[alcatel-nsp] unbalanced traffic on GigEs in a LAG

Ryan Landry Ryan.Landry at TELUS.COM
Mon Mar 8 19:40:15 EST 2010 

On 2010-03-08, at 5:17 PM, Scott Weeks wrote:

> 
> --- philxor at gmail.com wrote:
> From: Phil Bedard <philxor at gmail.com>
> 
> I guess it's hard to know exactly which services are flowing across the 
> link but if it's only acting as an LSR then it should be hashing based 
> on the MPLS stack (Up to 5 labels), ingress port, and system ID.   Are 
> there any potential really high BW services across the LAG?  With the 
> IOM3/IMM you can have it hash on both the labels and the IPv4 header, 
> but not on the IOM2.  
> 
> If there are services originating on the box there are all kinds of 
> rules on how things are hashed on egress, but LSR it's pretty simple.  
> --------------------------------------
> 
> 
> We carry our internet traffic in a VPRN.  This is 99+% of all traffic.  
> I'm guess I'm going to have to go with just 2 cases of bad load 
> balancing.  The network goes something like this:
> 
> 
> br1     br2
> |       |
> |       |
> 7750----7750
> |\       /|
> | \     / |
> |  \   /  |
> |   \ /   |
> |    X    |
> |   / \   |
> |  /   \  |
> | /     \ |
> |/       \|
> 7750----7750====7750
>             ^
>             |
> 
> 
> No links are full.  The 'middle' is 10G and the 'edges' are multi-GigE.  br1 has about twice the bandwidth as br2, so perhaps the label from br2 is hashed over one of the 2 GigEs (above the arrow) and the label of br1 is over the other  and it's just a case of bad load balancing.  More that 10 to 1, though, seems excessive.
> 
> 
> Thank you everyone on and off-list for your help.  :-)
> scott

well, you carry your inet in a vprn, so this may not be applicable, but you can included L4 in the hash algorithm.  i haven't tested it nor had need for it.

configure system l4-load-balancing
configure port <id> eth load-bal include-l4|exclude-l4

other than that, i've really had no problems with load being split unevenly, be it ECMP or LAG, in the lab or otherwise.

does your dst inet traffic basically have one egress LSR?  ie: maybe you just don't have a lot of src/dst to hash against.

g'luck.

.rL

More information about the alcatel-nsp mailing list