MPLS Load Balancing/Sharing with TE or CEF or Both?
So I am just playing around in GNS3 trying to set up multiple ECMP links between to P routers like this;
CE1 -- PE1 -- P1 == P2 -- PE2 -- CE2
(There are actually four links between P1 & P2!)
I have set up a pseudoswire xconnect from PE1 to PE2 so CE1 & 2 can ping each other on the same local subnet range. That works just fine.
My question is this:
I have configured "ip load-sharing per-packet" on each of the four interfaces on P1 and P2 that are facing each other (I know per-packet balancing is frowned upon but lets not talk about that right now!) and this works, traffic is distributed across all links (I can see with packet captures in GNS3).
Where does "ip load-sharing per-packet" fit in to the chain of events with regards to MPLS and CEF etc?; So, with MPLS enabled everywhere the two P routers are forwarding based on labels and not IP address. With MPLS enabled, does this command force the P routers to load-balance each MPLS frame as it comes in, round-robbin'ing the ingress frames across all links, the same as it would if it were a plain IP packet? So the command is ignorate of the kind of traffic being used? Or is the P router looking down into the MPLS frame for the IP in the IP packet?
Also, in order to get the same sort of performance boost you get from per-packet load balancing, seeing as I am using MPLS here, should I be using some francy MPLE TE to do this instead of that interface sub-command?
If I remove that command, I seem to always use link 2 for sending traffic towards P2 from P1, and link 3 for receiving the return traffic from P2 to P1. This is presumably because the ICMP packets have nothing to hash on except the source and destination IP addresses, so they always hash to the same physical links. Without using that command how else can I make use of the four links?
Hello Jwbensley,
first of all,
"ip load-sharing per-packet" is not a viable option as it causes out of order issues.
Real world devices perform load balancing based on the second (more internal ) label value so to achieve some load balancing for example multiple pseudowires must be defined between the same pair of PE nodes.
L3 VPN use different internal labels for different customer prefixes of the same VRF site ( unless some special command is used to say use one label per VRF site)
>> f I remove that command, I seem to always use link 2 for sending traffic towards P2 from P1, and link 3 for receiving the return traffic from P2 to P1
This is the expected behaviour in this scenario.
With MPLS TE you can achieve results similar to the use of multiple pseudowires /LSPs : forms of load sharing not true load balancing. In all cases in MPLS world flow based and not per packet
Hope to help
Giuseppe
Similar Messages
-
SIP load balancing issue with ACE 4710
SIP Load balancing Issue with ACE 4710
I have a Cisco ace 4710 with vesion Version A4(2.2). i configued simple SIP load balancing first without stickiness. without stikeiness we are having a problem because bye packet at the was not going to the same server all the time that left our port in used even though user hang up the phone. its happen randmly. i have a total 20 licenced ports and its fill out very quickly. so i dicided to use the stickiness with call-ID but still same issue. below is the config
rserver host CIN-VOX-31
ip address 172.20.130.31
inservice
rserver host CIN-VOX-32
ip address 172.20.130.32
inservice
serverfarm host CIN-VOX
probe SIP-5060
rserver CIN-VOX-31
inservice
rserver CIN-VOX-32
inservice
sticky sip-header Call-ID VOX_SIP_GROUP
timeout 1
timeout activeconns
replicate sticky
serverfarm CIN-VOX
class-map match-all CIN_VOX_L4_CLASS
2 match virtual-address 172.22.12.30 any
class-map match-all CIN_VOX_SIP_L4_CLASS
2 match virtual-address 172.22.12.30 udp eq sip
policy-map type loadbalance sip first-match CIN_VOX_LB_SIP_POLICY
class class-default
sticky-serverfarm VOX_SIP_GROUP
policy-map multi-match GLOBAL_DMZ_POLICY
class CIN_VOX_SIP_L4_CLASS
loadbalance vip inservice
loadbalance policy CIN_VOX_LB_SIP_POLICY
loadbalance vip icmp-reply
class CIN_VOX_L4_CLASS
loadbalance vip inservice
loadbalance policy CIN_VOX_LB_SIP_POLICY
loadbalance vip icmp-reply
interface vlan 20
description VIP_DMZ_VLAN
ip address 172.22.12.4 255.255.255.192
alias 172.22.12.3 255.255.255.192
peer ip address 172.22.12.5 255.255.255.192
access-group input PERMIT-ANY-LB
service-policy input GLOBAL_DMZ_POLICY
could you please help me on this...
