Load Sharing VPLS end

  • 0
  • 2
  • Problem
  • Updated 2 years ago
  • Solved
Hello Community,

I'm having headache about the load-balance on Aggreation Ports.

Our scenery is a MPLS network who the end point are connected by Juniper Routers.
These connections are 10G (20g agg) and have one VLAN VPLS tagged end-by-end.
The traffic doesn't get balanced even when I change the hash-algorithm and the balance type.

Is there any problem using VPLS and LACP? 
Extreme introduced the load-sharing VPLS but I think that useful just for the trunk LACP/MPLS, isn't?

Thanks,
Julian Eble
Photo of Julian Eble

Julian Eble

  • 1,394 Points 1k badge 2x thumb

Posted 3 years ago

  • 0
  • 2
Photo of andreas

andreas

  • 1,218 Points 1k badge 2x thumb
So you are looking to loadbalance LSP? Then use 15.6 ?
Photo of Julian Eble

Julian Eble

  • 1,394 Points 1k badge 2x thumb
That's also a request that we're testing to use.
The scheme are more or less this:

Juniper =>20G LACP <= EXTREME CORE MPLS #VPLS# =>20G LACP => Juniper

The Juniper are doing the work just fine, but the Extreme are only transmiting in one port:

See below:



sh ports 47,48 utilizationLink Utilization Averages                            Thu Apr 16 18:16:05 2015
Port     Link    Link                 Rx             Peak Rx                 Tx            Peak Tx
           State   Speed  % bandwidth    % bandwidth   % bandwidth   % bandwidth
================================================================================
47        A       10000    22.01         22.01         31.02           31.02
48        A       10000    22.15         22.15         73.58           73.58

==============================================================================
    47     47        LACP      L3_L4       47         Y      A        0
                                        L3_L4       48         Y      A        0
==============================================================================



(Edited)
Photo of welisson

welisson

  • 1,014 Points 1k badge 2x thumb
i'm through the same problem, and i don't have answer yet.

But there is a command called "enable l2vpn sharing" and it saids make a traffic distribution betwen the interfaces LAG, however i tried update 2 x460, and them don't work fine, where i needed to do a downgrade of firmware.

if you have answer please let me know, becaus i'm the same situation.

:-(
Photo of andreas

andreas

  • 1,218 Points 1k badge 2x thumb
how many LSPs do you have over this LAG ? Are you running RSVP-TE or just LDP signaling ? 

// Andreas
Photo of Julian Eble

Julian Eble

  • 1,394 Points 1k badge 2x thumb
So, between the Juniper and Extreme there's no MPLS involved.
It's just L2, it's a termination of the VPLS.
The traffic are not being calculated in the hash.


But yes, in the backbone I'm using LSP and LDP.
Photo of Leonardo Sambrana

Leonardo Sambrana, Alum

  • 128 Points 100 badge 2x thumb
you cannot load balance LDP signaled LSP ́s. they must be RSVP signaled if you want to load balance them. although you can load balance a LSP on a LAG but as you have few # of labels the distribution is not good. the workaround is to create more LSP ́s to your pseudowire.
Photo of Julian Eble

Julian Eble

  • 1,394 Points 1k badge 2x thumb
Hello Leonardo,


I know what you is talking about, but in the end of my tunnel, there's no LSP signalling, just the raw packets...

I'm doing a lab right know, and I getting some conclusions about.
After the end of the VPLS , the LAG are hashing only when there's multiple MAC source, and the switch is not handling about the IP Source and Destionations...

I don't know if was clear enough but I will open a TAC about it...
Photo of welisson

welisson

  • 1,014 Points 1k badge 2x thumb
Julian,

I'm confused now, so, are you using mpls between extreme and Juniper?

Is it problem happenning over cloud mpls, or just end network without mpls?
Photo of Julian Eble

Julian Eble

  • 1,394 Points 1k badge 2x thumb
Welisson,

I'm nto using  mpls between extreme and Juniper.
My main problem right now is the traffic without mpls.
But the traffic is coming by MPLS with VPLS tunnel.

