Load Sharing VPLS end



Show first post

49 replies

So, the ports 47 and 48 are the VPLS service ports connected to the Juniper devices right? If that is true, the fields that would be used by switch for hashing would be the source-mac-addresses and destination-mac-addresses (only L2 fields).

If it is only VPLS service traffic flowing out of these ports to the Juniper devices, the only option would be to use the L2 algorithm rather than L3. But if there is not a lot of source and destination mac address variation, this may not help.

If the traffic is coming into the switch through multiple ports, we could give port-based sharing a try.
On our case, the traffic is mostly unicast(>99%), the URL you suggested treats multicast.
Userlevel 2
So, the ports 47 and 48 are the VPLS service ports connected to the Juniper devices right? If that is true, the fields that would be used by switch for hashing would be the source-mac-addresses and destination-mac-addresses (only L2 fields).

If it is only VPLS service traffic flowing out of these ports to the Juniper devices, the only option would be to use the L2 algorithm rather than L3. But if there is not a lot of source and destination mac address variation, this may not help.

If the traffic is coming into the switch through multiple ports, we could give port-based sharing a try.
Douglas the mikrotik-extreme vpls configuration can you share this ?
Userlevel 4
So, the ports 47 and 48 are the VPLS service ports connected to the Juniper devices right? If that is true, the fields that would be used by switch for hashing would be the source-mac-addresses and destination-mac-addresses (only L2 fields).

If it is only VPLS service traffic flowing out of these ports to the Juniper devices, the only option would be to use the L2 algorithm rather than L3. But if there is not a lot of source and destination mac address variation, this may not help.

If the traffic is coming into the switch through multiple ports, we could give port-based sharing a try.
Hey Klaus,

It certainly could be other issues if no traffic is on one of the ports. ie: misconfiguration with sharing, layer 1 issue, etc. Its hard to say without looking at the port level and configuration but assuming all that is fine on both sides the algorithm could very well be at fault.

I did not mean to lead you in the wrong direction with the multicast article. I just wanted to provide an example on how different types of traffic ie. broadcast, unicast, multicast will also effect the sharing load.

How are you looking at the traffic on the ports? Show port utilization? Show port statistics? Which port is actively sending/receiving traffic is this the master port or a member? Have you tried disable one port in the lag and see if traffic fails over?

A case with GTAC may be a good next option here for you as we can have an engineer take a deeper dive into root cause. If you need to get that started for you just let me know
So, the ports 47 and 48 are the VPLS service ports connected to the Juniper devices right? If that is true, the fields that would be used by switch for hashing would be the source-mac-addresses and destination-mac-addresses (only L2 fields).

If it is only VPLS service traffic flowing out of these ports to the Juniper devices, the only option would be to use the L2 algorithm rather than L3. But if there is not a lot of source and destination mac address variation, this may not help.

If the traffic is coming into the switch through multiple ports, we could give port-based sharing a try.
Hi Andreas,

In Extreme-Mikoritk link there's no MPLS configuration, just L2 connection with VLAN 802.1q tag.

Hugs,
Userlevel 2
Got an answer today, very sad by the way... :(
"Engineering got back to me today, saying this a hardware limitation with Summit X670, X480 and X460.

There is no hardware provision(in terms of registers) to accomplish load sharing based on inner L3 fields in the MPLS terminated packet and the packets will be forwarded as per L2 hashing.

The above information is not mentioned in the concepts guide, hence a documentation CR# xos0061631 was created to update the document."
Hello Community,

I have the same very problem on X670-G2. Our network looks like:

MPLS L3VPN on Juniper =LAG 2x10G= L2 domain =LAG 2x10G= MPLS L3VPN on Juniper

L2 domain consists of Extreme X670-G2 switches (stacks) with one VPLS instance.
We configured "l2vpn sharing" and multiple rsvp-te lsp between VPLS end nodes. Traffic is load-balanced between lsp.

Transport LSP : LSP_E1_E2_1 (Configured)
Next Hop I/F : VLAN12
Next Hop Addr : 172.22.127.10 Tx Label : 0x0043b
Tx Pkts : 1213508852 Tx Bytes : 3128993213097
Transport LSP : LSP_E1_E2_2 (Configured)
Next Hop I/F : VLAN12
Next Hop Addr : 172.22.127.10 Tx Label : 0x0043d
Tx Pkts : 598239828 Tx Bytes : 3528005632087
Transport LSP : LSP_E1_E2_3 (Configured)
Next Hop I/F : VLAN12
Next Hop Addr : 172.22.127.10 Tx Label : 0x0043f
Tx Pkts : 401710508 Tx Bytes : 3236292622542
Transport LSP : LSP_E1_E2_4 (Configured)
Next Hop I/F : VLAN12
Next Hop Addr : 172.22.127.10 Tx Label : 0x00441
Tx Pkts : 1034383499 Tx Bytes : 3032407107905

But on the end nodes traffic to Junipers is not load-balanced.
Any ideas how to do LAG load-balancing in this case?
Userlevel 6
Hi Anatoly,

What hashing algorithm are you using? XOR, CRC32?