thanks
Rakesh PatelI mean there should be one more statement-
class-map type sip loadbalance match-any CIN_VOX_LB_SIP_POLICY
match sip header Call_ID header-value sip:
and that will be called under-
policy-map multi-match GLOBAL_DMZ_POLICY
class CIN_VOX_SIP_L4_CLASS
loadbalance vip inservice
loadbalance policy CIN_VOX_LB_SIP_POLICY
loadbalance vip icmp-reply
is that missing in your config ? -
Does anyone have a recommended network, hardware and software configuration guide for a Portal installation running with multiple gateways load balanced (ie one URL) that talk to multiple servers?
David,
We've used Resonate (software) to load balance the gateways. It allows
you to group all the gateways under 1 virtual URL and load balance the
incoming connections over each gateway depending on the rules that you
define in Resonate. Look in the SUN portal whitepapers there is one that
talks about it specifically.
As far as load balancing the calls to the portals, the gateways will
automatically load balance across all the portals that they know about
using a simple round-robin rotation. You may be able to use Resonate in
front of the portals but you may need to activate persistance within
Resonate to ensure that the user always ends up on the portal that he
established his initial connection on (if you want that), check with Sun
on this one.
David Broeren wrote:
Recommended configuration for load balanced Portal with load balancer,
multiple gateways and multiple servers.
Does anyone have a recommended network, hardware and software
configuration guide for a Portal installation running with multiple
gateways load balanced (ie one URL) that talk to multiple servers?
Try our New Web Based Forum at http://softwareforum.sun.com
Includes Access to our Product Knowledge Base! -
Hi All,
i hv 3 Fr circuits and 1 mpls circuits from india to Usa. is it possible that i will go fro load balancing? pls give me the solution
ThanksYes it possible depending on your routing protocol being used,
1) With BGP,Static being used on your PE-CE and as well as other FR links you can control the routing, and install four paths towards your other end destinations.
2) If you have OSPF then you will need help form your MPLS service provider to give you intra-area routes of the other side, as over MPLS VPN you will see the other side routes as Inter-Area routes and hence only your FR links would be preferred for load balancing exlcuding the MPLS VPN circuit.
HTH-Cheers,
Swaroop -
Load balancing & reduncey with 2 Pri Lines
Dear Friends.......
I have a requirement of VOIP setup and I have 2 Pri Lines of MPLS cloud.
I have 3 r routers, router1 is for IPS 1 (Pri 1), router 2 is for ISP 2 (Pri 2) and router 3 is for Load balancing.
plz explain me how to config load balancing & redundancy....
my another question is E1 Leased line will cupport voip?
ISP 1 IP_172.16.10.1/24
ISP 2 IP_170.16.5.1/24....
Plz explain with config,....
Thanks & Regards,
Srinivas. NHi Alex
Sorry, I have 2 PRIs, PRI one is for main line & PRI two is for backup line, both should work as a load balancing... they are for placing voice calls to the PSTN ..
My concept is I have 3 routers... Router 1 is for PRI one, Router 2 is for PRI two & Router three is for load balancing...
Plz explain me how to config three router...
I hope In router one need to config with pri voice channels, In router two need to config with pri voice channels & In router three need to config load balancing...
Thanks & Regards,
Srinivas. N. -
Load-balancing issues with iPlanet and multiple clusters
We're in performance test of a large-scale clustered deployment based on WLS 5.1sp10.
Due to scalability/functionality issues, some of which we've seen firsthand and
some of which we've been informed of by associates as well as BEA representatives,
we've chosen to implement multiple clusters with a maximum of three nodes each.
