Solved: Re: ECMP and polarization of traffic on Catalyst 9000

filopeter · ‎08-03-2020

Hello,

is there a way to avoid polarization (sub-optimal use of redundant paths) in case of ECMP and tune (have under control) the load-sharing algorithm?

According the routing configuration guide

"Because the switch or switch stack uses Application Specific Integrated Circuits (ASICs) to achieve Gigabit-speed line rate IP traffic, CEF or dCEF forwarding applies only to the software-forwarding path, that is, traffic that is forwarded by the CPU.”

For me it means the "ip cef load-sharing algorithm..." command is applied only to traffic forwarded by the CPU and not by the UADP ASIC.

Best Regards,

Peter

filopeter · ‎08-14-2020

Hi Joseph,

thank you for your answer.

I did some basic tests and according the results the CAT9K uses by default

- full hashing inputs (SIP+DIP+Layer4 ports) in case of TCP/UDP traffic.
- default hashing inputs (SIP and DIP only) in case of non TCP/UDP traffic

ToS values were ignored in both scenarios and do not participate in the hashing calculation.

My polarization issue was not related to a hashing algorithm calculation, but to a missing configuration of the following feature

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-16/irg-xe-16-book/bgp-multi-paths-redistribute.html

Best Regards,

P.

View solution in original post

Joseph W. Doherty · ‎08-03-2020

Cannot say for sure for a 9000, but on 6500s hardware, as I understand it, ECMP load balanced as CEF would (also not using CPU). Although there was not detailed algorithm control over how the distribution was done, there was a way to deal with polarization for passing through multiple 6500s, in series.

See:
https://www.cisco.com/c/en/us/support/docs/ip/express-forwarding-cef/116376-technote-cef-00.html#anc5
https://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-virtual-switching-system-1440/109638-vss-pf-tshoot.html#ucmp

Perhaps 9000 offers something similar.(?)

filopeter · ‎08-14-2020

Hi Joseph,

thank you for your answer.

I did some basic tests and according the results the CAT9K uses by default

- full hashing inputs (SIP+DIP+Layer4 ports) in case of TCP/UDP traffic.
- default hashing inputs (SIP and DIP only) in case of non TCP/UDP traffic

ToS values were ignored in both scenarios and do not participate in the hashing calculation.

My polarization issue was not related to a hashing algorithm calculation, but to a missing configuration of the following feature

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-16/irg-xe-16-book/bgp-multi-paths-redistribute.html

Best Regards,

P.

Joseph W. Doherty · ‎08-14-2020

Thank you for the follow up information!

I believe (?) you can mark you own posting as solved, which if you can, please do so. This so others might see a solution for a similar issue.

MDz · ‎10-01-2020

As per documentation

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-8/configuration_guide/rtng/b_168_rtng_9300_cg/b_168_rtng_9300_cg_chapter_01011.html

Per-Destination Load Balancing for CEF Traffic
Per-destination load balancing (default) allows the device to use multiple paths to achieve load sharing across multiple source-destination host pairs. Packets for a given source-destination host pair are guaranteed to take the same path, even if multiple paths are available. Traffic streams destined for different pairs tend to take different paths.

my understanding is UDP/TCP port numbers should not be used for electing output interface. The load-balancing should be done based on SRC/DST IP addresses only. I had no chance to test it but it is not consistent with the test results posted here.Could anyone clarify this?

It looks the behaviour /whatever it is/ cannot be changed.

SUMMARY STEPS
enable
configure terminal
ip cef load-sharing algorithm {original | universal [id] }
end

filopeter · ‎10-04-2020

From the same documentation:

"Because the switch or switch stack uses Application Specific Integrated Circuits (ASICs) to achieve Gigabit-speed line rate IP traffic, CEF or dCEF forwarding applies only to the software-forwarding path, that is, traffic that is forwarded by the CPU."

That means, this command does not have any influence on UADP behaviour.

P.