SRX

Expand all | Collapse all

HA and Dual Wan Loadbalancing

  • 1.  HA and Dual Wan Loadbalancing

    Posted 01-27-2018 04:49

    Dear All,

    I would like to know what is the weakness of my config. I configure my SRX 340 HA and Dual wan loadbalancing with per-packet loadbalancing.But per-packet loadbalancing is not working . if we configure only one static route ,it is ok.if we use dual loadbalancing ,it is not work.

     



  • 2.  RE: HA and Dual Wan Loadbalancing

     
    Posted 01-27-2018 05:00

    Hi ,

     

    Please share the below output.

     

     show route forwarding-table destination 0.0.0.0

     show version

     

    Please refer below document.

     

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB23417

     

    Regards,

    Rahul



  • 3.  RE: HA and Dual Wan Loadbalancing

     
    Posted 01-27-2018 05:11


  • 4.  RE: HA and Dual Wan Loadbalancing

    Posted 01-27-2018 07:45

    i tried your links but i can't not ping to google from firewall in putty.if i plug out the wan one cable ,ping is work.if i put two wan link are plugged ,it isn't work.


    wrote:

    You can also read some of earlier post.

     

    https://forums.juniper.net/t5/SRX-Services-Gateway/load-balancing-on-SRX/td-p/34343

    https://forums.juniper.net/t5/SRX-Services-Gateway/per-prefix-load-balancing/m-p/33716

     

    Regards,

    Rahul



    wrote:

    You can also read some of earlier post.

     

    https://forums.juniper.net/t5/SRX-Services-Gateway/load-balancing-on-SRX/td-p/34343

    https://forums.juniper.net/t5/SRX-Services-Gateway/per-prefix-load-balancing/m-p/33716

     

    Regards,

    Rahul


     



  • 5.  RE: HA and Dual Wan Loadbalancing

    Posted 01-27-2018 07:50
      |   view attached

    wrote:

    Hi ,

    Please see attachment for information.I cannot ping 8.8.8.8 from firewall whan dual wan links are active.when one wan is down i can ping to google.my configuration is wrong?


    wrote:

    Hi ,

     

    Please share the below output.

     

     show route forwarding-table destination 0.0.0.0

     show version

     

    Please refer below document.

     

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB23417

     

    Regards,

    Rahul



    wrote:

    Hi ,

     

    Please share the below output.

     

     show route forwarding-table destination 0.0.0.0

     show version

     

    Please refer below document.

     

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB23417

     

    Regards,

    Rahul


    Hi,

    please see attachment for informations.i canot ping google from firewall. 
     

    Please share the below output.

     

     show route forwarding-table destination 0.0.0.0

     show version

     

    Please refer below document.

     

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB23417

     

    Regards,

    Rahul


     



  • 6.  RE: HA and Dual Wan Loadbalancing

     
    Posted 01-27-2018 08:07

    Hi,

     

    Configuration is not wrong. I just want to make sure that you've two path in forwarding table.

     

    show route forwarding-table destination 0.0.0.0/0

    or

    show route forwarding-table destination 8.8.8.8

     

    Regards,

    Rahul

     



  • 7.  RE: HA and Dual Wan Loadbalancing

    Posted 01-27-2018 18:26

    Dear Rahul,

    please see attachment for forwarding table.Let me know why reject of 8.8.8.8.



  • 8.  RE: HA and Dual Wan Loadbalancing

     
    Posted 01-27-2018 23:18

    Hi,

     

    Output doesn't look good.

     

    routing-options {
        static {
            route 0.0.0.0/0 next-hop [ 203.118.143.129 101.177.211.65 ];
        }
        forwarding-table {
            export LOAD_BALANCE;
        }
    }

    policy-options {
        policy-statement LOAD_BALANCE {
            then {
                load-balance per-packet;
            }
        }
    }

     

    I was expecting somthing like below.

     

    test# run show route 8.8.8.8

    inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both

    8.8.8.8/32          *[Static/5] 4d 23:36:11
                          to 10.10.10.35 via reth0.0
                        > to 10.10.20.35 via reth2.0

     

    test# run show route forwarding-table destination 8.8.8.8     
    Routing table: default.inet
    Internet:
    Destination        Type RtRef Next hop           Type Index    NhRef Netif
    8.8.8.8/32         user     0                    ulst   262142     2
                                  10.10.10.35           hold     1347     2 reth0.0
                                  10.10.20.35           ucst     1330     3 reth2.0

     

    Can you configure below static route and check the forwarding-table for 8.8.8.8/32?

     

    routing-options {
        static {
            route 8.8.8.8/32 next-hop [ 203.118.143.129 101.177.211.65 ];

     

    Regards,

    Rahul



  • 9.  RE: HA and Dual Wan Loadbalancing

    Posted 01-28-2018 02:57

    Hi Rahul,

    it is not solution .when i plug out one wan link i can ping to 8.8.8.8 from firewall . if  i put two wan link are pluged it can not ping .

    but local network  and local hosts can ping to 8.8.8.8.



  • 10.  RE: HA and Dual Wan Loadbalancing

     
    Posted 01-28-2018 03:00

    Hi,

     

    Yes, I need to check if forwarding-plane is correctly programmed. Can you please share the output requested.


    Regards,
    Rahul N



  • 11.  RE: HA and Dual Wan Loadbalancing

    Posted 02-08-2018 18:06

    Hi,
    Please see the below information.And then my srx cannot resolve any domain name and cannot ping any domain,any public ip.
    root@FW1# run show route 8.8.8.8

    inet.0: 35 destinations, 35 routes (35 active, 0 holddown, 0 hidden)
    + = Active Route, - = Last Active, * = Both

    8.8.8.8/32 *[Static/5] 4d 14:41:28
    > to 101.127.251.65 via reth0.0
    to 203.117.144.129 via reth1.0

    {primary:node0}[edit]


    root@FW1# run show route forwarding-table destination 8.8.8.8
    Routing table: default.inet
    Internet:
    Destination Type RtRef Next hop Type Index NhRef Netif
    8.8.8.8/32 user 0 ulst 262142 3
    101.127.251.65 ucst 1368 4 reth0.0
    203.117.144.129 ucst 1369 4 reth1.0

    Routing table: __juniper_services__.inet
    Internet:
    Destination Type RtRef Next hop Type Index NhRef Netif
    default perm 0 dscd 1286 2

    Routing table: __master.anon__.inet
    Internet:
    Destination Type RtRef Next hop Type Index NhRef Netif
    default perm 0 rjct 1325 1

    {primary:node0}[edit]
    root@FW1# run ping 8.8.8.8
    PING 8.8.8.8 (8.8.8.8): 56 data bytes
    ^C
    --- 8.8.8.8 ping statistics ---
    18 packets transmitted, 0 packets received, 100% packet loss

    {primary:node0}[edit]

     

     

    root@# set system ntp server time.nist.gov
    error: could not resolve name: time.nist.gov: time.nist.gov



  • 12.  RE: HA and Dual Wan Loadbalancing

    Posted 02-18-2018 07:31
    How did you configure (per packet loadbalancing)?

    Can you paste the config?