cef load sharing timeout

Unanswered Question
Apr 30th, 2009
User Badges:

Hello,


I have five 827 adsl routers in front of a 2821 for internet access. The 827's are doing all of the nat translations and the 2821 is doing cef load sharing:


ip cef load-sharing algorithm include-ports source destination


Browsing the internet works great, but it seems like large downloads

timeout often, but not all of the time. When i direct traffic to only

one of the 827's instead of the cef load-sharing randomly picking one,

then the large downloads work and do not timeout.


The 2821 is running: c2800nm-adventerprisek9-mz.124-20.T.bin


Is load-sharing the problem?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
lamav Thu, 04/30/2009 - 11:56
User Badges:
  • Blue, 1500 points or more

Dan:


With CEF, you can leverage per-packet or per-destination/flow load sharing.


If you are using flow-based load sharing, I would think that one router/path will be seleected and you shouldnt have a problem.


If, however, you are using per-packet, than you may be running into a problem with out-of-order packets, retransmissions and other anomalies.


On the 2811, can you execute a sh ip cef to see what kind of load balancing youre using?


Victor

danletkeman Thu, 04/30/2009 - 12:12
User Badges:

2821#show ip cef 206.190.60.37

0.0.0.0/0

nexthop 192.168.11.101 GigabitEthernet0/1

nexthop 192.168.11.102 GigabitEthernet0/1

nexthop 192.168.11.103 GigabitEthernet0/1

nexthop 192.168.11.104 GigabitEthernet0/1

nexthop 192.168.11.105 GigabitEthernet0/1


206.190.60.37 is yahoo.ca

lamav Thu, 04/30/2009 - 15:12
User Badges:
  • Blue, 1500 points or more

Hi:


Two things:


Your next hop is always out the same interface. Why is that? Do you have a hub connecting your 5 dsl routers to your 2800? Thats not really load sharing. Yes, you are using a different router to go out, so you are load sharing from that perspective, but you are still using the same gigabit pipe to get to the dsl routers, so you are bottlenecking the traffic right there.


This is a setup in my lab where I have 3 paralell paths between two routers.


switch1#sh ip cef 172.16.20.0 detail

172.16.20.0/24, epoch 0, per-destination sharing

nexthop 1.1.1.1 FastEthernet0/2

nexthop 2.2.2.1 FastEthernet0/3

nexthop 3.3.3.1 FastEthernet0/4

switch1#


Notice the separate paths.


2.) I should have asked you to include the "detail" keyword at the end of the command. Can you do it again using 'detail'?


Victor

danletkeman Thu, 04/30/2009 - 16:32
User Badges:

Victor


Here is the detailed output:


2821.div#show ip cef 206.190.60.37 detail

0.0.0.0/0, epoch 0, per-destination sharing

NetFlow: Origin AS 0, Peer AS 0, Mask Bits 0

DefNet source: 0.0.0.0/0

recursive via 192.168.11.101

attached to GigabitEthernet0/1

recursive via 192.168.11.102

attached to GigabitEthernet0/1

recursive via 192.168.11.103

attached to GigabitEthernet0/1

recursive via 192.168.11.104

attached to GigabitEthernet0/1

recursive via 192.168.11.105

attached to GigabitEthernet0/1


I have a 3560 between the 827 routers and the 2821. I just made a vlan and assigned it to 6 ports on the switch and plugged everything into the switch. So yes, its like there is a hub connected.


Should I create sub interfaces on the 2821 instead?


Dan.

lamav Thu, 04/30/2009 - 16:54
User Badges:
  • Blue, 1500 points or more

Hi, Dan:


I see you are using per-destination load balncing. If thats the case, CEF will select one next hop/path and use that one only for that flow. So, having the other routers doesnt buy you anything in this case.


Also, creating a trunk with subinterfaces is (edit:NOT) going to help you create parallel paths. You are still going to be using one physical port to reach those 5 routers. Creating a trunk wont buy you anything. Your router sees the 5 routers and can forward traffic to them, so you're OK in terms of reachability to the different outbound routes.


HTH


Victor

danletkeman Thu, 04/30/2009 - 17:03
User Badges:

Ok so cef load-sharing is working like it should.


Do you think the disconnects are coming from the 827's then? The only thing that doesn't make sense is if I direct all of the traffic to one of the 827's the large downloads work fine. As soon as i use multiple 827's it starts to disconnect randomly.


Oh and I'm not trying to load balance anything, the only reason we have 5 827's is because we needed more bandwidth and adsl is currently our only option.


Thanks,

Dan.

lamav Thu, 04/30/2009 - 17:13
User Badges:
  • Blue, 1500 points or more

"Do you think the disconnects are coming from the 827's then? The only thing that doesn't make sense is if I direct all of the traffic to one of the 827's the large downloads work fine. As soon as i use multiple 827's it starts to disconnect randomly."


But didnt we just come to the conclusion that you are not using multiple routers, per se?


CEF will have 5 paths from which to choose, and it will choose one based on the destination address. Perhaps there is some value in seeing which DSL router is being used to download the file when it fails.

lamav Thu, 04/30/2009 - 17:55
User Badges:
  • Blue, 1500 points or more

Dan, now that you have a better unbderstanding of whats going on, I am confident you will do some investoigative work and figure out why this file transfer crashes.


Thanks for the rating...


Victor

Actions

This Discussion