> -----Original Message----- > From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp- > boun...@puck.nether.net] On Behalf Of Walaa Abdel razzak > Sent: Wednesday, March 16, 2011 8:31 AM > To: juniper-nsp@puck.nether.net > Subject: [j-nsp] SRX 650 reth interface load balancing > > I tried to verify load balancing on the reth interface for SRX 650 > connected to logical router, but I can see that SRX always use one link > although we have two physical links between the router and the active > node and one link between the router and the passive node. I am pinging > directly from router to the FW. I need to load balance through the > active links. The configuration is as follows:
How are you testing your load-balancing Walaa? Because Juniper uses a hash algorithm such that traffic matching a given set of constraints (Source Address, Destination Address, Source Port, Dest Port, incoming interface) will always hash to the same path. In order to properly evaluate if the load-balancing is working properly, you really need to simulate a large number of diverse flows. > And the load balance policy: > > test@FW1# show routing-options > forwarding-table { > export ECMP; > } > test@FW1# show policy-options policy-statement ECMP > term load-balance { > then { > load-balance per-packet; > } > } I already mentioned to you previously that you don't need a load-balance policy to effect load-balancing on a LAG or RETH interface since these types of interfaces appear to the system as a single logical interface, other mechanisms apply. The above configuration is completely unnecessary. Stefan Fouant, CISSP, JNCIEx2 www.shortestpathfirst.net GPG Key ID: 0xB4C956EC _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp