If you are looking for a way to increase the bandwidth for your north-south traffic and for faster recovery in the event of an Edge failure, ECMP is the feature that will help you achieve that. In this post, we will go through how to setup ECMP between the Perimeter Gateways and a Distributed Logical Router and test a couple of failure scenarios.
Below is the topology we are working towards, for those of you who want to follow along. Use HOL-1903-01-NET.
What we are starting with
We have an Edge and a DLR already deployed.
Edge (Perimeter-Gateway-01) interfaces.
DLR (Distributed-Router-01) interfaces.
DLR (Distributed-Router-01) OSPF Configuration
1- Let’s start by adding another Edge.
Added the uplink interface
Added the transit interface
I don’t need to configure the default GW as I will be configuring OSPF, and I have configured the default firewall policy to accept. Final config below. Click finish
2- Configure routing on Perimeter-Gateway-01
Manage > Routing > Dynamic Routing Configuration > Edit
Publish the changes.
Manage > Routing > OSPF
Manage > Routing > Area Definition > Add
Manage > Routing > Area To Interface Mapping > Add
Manage > Routing > BGP > BGP Configuration > Edit
Manage > Routing > BGP > Neighbour > Add
Enable Route Distribution for OSPF and BGP
Manage > Routing > Route Distribution > Route Distribution Status > Edit
Manage > Routing > Route Distribution > Route Distribution Table > Edit
Publish your changes.
3- Apply a similar config to Perimeter-Gateway-02
Enable ECMP on the DLR and on the Edges
DLR > Manage > Routing > Global Configuration > ECMP > Start > Publish Changes
Perimeter-Gateway-01 > Routing > Global Configuration > ECMP > Start > Publish Changes
Perimeter-Gateway-02 > Routing > Global Configuration > ECMP > Start > Publish Changes
Check that ECMP is functioning
SSH to your DLR and run the below commands.
show ip ospf neighbors
Both Edges are showing as neighbors
Show ip route
Both Edges are showing as valid routes
Simulating a failure
Let’s simulate a failure by shutting down one Perimeter-Gateway-01
SSH to your DLR and check the routes table
Notice that only Perimeter-Gateway-02 is available. Let’s restart Perimeter-Gateway-01 and recheck the table.
Both Edges are showing in our routing table!
I hope this post was helpful. Thank you for reading.
How useful was this post?
Click on a star to rate it!
Average rating / 5. Vote count:
My name is Amine El Badaoui and I currently live in Aylesbury, a small town in the south east of England
I have been working in the IT industry for few years now and specialise in VMware virtualisation, data centre infrastructure and cloud technologies. Over the years I have obtained numerous industry certifications from Microsoft, Netapp and VMware.I currently work as a VMware Product Engineer @ https://www.rackspace.com/
This blog represents my random technical notes and thoughts. The thoughts expressed here do not reflect my current employer in anyway.