MPLS Load Balancing/Sharing with TE or CEF or Both?

So I am just playing around in GNS3 trying to set up multiple ECMP links between to P routers like this;
CE1 -- PE1 -- P1 == P2 -- PE2 -- CE2
(There are actually four links between P1 & P2!)
I have set up a pseudoswire xconnect from PE1 to PE2 so CE1 & 2 can ping each other on the same local subnet range. That works just fine.
My question is this:
I have configured "ip load-sharing per-packet" on each of the four interfaces on P1 and P2 that are facing each other (I know per-packet balancing is frowned upon but lets not talk about that right now!) and this works, traffic is distributed across all links (I can see with packet captures in GNS3).
Where does "ip load-sharing per-packet" fit in to the chain of events with regards to MPLS and CEF etc?; So, with MPLS enabled everywhere the two P routers are forwarding based on labels and not IP address. With MPLS enabled, does this command force the P routers to load-balance each MPLS frame as it comes in, round-robbin'ing the ingress frames across all links, the same as it would if it were a plain IP packet? So the command is ignorate of the kind of traffic being used? Or is the P router looking down into the MPLS frame for the IP in the IP packet?
Also, in order to get the same sort of performance boost you get from per-packet load balancing, seeing as I am using MPLS here, should I be using some francy MPLE TE to do this instead of that interface sub-command?
If I remove that command, I seem to always use link 2 for sending traffic towards P2 from P1, and link 3 for receiving the return traffic from P2 to P1. This is presumably because the ICMP packets have nothing to hash on except the source and destination IP addresses, so they always hash to the same physical links. Without using that command how else can I make use of the four links?

Hello Jwbensley,
first of all,
"ip load-sharing per-packet" is not a viable option as it causes out  of order issues.
Real world devices perform load balancing based on the second (more internal ) label value so to achieve some load balancing for example multiple pseudowires must be defined between the same pair of PE nodes.
L3 VPN use different internal labels for different customer prefixes of the same VRF site ( unless some special command is used to say use one label per VRF site)
>> f I remove that command, I seem to always use link 2 for sending traffic towards P2 from P1, and link 3 for receiving the return traffic from P2 to P1
This is the expected behaviour in this scenario.
With MPLS TE you can achieve results similar to the use of multiple pseudowires /LSPs : forms of load sharing not true load balancing. In all cases in MPLS world flow based and not per packet
Hope to help
Giuseppe

Similar Messages

  • SIP load balancing issue with ACE 4710

    SIP Load balancing Issue with ACE 4710
    I have a Cisco ace 4710 with vesion Version A4(2.2). i configued simple SIP load balancing first without stickiness. without stikeiness we are having a problem because bye packet at the was not going to the same server all the time that left our port in used even though user hang up the phone. its happen randmly. i have a total 20 licenced ports and its fill out very quickly. so i dicided to use the stickiness with call-ID but still same issue. below is the config
    rserver host CIN-VOX-31
      ip address 172.20.130.31
      inservice
    rserver host CIN-VOX-32
      ip address 172.20.130.32
      inservice
    serverfarm host CIN-VOX
      probe SIP-5060
      rserver CIN-VOX-31
        inservice
      rserver CIN-VOX-32
        inservice
    sticky sip-header Call-ID VOX_SIP_GROUP
      timeout 1
      timeout activeconns
      replicate sticky
      serverfarm CIN-VOX
    class-map match-all CIN_VOX_L4_CLASS
      2 match virtual-address 172.22.12.30 any
    class-map match-all CIN_VOX_SIP_L4_CLASS
      2 match virtual-address 172.22.12.30 udp eq sip
    policy-map type loadbalance sip first-match CIN_VOX_LB_SIP_POLICY
      class class-default
        sticky-serverfarm VOX_SIP_GROUP
    policy-map multi-match GLOBAL_DMZ_POLICY
       class CIN_VOX_SIP_L4_CLASS
        loadbalance vip inservice
        loadbalance policy CIN_VOX_LB_SIP_POLICY
        loadbalance vip icmp-reply
      class CIN_VOX_L4_CLASS
        loadbalance vip inservice
        loadbalance policy CIN_VOX_LB_SIP_POLICY
        loadbalance vip icmp-reply
    interface vlan 20
      description VIP_DMZ_VLAN
      ip address 172.22.12.4 255.255.255.192
      alias 172.22.12.3 255.255.255.192
      peer ip address 172.22.12.5 255.255.255.192
      access-group input PERMIT-ANY-LB
      service-policy input GLOBAL_DMZ_POLICY
    could you please help me on this...
    thanks
    Rakesh Patel

