[j-nsp] SRX 650 reth interface load balancing
Stefan Fouant
sfouant at shortestpathfirst.net
Wed Mar 16 11:35:09 EDT 2011
> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-
> bounces at puck.nether.net] On Behalf Of Walaa Abdel razzak
> Sent: Wednesday, March 16, 2011 8:31 AM
> To: juniper-nsp at puck.nether.net
> Subject: [j-nsp] SRX 650 reth interface load balancing
>
> I tried to verify load balancing on the reth interface for SRX 650
> connected to logical router, but I can see that SRX always use one link
> although we have two physical links between the router and the active
> node and one link between the router and the passive node. I am pinging
> directly from router to the FW. I need to load balance through the
> active links. The configuration is as follows:
How are you testing your load-balancing Walaa? Because Juniper uses a hash
algorithm such that traffic matching a given set of constraints (Source
Address, Destination Address, Source Port, Dest Port, incoming interface)
will always hash to the same path.
In order to properly evaluate if the load-balancing is working properly, you
really need to simulate a large number of diverse flows.
> And the load balance policy:
>
> test at FW1# show routing-options
> forwarding-table {
> export ECMP;
> }
> test at FW1# show policy-options policy-statement ECMP
> term load-balance {
> then {
> load-balance per-packet;
> }
> }
I already mentioned to you previously that you don't need a load-balance
policy to effect load-balancing on a LAG or RETH interface since these types
of interfaces appear to the system as a single logical interface, other
mechanisms apply. The above configuration is completely unnecessary.
Stefan Fouant, CISSP, JNCIEx2
www.shortestpathfirst.net
GPG Key ID: 0xB4C956EC
More information about the juniper-nsp
mailing list