Could you please share the "show sharing" output?
Hi Henrique,

We have port-based at one node:

# sho sharing
Load Sharing Monitor
Config Current Agg Ld Share Ld Share Agg Link Link Up
Master Master Control Algorithm Group Mbr State Transitions
==============================================================================
2:1 1:1 LACP port 1:1 Y A 0
port 2:1 Y A 0
2:5 1:5 LACP port 1:5 Y A 0
port 2:5 Y A 0
2:6 1:6 LACP port 1:6 Y A 0
port 2:6 Y A 0[/code]
And custom (default) at the other end:

# sh sharing
Load Sharing Monitor
Config Current Agg Ld Share Ld Share Agg Link Link Up
Master Master Control Algorithm Group Mbr State Transitions
==============================================================================
2:1 1:1 LACP custom 1:1 Y A 0
custom 2:1 Y A 0
2:2 1:2 LACP custom 1:2 Y A 0
custom 2:2 Y A 0
2:21 1:21 LACP custom 1:21 Y A 0
custom 2:21 Y A 0
[/code]
Neither works.
Userlevel 6
Hi Anatoly, I would suggest you to try using address-based custom algorithm and change the hashing from xor to crc-32 upper or lower.

To try with upper:

configure sharing address-based custom hash-algorithm crc-32 upper

To try with lower:

configure sharing address-based custom hash-algorithm crc-32 lower

Do you have just 1 X670G2 between the Juniper's devices?

If you have 2 X670G2's directly connected, change the hashing for just 1 switch and keep the other with address-based custom algorithm and default hashing (xor).
Hi Henrique,
Thank you for answer.
We have 2 X670-G2 switches running VPLS between Junipers. On one we have address-based xor balancing, on the other - port-based. Later today I will change address-based balancing to crc32 (will try upper and lower).
Hi All!

At last we got our customers to approve downtime. I configured sharing crc32 (first upper, half an hour later - lower), but result is negative. IP traffic is balancing OK, but L3VPN MPLS - absolutely not.
Anybody has any ideas?
Userlevel 2
Hi Anatoly,

I known that x670 family has a feature to enable mpls lsp load-sharing or some thing like that, and using this feature it will do this load balancing in the packets lsp.

it has been provided from x460-G2.[¹]

[¹] https://gtacknowledge.extremenetworks.com/articles/Solution/Unable-to-configure-L2VPN-sharing-with-M...

have you already tried it?
Hi welisson,

Yes, I think you mean "l2vpn sharing" feature, and it is enabled on our Extreme switches. And yes, traffic is balanced between LSP from one switch to the other:

Transport LSP : LSP_E1_E2_1 (Configured)
Next Hop I/F : VLAN12
Next Hop Addr : 172.22.127.10 Tx Label : 0x0043b
Tx Pkts : 1213508852 Tx Bytes : 3128993213097
Transport LSP : LSP_E1_E2_2 (Configured)
Next Hop I/F : VLAN12
Next Hop Addr : 172.22.127.10 Tx Label : 0x0043d
Tx Pkts : 598239828 Tx Bytes : 3528005632087
Transport LSP : LSP_E1_E2_3 (Configured)
Next Hop I/F : VLAN12
Next Hop Addr : 172.22.127.10 Tx Label : 0x0043f
Tx Pkts : 401710508 Tx Bytes : 3236292622542
Transport LSP : LSP_E1_E2_4 (Configured)
Next Hop I/F : VLAN12
Next Hop Addr : 172.22.127.10 Tx Label : 0x00441
Tx Pkts : 1034383499 Tx Bytes : 3032407107905[/code]
But when switch send traffic to Juniper it puts all traffic in one port in LAG (sharing group) and that is the problem GTAC could not help us with.
Userlevel 6
Hi Anatoly, could you please share a topology (including all uplinks) and the MPLS configuration for both X670G2s? Also, please point in the diagram where the balancing is not happening.

Thanks.

Hi Henrique,
Topology is in previous post.
Traffic goes from PE01 to PE02. And vice versa.
Balancing is not happening on sharing groups 2:1 on both Extreme switches to Junipers.

