Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

How CSDS Works with ECMP-Based Consistent Hashing

In this topic, you’ll learn how CSDS Architecture works with the ECMP based Consistent Hashing load balancer in the MX Series routers.

What Is ECMP and Consistent Hashing?

Equal-cost multipath (ECMP) is a network routing strategy that enables the router to load-balance the traffic of the same session. The traffic in a session with the same source and destination transmits across multiple paths of equal cost.

When forwarding a packet, the routing process decides which next hop path to use. The device considers the packet header fields that identify a flow when determining the next hop. In a deployment with ECMP support, the device determines the next hop paths of equal cost based on the routing metric calculations and hash algorithms. So, routes of equal cost have the same preference and metric values, and the same cost to the network. The ECMP process identifies a set of routers, each of which is a legitimate equal cost next hop to the destination. The identified routers are called an ECMP set.

Consistent load balancing that uses hashing maintains all active links and remaps only those flows affected by one or more link failures. Consistent hashing ensures that flows connected to links that remain active continue uninterrupted. This feature applies to topologies where members of an ECMP group are external BGP neighbors in a single-hop BGP session. Bidirectional Forwarding Detection (BFD) over external BGP provides faster link failure detection, supporting consistent hashing.

Benefits

  • Optimize bandwidth utilization—ECMP fully utilizes otherwise unused bandwidth on links to the same destination, increasing overall bandwidth.
  • Improve workload distribution—Consistent Hashing ensures even workload distribution and fast response in work distribution.

How ECMP-Based Consistent Hashing Works in CSDS?

An ECMP set is formed when the routing table contains multiple next-hop addresses for the same destination with equal cost. If an ECMP set exists for the active route, Junos OS uses a hash algorithm to choose one of the next-hop addresses in the ECMP set. The device installs the selected next-hop address in the forwarding table. You can configure the device so that multiple next-hop entries in an ECMP set are installed in the forwarding table. The Junos OS devices can perform per-packet load balancing to spread traffic across multiple paths between the routing devices.

The CSDS Architecture maintains the symmetricity of the flows in the SRX Series Firewalls. The user data client’s (client device) incoming and outgoing traffic always reaches the same SRX Series Firewall (server device) that maintains the session state. To ensure the traffic reaches the same SRX Series Firewall, the MX Series router hashes the traffic onto the same link toward that firewall in both the directions.

A user data client is identified by the source IP address in the upstream direction (client to server) and the destination IP address in the downstream direction (server to client). The MX Series router performs symmetric hashing for a given tuple—source IP address and destination IP address. The MX Series router calculates the same hash irrespective of the direction of the flow, that is, the router calculates the same hash even if the source and destination IP addresses are swapped. To ensure all flows from a client reach the same SRX Series Firewall, MX Series router performs hash only on the source IP address (and not the destination IP address) in one direction and vice versa in the reverse direction.

By default, when a failure occurs in one or more paths, the hashing algorithm recalculates the next hop for all paths, typically redistributing all the flows. Consistent load balancing with Consistent Hashing enables the MX Series router to override this behavior and redirect only the flows for the inactive links. All the router maintains the existing active flows without disruption. When a link fails, redistribution of all flows could result in significant traffic loss to the active SRX Series Firewalls. Consistent load balancing maintains all active links and instead remaps only those flows affected by one or more link failures. The feature ensures that flows connected to links that remain active continue uninterrupted.

ECMP-based Consistent Hashing applies to topologies where members of an ECMP group are external BGP neighbors in a single-hop BGP session. By running BFD over these external BGP neighbors, the MX Series router ensures faster link failure detection between the routers and the ECMP-based next hops to the SRX Series Firewalls. Junos OS applies consistent load balancing when you add a new ECMP path or modify an existing path. You can add the SRX Series Firewall gracefully. Junos OS ensures equal redistribution of flows from each active SRX Series Firewall with minimal impact to existing ECMP flows. For example, if four active SRX Series Firewalls carry 25 percentage of the total flows on each link and you add another SRX Series Firewall, 5 percentage of flows from each existing SRX Series Firewalls moves to the new SRX Series Firewall. This ensures 20 percentage of flow redistribution from the existing four SRX Series Firewalls to the new firewall. The application might restart the session on the new firewall, as the flows don’t have a matching session.