Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
 

Related Documentation

 

High Availability and Load Balancing for 6rd Softwires

Load Balancing a 6rd Domain Across Multiple Services PICs

The 6rd domain is an IPv6 network, which can potentially be very large. A single PIC, or network processing unit (NPU) on a Multiservices DPC, might not be able to handle all the traffic for the 6rd domain. To alleviate load problems, you can load-balance the 6rd domain traffic across multiple PICs. To do so, assign the same softwire rule to different services sets that use different interfaces. Configure explicit routes and equal-cost multipath (ECMP) to load-balance the 6rd traffic.

Example: Load Balancing a 6rd Domain Across Multiple Services PICs

Hardware and Software Requirements

This example requires the following hardware:

  • An MX Series 3D Universal Edge router with a services DPC with two available NPUs or an M Series Multiservice Edge router with two services PICs available for 6rd softwire concentrator processing
  • A domain name server (DNS)

This example uses the following software:

  • Junos OS Release 11.4 or higher

Overview

Because of anticipated volume, a provider needs to balance 6rd softwire traffic between two services PICs.

Configuration

Chassis Configuration

Step-by-Step Procedure

To configure the chassis:

  1. Define the ingress interface and its properties.
    user@host# edit interfaces ge-1/2/0user@host# set unit 0 family inet address 10.10.10.1/16
  2. Define the egress interface and its properties. In this example, the IPv6 clients try to reach the IPv6 server at 3abc::2/16.
    user@host# edit interfaces ge-1/2/2user@host# set unit 0 family inet6 address 3ABC::1/16
  3. Define the services PICs for selection as softwire concentrators by the load-balancing process. This configuration uses two PICs/NPUs: sp-3/0/0 and sp-3/1/0. A next-hop style service set is configured (shown in the next section).
    user@host# edit interfaces sp-3/0/0[edit interfaces ge-3/0/0]user@host# set services-options syslog host local services anyuser@host# set unit 0 family inetuser@host# set unit 0 family inet6user@host# set unit 1 family inet service-domain insideuser@host# set unit 1 family inet service-domain outsideuser@host# set unit 2 family inet service-domain insideuser@host# set unit 2 family inet service-domain outsideuser@host# up 1[edit]user@host# edit interfaces sp-3/1/0[edit interfaces sp-3/1/0]user@host# set services-options syslog host local services anyuser@host# set unit 0 family inetuser@host# set unit 0 family inet6user@host# set unit 1 family inet service-domain insideuser@host# set unit 1 family inet service-domain outsideuser@host# set unit 2 family inet service-domain insideuser@host# set unit 2 family inet service-domain outside

Softwire Concentrator and Softwire Rule Configuration

Step-by-Step Procedure

The softwire configuration is straightforward. In this example, the 6rd domain prefix is 3040::0/16, the 6rd softwire concentrator IPv4 address is 30.30.30.1, and the customer IPv4 network is 10.10.0.0/16. In the customer premises equipment (CPE) network, all customer edge (CE) devices have addresses that belong to the 10.10.0.0/16 network. To configure the softwire:

  1. Go to the [edit services softwire] hierarchy level.
    user@host# edit services softwire
  2. Configure IPv6 multicast.
    [edit services softwire]user@host# set ipv6-multicast-interfaces all
  3. Go to the softtwire concentrator v6rd hierarchy level and name the softwire concentrator shenick01-rd1.
    [edit services softwire]user@host# edit softwire-concentrator v6rd shenick01-rd1
  4. Configure the softwire concentrator properties.
    [edit services softwire softwire-concentrator v6rdshenick01-rd1 ]user@host# set softwire-address 30.30.30.1user@host# set ipv4-prefix 10.10.0.0/16user@host# set v6rd-prefix 3040::/16user@host# set mtu-v4 9192
  5. Configure a softwire rule for incoming 6rd traffic.
    [edit services softwire softwire-concentrator v6rd shenick01-rd1 ]user@host# up 1[edit services softwire ]user@host# edit rule shenick01-r1[edit services softwire rule shenick01-r1]user@host# set match-direction inputuser@host# set term t1 then v6rd shenick01-rd1

Stateful Firewall Configuration

Step-by-Step Procedure

To configure the stateful firewall rule:

  1. Go to the stateful firewall hierarchy level and define a rule.
    user@host# edit services stateful-firewall rule r1
  2. Set the match direction.
    [edit services stateful-firewall rule r1]user@host# set match-direction input-output
  3. Configure a term that accepts all traffic.
    [edit services stateful-firewall rule r1]user@host# set term t1 then accept

Service Set Configuration

Step-by-Step Procedure

This configuration provides two service sets, each pointing to a different network processing unit (NPU). Both service sets use the same stateful firewall and softwire rules. Because they use the same softwire rule, they refer to same 6rd softwire concentrator. This results in the software concentrator being hosted on both the NPUs.