    I mean there should be one more statement-
    class-map type sip loadbalance match-any CIN_VOX_LB_SIP_POLICY 
    match sip header Call_ID header-value sip:
    and that will be called under-
    policy-map multi-match GLOBAL_DMZ_POLICY
       class CIN_VOX_SIP_L4_CLASS
        loadbalance vip inservice
        loadbalance policy CIN_VOX_LB_SIP_POLICY
        loadbalance vip icmp-reply
    is that missing in your config ?

  • Recommended configuration for load balanced Portal with load balancer, multiple gateways and multiple servers.

    Does anyone have a recommended network, hardware and software configuration guide for a Portal installation running with multiple gateways load balanced (ie one URL) that talk to multiple servers?

    David,
    We've used Resonate (software) to load balance the gateways. It allows
    you to group all the gateways under 1 virtual URL and load balance the
    incoming connections over each gateway depending on the rules that you
    define in Resonate. Look in the SUN portal whitepapers there is one that
    talks about it specifically.
    As far as load balancing the calls to the portals, the gateways will
    automatically load balance across all the portals that they know about
    using a simple round-robin rotation. You may be able to use Resonate in
    front of the portals but you may need to activate persistance within
    Resonate to ensure that the user always ends up on the portal that he
    established his initial connection on (if you want that), check with Sun
    on this one.
    David Broeren wrote:
    Recommended configuration for load balanced Portal with load balancer,
    multiple gateways and multiple servers.
    Does anyone have a recommended network, hardware and software
    configuration guide for a Portal installation running with multiple
    gateways load balanced (ie one URL) that talk to multiple servers?
    Try our New Web Based Forum at http://softwareforum.sun.com
    Includes Access to our Product Knowledge Base!

  • FR-MPLS load balancing

    Hi All,
    i hv 3 Fr circuits and 1 mpls circuits from india to Usa. is it possible that i will go fro load balancing? pls give me the solution
    Thanks

    Yes it possible depending on your routing protocol being used,
    1) With BGP,Static being used on your PE-CE and as well as other FR links you can control the routing, and install four paths towards your other end destinations.
    2) If you have OSPF then you will need help form your MPLS service provider to give you intra-area routes of the other side, as over MPLS VPN you will see the other side routes as Inter-Area routes and hence only your FR links would be preferred for load balancing exlcuding the MPLS VPN circuit.
    HTH-Cheers,
    Swaroop

  • Load balancing & reduncey with 2 Pri Lines

    Dear Friends.......
    I have a requirement of VOIP setup and I have 2 Pri Lines of MPLS cloud.
    I have 3 r routers, router1 is for IPS 1 (Pri 1), router 2 is for ISP 2 (Pri 2) and router 3 is for Load balancing.
    plz explain me how to config load balancing & redundancy....
    my another question is E1 Leased line will cupport voip?
    ISP 1 IP_172.16.10.1/24
    ISP 2 IP_170.16.5.1/24....
    Plz explain with config,....
    Thanks & Regards, 
    Srinivas. N

    Hi Alex
    Sorry, I have 2 PRIs,  PRI one is for main line & PRI two is for backup line, both should work as a load balancing...  they are for placing voice calls to the PSTN ..
    My concept is I have 3 routers... Router 1 is for PRI one, Router 2 is for PRI two & Router three is for load balancing...
    Plz explain me how to config three router...
    I hope In router one need to config with pri voice channels, In router two need to config with pri voice channels & In router three need to config load balancing...
    Thanks & Regards,
    Srinivas. N.

  • Load-balancing issues with iPlanet and multiple clusters

    We're in performance test of a large-scale clustered deployment based on WLS 5.1sp10.
    Due to scalability/functionality issues, some of which we've seen firsthand and
    some of which we've been informed of by associates as well as BEA representatives,
    we've chosen to implement multiple clusters with a maximum of three nodes each.
    These clusters will be fronted by a web server tier consisting of iPlanet servers
    using the proxy plugin.
    Due to hardware constraints (both in test and in production), however, we've configured
    the iPlanet servers to route across the multiple clusters. In our test environment,
    for instance, we've got a single iPlanet server routing across two 3-node clusters,
    and the configuration in obj.conf is as follows:
    <Object name="application" ppath="*/application">
    Service fn="wl-proxy" \
    WebLogicCluster="clusterA_1:9990,clusterB_1:9991,clusterA_2:9990,clusterB_2:9991,clusterA_3:9990,
    clusterB_3:9991" \
    CookieName="ApplicationSession"
    </Object>
    Our issue is that the load-balancing doesn't appear to work across the clusters.
    We're seeing one cluster get about 90% of the load, while the other receives
    only 10%.
    So, the question (finally!) is: Is this configuration correct (i.e., will it
    work according to the logic of the proxy plugin), and is it appropriate for this
    situation? Are there other alternative approaches that anyone can recommend?
    Thanks in advance,
    cramer

    I use weblogic6.1 with sp2+windows 2000.I develop a web application and deploy
    it to cluster.Through HttpClusterServlets proxy of weblogic I found that a server
    in cluster almost get 95% of requests but another only get 5% of requests.Why???
    I don't set any special parameter.And the weight of the two clustered server is
    equal.I use round-robin arithmetic.
    Thanks!
    "cramer" <[email protected]> wrote:
    >
    We're in performance test of a large-scale clustered deployment based
    on WLS 5.1sp10.
    Due to scalability/functionality issues, some of which we've seen firsthand
    and
    some of which we've been informed of by associates as well as BEA representatives,
    we've chosen to implement multiple clusters with a maximum of three nodes
    each.
    These clusters will be fronted by a web server tier consisting of iPlanet
    servers
    using the proxy plugin.
    Due to hardware constraints (both in test and in production), however,
    we've configured
    the iPlanet servers to route across the multiple clusters. In our test
    environment,
    for instance, we've got a single iPlanet server routing across two 3-node
    clusters,
    and the configuration in obj.conf is as follows:
    <Object name="application" ppath="*/application">
    Service fn="wl-proxy" \
    WebLogicCluster="clusterA_1:9990,clusterB_1:9991,clusterA_2:9990,clusterB_2:9991,clusterA_3:9990,
    clusterB_3:9991" \
    CookieName="ApplicationSession"
    </Object>
    Our issue is that the load-balancing doesn't appear to work across the
    clusters.
    We're seeing one cluster get about 90% of the load, while the other
    receives
    only 10%.
    So, the question (finally!) is: Is this configuration correct (i.e.,
    will it
    work according to the logic of the proxy plugin), and is it appropriate
    for this
    situation? Are there other alternative approaches that anyone can recommend?
    Thanks in advance,
    cramer

  • Hardware clustering/load balancing/failover with Tomcat

    Hello forum!
    I recently bought a Cisco 1801, and it sure is capable! Anyhow, I've got a hobby website that is getting a fair bit of traffic - approaching too much for one node to handle and it's time to start thinking about distributing the load.
    I'd like to do a little clustering of server nodes running Apache Geronimo, which is J2EE running atop Apache Tomcat. For the sake of keeping things generic, let's just call it Tomcat because it configures the same way.
    I do not run Apache HTTP Server as a proxy, I only run Tomcat directly connected to the internet. I do this for performance reasons.
    Anyhow, I'm wondering if any of you evil geniuses could suggest a way that I could cluster Tomcat nodes directly using the router to serve as a hardware load balancer and have the whole sticky session thing with failover, etc... All of the documents I find on the subject discuss clustering by way of Apache HTTP with Mod_JK.
    I have already asked this question on the hardware side, and got great information about the capable load balancing features my router sports (but limited compared to Cisco CSS products.)
    Now I'm wondering if anyone has experience taking an open source application server like Geronimo or Tomcat or JBoss and clustering it using hardware load balancing. What kinds of Tomcat configurations, if any, do I need to add for things like sticky sessions and failover? Or, is all that automatic?
    Thanks so much for reading and for any replies. If there is a better forum for my question, please direct me there.
    Cheers,
    Dave Woldrich
    http://CardMeeting.com

    This occurs rarely when the Tomcat process is not able to connect to the database. The database connection problem is an internal cause which manifests externally as missing fields in reports.
    Workaround: Restart the Apache process and the Tomcat process. From the CLI on your CiscoWorks Server, enter the following commands in the specified sequence:
    1. pdterm Apache
    2. pdterm Tomcat
    3. pdexec Tomcat
    4. pdexec Apache

  • Load Balancing Problem with WLS6.1

              Hi,
              I have 4 Instances of Weblogic servers two instance per box with Clustered. The
              admin server is running in the first box. While stress testing it seems all the
              loads are going to one instance and other instances are almost idle.
              In the Secondary Group, i have given the name of the other instance on the same
              server. I'm running weblogic in Solaris with SP3.
              Can anyone suggest why loadbalancing doesn't work.
              

    Typically, load balancing will work unless there is a problem with the
              clusters seeing each other. Therefore first make sure that the managed
              server has joined the cluster.
              Other things to look at are the __WebLogicBridgeConfig (see WLS plugin
              documents) to confirm that there is a primary and secondary.
              The above assumes Servlet load balancing, for objects check the
              deployment descriptors.
              Diwan Mohideen wrote:
              >
              > Hi,
              >
              > I have 4 Instances of Weblogic servers two instance per box with Clustered. The
              > admin server is running in the first box. While stress testing it seems all the
              > loads are going to one instance and other instances are almost idle.
              >
              > In the Secondary Group, i have given the name of the other instance on the same
              > server. I'm running weblogic in Solaris with SP3.
              >
              > Can anyone suggest why loadbalancing doesn't work.
              

  • Load balancing problem with CSS11503

    Hello all,
    We have two web servers that are being load balanced with this configuration on two CSS11503 with IOS version 7.20 Build 206;
    content Web
    add service web1
    add service web2
    vip address 10.1.4.4
    protocol tcp
    port 80
    url "/*"
    advanced-balance sticky-srcip-dstport
    active
    When we try and access the web servers from client workstation using the URL on Internet explorer 6.0 and get authenticated through the login window; we get error 12031. Error 12031 means " ERROR_INTERNET_CONNECTION_RESET The connection with the server has been reset. "
    On refresh the error goes away.
    If we bypass the content switches by accessing any of the servers using server name; the error does not appear. The problem seems to be related to the load balancing.
    Any suggestions?

    the problem is probably due to CSS sending an HTTP redirect with the RESET flag when you send multiple request inside the same connection.
    To avoid the proble, do a 'no url' under your content rule.
    There is absolutely no need to specify the url since you do stickyness based on source ip address.
    Regards,
    Gilles.

  • Load balance servers with 3560?

    Here is my scenario...
    I have two servers that are both connected to a single 3560 (SMI).
    These two servers are in a primary/secondary relationship. Right now, if the primary server goes down - we need to manually configure the secondary server to take over.
    I have two questions...
    What is the best way to set up fault tolerance with these devices, so the secondary server will automatically kick in if the primary goes down?
    In addition to that, is there any type of load balancing feature we can use on this 3560...so both the primary/secondary servers can run at the same time?
    Ideally, we would like communication to the second server kick in when the link to the primary server gets too congested.

    your best bet is to use IOS SLB or a content switch such as the cisco CSS series.
    please see the following links for more info on ciscos CSS and SLB capabilities:
    content switching (CSS) -
    http://www.cisco.com/en/US/netsol/ns340/ns394/ns50/ns254/networking_solutions_package.html
    SLB - (example of use)
    http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a0080093de3.shtml

  • Query - Business Objects- CMS Cluster internals for load balancing/ sharing

    Hi,
    We are implementing CMS Cluster solution between two BOE server on Windows 2003 OS. As per documentation, One CMS server is primary, which coordinates with secory CMS server within same cluster. Does both server share equal load without external load balancer, by BOE cluster functionality? What are the tuning parameters for Load balancing between 2 CMS servers?
    Thanks for your help!!
    Regards,
    G

    If you somehow needed to accomplish load balancing between the 2 machines which wasn't 50/50 you could possibly try dns aliasing and have more copies of one machine than the other.  I'm not recommending this, just thinking out loud here.

