cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2663
Views
10
Helpful
23
Replies

Port-channel+eBGP Load Balance traffic problem

Baratheon
Level 1
Level 1

 

My company's data center is currently using a Cisco C9500-24Y4C connected to an ISP router x670 extreme.
We've configured a port-channel with 4x 10G ports, divided into two VLANs (VLAN2 and VLAN3).
Our BGP configurations are identical on both sides, and we've confirmed that the connection is established.
However, we've encountered an issue where it seems like traffic is only utilizing one of the four interfaces in the port-channel,
and we're not achieving the desired load balancing. Can you please advise on what steps or configurations may be missing?

Thanks in advance,I will appreciate your help.

BGP(Load Balance).PNG

1 Accepted Solution

Accepted Solutions

@Baratheon , that is correct. Each device can only control which link to forward the frames onto. The X670 would also require a change to it`s etherchannel load-balancing as the default seems to be source+destination MAC addresses. Exos configuration is unfortunately not something I am familiar with. Your ISP can likely assist you with the X670 configuration if you describe that you wish to load-balance the etherchannel based on source and destination port numbers. This article describes exos etherchannel configuration and load-balancing options: https://extreme-networks.my.site.com/ExtrArticleDetail?n=000002358.

Your command output confirms that your etherchannel is bundled as it should and that this is an etherchannel load-balancing issue.

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

View solution in original post

23 Replies 23

Can I see the bgp config on both sides.

Thanks A Lot
MHM

Sure, I will provide you with the detailed BGP configurations for both sides. I'll gather the necessary information and share it with you shortly. Thank you for your assistance. Your help is greatly appreciated.

The configurations for my ISP and IDC routers are as provided above. I need your guidance on how to configure them or what configurations are needed to make the load balancing effective. Thank you for your assistance.

Torbjørn
Spotlight
Spotlight

This sounds like a etherchannel polarization issue. The default load-balancing algorithm for catalyst 9k switches only uses source mac address for hashing. Meaning that if your traffic comes from the same mac address it will be sent over the same single link. You can configure this with the

port-channel load-balance

command. To achieve the most even load balancing across the port-channel you should select the values that will vary the most for the traffic. Here are the available options for the

port-channel load-balance

command on the 9500:

Switch(config)#port-channel load-balance ?
dst-ip Dst IP Addr
dst-mac Dst Mac Addr
dst-mixed-ip-port Dst IP Addr and TCP/UDP Port
dst-port Dst TCP/UDP Port
extended Extended Load Balance Methods
src-dst-ip Src XOR Dst IP Addr
src-dst-mac Src XOR Dst Mac Addr
src-dst-mixed-ip-port Src XOR Dst IP Addr and TCP/UDP Port
src-dst-port Src XOR Dst TCP/UDP Port
src-ip Src IP Addr
src-mac Src Mac Addr
src-mixed-ip-port Src IP Addr and TCP/UDP Port
src-port Src TCP/UDP Port

You can read more about this here: https://www.cisco.com/c/en/us/support/docs/content-networking/load-balancing/215112-troubleshoot-polarization-in-port-channe.html

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/lanswitch/configuration/xe-16-10/lanswitch-xe-16-10-book/lnsw-flow-portchannel-load.html

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

@Torbjørn is completely correct that a "worst" case LB algorithm choice can lead to poor, or even no, traffic distribution across links.  LB based on just one attribute, like src-mac, often bumps in to worst case traffic distribution.  In general, LB algorithms that use multiple attributes, like src-dst-mac or src-dst-ip, often do well, in many cases.  Also keep in mind, sometimes the best LB algorithm choices depends on flow direction; i.e. the two sides need not use the same LB algorithm.

As to whether you've bumped into "polarization", from what's posted in OP, unsure we can determine if that's happening.

"Polarization" isn't new, nor limited to just Etherchannel.  You might find this 2013 (6500) CEF Polarization TechNote interesting.

Thank you for your response.I've attempted to use the

port-channel load-balance

command on the Catalyst 9500 switch as per your suggestion, but it hasn't yielded any noticeable results. Would providing you with the detailed configuration information be helpful in assisting me with this issue?

Detailed configuration on the port-channel interface and bundled interfaces would be useful. Since you say that only one port is used for traffic, is the port-channel operational on both ends? Can you see all expected interfaces as "In portchannel" in the output of "show etherchannel summary"?

Note that etherchannel load-balancing is directional since each switch can only control which links it sends frames on. Depending on the traffic you are forwarding across the port-channel this might be of importance for whether configuring loadbalancing on the 9500 would make a difference.

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

I would like to seek your advice regarding the use of the

port-channel load-balance

command for configuration. I'm attaching my configuration settings for your reference. Thank you.

Baratheon
Level 1
Level 1

Thank you for your response!!At one point, I had a suspicion that the lack of load balancing might be due to the network traffic not exceeding 2G to 3G, while my configuration utilizes a 4x10G PortChannel. As a result, it seems that the traffic is concentrated on one port, which could explain the absence of load balancing. What are your thoughts on this theory?

Hello @Baratheon ,

load balancing should happen regardless of traffic volume  and it just requires that multiple traffic flows with enough diversity are being sent.

A single traffic flow will always use a single link based on the hashing results of its key fields ( source IP , dest IP for IP traffic with default settings)

Hope to help

Giuseppe

 

I'm sorry, I'm having some difficulty understanding. If I only have access to configure the C9500 (IDC-Router), how should I set it up for load balancing? I genuinely appreciate your guidance. Thank you.

You have no control over the other side's LB unless you can configure that device.

From you recently provided configs, it all looks pretty vanilla.  Next would be to confirm all the links are active in the Etherchannel bundle.  Also, confirm LB algorithm currently being used.

@Giuseppe Larosa I will try the valuable suggestions you provided. Thank you!!

As @Giuseppe Larosa replied, traffic volume isn't a factor with LB beyond more concurrent flows might be distributed across multiple links.

In a @Torbjørn recent reply, Etherchannel configuration information, and some stats, was asked for.  That could be very helpful.

@MHM Cisco World has asked for additional BGP information and has noted BGP, by default, will not use multiple paths.  Although that's correct, an Etherchannel is always seen as one link, so it's unclear how BGP config would matter, but it wouldn't hurt to provide that information too.

Personally, within OP, you describe assigning two VLANs to this Etherchannel, which possibly makes the information @Torbjørn requested, the most important.

Review Cisco Networking for a $25 gift card