These clusters will be fronted by a web server tier consisting of iPlanet servers
using the proxy plugin.
Due to hardware constraints (both in test and in production), however, we've configured
the iPlanet servers to route across the multiple clusters. In our test environment,
for instance, we've got a single iPlanet server routing across two 3-node clusters,
and the configuration in obj.conf is as follows:
<Object name="application" ppath="*/application">
Service fn="wl-proxy" \
WebLogicCluster="clusterA_1:9990,clusterB_1:9991,clusterA_2:9990,clusterB_2:9991,clusterA_3:9990,
clusterB_3:9991" \
CookieName="ApplicationSession"
</Object>
Our issue is that the load-balancing doesn't appear to work across the clusters.
We're seeing one cluster get about 90% of the load, while the other receives
only 10%.
So, the question (finally!) is: Is this configuration correct (i.e., will it
work according to the logic of the proxy plugin), and is it appropriate for this
situation? Are there other alternative approaches that anyone can recommend?
Thanks in advance,
cramerI use weblogic6.1 with sp2+windows 2000.I develop a web application and deploy
it to cluster.Through HttpClusterServlets proxy of weblogic I found that a server
in cluster almost get 95% of requests but another only get 5% of requests.Why???
I don't set any special parameter.And the weight of the two clustered server is
equal.I use round-robin arithmetic.
Thanks!
"cramer" <[email protected]> wrote:
>
We're in performance test of a large-scale clustered deployment based
on WLS 5.1sp10.
Due to scalability/functionality issues, some of which we've seen firsthand
and
some of which we've been informed of by associates as well as BEA representatives,
we've chosen to implement multiple clusters with a maximum of three nodes
each.
These clusters will be fronted by a web server tier consisting of iPlanet
servers
using the proxy plugin.
Due to hardware constraints (both in test and in production), however,
we've configured
the iPlanet servers to route across the multiple clusters. In our test
environment,
for instance, we've got a single iPlanet server routing across two 3-node
clusters,
and the configuration in obj.conf is as follows:
<Object name="application" ppath="*/application">
Service fn="wl-proxy" \
WebLogicCluster="clusterA_1:9990,clusterB_1:9991,clusterA_2:9990,clusterB_2:9991,clusterA_3:9990,
clusterB_3:9991" \
CookieName="ApplicationSession"
</Object>
Our issue is that the load-balancing doesn't appear to work across the
clusters.
We're seeing one cluster get about 90% of the load, while the other
receives
only 10%.
So, the question (finally!) is: Is this configuration correct (i.e.,
will it
work according to the logic of the proxy plugin), and is it appropriate
for this
situation? Are there other alternative approaches that anyone can recommend?
Thanks in advance,
cramer -
Hardware clustering/load balancing/failover with Tomcat
Hello forum!
I recently bought a Cisco 1801, and it sure is capable! Anyhow, I've got a hobby website that is getting a fair bit of traffic - approaching too much for one node to handle and it's time to start thinking about distributing the load.
I'd like to do a little clustering of server nodes running Apache Geronimo, which is J2EE running atop Apache Tomcat. For the sake of keeping things generic, let's just call it Tomcat because it configures the same way.
I do not run Apache HTTP Server as a proxy, I only run Tomcat directly connected to the internet. I do this for performance reasons.
Anyhow, I'm wondering if any of you evil geniuses could suggest a way that I could cluster Tomcat nodes directly using the router to serve as a hardware load balancer and have the whole sticky session thing with failover, etc... All of the documents I find on the subject discuss clustering by way of Apache HTTP with Mod_JK.
I have already asked this question on the hardware side, and got great information about the capable load balancing features my router sports (but limited compared to Cisco CSS products.)
Now I'm wondering if anyone has experience taking an open source application server like Geronimo or Tomcat or JBoss and clustering it using hardware load balancing. What kinds of Tomcat configurations, if any, do I need to add for things like sticky sessions and failover? Or, is all that automatic?
Thanks so much for reading and for any replies. If there is a better forum for my question, please direct me there.
