Original Message:
Sent: 12-30-2020 18:44
From: Yasmin Lara
Subject: BGP Multipath and MX Load Balancing: Paths are not installed in Forwarding table.
I believe this is the article that you read:
https://kb.juniper.net/InfoCenter/index?page=content&id=KB21407
In my view that first statement can be misleading.
What it really means is that equal cost next-hops are available for load balancing by default. (The router doesn't just pick one and throws the other one away). For example, you don't need to go under OSPF or ISIS for the two or more equal cost next hops to be available for load balancing ; They get installed in the routing table by default. However, you still need to enable load balancing under the forwarding table for these next-hops to be installed in the forwarding table. The article shows you that the forwarding table only has one next hop before the policy is applied.
Now, BGP is different because it does not have a metric or cost. It has attributes and it goes through a decision process that involves comparing the values of those attributes (local-pref, AS-path length, origin, and so on) one by one until one and only one next-hop is selected.
Thus, BGP always need to have multipath configured to allow load balancing. Multipath makes the multiple next-hops (with matching attributes) available for load balancing. Without multipath the BGP decision process goes all the way down to comparing the RID or the peer IP address, and choses the route from the peer with the lowest. So, at the end of the BGP decision process only one next hop is available. With multipath there is no RID or IP address comparison and all the next-hops are available for load balancing.
The only kind of load balancing that BGP does without multipath is what is called per-prefix load balancing, which means that for example, if the router receives 100 different prefixes from the same 2 peers it selects the first peer for maybe 50 of the prefixes and the other peer for the other 50 prefixes. (it is not necessarily equal, because there is some hashing involved but you get the idea).
Also, for L3VPN load balancing the multipath command you added under routing-instances IPVPN routing-options is required.
Let me know if you have any further questions.
Regards,
------------------------------
Yasmin Lara
Juniper Ambassador
JNCIE-SP, JNCIE-ENT, JNCIE-DC, JNCIE-SEC
JNCDS-DC, JNCIA-DevOps, JNCIP-CLOUD, CCNP-ENT
Original Message:
Sent: 12-30-2020 16:01
From: Unknown User
Subject: BGP Multipath and MX Load Balancing: Paths are not installed in Forwarding table.
Hi everyone,
I have built a simple lab to practice IPVPN.
200.200.200.0/24 -LAN --MX1-----------MX2(P)--------- ge0/0/0-MX4
|
200.200.200.0/24 -LAN--MX3------------- ---|
Above :
1)We have three PE(MX1,MX3,MX4) configured routing instance "IPVPN " . MX2 is P router All routers are running LDP.
2) MX1,MX2 ( PE) are announcing 200.200.200.0/24 to IBGP neighbor MX4.
3) MX4 receives two BGP updates for 200.200.200.0/24 from its IBGP neighbors : MX1 and MX3
Using BGP multipath on MX4, we want MX4 to load balance traffic for destination 200.200.200.0/24 over two LSPS, but forwarding table only shows one LSP path for 200.200.200.0/24, even though MX4 is configured with load balancing policy.
But If I configure "set routing-instances IPVPN routing-options multipath" then I see all expected LSPS are installed in forwarding table as shown at the end of this post.
This is a different behavior on MX as compare to EX switches in that MX requires "set routing-instances IPVPN routing-options multipath"
https://kb.juniper.net/InfoCenter/index?page=content&id=KB21407&actp=METADATA
By default, ECMP (Equal Cost Multiple Path) is used to load balance traffic on EX/QFX switches, when there are multiple equal-cost paths available to the same destination. EX/QFX switches support per-packet (flow) load balancing in the global routing-instance (inet.0), as well as in the user-defined routing-instance (Virtual-Router).
However, when a per-packet load balancing policy is applied to a global routing-instance (inet.0), it is effective for all routing instances (global and user-defined routing instances).
Thanks and have a good day!!!
