Feature Request: ECMP Path Monitoring

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Feature Request: ECMP Path Monitoring

L0 Member

We are currently using ECMP to load balance to our two ISPs. Which works great. However since there is no path monitoring(Unless you set static routes). If something happens upstream and your peer doesn't go down the PANs will happily keep sending data out that interface without batting an eye. Causing half your customers to be very unhappy. If path monitoring was available this would fix a lot of problems I think.  

Also I would be happy to hear any suggestions on other ways to do this. The idea is to load balance between two ISPs and if there's a problem upstream to force all traffic through the other interface until it comes back up. 

5 REPLIES 5

Cyber Elite
Cyber Elite

@Aewald785,

If you want to actually put in a feature request you'll need to reach out to your SE and have them officially add it for you. 

Your kind of expected to have two routes defined and just use the route path monitoring for this scenario to actually handle the failover. 

 

Cyber Elite
Cyber Elite

Hi @Aewald785 ,

 

If you are not using static routes, you probably are using BGP with the default route only, the ISP should remove the default route if they have problems upstream.  You bring up a good point.  How many ISPs don't remove the default if they have issues?  If that is the case, what is the advantage of BGP over static routes if the dynamic default route doesn't work or if you cannot receive the full Internet routing table?

 

I really wanted to come up with a way to use BGP conditional advertisement to solve your problem, but it will remove the advertisement and not the local route.  https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClEUCA0

 

Thanks,

 

Tom

Help the community: Like helpful comments and mark solutions.

@TomYoung 
Yep! That's exactly what's happening.

I've been trying to figure out a good way to do this. I've seen plenty of posts on load balancing with PBF rules, but that's not true load balancing and not very dynamic. I like that thought process with the conditional advertisement though, it was a good idea! 

Cyber Elite
Cyber Elite

Hi @Aewald785 ,

 

If your ISP does not reliably remove the default route when they have issues, you can remove BGP and use static routes with path monitoring.  I wouldn't use PBF.  Static routes are more straightforward.

 

Thanks,

 

Tom

Help the community: Like helpful comments and mark solutions.

L0 Member

I am trying to design my network in a similar fashion. I was wondering why you don't have default static routes for your ISPs. You mentioned ECMP, but to my knowledge ECMP is a just a routing protocol that uses an algorithm to load balance the traffic to a destination with multiple paths. 

 

That being said, what routing protocol are you using to build those paths in your routing table? 

 

In our case we are using static default routes for outbound traffic through ISPs with path monitoring to at least 3 destination IPs. Now for our IPSec traffic I am stuck between static routes and ospf. I like that static routes have path monitoring, allowing you to ensure that routes are only added back when they meet your monitoring requirements. On the other hand I like that OSPF provides easier management overhead. We are a small network, but I still hate the idea of having to add a static route to each VR. 

 

I plan to test OSPF with ECMP to make sure that OSPF removes routes when they are not avaialbe and ECMP does not attempt to route traffice over those routes.

  • 2785 Views
  • 5 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!