ECMP Load Balancing in JUNOS

Question

I'm trying to figure out how to use ECMP load balancing in JUNOS. I know this isn't the best way to load balance, but its quick and dirty and gets done what I need to. In ScreenOS this was pretty easy.

Device: SRX220 JunOS: 10.3R2.11

Here's what I've got so far:

routing-options {
    static {
        route 0.0.0.0/0 {
            next-hop [ 1.1.1.1 1.1.1.2 ];
            metric 10;
        }
    }
    maximum-paths 2;

Will that do it?

Tom

Answer 1

You definitely don't want the maximum-paths. That will limit your routing table size and has nothing to do with ECMP.

So with just:

routing-options {
    static {
        route 0.0.0.0/0 {
            next-hop [ 1.1.1.1 1.1.1.2 ];
            metric 10;
        }
    }
}

You'll see:

lab@router> show route 0.0.0.0/0
...
0.0.0.0/0          *[Static/5] 00:01:28, metric 10
                    > to 1.1.1.1 via ge-0/0/0.0
                      to 1.1.1.2 via ge-0/0/0.0

Both next-hops show up in the routing table, BUT to see what's actually happening in the forwarding table, you have to dig deeper:

lab@router> show route forwarding-table destination 0.0.0.0/0
...
Destination        Type RtRef Next hop           Type Index NhRef Netif
0.0.0.0/0          user     0 1.1.1.1            ucst   558     3 ge-0/0/0.0

By default when the router pushes the routing table down to the forwarding table, it randomly selects ONE next-hop. To change that behavior, you can define a "forwarding-table export" policy that controls what happens when the forwarding table gets built from the routing table:

routing-options {
    static {
        route 0.0.0.0/0 {
            next-hop [ 1.1.1.1 1.1.1.2 ];
            metric 10;
        }
    }
    forwarding-table {
        export LOAD-BALANCE;
    }
}
policy-options {
    policy-statement LOAD-BALANCE {
        then {
            load-balance per-packet;
        }
    }
}

Now, the routing table still looks the same:

lab@router> show route 0.0.0.0/0
...
0.0.0.0/0          *[Static/5] 00:07:28, metric 10
                    > to 1.1.1.1 via ge-0/0/0.0
                      to 1.1.1.2 via ge-0/0/0.0

But the forwarding table (where it counts) has both routes:

lab@router> show route forwarding-table destination 0.0.0.0/0                    
...
Destination        Type RtRef Next hop           Type Index NhRef Netif
0.0.0.0/0          user     0                    ulst 262142     2
                              1.1.1.1            ucst   558     3 ge-0/0/0.0
                              1.1.1.2            ucst   540     3 ge-0/0/0.0

Now you're load balancing!

However, one thing to remember is that despite the incredibly misleading load-balance per-packet statement, all Juniper routers with this configuration actually do per-flow load-balancing. Each packet is hashed based on (src-ip,dst-ip and protocol-number). So if you only have a couple traffic flows, they may very well all use the same next-hop. Once you increase the number of flows, you should see more even loading.

(Actually the very first hardware did do per-packet load-balancing, but you'll probably never run into one)