I would like to have your skype to share my labs and try to show you my tests.
Photo of welisson

welisson

  • 1,014 Points 1k badge 2x thumb
Hi Julian,

send me an email i reply my skype to you
my e-mail is welissontome [@] ig dot com dot br
(Edited)
Photo of welisson

welisson

  • 1,014 Points 1k badge 2x thumb
Hi Leonardo

So, the question is. Why is there LAG and MPLS  and they don't be possible use both at the same time?

in this case of the Julian, he has two interfaces 10Gbp/s in my case i have two interfaces gigabit, so, the ideia is increase bandwith making the LAG, but when we use MPLS we can't enjoy it.

Doesn't be so clear yet. What is reason about this don't  work fine?


TKs
(Edited)
Photo of Colatuno, Joe

Colatuno, Joe, Escalation Support Engineer

  • 1,096 Points 1k badge 2x thumb
Hello,

The sharing algorithm is most likely at fault here.  The L3_L4 streams will use the same link based on hash algorithm.  Unfortunately Extreme does not do load balancing 1:1.  We will load share but the traffic streams and what links they actually traverse in the share group will be dependent on the hashing algorithm.   Traffic analysis would be your best bet here to determine the best share group algorithm to use to help balance the traffic but 1:1 balance will never be guaranteed.

Regards,

Joe Colatuno
Escalation Support Engineer
(Edited)
Photo of welisson

welisson

  • 1,014 Points 1k badge 2x thumb
Hi Joe,

So, i know if depends of the traffic will be crossing the link sharing, where it can be unicast, multicast etc, but in my case i'm using all the traffic over vpls, and then, i don't have this traffic distribution or balacing between the link sharing, or be, not even 1:1, 1:2 and so, i have all the traffic been transmitted over only one port of the link sharing, and i not sure if the Extreme can to do that, also why is there Etherchannel/LACP(load Sharing in this case of the Extreme)if i can't using all switch's features?

Tks
Welisson
Photo of Colatuno, Joe

Colatuno, Joe, Escalation Support Engineer

  • 1,096 Points 1k badge 2x thumb
Hey Welisson,

Please see my response below to Julian and Douglas.  Any questions further just let me know.
Photo of Bill Stritzinger

Bill Stritzinger, Alum

  • 6,036 Points 5k badge 2x thumb
Based on your layout... 


Juniper =>20G LACP <= EXTREME CORE MPLS #VPLS# =>20G LACP => Juniper

How many VPLS tunnels are there?  It would seem to me that because the tunnels would have the same source and destination mac (assuming multiple tunnels exist) that the hash would be limited to those pairs. If that is true, that would explain the lack of sharing across the links. In a traditional lag the hash would be able to take each stream and its source mac to apply the hash to and therefore being able to distribute efficiently, when the sources mac is small the distribution would be that way as well. Any idea how many source/destination mac pairs there are in that traffic? 

Bill
Photo of Julian Eble

Julian Eble

  • 1,394 Points 1k badge 2x thumb
In this case, just one tunnel, but the point is related to the end and then we're doing the pure L2.

I had a lab where just I simulated a traffic orignated by just one source and destionation mac, but multiples source and destionation IP's and protocols.

The traffic don't get hashed and are flowing just in one interface.
Photo of Bill Stritzinger

Bill Stritzinger, Alum

  • 6,036 Points 5k badge 2x thumb
OK..  Can you please share the output from "show sharing"?  If the interface is only L2 then the hash can only (will only) be done on the L2 hash (source mac/destination mac). How many streams?
Photo of Prashanth KG

Prashanth KG, Employee

  • 5,300 Points 5k badge 2x thumb
So, the ports 47 and 48 are the VPLS service ports connected to the Juniper devices right? If that is true, the fields that would be used by switch for hashing would be the source-mac-addresses and destination-mac-addresses (only L2 fields). 

If it is only VPLS service traffic flowing out of these ports to the Juniper devices, the only option would be to use the L2 algorithm rather than L3. But if there is not a lot of source and destination mac address variation, this may not help. 

If the traffic is coming into the switch through multiple ports, we could give port-based sharing a try. 
Photo of Klaus Schneider

Klaus Schneider

  • 70 Points
Hello Joe.

It is really the case of hash algorithm? Because on our case(Douglas) the traffic comes from only one of the interfaces and on the other comes nothing.
Photo of Klaus Schneider

Klaus Schneider

  • 70 Points
On our case, the traffic is mostly unicast(>99%), the URL you suggested treats multicast.
Photo of andreas

andreas

  • 1,218 Points 1k badge 2x thumb
Douglas the mikrotik-extreme vpls configuration can you share this ? 
Photo of Colatuno, Joe

Colatuno, Joe, Escalation Support Engineer

  • 1,096 Points 1k badge 2x thumb
Hey Klaus,

It certainly could be other issues if no traffic is on one of the ports.  ie: misconfiguration with sharing, layer 1 issue, etc.  Its hard to say without looking at the port level and configuration but assuming all that is fine on both sides the algorithm could very well be at fault.