Is there a way to attach config file?
OK, here go configs:

TL04.1 ##
# Module mpls configuration.
#
configure mpls add vlan "LB4"
enable mpls vlan "LB4"
enable mpls rsvp-te vlan "LB4"
enable mpls ldp vlan "LB4"
configure mpls add vlan "VLAN45"
enable mpls vlan "VLAN45"
enable mpls rsvp-te vlan "VLAN45"
enable mpls ldp vlan "VLAN45"
enable mpls bfd vlan "VLAN45"
configure mpls add vlan "VLAN49"
enable mpls vlan "VLAN49"
enable mpls rsvp-te vlan "VLAN49"
enable mpls ldp vlan "VLAN49"
enable mpls bfd vlan "VLAN49"
create mpls rsvp-te path "TL04_TL05"
create mpls rsvp-te path "TL04_TL09_TL05"
configure mpls rsvp-te path TL04_TL05 add ero 172.22.127.10/32 strict order 100
configure mpls rsvp-te path TL04_TL09_TL05 add ero 172.22.127.5/32 strict order 100
configure mpls rsvp-te path TL04_TL09_TL05 add ero 172.22.127.2/32 strict order 200
create mpls rsvp-te lsp "LSP_TL04_TL05" destination 172.22.128.5
configure mpls rsvp-te lsp "LSP_TL04_TL05" fast-reroute disable
create mpls rsvp-te lsp "LSP_TL04_TL05_1" destination 172.22.128.5
configure mpls rsvp-te lsp "LSP_TL04_TL05_1" fast-reroute disable
create mpls rsvp-te lsp "LSP_TL04_TL05_2" destination 172.22.128.5
configure mpls rsvp-te lsp "LSP_TL04_TL05_2" fast-reroute disable
create mpls rsvp-te lsp "LSP_TL04_TL05_3" destination 172.22.128.5
configure mpls rsvp-te lsp "LSP_TL04_TL05_3" fast-reroute disable
configure mpls rsvp-te lsp "LSP_TL04_TL05" add path "TL04_TL05" primary
configure mpls rsvp-te lsp "LSP_TL04_TL05" add path "TL04_TL09_TL05" secondary
configure mpls rsvp-te lsp "LSP_TL04_TL05_1" add path "TL04_TL05" primary
configure mpls rsvp-te lsp "LSP_TL04_TL05_1" add path "TL04_TL09_TL05" secondary
configure mpls rsvp-te lsp "LSP_TL04_TL05_2" add path "TL04_TL05" primary
configure mpls rsvp-te lsp "LSP_TL04_TL05_2" add path "TL04_TL09_TL05" secondary
configure mpls rsvp-te lsp "LSP_TL04_TL05_3" add path "TL04_TL05" primary
configure mpls rsvp-te lsp "LSP_TL04_TL05_3" add path "TL04_TL09_TL05" secondary
configure mpls exp examination value 5 qosProfile QP5
configure mpls exp replacement qosProfile QP5 value 5
configure mpls lsr-id 172.22.128.4
enable mpls protocol ldp
enable mpls protocol rsvp-te
enable mpls exp examination
enable mpls exp replacement
enable mpls
create l2vpn vpls VPLS_GIN fec-id-type pseudo-wire 200
configure l2vpn vpls VPLS_GIN add service vlan GIN
create l2vpn vpls VPLS_VPN fec-id-type pseudo-wire 300
configure l2vpn vpls VPLS_VPN add service vlan VPN
enable l2vpn sharing
configure l2vpn vpls VPLS_GIN add peer 172.22.128.5 core full-mesh
configure l2vpn vpls VPLS_GIN add peer 172.22.128.9 core full-mesh
configure l2vpn vpls VPLS_VPN add peer 172.22.128.5 core full-mesh
configure l2vpn vpls VPLS_VPN add peer 172.22.128.9 core full-mesh
configure l2vpn vpls VPLS_VPN peer 172.22.128.5 add mpls lsp LSP_TL04_TL05
configure l2vpn vpls VPLS_VPN peer 172.22.128.5 add mpls lsp LSP_TL04_TL05_1
configure l2vpn vpls VPLS_VPN peer 172.22.128.5 add mpls lsp LSP_TL04_TL05_2
configure l2vpn vpls VPLS_VPN peer 172.22.128.5 add mpls lsp LSP_TL04_TL05_3
TL05.1 # #
# Module mpls configuration.
#
configure mpls add vlan "LB5"
enable mpls vlan "LB5"
enable mpls rsvp-te vlan "LB5"
enable mpls ldp vlan "LB5"
configure mpls add vlan "VLAN45"
enable mpls vlan "VLAN45"
enable mpls rsvp-te vlan "VLAN45"
enable mpls ldp vlan "VLAN45"