Additional info: MX4 config snippets
##Load balancing config##
set policy-options policy-statement LB then load-balance per-packet
set routing-options forwarding-table export LB
set protocols bgp group INTERNAL type internal
set protocols bgp group INTERNAL family inet-vpn any
set protocols bgp group INTERNAL multipath
set protocols bgp group INTERNAL neighbor 1.1.1.1 local-address 4.4.4.4
set protocols bgp group INTERNAL neighbor 3.3.3.3 local-address 4.4.4.4
## BGP ROUTES##
root@MX4> show route table IPVPN.inet 200.200.200.0/24 detail
IPVPN.inet.0: 4 destinations, 5 routes (4 active, 0 holddown, 0 hidden)
200.200.200.0/24 (2 entries, 1 announced)
*BGP Preference: 170/-101
Route Distinguisher: 1.1.1.1:11
Next hop type: Indirect, Next hop index: 0
Address: 0xc632d70
Next-hop reference count: 9
Source: 1.1.1.1
Next hop type: Router, Next hop index: 615
Next hop: 24.24.24.2 via ge-0/0/0.0, selected <-----------
Label operation: Push 20, Push 16(top)
Label TTL action: prop-ttl, prop-ttl(top)
Load balance label: Label 20: None; Label 16: None;
Label element ptr: 0xc632ac0
Label parent element ptr: 0xc632700
Label element references: 1
Label element child references: 0
Label element lsp id: 0
Session Id: 0x140
Protocol next hop: 1.1.1.1
Label operation: Push 20
Label TTL action: prop-ttl
Load balance label: Label 20: None;
Indirect next hop: 0xb23e980 1048574 INH Session ID: 0x143
State: <Secondary Active Int Ext ProtectionCand>
Local AS: 100 Peer AS: 100
Age: 38 Metric2: 1
Validation State: unverified
Task: BGP_100.1.1.1.1+179
Announcement bits (1): 0-KRT
AS path: I
Communities: target:2:2
Import Accepted
VPN Label: 20
Localpref: 100
Router ID: 1.1.1.1
Primary Routing Table bgp.l3vpn.0
BGP Preference: 170/-101
Route Distinguisher: 3.3.3.3:33
Next hop type: Indirect, Next hop index: 0
Address: 0xc6330d0
Next-hop reference count: 2
Source: 3.3.3.3
Next hop type: Router, Next hop index: 0
Next hop: 24.24.24.2 via ge-0/0/0.0, selected <----------------
Label operation: Push 16, Push 17(top)
Label TTL action: prop-ttl, prop-ttl(top)
Load balance label: Label 16: None; Label 17: None;
Label element ptr: 0xc633000
Label parent element ptr: 0xc6327c0
Label element references: 1
Label element child references: 0
Label element lsp id: 0
Session Id: 0x0
Protocol next hop: 3.3.3.3
Label operation: Push 16
Label TTL action: prop-ttl
Load balance label: Label 16: None;
Indirect next hop: 0xb23eb00 - INH Session ID: 0x0
State: <Secondary NotBest Int Ext Changed ProtectionCand>
Inactive reason: Not Best in its group - Router ID
Local AS: 100 Peer AS: 100
Age: 34 Metric2: 1
Validation State: unverified
Task: BGP_100.3.3.3.3+179
AS path: I
Communities: target:2:2
Import Accepted
VPN Label: 16
Localpref: 100
Router ID: 3.3.3.3
Primary Routing Table bgp.l3vpn.0
## FORWARDING TABLE##
root@MX4> show route forwarding-table | find "IPVPN.inet"
Routing table: IPVPN.inet
Internet:
Enabled protocols: Bridging, All VLANs,
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 rjct 555 1
0.0.0.0/32 perm 0 dscd 553 1
44.44.44.44/32 intf 0 44.44.44.44 locl 589 1
200.200.200.0/24 user 0 indr 1048574 4
24.24.24.2 Push 20, Push 16(top) 615 2 ge-0/0/0.0 <-------- ONLY SINGLE LSP
However, if I apply "set routing-instances IPVPN routing-options multipath" then all LSPS are installed:
root@MX4> show route forwarding-table | find "IPVPN.inet"
200.200.200.0/24 user 0 ulst 1048576 2
indr 1048574 4
24.24.24.2 Push 20, Push 16(top) 615 2 ge-0/0/0.0
indr 1048575 2
24.24.24.2 Push 16, Push 17(top) 616 2 ge-0/0/0.0