I did not mean to lead you in the wrong direction with the multicast article.  I just wanted to provide an example on how different types of traffic ie. broadcast, unicast, multicast will also effect the sharing load.

How are you looking at the traffic on the ports?  Show port utilization?  Show port statistics?  Which port is actively sending/receiving traffic is this the master port or a member?  Have you tried disable one port in the lag and see if traffic fails over? 

A case with GTAC may be a good next option here for you as we can have an engineer take a deeper dive into root cause.  If you need to get that started for you just let me know
Hi Andreas, 

In Extreme-Mikoritk link there's no MPLS configuration, just L2 connection with VLAN 802.1q tag.

Hugs,
Photo of Julian Eble

Julian Eble

  • 1,394 Points 1k badge 2x thumb
Got an answer today, very sad by the way... :(
 
"Engineering got back to me today, saying this a hardware limitation with Summit X670, X480 and X460.
 
There is no hardware provision(in terms of registers) to accomplish load sharing based on inner L3 fields in the MPLS terminated packet and the packets will be forwarded as per L2 hashing.
 
The above information is not mentioned in the concepts guide, hence a documentation CR# xos0061631 was created to update the document."
 
Photo of Anatoly Machekhin

Anatoly Machekhin

  • 290 Points 250 badge 2x thumb
Hello Community,

I have the same very problem on X670-G2. Our network looks like:

MPLS L3VPN on Juniper =LAG 2x10G= L2 domain =LAG 2x10G= MPLS L3VPN on Juniper

L2 domain consists of Extreme X670-G2 switches (stacks) with one VPLS instance.
We configured "l2vpn sharing" and multiple rsvp-te lsp between VPLS end nodes. Traffic is load-balanced between lsp.

      Transport LSP      : LSP_E1_E2_1 (Configured)
         Next Hop I/F    : VLAN12
         Next Hop Addr   : 172.22.127.10             Tx Label  : 0x0043b
         Tx Pkts         : 1213508852                Tx Bytes  : 3128993213097
      Transport LSP      : LSP_E1_E2_2 (Configured)
         Next Hop I/F    : VLAN12
         Next Hop Addr   : 172.22.127.10             Tx Label  : 0x0043d
         Tx Pkts         : 598239828                 Tx Bytes  : 3528005632087
      Transport LSP      : LSP_E1_E2_3 (Configured)
         Next Hop I/F    : VLAN12
         Next Hop Addr   : 172.22.127.10             Tx Label  : 0x0043f
         Tx Pkts         : 401710508                 Tx Bytes  : 3236292622542
      Transport LSP      : LSP_E1_E2_4 (Configured)
         Next Hop I/F    : VLAN12
         Next Hop Addr   : 172.22.127.10             Tx Label  : 0x00441
         Tx Pkts         : 1034383499                Tx Bytes  : 3032407107905

But on the end nodes traffic to Junipers is not load-balanced.
Any ideas how to do LAG load-balancing in this case?
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
Hi Anatoly,

What hashing algorithm are you using? XOR, CRC32?

Could you please share the "show sharing" output?
Photo of Anatoly Machekhin

Anatoly Machekhin

  • 290 Points 250 badge 2x thumb
Hi Henrique,

We have port-based at one node:

# sho sharing
Load Sharing Monitor
Config    Current    Agg       Ld Share    Ld Share  Agg   Link    Link Up
Master    Master     Control   Algorithm   Group     Mbr   State   Transitions
==============================================================================
   2:1    1:1        LACP      port        1:1        Y      A        0
                               port        2:1        Y      A        0
   2:5    1:5        LACP      port        1:5        Y      A        0
                               port        2:5        Y      A        0
   2:6    1:6        LACP      port        1:6        Y      A        0
                               port        2:6        Y      A        0

And custom (default) at the other end:

# sh sharing
Load Sharing Monitor
Config    Current    Agg       Ld Share    Ld Share  Agg   Link    Link Up
Master    Master     Control   Algorithm   Group     Mbr   State   Transitions
==============================================================================
   2:1    1:1        LACP      custom      1:1        Y      A        0
                               custom      2:1        Y      A        0
   2:2    1:2        LACP      custom      1:2        Y      A        0
                               custom      2:2        Y      A        0
  2:21   1:21        LACP      custom      1:21       Y      A        0
                               custom      2:21       Y      A        0
(Edited)
Photo of Anatoly Machekhin

Anatoly Machekhin

  • 290 Points 250 badge 2x thumb
Neither works.
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
Hi Anatoly, I would suggest you to try using address-based custom algorithm and change the hashing from xor to crc-32 upper or lower.