Cheers,
Dave Woldrich
http://CardMeeting.comThis occurs rarely when the Tomcat process is not able to connect to the database. The database connection problem is an internal cause which manifests externally as missing fields in reports.
Workaround: Restart the Apache process and the Tomcat process. From the CLI on your CiscoWorks Server, enter the following commands in the specified sequence:
1. pdterm Apache
2. pdterm Tomcat
3. pdexec Tomcat
4. pdexec Apache -
Load Balancing Problem with WLS6.1
Hi,
I have 4 Instances of Weblogic servers two instance per box with Clustered. The
admin server is running in the first box. While stress testing it seems all the
loads are going to one instance and other instances are almost idle.
In the Secondary Group, i have given the name of the other instance on the same
server. I'm running weblogic in Solaris with SP3.
Can anyone suggest why loadbalancing doesn't work.
Typically, load balancing will work unless there is a problem with the
clusters seeing each other. Therefore first make sure that the managed
server has joined the cluster.
Other things to look at are the __WebLogicBridgeConfig (see WLS plugin
documents) to confirm that there is a primary and secondary.
The above assumes Servlet load balancing, for objects check the
deployment descriptors.
Diwan Mohideen wrote:
>
> Hi,
>
> I have 4 Instances of Weblogic servers two instance per box with Clustered. The
> admin server is running in the first box. While stress testing it seems all the
> loads are going to one instance and other instances are almost idle.
>
> In the Secondary Group, i have given the name of the other instance on the same
> server. I'm running weblogic in Solaris with SP3.
>
> Can anyone suggest why loadbalancing doesn't work.
-
Load balancing problem with CSS11503
Hello all,
We have two web servers that are being load balanced with this configuration on two CSS11503 with IOS version 7.20 Build 206;
content Web
add service web1
add service web2
vip address 10.1.4.4
protocol tcp
port 80
url "/*"
advanced-balance sticky-srcip-dstport
active
When we try and access the web servers from client workstation using the URL on Internet explorer 6.0 and get authenticated through the login window; we get error 12031. Error 12031 means " ERROR_INTERNET_CONNECTION_RESET The connection with the server has been reset. "
On refresh the error goes away.
If we bypass the content switches by accessing any of the servers using server name; the error does not appear. The problem seems to be related to the load balancing.
Any suggestions?the problem is probably due to CSS sending an HTTP redirect with the RESET flag when you send multiple request inside the same connection.
To avoid the proble, do a 'no url' under your content rule.
There is absolutely no need to specify the url since you do stickyness based on source ip address.
Regards,
Gilles. -
Load balance servers with 3560?
Here is my scenario...
I have two servers that are both connected to a single 3560 (SMI).
These two servers are in a primary/secondary relationship. Right now, if the primary server goes down - we need to manually configure the secondary server to take over.
I have two questions...
What is the best way to set up fault tolerance with these devices, so the secondary server will automatically kick in if the primary goes down?
In addition to that, is there any type of load balancing feature we can use on this 3560...so both the primary/secondary servers can run at the same time?
Ideally, we would like communication to the second server kick in when the link to the primary server gets too congested.your best bet is to use IOS SLB or a content switch such as the cisco CSS series.
please see the following links for more info on ciscos CSS and SLB capabilities:
content switching (CSS) -
http://www.cisco.com/en/US/netsol/ns340/ns394/ns50/ns254/networking_solutions_package.html
SLB - (example of use)
http://www.cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a0080093de3.shtml -
Query - Business Objects- CMS Cluster internals for load balancing/ sharing
Hi,
We are implementing CMS Cluster solution between two BOE server on Windows 2003 OS. As per documentation, One CMS server is primary, which coordinates with secory CMS server within same cluster. Does both server share equal load without external load balancer, by BOE cluster functionality? What are the tuning parameters for Load balancing between 2 CMS servers?
Thanks for your help!!
Regards,
GIf you somehow needed to accomplish load balancing between the 2 machines which wasn't 50/50 you could possibly try dns aliasing and have more copies of one machine than the other. I'm not recommending this, just thinking out loud here.
