I do not intend to modify the default behavior, actually original goal was to use Source + Destination Port in the hashing algorithm, but since that documentation stated otherwise I started testing and the whole thing didn't make sense :D
Original Message:
Sent: 08-25-2023 12:02
From: Olivier Benghozi
Subject: Per-Packet Load balancing
Actually, L3 (srcip + dstip) + L4 (proto + dstport + srcport) is very classical in ECMP (and MX adds very useful stuff, MPLS labels and so on).
I would actually suggest to leave the (enhanced)hashkey using its default values in production network, it works well.
About the non-relevance of some documents in Junos documentation? Well, that's the point :D Stuff written by various writers and updated on a multi-years scheme pointing to docs not updated anymore... Not that easy if you don 't follow JunOs release notes and forums.
------------------------------
Olivier Benghozi
Original Message:
Sent: 08-25-2023 11:42
From: TAMAS VARGA
Subject: Per-Packet Load balancing
Hi Olivier,
thank you very much for your answer, it helped a lot!
1, Well, what I try to do is execute 2 SCP copy with the same source and destination IP addresses. Based on the documentation that I linked, the hash-key is generated by Source IP + Destination IP + Protocol, so the 2 parallel SCP copy should use only 1 Connection. But the test results show that the one of the SCP copy uses Connection1 and the other SCP copy uses Connection 2 (they are running parallel).
2, Stupid question, but how do I know that the documentation that I mentioned is not relevant for MX routers? I found that documentation in the same page that you referred: " Understanding the Algorithm Used to Load Balance Traffic on MX Series Routers" :
3, Thank you, this table is GOLD:
Fields | Configurable | Default |
Source IP | No | Yes |
Destination IP | No | Yes |
Protocol ID | No | Yes |
Source TCP/UDP port | Yes | Yes |
Destination TCP/UDP port | Yes | Yes |
Incoming interface | Yes | No |
DSCP | Yes | No |
I disabled Source/Destination port:
set forwarding-options enhanced-hash-key family inet no-destination-port
set forwarding-options enhanced-hash-key family inet no-source-port
And now when I repeat my test, both SCP use the same connection.
------------------------------
TAMAS VARGA
Original Message:
Sent: 08-25-2023 10:32
From: Olivier Benghozi
Subject: Per-Packet Load balancing
Hi,
a few things:
1) I'm afraid that what you explain is not perfectly clear :) What is used and when ?
2) the document you mention is not relevant to MX routers. Of course one would say that juniper doc is quite unclear about this, but whatever... The documentation relevant for MX routers and ECMP is: Understanding the Algorithm Used to Load Balance Traffic on MX Series Routers
3) in order to check what is really actually used by the forwarding engine on your MX router you would do some:
request pfe execute target fpc0 command "show jnh lb"
as explained in (good old) [MX] Hash key computation on MPC cards
------------------------------
Olivier Benghozi
Original Message:
Sent: 08-24-2023 03:04
From: TAMAS VARGA
Subject: Per-Packet Load balancing
I'm using MX204 with 20.4R3-S3.4 Junos OS and enabled load-balancing as follows:
<BGP multipath enabled>set policy-options policy-statement LOAD-BALANCE-ALL term 1 then load-balance per-packetset routing-options forwarding-table export LOAD-BALANCE-ALL
Based on this documentation Junos should use:
- Source IP
- Destination IP
- Protocol type
- Incoming interface index
to create a hash and this way to identify a traffic flow.
In the above test setup, I generated SCP traffic: