Skip to main content

Loadbalancing on Static Routes

If you have two routers / two Layer3 switches connected with two L3 links (two paths) you can route with two equal static routes towards the same prefix and the router will load balance traffic across both links.
The idea is to make two same static routes on the same router but with different next-hops. The question was: Which link or which route will be used? And if the traffic will be load balanced, which mechanism will be used to share the traffic across both of links.
static route load balancing

ip route 10.0.0.0 255.0.0.0 192.168.10.2
ip route 10.0.0.0 255.0.0.0 192.168.11.2
If both routes have the same destination prefix and no different Administrative Distance is configured, both routes will get installed in the routing table. Routing table will then leave to the switching process the job of load-sharing. That is, route-cache mechanisms, CEF in case of Cisco device will do load-share per session using source-destination IP.

MORE ABOUT THAT

CEF Load-Balancing Overview
CEF – Cisco Express Forwarding load balancing is by default using source and destination IP to calculate the hash and distribute traffic over multiple paths.
There are two methods of path selection, per-destination being default one:
  • load balancing per-destination
  • load balancing per-packet
Per-Destination Load Balancing
Router will take packet source and destination IP to calculate the hash and use multiple paths to load share traffic. Packets from one source destined towards same destination will always take the same path. Traffic destined for different source-destination pairs tend to go across different paths.
CEF is enabled by default on Cisco router so Per-destination load balancing is enabled by default to. It is fairly logical that Per-destination load balancing is default one because is ensuring that packets for a given host pair have the best chance to arrive in order which can not always be true with Per-Packet Load Balancing
Per-Packet Load Balancing
Router will use round-robin to send successive data packets over different links. If you have destinations that are available with single path at the end it will work fine for other situations Per-packet load balancing can reorder packets and affect performance of TCP stack. So it’s not really the right way to go if you are forwarding VoIP or using any kind of stream on your network.

CONFIGURATION

CEF is on by default, this is the command to enable it if you find some device with CEF off:
router# ip cef
This is how you see if CEF is working:
router# show ip cef
This is how you see CEF entry of some prefix:
router# show ip cef 10.10.10.0
This is how you change load-balancing from Per-Destination to Per-Packet:
ip load-sharing per-packet

Popular posts from this blog

UPGRADING EOS in the ARISTA Switches

UPGRADING EOS in the ARISTA Switches: EOS is the Firmware for Arista Switches whereas IOS for Cisco. This blog post shows the detailed procedures to follow and to upgrade the EOS in the Arista Switches. This Post was supports for any platform or the Version you are going to upgrade in the Arista Switches. This Post was divided into three parts : Pre-Upgrade Process Upgrade Process Post-Upgrade Process PRE-UPGRADING-PROCESS: 1       1)        Check the Upgrade Path tool by clicking the below link. https://www.arista.com/en/support/mlag-portal/mlaglist and confirm it is in mlag issu compatible 2)       Check if the  STP agent is restartable by giving the command switch-1# show spanning-tree bridge detail | grep agent Stp agent restartable                      :      ...

OSI Model in Telugu

Layer 2 Security Feature : Dynamic ARP inspection

 We all know about how the ARP works and the importance of it to send the traffic to the endhost, it translates the IP to the mac address. Before we know about the dynamic arp inspection we would need to understand about the ARP poisoining, it is an man in the middle attack works by poisoining the ARP cache database.  IP to mac address tables are stored in the arp cache database in the switch or router. Hacker can poison the arp database by rewriting his own mac address for the default gateway IP so all the users traffic will redirect to the hacker laptop which causes the successful man in the middle attack. Dynamic ARP inspection works by inspecting the ARP cache database with the help of dhcp snooping database. Yesterday I explained the dhcp snooping so you can look into the article to  know how it works. It records the assigned IP with the mac addresses in the dhcp snooping table so the arp inspection would use the dhcp snooping database to find the correct IP to MAC a...