To try with upper:

configure sharing address-based custom hash-algorithm crc-32 upper

To try with lower:

configure sharing address-based custom hash-algorithm crc-32 lower

Do you have just 1 X670G2 between the Juniper's devices?

If you have 2 X670G2's directly connected, change the hashing for just 1 switch and keep the other with address-based custom algorithm and default hashing (xor).
Photo of Anatoly Machekhin

Anatoly Machekhin

  • 290 Points 250 badge 2x thumb
Hi Henrique,
Thank you for answer.
We have 2 X670-G2 switches running VPLS between Junipers. On one we have address-based xor balancing, on the other - port-based. Later today I will change address-based balancing to crc32 (will try upper and lower).
Photo of Anatoly Machekhin

Anatoly Machekhin

  • 290 Points 250 badge 2x thumb
Hi All!

At last we got our customers to approve downtime. I configured sharing crc32 (first upper, half an hour later - lower), but result is negative. IP traffic is balancing OK, but L3VPN MPLS - absolutely not.
Anybody has any ideas?
Photo of welisson

welisson

  • 1,014 Points 1k badge 2x thumb
Hi Anatoly,

I known that x670 family has a feature to enable mpls lsp load-sharing or some thing like that, and using this feature it will do this load balancing in the packets lsp.

it has been provided from x460-G2.[1]

[1] https://gtacknowledge.extremenetworks.com/articles/Solution/Unable-to-configure-L2VPN-sharing-with-M...

have you already tried it?
Photo of Anatoly Machekhin

Anatoly Machekhin

  • 290 Points 250 badge 2x thumb
Hi welisson,

Yes, I think you mean "l2vpn sharing" feature, and it is enabled on our Extreme switches. And yes, traffic is balanced between LSP from one switch to the other:

      Transport LSP      : LSP_E1_E2_1 (Configured)
         Next Hop I/F    : VLAN12
         Next Hop Addr   : 172.22.127.10             Tx Label  : 0x0043b
         Tx Pkts         : 1213508852                Tx Bytes  : 3128993213097
      Transport LSP      : LSP_E1_E2_2 (Configured)
         Next Hop I/F    : VLAN12
         Next Hop Addr   : 172.22.127.10             Tx Label  : 0x0043d
         Tx Pkts         : 598239828                 Tx Bytes  : 3528005632087
      Transport LSP      : LSP_E1_E2_3 (Configured)
         Next Hop I/F    : VLAN12
         Next Hop Addr   : 172.22.127.10             Tx Label  : 0x0043f
         Tx Pkts         : 401710508                 Tx Bytes  : 3236292622542
      Transport LSP      : LSP_E1_E2_4 (Configured)
         Next Hop I/F    : VLAN12
         Next Hop Addr   : 172.22.127.10             Tx Label  : 0x00441
         Tx Pkts         : 1034383499                Tx Bytes  : 3032407107905

But when switch send traffic to Juniper it puts all traffic in one port in LAG (sharing group) and that is the problem GTAC could not help us with.
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
Hi Anatoly, could you please share a topology (including all uplinks) and the MPLS configuration for both X670G2s? Also, please point in the diagram where the balancing is not happening.

Thanks.
Photo of Anatoly Machekhin

Anatoly Machekhin

  • 290 Points 250 badge 2x thumb
Photo of Anatoly Machekhin

Anatoly Machekhin

  • 290 Points 250 badge 2x thumb
Hi Henrique,
Topology is in previous post.
Traffic goes from PE01 to PE02. And vice versa.
Balancing is not happening on sharing groups 2:1 on both Extreme switches to Junipers.