-
Load balance DSP with DSPControl
We need balancing and failover in our calls to the DSP from WLI. The networking guys setup an F5 hardware load balancer to do this, but t3 connections are not working.
Questions:
1. Is there a known configuration of F5 that will work with t3 protocol?
2. Can the DSP control work over another protocol, such as http, without loss of functionality? If so, how do I set that up?
3. Is there a recommended approach to what we are trying to do?
Thanks!
JeffJeff - you have a case open and both you and the customer support guy are chasing this down as and ALDSP and WLI issue. It's not. The problem you have occurs in creating an InitialContext when giving the URL of the load-balancer. Look in the stack trace - there is no ALDSP - just your code and WLS. You will get better results if you investigate it as such. For instance - if you post your question on WLS/EJB/RMI forum - the right people will see it. ( deleted remark about creating a CR)
Also - from the case description - it's not clear why you have the load-balancer there. It sounds like the ejb is hosted on the same machine as the client (it mentions that it works fine if you use localhost instead of the load-balancer ... maybe that was just something you tried). Also the WLS EJB stubs do load-balancing (and fail-over, too) so again I'm not sure of the purpose of the hardware load-balancer (if you give a good reason and it all makes sense, it's easier to diagnose).
Also posted on the case is a forums.bea.com posting that says you need to set the ejb server's "external server address" - the ejb stubs report the address that the clients should use for calling them - normally it is their own address - but if you have a load-balancer in between - they should be using the address of the load-balancer.
Also posted on the case is a reference to a CR about problems using a load-balancer when the servers have different port numbers. I didn't read the details on that.
Please escalate your case with customer support.
- MIke
Edited by: mikereiche on Nov 14, 2008 10:02 AM -
Load Balance TMG with Cisco CSS
I am working with a Customer that is using Cisco CSS to load balance Microsoft TMG 2010.
From the Microsoft TMG, I can see the https probes hitting the TMG Servers. The TMG 2010 recongnizes that the Cisco is trying to establish a 3-way handshake and is dropping every 3rd connection with the following error: "non-SYN packet was dropped because it was sent by a source that does not hane an established connection with the Forefron TMG computer." Since the Microsoft Forefront TMG 2010 Server is Stateful packet inspection firewall, what is the best load balance method for this service? TCP or even worst ICMP.
Below is a snipet of the configuration:
Thank You
Avery
CSS-A# show service Server1-ssl
Name: Server1-ssl Index: 70
Type: Local State: Alive
Rule ( x.x.x.x TCP 443 )
Session Redundancy: Enabled
Redundancy Global Index: 206
Redirect Domain:
Redirect String:
Keepalive: (SSL-443 5 3 5 )
Keepalive Encryption: Disabled
Last Clearing of Stats Counters: 03/05/2012 16:33:14
Mtu: 1500 State Transitions: 4
Total Local Connections: 0 Total Backup Connections: 0
Current Local Connections: 0 Current Backup Connections: 0
Total Connections: 0 Max Connections: 65534
Total Reused Conns: 0 Weight Reporting: None
Weight: 1 Load: 2
CSS-A#
CSS-A# show service Server2-ssl
Name: Server2-ssl Index: 71
Type: Local State: Alive
Rule ( x.x.x.x TCP 443 )
Session Redundancy: Enabled
Redundancy Global Index: 207
Redirect Domain:
Redirect String:
Keepalive: (SSL-443 5 3 5 )
Keepalive Encryption: Disabled
Last Clearing of Stats Counters: 03/05/2012 16:53:49
Mtu: 1500 State Transitions: 6
Total Local Connections: 0 Total Backup Connections: 0
Current Local Connections: 0 Current Backup Connections: 0
Total Connections: 0 Max Connections: 65534
Total Reused Conns: 0 Weight Reporting: None
Weight: 1 Load: 2Hi,
It would good to have a capture from the server itself, the TCP keepalive is really simple, as you explained, it is just a 3-way-handshake on port 443.
The CSS is going to use it's vlan IP to generate this keepalive.
So if the server is dropping the connection, it would be good to se the actual behavior of the keepalive.
