We are running iWAN 2.2, PfR v3. We're running into odd load-balancing issues. With the standard configuration of ...
...is it true that only uncontrolled traffic is load-balanced? If so, does that effectively mean that no 'CN' traffic is load-balanced? We have multiple trusted 'primary' transports (such as dual MPLS circuits at a branch) that we need to load-balance across. Our master policy looks some thing like ...
class BUSINESS_CRITICAL sequence 30
match dscp af31 policy custom
path-preference MPLS1 MPLS2 fallback INET1 INET2
We obviously don't want to load-balance our AF31 traffic across both MPLS and INET circuits, but we *do* want/need to load-balance it across multiple MPLS paths.
Is it possible to load-balance CN traffic?
Yes PFRv3 only works on the controlled traffic and all uncontrolled traffic gets load-balanced (if load balance) is enabled or else goes through the standard RIB. Your path preference is correct for the AF31 class to use both MPLS1 and MPLS2 paths, but bare in mind that optimum usage on the two MPLS path is subject to how well the MPLS provider keeps it within the SLA that is tolerable to PFRv3.
Hit me up a star if you find this useful so others also find it useful.
hmmm...that's interesting. So, it would follow, I presume, that a class with no path-preference would follow the RIB as well? We have quite a bit of unclassified traffic (dscp 0). The final class in our policy is ....
class DEFAULT sequence 70
class type: Dscp Based
match dscp default policy custom
priority 2 ....
priority 1 ....
There is no path-preference defined for that class. The 'dscp default' traffic is classified, in PfR terms, so it is 'CN' and would not be load-balanced. And I'm assuming that because there is no path-preference defined that it will simply follow the RIB. Is this correct?
What I'm ultimately getting at is that I think (if I understand all of this correctly) is that we need to focus on our RIB. We are using iBGP for our overlay/WAN (the tunnel clouds). In order to get a better load-balancing of all of that dscp 0 traffic, I think we probably need to implement 'maximum-paths 2' in our BGP configuration to get traffic to use both tunnels more efficiently, for any traffic that is following the RIB.
Yes that is absolutely correct, if there are no path preference defined then its the RIB based forwarding and so any load-balancing then has to be done on the basis of the RIB.