup the protocol binding for https when I was doing load balancing (I also had to do the same thing for SSL POP3/SMTP sessions). This worked perfectly for me, and it in no way caused any kind of slow down for SSL (or any other activity). Of course, if you have one of the newer hardware version 3 devices, you will not see this exact setup page, but you should be able to find a setup page with similar functionality.



--
History does not long entrust the care of freedom to the weak or the timid.
-- Dwight D. Eisenhower

keevill

join:2011-09-03
This is a great help !! I was suspecting a reset might be needed.
One question re the screenshot of the bindings.
I see that you also include a setting of 0.0.0.0 - 0.0.0.0
Can you explain why that is necessary?
Many thanks again !!
-keevill-


NetFixer
Bah Humbug
Premium
join:2004-06-24
The Boro
Reviews:
·Cingular Wireless
·Comcast Business..
·Vonage
said by keevill:

This is a great help !! I was suspecting a reset might be needed.
One question re the screenshot of the bindings.
I see that you also include a setting of 0.0.0.0 - 0.0.0.0
Can you explain why that is necessary?
Many thanks again !!
-keevill-

The 192.168.10.1 - 192.168.10.254 source IP address range was my LAN subnet.

The 0.0.0.0 - 0.0.0.0 destination IP address simply means all internet IP addresses. So any https session that originates on my LAN IP subnet was bound to WAN2 for all internet IP addresses. If WAN2 was down, then the RV082 would just ignore that protocol binding rule and use WAN1 instead.

The reason that the destination IP address range might need to specify a specific IP address (or range) is primarily if your two load balanced connections are from different ISPs. In that case, you may need to do separate protocol bindings for such things as SMTP and DNS if those services are only available when connected to that specific ISP.

I had to do that when I was using BellSouth and Covad in load balancing mode because the BellSouth SMTP server would not recognize a session coming from the Covad circuit, and the Covad DNS servers would not accept queries from the BellSouth circuit. If I were using my current Comcast/AT&T setup in load balancing mode, I would have to do the same thing, since the legacy bellsouth.net SMTP server would not accept Comcast sessions, and the Comcast DNS servers would not answer queries from an AT&T connection. By specifying the IP address(es) for the picky servers, they can be mapped to the appropriate WAN interface.

Another thing I used specific destination IP addresses for with protocol binding, was to force all connections from my LAN to Internet services hosted behind the RV082 (that would otherwise be automatically looped back internally), to actually go out one WAN port to the ISP, and then come back in from the Internet to the other WAN port. I did not always keep those particular rules active, but they were handy for making sure that a server was actually accessible from the Internet without having to physically make an external connection.
--
History does not long entrust the care of freedom to the weak or the timid.
-- Dwight D. Eisenhower

keevill

join:2011-09-03
Perfectly explained - I will setup as you suggest tomorrow .
Many thx !!
-keevill-


Y2cano

@suddenlink.net
thanks for the update i too am having this problem, could you post back if this works?

thanks Chris