Wireless Access

 View Only
Back to discussions
Expand all | Collapse all

uplink load balancing

This thread has been viewed 9 times

  • 1.  uplink load balancing

    Posted Sep 19, 2018 10:18 PM

    Hi,

     

    We have two uplinks and we want to load balance uplinks like  VPN traffic should be on primary link,  internet traffic should be on secondary link. And each link should be redundant to each other. 



  • 2.  RE: uplink load balancing

    Posted Sep 19, 2018 10:25 PM

    Is this instant or a controller-based deployment?



  • 3.  RE: uplink load balancing

    Posted Sep 19, 2018 10:27 PM

    it is controller based.

    7210 / 7205 ..

     



  • 4.  RE: uplink load balancing



  • 5.  RE: uplink load balancing

    Posted Sep 19, 2018 10:56 PM

    it does not say about VPN load balancing. it load balances ALL traffic. 

     

    Can you share a configuration example? 

     

     

     

     

     



  • 6.  RE: uplink load balancing

    Posted Sep 20, 2018 06:54 AM

    I apoligize.  You said Uplink load balancing.  The Aruba feature is Policy Based Routing (PBR), where you send specific traffic over specific links.  The concept is not complicated but the implementation can be pretty involved.  Have you already formed the VPN link and is it working?

     

    If yes, please read a list of articles about PBR here:  http://community.arubanetworks.com/t5/forums/searchpage/tab/message?include_tkbs=true&location=category%3ASupport-Documentation-Downloads&q=pbr



  • 7.  RE: uplink load balancing

    Posted Sep 20, 2018 03:16 PM

    Thank for your reply. 

     

    I tried to follow up the guides but no luck.

     

    http://community.arubanetworks.com/t5/Controller-Based-WLANs/How-to-configure-a-router-ACL-for-PBR/ta-p/234519

     

    i can not create ACL on my command line. "network" command is not supported.

     

    GUIDE:

    2) Create a route ACL with PBR option required
    (6.4.3-Beta-Master) (config-route-test)#network 10.0.0.0 255.255.0.0 any any route ?

     

    My device:

     

    (config) #net
    netdestination Configure IPv4 network destination
    netdestination6 Configure IPv6 network destination
    netexthdr Configure IPv6 Next/Extended Header filter
    netservice Configure a network service

     

    ArubaOS (MODEL: Aruba7005), Version 8.2.1.0

     

    Can you provide a PBR guide which is compatible with 8.2.1.0 ? 

    And configuration examples or best practises guide? 

     

     

     

     

     



  • 8.  RE: uplink load balancing



  • 9.  RE: uplink load balancing

    Posted Sep 20, 2018 04:16 PM

    the guide you have provided says: 

     


    In the Managed Network node hierarchy, navigate to

    Configuration> Interfaces > IP Routes.
    2. Expand the Policy-Based Routing menu.

     

    There is no such PBR menu.

     

    Am I missing something? 

     

    aruba1.JPG



  • 10.  RE: uplink load balancing

    Posted Sep 20, 2018 06:13 PM

    It looks like the Policy Based Routing documentation is incorrect for ArubaOS 8.3.x is incorrect and we are looking into that.

     

    Meanwhile, all that is necessary for Policy based routing is to create:

     

    1 - An ip nexthop list with at minimum one nexthop ip address behind the VPN connection you have

    2 - A session ACL for your user role allowing and denying traffic

    3 - A route ACL that will determine if traffic is permitted (regular routing) or "routed" to the nexthop list in item#1

    4. - Apply the session ACL and the route ACL to the user role for the traffic you want it applied to.

     

    Let me come up with some commandline steps on how to accomplish that and I will get back to you.



  • 11.  RE: uplink load balancing

    Posted Sep 20, 2018 08:22 PM

    That would be very nice. Waiting for reply then.  Thank you.



  • 12.  RE: uplink load balancing

    Posted Sep 21, 2018 01:39 AM

    You need:

     

    1.  To make sure that you are in the /md tree above or at where your controllers are located when you create everything.  (you should not create anything directly in the md folder).

    2.  the ip address of the "router" that you want to handle the next hop.  This goes into the next hop list.  The format is slightly different for a VPN connection that is terminated on the controller, however.

    3.  to create a Route ACL that defines what traffic is to be routed to the next hop vs routed the normal way.  

    4.  Assign that route ACL to the user role.

     

    In the example below, I will send https traffic to the next hop, and all the other traffic the regular way for the user role "myuserrole".  I am currently in the MD/<blah blah/ folder:

     

    config t
ip nexthop-list myrouter
ip 192.168.1.3  <--ip address of the router path you want the traffic to take
exit
    
**The nexthop list needs to be created before it is referenced below***

ip access-list route routeacl
any any tcp 443 route next-hop-list myrouter <---sending https to that next hop
any any any forward <------all other traffic takes normal routing
exit

routing-policy-map role myuserrole access-list routeacl
exit

    ^^^Assigned the route-acl called "routeacl" to the user role myuserrole

    write mem

    That is all that is necessary.

     

    show ip nexthop-list on the md will show that you have created a nexthop list and the ip address in that list

    show ip health-check on the md will determine if that next hop ip address is alive.  The controller periodically reaches out to ip addresses in the next hop list to determine if they are valid destinations.  You could have more than one ip address in the next hop list and the controller needs to know which path is actually available.

    show datapath session table <ip address of client> will have a "r" route nexthop flag on the line that is being routed using the route acl.

     

    I hope that makes sense.



Related Content