To configure the service set:

  1. Define a service set for the first NPU.
    user@host# edit services service-set v6rd-sset1
  2. Configure the softwire and stateful firewall rules for the first NPU.
    [edit services service-set v6rd-sset1]user@host# set softwire-rules shenick01-r1user@host# set stateful-firewall-rules r1
  3. Configure the inside and outside interfaces for the next-hop service.
    [edit services service-set v6rd-sset1]user@host# set next-hop-service inside-service-interface sp-3/0/0.1user@host# set next-hop-service outside-service-interface sp-3/0/0.2
  4. Define a service set for the second NPU.
    user@host# edit services service-set v6rd-sset2
  5. Configure the softwire and stateful firewall rules for the second NPU.
    [edit services service-set v6rd-sset2]user@host# set softwire-rules shenick01-r1user@host# set stateful-firewall-rules r1
  6. Configure the inside and outside interfaces for the next-hop service.
    [edit services service-set v6rd-sset1]user@host# set next-hop-service inside-service-interface sp-3/1/0.1user@host# set next-hop-service outside-service-interface sp-3/1/0.2

Load-Balancing Configuration

Step-by-Step Procedure

To configure load balancing:

Configure explicit routes and ECMP to load-balance the 6rd traffic. Configure explicit routes for both the 6rd concentrator IPv4 address and the 6rd domain prefix, so that they point to both NPUs.

  1. To configure static routes for the 6rd domain using the routing-table inet6.0, go to the [edit forwarding-options rib inet6.0 static] hierarchy level and set the routes for the 6rd domain and the 6rd concentrator IPv4 address.
    user@host edit forwarding-options rib inet6.0 static[edit forwarding-options rib inet6.0 static]user@host# set route 3040::0/16 next-hop [ sp-3/0/0.2 sp-3/1/0.2 ]user@host# set route 30.30.30.1/32 next-hop [ sp-3/0/0.1 sp-3/1/0.1 ]

    The service PIC daemon (spd) also adds default routes to these addresses pointing to the NPUs. However, the routes added by the spd use different metrics, which are computed based on the FPC, PIC, slot numbers, and subunit of the services PIC if used in the service set configuration. The static routes configured in this sample configuration will have metrics of 5 and therefore a higher preference than the spd-added routes.

    The explicitly configured routes are as follows:

    root@router# run show route 30.30.30.1
    inet.0: 37 destinations, 40 routes (36 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both

30.30.30.1/32      *[Static/5] 00:00:10
                    > via sp-3/0/0.1
                      via sp-3/1/0.1
                    [Static/786433] 00:23:03
                    > via sp-3/0/0.1
                    [Static/851969] 00:00:09
                    > via sp-3/1/0.1
    root@router# run show route 3040::/16
    inet6.0: 20 destinations, 33 routes (20 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

3040::/16          *[Static/5] 00:00:15
                      via sp-3/0/0.2
                    > via sp-3/1/0.2
                    [Static/786434] 00:23:08
                    > via sp-3/0/0.2
                    [Static/851970] 00:00:14
                    > via sp-3/1/0.2

    Best Practice: The spd-installed routes have higher metric values (hence a low preference) and the metrics are different. If the metrics are different and ECMP is not enabled, even though multiple routes exist for the same destination, only one of the routes is picked up all the time (based on the metric). For ECMP you must configure equal-cost routes, and hence a manual configuration of routes is needed as shown above.

  2. Configure equal-cost multipath (ECMP) load balancing by configuring the hash key at the [edit forwarding-optionshash-key] hierarchy level.
    user@host# forwarding-options hash-key[edit forwarding-options hash-key]user@host# set family inet layer-3 destination-addressuser@host# set family inet layer-3 source-addressuser@host# set family inet6 layer-3 destination-addressuser@host# set family inet6 layer-3 source-address

  3. Verify your configuration by displaying forwarding-options.

    user@host# show forwarding-options
    hash-key {
    family inet {  <== IPv4 traffic from CEs uses this
        layer-3 {
            destination-address;
            source-address;
        }
    }
    family inet6 {  <== IPv6 traffic from Internet uses this
        layer-3 {
            destination-address;
            source-address;
        }
    }
}

    Tip: Both IPv4 and IPv6 hash keys must be configured. The IPv4 hash key is used to distribute the traffic coming from CPE devices to the 6rd branch relay. The IPv6 hash key is used to distribute the traffic coming from the IPv6 Internet to the 6rd domain. Because the hash in the forward and reverse direction is for different families, different flows from the same session can reside on different NPUs. However, 6rd processing is stateless (as far as mapping IPv6 packets to softwires is concerned), so this should not be a problem.

Configuring High Availability for 6rd Using 6rd Anycast

You configure 6rd Anycast by defining two service sets that use the same softwire rule in both service sets, just as you do when you configure load balancing for 6rd. However, you do not configure ECMP, and as a result, the services PIC daemon (spd) installs two routes each for the softwire concentrator address and 6rd domain pointing to each service interface. The forwarding plane can select any route based on the priority, which is computed when the spd installs the routes. The priority is computed based on the FPC, PIC, slot numbers, and subunit number used on the sp- interface. Only one PIC is used based on the route priority, and that PIC gets all of the 6rd traffic. If the PIC goes down. the route pointing to it is also deleted and the forwarding plane automatically selects the alternate available PIC.

6rd Anycast is completely stateless. The spd installs the route and doesn’t run any state machine for the PIC. Because the routes are pre-installed and service sets are already on the PIC, there is no service delay if a failover occurs.

 

Related Documentation

 

Published: 2012-11-28

 

Related Documentation

 

Published: 2012-11-28

Previous Page Next Page