[j-nsp] Broken Per-Flow load sharing
Andy
alamontagne at gmail.com
Fri Aug 21 17:12:11 EDT 2009
Hey Serge,
The default behavior is to look at layer-3 info only. The option you
configured below add the layer-4 information to the hash.
Starting in JUNOS 9.5, for MX routers with layer-2 links and link
aggregation, there are more options. In addition to:
[edit forwarding options hash key]
family inet
there is also:
[edit forwarding options hash key]
family multiservice
http://www.juniper.net/techpubs/software/junos/junos95/swconfig-layer-2/id-load-link-sec.html
This is used to layer-2 links can also "look at" the layer-3 and layer-4
information.
Cheers,
-Andy
On Fri, Aug 21, 2009 at 2:53 PM, Serge Vautour <sergevautour at yahoo.ca>wrote:
> For anyone curious, Juniper seems to have 3 ways to solve this problem:
>
>
> http://www.juniper.net/techpubs/software/junos/junos93/swconfig-policy/configuring-per-flow-load-balancing-information.html#id-11352490
>
> I can't say I understand all 3 (docs are a bit vague). We implemented the
> first and it worked perfectly:
>
> [edit forwarding-options hash-key]
> family inet {
> layer-3;
> layer-4;
> }
>
> Serge
>
>
>
> ----- Original Message ----
> From: Serge Vautour <sergevautour at yahoo.ca>
> To: juniper-nsp at puck.nether.net
> Sent: Thursday, August 20, 2009 11:44:25 AM
> Subject: [j-nsp] Broken Per-Flow load sharing
>
> Hello,
>
> We have several M320s & T640s in our network running 8.5R4.3. They are all
> configured for per-flow load sharing:
>
> RouterA> show configuration routing-options forwarding-table
> export perDestinationLoadBalance;
>
> RouterA> show configuration policy-options policy-statement
> perDestinationLoadBalance
> /* Policy exported against forwarding-table configuration to ensure
> per-flow-destination load balance */
> then {
> load-balance per-packet;
> }
>
>
> The routers have 2x 10GEs via switches to reach Aggregation routers. OSPF
> sees 2 equal cost paths to the BGP next hops and splits the traffic across
> the links. This has been working fine for a few years (it worked on 8.2 as
> well).
>
> We recently upgraded to 9.3R2.8 and load sharing is no longer working:
>
> RouterA> show interfaces xe-1/0/0 detail | match "Output packets.*pps"
> Output packets: 6183879 7 pps
> Output packets: 0 0 pps
> Output packets: 52542 6 pps
> Output packets: 19279 0 pps
> Output packets: 3134 0 pps
> Output packets: 0 0 pps
>
> RouterA> show interfaces xe-2/0/0 detail | match "Output packets.*pps"
> Output packets: 285078265156 228705 pps
> Output packets: 0 0 pps
> Output packets: 280511288646 221803 pps
> Output packets: 4118406919 6075 pps
> Output packets: 442607080 894 pps
> Output packets: 0 0 pps
>
> The first "Output" line is the 10GE aggregate. The other output lines are
> the VLANs on the 10GE. Note that the xe-1/0/0 interface has next to 0 pps on
> output!! We have upgraded two M320s and they are both showing the same
> problem.
>
> My guess is that the per-flow load balancing hash has changed in the newer
> release. The 9.3 manual talks about setting something like this:
>
> [edit forwarding-options hash-key]
> family inet {
> layer-3;
> layer-4;
> }
>
> But it's a bit unclear as to what happens if it isn't set. Can anyone
> confirm that this will restore per-flow load sharing?
>
> Any help would be appreciated.
>
> Thanks,
> Serge
>
>
> __________________________________________________________________
> Looking for the perfect gift? Give the gift of Flickr!
>
> http://www.flickr.com/gift/
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>
> __________________________________________________________________
> The new Internet Explorer® 8 - Faster, safer, easier. Optimized for Yahoo!
> Get it Now for Free! at http://downloads.yahoo.com/ca/internetexplorer/
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list