[j-nsp] MX80 no more hash-key option in 12.2?
magno
massimo.magnani at gmail.com
Tue Oct 23 12:30:00 EDT 2012
Hi Paul,
with MX TRIO you don't need to configure anything to achieve almost the
behaviour you need (almost = not per packet, read below).
TCP and UDP ports are taken into account on TRIO by default for both IPv6
and IPv4. Please be aware of some more info:
- TRIO doesn't support per-packet LB, per session only is supported as per
Juniper tradition (only the origina IPv1 asic supported per packet, and
still we have this legacy thing in our CLI ;-));
- you need to apply the export policy to the routing-options
forwarding-table stanza;
- TRIO load balances symmetrically, this means that if you have back to
back TRIO, both devices will chose the same link because the parameters are
ordered in lower/higher way;
- It's not possible to selectivly disable layer-4 port for UDP or TCP, just
for L3 protocol (for instance, you consider L4 ports for IPv4 and not for
IPv6...);
HTH
Max.
On Tue, Oct 23, 2012 at 5:56 PM, Paul Vlaar <paul at vlaar.net> wrote:
> Hi Magno,
>
> that clarifies things a bit more for me, thank you.
>
> However, am I right to conclude that I still need the hash-key stanza
> for our 11.2 MX80s to make IPv6 source/destination hashing work for load
> balancing?
>
> As for what I am trying to do, well, that is pretty simple. We have ECMP
> for a number of IPv4 /32 and IPv6 /128 addresses setup via BGP within
> our own network, to 32 servers. We want to have load balancing across
> these servers for these addresses, and the hashing algorithm should
> cause UDP to be distributed per packet, but TCP to be distributed
> according to a src_ip:src_port:dst_ip:dst_port hash.
>
> Thank you,
>
> ~paul
>
> On 23/10/12 5:12 PM, magno wrote:
> > Hi Paul!
> >
> > Leaving the hash-key stanza enabled for MX80 leaves room to unexpected
> > behaviours as you could observe yourself.
> >
> > the only supported way to tweak load balancing input paramters for TRIO
> > based devices (I mean MPCs and MX80 for instance) is to use the
> > enhanced-hash-key stanza.
> >
> > The culprit for the new 12.2 behavior is me, I asked for this
> > modification in the code. The reasons why I asked are:
> >
> > 1) hash-key is not the right config stanza for TRIO as per design, so
> > the enhanced-hash-key stanza was created;
> > 2) Our docs is not, let me say, so precise ... to say it in a fair way;
> > 3) the hash-key, on MX80, produced unpredictable results as some
> > commands led to wrong configurations on the TRIO chipset (for instance,
> > I tried personally with a 10.4 release to configure source/destination
> > ports which are on by default and I found in the PFE this command
> > activated the input interface);
> >
> > Please take into consideration that the engineers that designed TRIO LB
> > decided to simplify the LB options traditionally available on other
> > chipsets, so you may find missing ones under the enhanced-hash-key. TRIO
> > LB algorithm is already pretty much sophisticated by default.
> >
> > Of course, if you explain what you want to do, maybe we may find the
> > best way to satisfy your needs.
> >
> > Hope this helps tp clarify the subject a little bit more.
> >
> > Massimo.
>
>
More information about the juniper-nsp
mailing list