ICMP is just a ping, and lets say port 443 is not longer open on the server, at the point that the CSS gets the ICMP reply back from the server, the service is going to remain as alive, but the traffic is not going to work, so ICMP is not a good option.
Thanks! -
CISCO Load Balancing Mechanism with SAP
Hello Experts,
Explain me the steps How CISCO Load balancing Mechanism works with SAP Enterprise Portal?
If anyone implemented and achieved the same,please explain me the steps to follow from Initial Stage to end of implementation.
Or If you have any documentation on this just share with me to my google id kekarthick or point me to the particular link.
I have seen the below SAP help which is somewhat helpful.
http://help.sap.com/saphelp_nw04s/helpdata/en/d3/e12840d89d185de10000000a1550b0/frameset.htm
I would like to know how CISCO will connect to Java Dispatcher.
And explain me the steps to follow to implement External Facing Portal using Cisco Loadbalancer.
This should be achieved in Unix and Windows 2003 environment.
Any idea?
Regards,
Karthick Eswaran
Edited by: Karthick Eswaran on May 21, 2008 12:40 AMHello Karthick,
let's say you have 2 servers for your portal:
host1 -> e.g. DB, SCS + CI --> http://host1.my.company:50000/irj/portal
host2 -> DI --> http://host2.my.company:50000/irj/portal
Now you can implement an CISCO hardware load balancer. You have to connect it to your network and reserve one port and another ip adress of it for the portal.
After that you have to add the ip adress of the both servers (host1+host2) to this port, so that the CISCO load balancer knows to which servers it has to forward the incoming connections.
If you use DNS in your company you can now map a more user-friendly name to the CISCO port (e.g. http://portal.my.company:50000/irj/portal) and distribute this link to the users of the portal.
When they connect to the portal via this link the CISCO load balancer will forward the request to one of the configured servers (host1 or host2) depending which one is online and/or the load of them.
I hope I understood your question right and my answer helps a little.
Regards,
Norman Schröder -
Load balance LDAP with the CSS 501
I'm trying to setup a content rule to test load balancing LDAP traffic via the CSS but it doesn't seem to be working. Here's my configuration:
service 10.125.5.56:389
ip address 10.125.5.56
protocol tcp
port 389
keepalive type script ap-kal-ldap "10.125.5.56"
active
content test-ldap:389
vip address 10.124.155.50
add service 10.125.5.56:389
protocol tcp
balance aca
port 389
advanced-balance sticky-srcip-dstport
active
Anything I'm doing wrong? I see somebody posted a similar issue but doesn't seem like a solution was provided (see below):
http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Data%20Center&topic=Application%20Networking&topicID=.ee7814f&fromOutline=true&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.1dda3585/2What's the issue ?
Get a sniffer trace simultanously on client and server and see what's going on.
G.
Maybe you are looking for
-
Solaris 10 u5 Samba slow transfer rates?
Hi! I've installed Solaris 10 x86 (Core2Duo - x64) server, with Samba over ZFS RAID-Z. Samba is a part of Active Directory Domain. I've managed to join it to domain, to get the users and groups from A.D. and to translate them to Unix IDs. Everything
-
Hi, We have implemented portal for LSO. Booking/Cancellation of course participation everything is working fine. Now problem is after approval from the manager, the employee is not getting notification in his UWL. How resolve this issue. Please help
-
JDev 1013 BUG? EJB, CMR, DTO and session facade.
I've created two CMP Entity EJB's, CourseEJB and PupilEJB, and defined a M:N relationship between them. A course has many pupils and vice versa. Each bean has only two attributes, id (Long, part of PK) and name (String) for simplicity. 1. Generated D
-
How to spool to a file with changing name
How can you spool to a file using a passed parameter as part of the filename. If you try: spool c:\temp\&1_report.txt it says that the spool command is invalid. Any ideas? I seem to remember doing this before but I can't remember how....
-
Email images are not showing in my new iPad.
email images are not showing in my new iPad. This was not a problem initially, but just started. I use yahoo mail. Any thoughts?