Solved: C6800 Port-Channel Loadbalancing issue

amir.glibic · ‎07-30-2019

Hi,

we have an issue with our backups / backup performance / loadbalancing.

We have a few DMZ servers, where the only possible backup is via the frontend, so communication via Firewall.

The Firewall is an ASA, connected via 6x1G Copper Portchannel to our core switch (6807-XL).

The problem here is, since the cores use src-dst-ip as loadbalancing algorithm on the Port-Channel, the backup is running on only one of these 6 links, since source & destination IP are always the same.

This causes:

A) slow backups

B) Alarms from our performance monitoring, since bandwidth consumption on the 1G-Port > 95%.

I wanted to change the LB method to something different, in order to have a better distribution on all of the links, but when I try to do this on the core-side Port-Channel, I get the error message "This command is not supported for this interface".

Is there any way how I could change this Port-Channel LB method on a 6800?

Thanks in advance!

Mark Malone · ‎07-30-2019

Yes you cant change it at link level , never have been able to on Cisco anyway its always been global from what i remember
any change thats going to effect traffic distribution paths etc you should use a window but i have changed this before in production on switches with minimal impact , some super critical apps may take a hit , depends really whats running on your network but it doesnt drop links or anything like it but will alter traffic flow and may cause small blip

we have ours consistent right across the network for best practice same on each switch , we use this it works well for us on our 65s on access core and dist layers , personally i wouldnt have multiple types of load balancing in place on same paths unless theres a specific requirement to have it like that --- port-channel load-balance src-dst-port

View solution in original post

Mark Malone · ‎07-30-2019

Hi
you should be able to change in global not interface level

(config)#port-channel load-balance ?
dst-ip Dst IP Addr
dst-mac Dst Mac Addr
dst-mixed-ip-port Dst IP Addr and TCP/UDP Port
dst-port Dst TCP/UDP Port
mpls Load Balancing for MPLS packets
src-dst-ip Src XOR Dst IP Addr
src-dst-mac Src XOR Dst Mac Addr
src-dst-mixed-ip-port Src XOR Dst IP Addr and TCP/UDP Port
src-dst-port Src XOR Dst TCP/UDP Port
src-ip Src IP Addr
src-mac Src Mac Addr
src-mixed-ip-port Src IP Addr and TCP/UDP Port
src-port Src TCP/UDP Port
vlan-dst-ip Vlan, Dst IP Addr
vlan-dst-mixed-ip-port Vlan, Dst IP Addr and TCP/UDP Port
vlan-src-dst-ip Vlan, Src XOR Dst IP Addr
vlan-src-dst-mixed-ip-port Vlan, Src XOR Dst IP Addr and TCP/UDP Port
vlan-src-ip Vlan, Src IP Addr
vlan-src-mixed-ip-port Vlan, Src IP Addr and TCP/UDP Port

amir.glibic · ‎07-30-2019

Hi,

thanks - seems plausible.

If I change that on global level - is there any impact/disruption of traffic?

Should I change it on all connected devices (connected Nexus, Access-Switches, etc.), or is it OK to have different settings on the two sides?

Mark Malone · ‎07-30-2019

Yes you cant change it at link level , never have been able to on Cisco anyway its always been global from what i remember
any change thats going to effect traffic distribution paths etc you should use a window but i have changed this before in production on switches with minimal impact , some super critical apps may take a hit , depends really whats running on your network but it doesnt drop links or anything like it but will alter traffic flow and may cause small blip

we have ours consistent right across the network for best practice same on each switch , we use this it works well for us on our 65s on access core and dist layers , personally i wouldnt have multiple types of load balancing in place on same paths unless theres a specific requirement to have it like that --- port-channel load-balance src-dst-port

amir.glibic · ‎07-30-2019

Many thanks, I'll try this tonight