Skip to main content

Loadbalancing on Static Routes

Image
By
If you have two routers / two Layer3 switches connected with two L3 links (two paths) you can route with two equal static routes towards the same prefix and the router will load balance traffic across both links.
The idea is to make two same static routes on the same router but with different next-hops. The question was: Which link or which route will be used? And if the traffic will be load balanced, which mechanism will be used to share the traffic across both of links.
static route load balancing

ip route 10.0.0.0 255.0.0.0 192.168.10.2
ip route 10.0.0.0 255.0.0.0 192.168.11.2
If both routes have the same destination prefix and no different Administrative Distance is configured, both routes will get installed in the routing table. Routing table will then leave to the switching process the job of load-sharing. That is, route-cache mechanisms, CEF in case of Cisco device will do load-share per session using source-destination IP.

MORE ABOUT THAT

CEF Load-Balancing Overview
CEF – Cisco Express Forwarding load balancing is by default using source and destination IP to calculate the hash and distribute traffic over multiple paths.
There are two methods of path selection, per-destination being default one:
  • load balancing per-destination
  • load balancing per-packet
Per-Destination Load Balancing
Router will take packet source and destination IP to calculate the hash and use multiple paths to load share traffic. Packets from one source destined towards same destination will always take the same path. Traffic destined for different source-destination pairs tend to go across different paths.
CEF is enabled by default on Cisco router so Per-destination load balancing is enabled by default to. It is fairly logical that Per-destination load balancing is default one because is ensuring that packets for a given host pair have the best chance to arrive in order which can not always be true with Per-Packet Load Balancing
Per-Packet Load Balancing
Router will use round-robin to send successive data packets over different links. If you have destinations that are available with single path at the end it will work fine for other situations Per-packet load balancing can reorder packets and affect performance of TCP stack. So it’s not really the right way to go if you are forwarding VoIP or using any kind of stream on your network.

CONFIGURATION

CEF is on by default, this is the command to enable it if you find some device with CEF off:
router# ip cef
This is how you see if CEF is working:
router# show ip cef
This is how you see CEF entry of some prefix:
router# show ip cef 10.10.10.0
This is how you change load-balancing from Per-Destination to Per-Packet:
ip load-sharing per-packet

Labels

Labels:

Popular posts from this blog

UPGRADING EOS in the ARISTA Switches

By
UPGRADING EOS in the ARISTA Switches: EOS is the Firmware for Arista Switches whereas IOS for Cisco. This blog post shows the detailed procedures to follow and to upgrade the EOS in the Arista Switches. This Post was supports for any platform or the Version you are going to upgrade in the Arista Switches. This Post was divided into three parts : Pre-Upgrade Process Upgrade Process Post-Upgrade Process PRE-UPGRADING-PROCESS: 1       1)        Check the Upgrade Path tool by clicking the below link. https://www.arista.com/en/support/mlag-portal/mlaglist and confirm it is in mlag issu compatible 2)       Check if the  STP agent is restartable by giving the command switch-1# show spanning-tree bridge detail | grep agent Stp agent restartable                      :      ...
Read more

FORTIGATE ACTIVE PASSIVE UPGRADE

By
FORTIGATE ACTIVE PASSIVE UPGRADE : This blog post shows the detailed procedures to follow and to upgrade the firmware in the Fortigate Firewall. This Post was supports for any platform or the Version you are going to upgrade in the Fortigate Firewall This Post was divided into three parts : Pre-Upgrade Process Upgrade Process Post-Upgrade Process PRE UPGRADE STEPS: 1   1)     Go to the below website and check the Upgrade Path https://docs.fortinet.com/upgrade-tool 2)        Next Login to the Fortigate Console and check the HA Status ( it is to be In sync and higher Priority enabled for the required primary device) 3)        Login to the Console and give the command Config global – get sys ha status Also check session pickup is in enable to avoid session interruptions in failover. 4)        Download all the Firmware’s and the md5 files in the list and ch...
Read more
By
Using Internet Service in policy  : Fortigate This recipe shows how to apply a predefined Internet Service entry into a policy. The Internet Service Database is a comprehensive public IP address database that combines IP address range, IP owner, service port number, and IP security credibility. The data comes from the FortiGuard service system. Information is regularly added to this database, for example, geographic location, IP reputation, popularity & DNS, and so on. All this information helps users define Internet security more effectively. You can use the contents of the database as criteria for inclusion or exclusion in a policy. From FortiOS version 5.6, Internet Service is included in the firewall policy. It can be applied to a policy only as a destination object. From version 6.0, Internet Service can be applied both as source and destination objects in a policy. You can also apply Internet Services to shaping policy. There are three types of Internet Services...
Read more