enable mpls bfd vlan "VLAN45"
configure mpls add vlan "VLAN59"
enable mpls vlan "VLAN59"
enable mpls rsvp-te vlan "VLAN59"
enable mpls ldp vlan "VLAN59"
enable mpls bfd vlan "VLAN59"
create mpls rsvp-te path "TL05_TL04"
create mpls rsvp-te path "TL05_TL09_TL04"
configure mpls rsvp-te path TL05_TL04 add ero 172.22.127.9/32 strict order 100
configure mpls rsvp-te path TL05_TL09_TL04 add ero 172.22.127.1/32 strict order 100
configure mpls rsvp-te path TL05_TL09_TL04 add ero 172.22.127.6/32 strict order 200
create mpls rsvp-te lsp "LSP_TL05_TL04" destination 172.22.128.4
configure mpls rsvp-te lsp "LSP_TL05_TL04" fast-reroute disable
create mpls rsvp-te lsp "LSP_TL05_TL04_1" destination 172.22.128.4
configure mpls rsvp-te lsp "LSP_TL05_TL04_1" fast-reroute disable
create mpls rsvp-te lsp "LSP_TL05_TL04_2" destination 172.22.128.4
configure mpls rsvp-te lsp "LSP_TL05_TL04_2" fast-reroute disable
create mpls rsvp-te lsp "LSP_TL05_TL04_3" destination 172.22.128.4
configure mpls rsvp-te lsp "LSP_TL05_TL04_3" fast-reroute disable
configure mpls rsvp-te lsp "LSP_TL05_TL04" add path "TL05_TL04" primary
configure mpls rsvp-te lsp "LSP_TL05_TL04" add path "TL05_TL09_TL04" secondary
configure mpls rsvp-te lsp "LSP_TL05_TL04_1" add path "TL05_TL04" primary
configure mpls rsvp-te lsp "LSP_TL05_TL04_1" add path "TL05_TL09_TL04" secondary
configure mpls rsvp-te lsp "LSP_TL05_TL04_2" add path "TL05_TL04" primary
configure mpls rsvp-te lsp "LSP_TL05_TL04_2" add path "TL05_TL09_TL04" secondary
configure mpls rsvp-te lsp "LSP_TL05_TL04_3" add path "TL05_TL04" primary
configure mpls rsvp-te lsp "LSP_TL05_TL04_3" add path "TL05_TL09_TL04" secondary
configure mpls exp examination value 5 qosProfile QP5
configure mpls exp replacement qosProfile QP5 value 5
configure mpls lsr-id 172.22.128.5
enable mpls protocol ldp
enable mpls protocol rsvp-te
enable mpls exp examination
enable mpls exp replacement
enable mpls
create l2vpn vpls VPLS_GIN fec-id-type pseudo-wire 200
configure l2vpn vpls VPLS_GIN add service vlan GIN
create l2vpn vpls VPLS_VPN fec-id-type pseudo-wire 300
configure l2vpn vpls VPLS_VPN add service vlan VPN
enable l2vpn sharing
configure l2vpn vpls VPLS_GIN add peer 172.22.128.9 core full-mesh
configure l2vpn vpls VPLS_GIN add peer 172.22.128.4 core full-mesh
configure l2vpn vpls VPLS_VPN add peer 172.22.128.9 core full-mesh
configure l2vpn vpls VPLS_VPN add peer 172.22.128.4 core full-mesh
configure l2vpn vpls VPLS_VPN peer 172.22.128.4 add mpls lsp LSP_TL05_TL04
configure l2vpn vpls VPLS_VPN peer 172.22.128.4 add mpls lsp LSP_TL05_TL04_1
configure l2vpn vpls VPLS_VPN peer 172.22.128.4 add mpls lsp LSP_TL05_TL04_2
configure l2vpn vpls VPLS_VPN peer 172.22.128.4 add mpls lsp LSP_TL05_TL04_3
Userlevel 2
Why don't you split this link and run TE over them?

What is your direction of traffic?
For instance PE01-->PE02 or opposite
Hi welisson!

Direction of traffic - both; PE01 <--> PE02
Userlevel 6
Hi Anatoly,

Did you get any progress on this issue?
Hi, Henrique,

Sorry, no progress so far. I hope we will get X670-G2 in our lab so I will be able to test some ideas.

BTW, could you please (or anyone from Extreme Networks) look up Broadcom Programmer's Reference Guide for Trident II (II+). I would like to know what packet fields are used in RTAG7 hash on VPLS/MPLS tunnel end.

Reply