[c-nsp] BGP multipath load balancing.. broken sessions upon hash change

Peter Kranz pkranz at unwiredltd.com
Wed Sep 2 19:04:51 EDT 2015


I am attempting to load balance ~100 Gbps of inbound traffic across several processing nodes. Each node advertising the same /32 back to the core router and CEF nicely divides the traffic so that 1/16th of it arrives at each node. The problem arises when a node is brought out of rotation, existing SSH sessions break since the source IP gets mapped to a new node after CEF re-computes. Given the large amount of traffic, it's not easily solvable with higher end load balancers for a reasonable cost.

-PK

-----Original Message-----
From: Łukasz Bromirski [mailto:lukasz at bromirski.net] 
Sent: Wednesday, September 02, 2015 2:56 PM
To: Peter Kranz <pkranz at unwiredltd.com>
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] BGP multipath load balancing.. broken sessions upon hash change

Peter,

> On 02 Sep 2015, at 22:49, Peter Kranz <pkranz at unwiredltd.com> wrote:
> 
> I’m using bgp maximum-paths and several peers announcing the same /32 
> to create a poor man’s load balancer. This works well with up to 16 
> peers after which the CEF number of buckets is exceeded.
> 
> However, if the number of connected peers change, all sessions break, 
> which I would like to avoid.

That’s the way CEF works - it has to rebuild the hash every time new nexthop appears or vanishes. 

This is 6500 you’ve mentioned in different post, right? What is the overall architecture of the thing you’re trying to achieve here (remote terminal access?). 

—
Łukasz Bromirski



More information about the cisco-nsp mailing list