Is there a way to attach config file?
(Edited)
Photo of Anatoly Machekhin

Anatoly Machekhin

  • 290 Points 250 badge 2x thumb
OK, here go configs:

TL04.1 ##
# Module mpls configuration.
#
configure mpls add vlan "LB4"
enable mpls vlan "LB4"
enable mpls rsvp-te vlan "LB4"
enable mpls ldp vlan "LB4"
configure mpls add vlan "VLAN45"
enable mpls vlan "VLAN45"
enable mpls rsvp-te vlan "VLAN45"
enable mpls ldp vlan "VLAN45"
enable mpls bfd vlan "VLAN45"
configure mpls add vlan "VLAN49"
enable mpls vlan "VLAN49"
enable mpls rsvp-te vlan "VLAN49"
enable mpls ldp vlan "VLAN49"
enable mpls bfd vlan "VLAN49"
create mpls rsvp-te path "TL04_TL05"
create mpls rsvp-te path "TL04_TL09_TL05"
configure mpls rsvp-te path TL04_TL05 add ero 172.22.127.10/32 strict order 100
configure mpls rsvp-te path TL04_TL09_TL05 add ero 172.22.127.5/32 strict order 100
configure mpls rsvp-te path TL04_TL09_TL05 add ero 172.22.127.2/32 strict order 200
create mpls rsvp-te lsp "LSP_TL04_TL05" destination 172.22.128.5
configure mpls rsvp-te lsp "LSP_TL04_TL05" fast-reroute disable
create mpls rsvp-te lsp "LSP_TL04_TL05_1" destination 172.22.128.5
configure mpls rsvp-te lsp "LSP_TL04_TL05_1" fast-reroute disable
create mpls rsvp-te lsp "LSP_TL04_TL05_2" destination 172.22.128.5
configure mpls rsvp-te lsp "LSP_TL04_TL05_2" fast-reroute disable
create mpls rsvp-te lsp "LSP_TL04_TL05_3" destination 172.22.128.5
configure mpls rsvp-te lsp "LSP_TL04_TL05_3" fast-reroute disable
configure mpls rsvp-te lsp "LSP_TL04_TL05" add path "TL04_TL05" primary
configure mpls rsvp-te lsp "LSP_TL04_TL05" add path "TL04_TL09_TL05" secondary
configure mpls rsvp-te lsp "LSP_TL04_TL05_1" add path "TL04_TL05" primary
configure mpls rsvp-te lsp "LSP_TL04_TL05_1" add path "TL04_TL09_TL05" secondary
configure mpls rsvp-te lsp "LSP_TL04_TL05_2" add path "TL04_TL05" primary
configure mpls rsvp-te lsp "LSP_TL04_TL05_2" add path "TL04_TL09_TL05" secondary
configure mpls rsvp-te lsp "LSP_TL04_TL05_3" add path "TL04_TL05" primary
configure mpls rsvp-te lsp "LSP_TL04_TL05_3" add path "TL04_TL09_TL05" secondary
configure mpls exp examination value 5 qosProfile QP5
configure mpls exp replacement qosProfile QP5 value 5
configure mpls lsr-id 172.22.128.4
enable mpls protocol ldp
enable mpls protocol rsvp-te
enable mpls exp examination
enable mpls exp replacement
enable mpls
create l2vpn vpls VPLS_GIN fec-id-type pseudo-wire 200
configure l2vpn vpls VPLS_GIN add service vlan GIN
create l2vpn vpls VPLS_VPN fec-id-type pseudo-wire 300
configure l2vpn vpls VPLS_VPN add service vlan VPN
enable l2vpn sharing
configure l2vpn vpls VPLS_GIN add peer 172.22.128.5 core full-mesh
configure l2vpn vpls VPLS_GIN add peer 172.22.128.9 core full-mesh
configure l2vpn vpls VPLS_VPN add peer 172.22.128.5 core full-mesh
configure l2vpn vpls VPLS_VPN add peer 172.22.128.9 core full-mesh
configure l2vpn vpls VPLS_VPN peer 172.22.128.5 add mpls lsp LSP_TL04_TL05
configure l2vpn vpls VPLS_VPN peer 172.22.128.5 add mpls lsp LSP_TL04_TL05_1
configure l2vpn vpls VPLS_VPN peer 172.22.128.5 add mpls lsp LSP_TL04_TL05_2
configure l2vpn vpls VPLS_VPN peer 172.22.128.5 add mpls lsp LSP_TL04_TL05_3