  • Load balance DSP with DSPControl

    We need balancing and failover in our calls to the DSP from WLI. The networking guys setup an F5 hardware load balancer to do this, but t3 connections are not working.
    Questions:
    1. Is there a known configuration of F5 that will work with t3 protocol?
    2. Can the DSP control work over another protocol, such as http, without loss of functionality? If so, how do I set that up?
    3. Is there a recommended approach to what we are trying to do?
    Thanks!
    Jeff

    Jeff - you have a case open and both you and the customer support guy are chasing this down as and ALDSP and WLI issue. It's not. The problem you have occurs in creating an InitialContext when giving the URL of the load-balancer. Look in the stack trace - there is no ALDSP - just your code and WLS. You will get better results if you investigate it as such. For instance - if you post your question on WLS/EJB/RMI forum - the right people will see it. ( deleted remark about creating a CR)
    Also - from the case description - it's not clear why you have the load-balancer there. It sounds like the ejb is hosted on the same machine as the client (it mentions that it works fine if you use localhost instead of the load-balancer ... maybe that was just something you tried). Also the WLS EJB stubs do load-balancing (and fail-over, too) so again I'm not sure of the purpose of the hardware load-balancer (if you give a good reason and it all makes sense, it's easier to diagnose).
    Also posted on the case is a forums.bea.com posting that says you need to set the ejb server's "external server address" - the ejb stubs report the address that the clients should use for calling them - normally it is their own address - but if you have a load-balancer in between - they should be using the address of the load-balancer.
    Also posted on the case is a reference to a CR about problems using a load-balancer when the servers have different port numbers. I didn't read the details on that.
    Please escalate your case with customer support.
    - MIke
    Edited by: mikereiche on Nov 14, 2008 10:02 AM

  • Load Balance TMG with Cisco CSS

    I am working with a Customer that is using Cisco CSS to load balance Microsoft TMG 2010.
    From the Microsoft TMG, I can see the https probes hitting the TMG Servers. The TMG 2010 recongnizes that the Cisco is trying to establish a 3-way handshake and is dropping every 3rd connection with the following error: "non-SYN packet was dropped because it was sent by a source that does not hane an established connection with the Forefron TMG computer." Since the Microsoft Forefront TMG 2010 Server is Stateful packet inspection firewall, what is the best load balance method for this service? TCP or even worst ICMP.
    Below is a snipet of the configuration:
    Thank You
    Avery
    CSS-A# show service Server1-ssl
    Name: Server1-ssl  Index: 70   
      Type: Local            State: Alive
      Rule ( x.x.x.x  TCP  443 )
      Session Redundancy: Enabled
      Redundancy Global Index: 206
      Redirect Domain: 
      Redirect String:
      Keepalive: (SSL-443   5   3   5 )
      Keepalive Encryption:      Disabled
      Last Clearing of Stats Counters: 03/05/2012 16:33:14
      Mtu:                       1500        State Transitions:            4
      Total Local Connections:   0           Total Backup Connections:     0
      Current Local Connections: 0           Current Backup Connections:   0
      Total Connections:         0           Max Connections:              65534
      Total Reused Conns:        0           Weight Reporting:             None
      Weight:                    1           Load:                         2
    CSS-A#
    CSS-A# show service Server2-ssl 
    Name: Server2-ssl  Index: 71   
      Type: Local            State: Alive
      Rule ( x.x.x.x  TCP  443 )
      Session Redundancy: Enabled
      Redundancy Global Index: 207
      Redirect Domain: 
      Redirect String:
      Keepalive: (SSL-443   5   3   5 )
      Keepalive Encryption:      Disabled
      Last Clearing of Stats Counters: 03/05/2012 16:53:49
      Mtu:                       1500        State Transitions:            6
      Total Local Connections:   0           Total Backup Connections:     0
      Current Local Connections: 0           Current Backup Connections:   0
      Total Connections:         0           Max Connections:              65534
      Total Reused Conns:        0           Weight Reporting:             None
      Weight:                    1           Load:                         2

    Hi,
    It would good to have a capture from the server itself, the TCP keepalive is really simple, as you explained, it is just a 3-way-handshake on port 443.
    The CSS is going to use it's vlan IP to generate this keepalive.
    So if the server is dropping the connection, it would be good to se the actual behavior of the keepalive.
    ICMP is just a ping, and lets say port 443 is not longer open on the server, at the point that the CSS gets the ICMP reply back from the server, the service is going to remain as alive, but the traffic is not going to work, so ICMP is not a good option.
    Thanks!

  • CISCO Load Balancing Mechanism with SAP

    Hello Experts,
    Explain me the steps How CISCO Load balancing Mechanism works with SAP Enterprise Portal?
    If anyone implemented and achieved the same,please explain me the steps to follow from Initial Stage to end of implementation.
    Or If you have any documentation on this just share with me to my google id kekarthick or point me to the particular link.
    I have seen the below SAP help which is somewhat helpful.
    http://help.sap.com/saphelp_nw04s/helpdata/en/d3/e12840d89d185de10000000a1550b0/frameset.htm
    I would like to know how CISCO will connect to Java Dispatcher.
    And explain me the steps to follow to implement External Facing Portal using Cisco Loadbalancer.
    This should be achieved in Unix and Windows 2003 environment.
    Any idea?
    Regards,
    Karthick Eswaran
    Edited by: Karthick Eswaran on May 21, 2008 12:40 AM

    Hello Karthick,
    let's say you have 2 servers for your portal:
    host1 -> e.g. DB, SCS + CI --> http://host1.my.company:50000/irj/portal
    host2 -> DI --> http://host2.my.company:50000/irj/portal
    Now you can implement an CISCO hardware load balancer. You have to connect it to your network and reserve one port and another ip adress of it for the portal.
    After that you have to add the ip adress of the both servers (host1+host2) to this port, so that the CISCO load balancer knows to which servers it has to forward the incoming connections.
    If you use DNS in your company you can now map a more user-friendly name to the CISCO port (e.g. http://portal.my.company:50000/irj/portal) and distribute this link to the users of the portal.
    When they connect to the portal via this link the CISCO load balancer will forward the request to one of the configured servers (host1 or host2) depending which one is online and/or the load of them.
    I hope I understood your question right and my answer helps a little.
    Regards,
    Norman Schröder

  • Load balance LDAP with the CSS 501

    I'm trying to setup a content rule to test load balancing LDAP traffic via the CSS but it doesn't seem to be working. Here's my configuration:
    service 10.125.5.56:389
    ip address 10.125.5.56
    protocol tcp
    port 389
    keepalive type script ap-kal-ldap "10.125.5.56"
    active
    content test-ldap:389
    vip address 10.124.155.50
    add service 10.125.5.56:389
    protocol tcp
    balance aca
    port 389
    advanced-balance sticky-srcip-dstport
    active
    Anything I'm doing wrong? I see somebody posted a similar issue but doesn't seem like a solution was provided (see below):
    http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Data%20Center&topic=Application%20Networking&topicID=.ee7814f&fromOutline=true&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1dda3585/2

    What's the issue ?
    Get a sniffer trace simultanously on client and server and see what's going on.
    G.

Maybe you are looking for

  • Solaris 10 u5 Samba slow transfer rates?

    Hi! I've installed Solaris 10 x86 (Core2Duo - x64) server, with Samba over ZFS RAID-Z. Samba is a part of Active Directory Domain. I've managed to join it to domain, to get the users and groups from A.D. and to translate them to Unix IDs. Everything

  • Notification tab in UWL

    Hi, We have implemented portal for LSO. Booking/Cancellation of course participation everything is working fine. Now problem is after approval from the manager, the employee is not getting notification in his UWL. How resolve this issue. Please help

  • JDev 1013 BUG? EJB, CMR, DTO and session facade.

    I've created two CMP Entity EJB's, CourseEJB and PupilEJB, and defined a M:N relationship between them. A course has many pupils and vice versa. Each bean has only two attributes, id (Long, part of PK) and name (String) for simplicity. 1. Generated D

  • How to spool to a file with changing name

    How can you spool to a file using a passed parameter as part of the filename. If you try: spool c:\temp\&1_report.txt it says that the spool command is invalid. Any ideas? I seem to remember doing this before but I can't remember how....

  • Email images are not showing in my new iPad.

    email images are not showing in my new iPad.  This was not a problem initially, but just started.  I use yahoo mail.  Any thoughts?