09-30-2015 01:05 PM - edited 03-08-2019 02:00 AM
We are building a new border infrastructure and at our borders edge we will have two routers, the next network device will be a pair of Catalyst 4500X switches that will be configure with VSS (see attached diagram). Between the two border routers and the Catalyst 4500X VSS pair will be two equal cost etherchannel groups one going to each border routers for redundancy. My question is, how do the Catalyst 4500X VSS pair determine which interface or etherchannel group to forward packets to the border routers? I would like to have them load balance equally as possible between the two border routers, but didn't know if there was some configuration that needed to be applied to the etherchannel configuration or if it did on it's own. Any information or reference information would be greatly appreciated.
Thanks!
02-15-2016 12:59 PM
Hi Martin,
I'm not sure if you had any answers and or came to your own conclusions. In the past few week I've had an opportunity looking at a similar scenario but based around the 6500 architecture. One thing that I have learned is that VSS seemingly writes separate FIB (CEF) entries on the local node, be that the primary or secondary node.
This in itself was fine but at lower layers in the network the design relied on the access-layer connectivity and subsequently the traffic flow was fundamentally based on the L2 connectivity at the lower layers. I have a similar open question that I'm considering raising a TAC case for to understand better how the local-cef entries take prevalence.
Kind Regards
Ju
02-15-2016 02:26 PM
Hey this is interesting we looked into this before on 6509 VSS setup but what we have found from Cisco when using etherchannel on VSS they recommended using these
platform ip cef load-sharing ip-only
port-channel load-balance src-dst-port
That uses both source and and destination ip addresses for calculating the load balancing and is supposedly most efficient , not sure if you will ever get it to load balance exactly equally but at least that way it will have a set method that may get you close enough, the problem is the way the algorithm works is its based on something like source ip or mac rather than being an equal cost route so you might not get exact load balance on VSS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide