Routing

Expand all | Collapse all

BGP Multipath and MX Load Balancing: Paths are not installed in Forwarding table.

Jump to Best Answer
  • 1.  BGP Multipath and MX Load Balancing: Paths are not installed in Forwarding table.

    Posted 12-30-2020 16:02

    Hi everyone,

    I have built a simple lab to practice  IPVPN.

     200.200.200.0/24  -LAN --MX1-----------MX2(P)--------- ge0/0/0-MX4

                                                                                                        |

      200.200.200.0/24 -LAN--MX3------------- ---|

     Above :

    1)We have three PE(MX1,MX3,MX4) configured routing instance "IPVPN " . MX2 is P router  All routers are running LDP.

    2) MX1,MX2 ( PE) are announcing 200.200.200.0/24 to IBGP neighbor MX4.

    3) MX4   receives two BGP updates for 200.200.200.0/24 from its  IBGP neighbors : MX1 and MX3

    Using BGP multipath on MX4, we want MX4 to load balance traffic for destination 200.200.200.0/24 over two LSPS, but forwarding table only shows one LSP path for 200.200.200.0/24, even though MX4 is configured with load balancing policy.     

    But If I configure "set routing-instances IPVPN routing-options multipath" then I see all expected LSPS are installed in forwarding table as shown at the end of this post.

    This is  a different behavior on MX as compare to EX switches in that MX requires  "set routing-instances IPVPN routing-options multipath" 

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB21407&actp=METADATA

    By default, ECMP (Equal Cost Multiple Path) is used to load balance traffic on EX/QFX switches, when there are multiple equal-cost paths available to the same destination. EX/QFX switches support per-packet (flow) load balancing in the global routing-instance (inet.0), as well as in the user-defined routing-instance (Virtual-Router).

    However, when a per-packet load balancing policy is applied to a global routing-instance (inet.0), it is effective for all routing instances (global and user-defined routing instances).

    Thanks and have a good day!!!

    Additional info:  MX4 config snippets

    ##Load balancing config##

    set policy-options policy-statement LB then load-balance per-packet
    set routing-options forwarding-table export LB

    set protocols bgp group INTERNAL type internal
    set protocols bgp group INTERNAL family inet-vpn any
    set protocols bgp group INTERNAL multipath
    set protocols bgp group INTERNAL neighbor 1.1.1.1 local-address 4.4.4.4
    set protocols bgp group INTERNAL neighbor 3.3.3.3 local-address 4.4.4.4

    ## BGP ROUTES##

    root@MX4> show route table IPVPN.inet 200.200.200.0/24 detail

    IPVPN.inet.0: 4 destinations, 5 routes (4 active, 0 holddown, 0 hidden)

      200.200.200.0/24 (2 entries, 1 announced)
    *BGP Preference: 170/-101
    Route Distinguisher: 1.1.1.1:11
    Next hop type: Indirect, Next hop index: 0
    Address: 0xc632d70
    Next-hop reference count: 9
    Source: 1.1.1.1
    Next hop type: Router, Next hop index: 615
    Next hop: 24.24.24.2 via ge-0/0/0.0, selected <-----------
    Label operation: Push 20, Push 16(top)
    Label TTL action: prop-ttl, prop-ttl(top)
    Load balance label: Label 20: None; Label 16: None;
    Label element ptr: 0xc632ac0
    Label parent element ptr: 0xc632700
    Label element references: 1
    Label element child references: 0
    Label element lsp id: 0
    Session Id: 0x140
    Protocol next hop: 1.1.1.1
    Label operation: Push 20
    Label TTL action: prop-ttl
    Load balance label: Label 20: None;
    Indirect next hop: 0xb23e980 1048574 INH Session ID: 0x143
    State: <Secondary Active Int Ext ProtectionCand>
    Local AS: 100 Peer AS: 100
    Age: 38 Metric2: 1
    Validation State: unverified
    Task: BGP_100.1.1.1.1+179
    Announcement bits (1): 0-KRT
    AS path: I
    Communities: target:2:2
    Import Accepted
    VPN Label: 20
    Localpref: 100
    Router ID: 1.1.1.1
    Primary Routing Table bgp.l3vpn.0

    BGP Preference: 170/-101
    Route Distinguisher: 3.3.3.3:33
    Next hop type: Indirect, Next hop index: 0
    Address: 0xc6330d0
    Next-hop reference count: 2
    Source: 3.3.3.3
    Next hop type: Router, Next hop index: 0
    Next hop: 24.24.24.2 via ge-0/0/0.0, selected <----------------
    Label operation: Push 16, Push 17(top)
    Label TTL action: prop-ttl, prop-ttl(top)
    Load balance label: Label 16: None; Label 17: None;
    Label element ptr: 0xc633000
    Label parent element ptr: 0xc6327c0
    Label element references: 1
    Label element child references: 0
    Label element lsp id: 0
    Session Id: 0x0
    Protocol next hop: 3.3.3.3
    Label operation: Push 16
    Label TTL action: prop-ttl
    Load balance label: Label 16: None;
    Indirect next hop: 0xb23eb00 - INH Session ID: 0x0
    State: <Secondary NotBest Int Ext Changed ProtectionCand>
    Inactive reason: Not Best in its group - Router ID
    Local AS: 100 Peer AS: 100
    Age: 34 Metric2: 1
    Validation State: unverified
    Task: BGP_100.3.3.3.3+179
    AS path: I
    Communities: target:2:2
    Import Accepted
    VPN Label: 16
    Localpref: 100
    Router ID: 3.3.3.3
    Primary Routing Table bgp.l3vpn.0

     ## FORWARDING TABLE##

    root@MX4> show route forwarding-table | find "IPVPN.inet"
    Routing table: IPVPN.inet
    Internet:
    Enabled protocols: Bridging, All VLANs,
    Destination Type RtRef Next hop Type Index NhRef Netif
    default perm 0 rjct 555 1
    0.0.0.0/32 perm 0 dscd 553 1
    44.44.44.44/32 intf 0 44.44.44.44 locl 589 1
    200.200.200.0/24 user 0 indr 1048574 4
    24.24.24.2 Push 20, Push 16(top) 615 2 ge-0/0/0.0   <-------- ONLY SINGLE LSP

    However, if I apply  "set routing-instances IPVPN routing-options multipath" then all LSPS are installed:

    root@MX4> show route forwarding-table | find "IPVPN.inet"

    200.200.200.0/24 user 0 ulst 1048576 2
    indr 1048574 4
    24.24.24.2 Push 20, Push 16(top) 615 2 ge-0/0/0.0
    indr 1048575 2
    24.24.24.2 Push 16, Push 17(top) 616 2 ge-0/0/0.0



  • 2.  RE: BGP Multipath and MX Load Balancing: Paths are not installed in Forwarding table.
    Best Answer

     
    Posted 12-30-2020 18:45

    I believe this is the article that you read:

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB21407 

    In my view that first statement can be misleading. 

    What it really means is that equal cost next-hops are available for load balancing  by default.  (The router doesn't just pick one and throws the other one away).  For example, you don't need to go under OSPF or ISIS for the two or more equal cost next hops to be available for load balancing ; They get installed in the routing table by default.  However, you still need to enable load balancing under the forwarding table for these next-hops to be installed in the forwarding table.   The article shows you that the forwarding table only has one next hop before the policy is applied. 

    Now, BGP is different because it does not have a metric or cost. It has attributes and it goes through a decision process that involves comparing the values of those attributes  (local-pref, AS-path length,  origin, and so on) one by one until one and only one next-hop is selected. 

    Thus, BGP always need to have multipath configured to allow load balancing.  Multipath makes the multiple next-hops (with matching attributes) available for load balancing.  Without multipath the BGP decision process goes all the way down to comparing the RID or the peer IP address, and choses the route from the peer with the lowest.  So, at the end of the BGP decision process only one next hop is available.  With multipath there is no RID or IP address comparison and all the next-hops are available for load balancing.  

    The only kind of load balancing that BGP does without multipath is what is called per-prefix load balancing, which means that for example, if the router receives 100 different prefixes from the same 2 peers it selects the first peer for maybe 50 of the prefixes and the other peer for the other 50 prefixes. (it is not necessarily equal, because there is some hashing involved but you get the idea).  

    Also, for L3VPN  load balancing the multipath command you added under routing-instances IPVPN routing-options is required. 

    Let me know if you have any further questions. 

    Regards, 



    ------------------------------
    Yasmin Lara
    Juniper Ambassador
    JNCIE-SP, JNCIE-ENT, JNCIE-DC, JNCIE-SEC
    JNCDS-DC, JNCIA-DevOps, JNCIP-CLOUD, CCNP-ENT
    ------------------------------



  • 3.  RE: BGP Multipath and MX Load Balancing: Paths are not installed in Forwarding table.

    Posted 12-30-2020 19:45

    Thanks !!!




  • 4.  RE: BGP Multipath and MX Load Balancing: Paths are not installed in Forwarding table.

    Posted 12-31-2020 10:48

    hopefully, I'm not too far off topic, but somewhat related is, trying to accomplish L3VPN best path selection without stopping at the BGP best-path selection process at RID...  this helps....  "set protocols ldp track-igp-metric"

    before that command, the inet.3 table has 0 (zero) for all prefixes BGP will use, so they are all equal

    once you use that command, inet.0 metrics (igp) are copied over to inet.3 and now bgp will use those metric as best-path calculation to the next-hop PE for L3VPN.... this was very helpful when I was needing to load balance my traffic in my network for CGNat outbound across multiple MX960 CGNat public pools.  Prior to this, all my subscribers were exiting out a single cgnat node and I was getting no nat load balancing at all.  this was the first step in successfully spreading my outbound traffic

    with subscriber-facing edge PE's scattered throughout my network, the geo-dispersion creates a sufficient load spread across my multiple cgnat inet-facing exit points.



    ------------------------------
    Aaron Gould
    Senior Network Engineer
    aaron@gvtc.com
    https://www.linkedin.com/in/agould123/
    ------------------------------