Solved

Juniper SSG 5 Multiple wan for internet load balncing

Posted on 2013-11-23
4
544 Views
Last Modified: 2016-05-31
Hi I have a ssg-5 router currently configured to do round robin internet load sharing between two adsl connections one via pppoe and the other plain dhcp. I want to add two more adsl connections to it. However when I add the 3rd connection the ssg-5 is not offering any traffic to it.
How do I get 4 connections sharing all internet traffic.

Thx
0
Comment
Question by:Bush300
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 18

Expert Comment

by:Sanga Collins
ID: 39672055
Have you tried usinfncustom virtual routers to configure additional WAN interfaces.
0
 
LVL 69

Accepted Solution

by:
Qlemo earned 500 total points
ID: 39672515
The SSGs aren't really load balancing (that is not in their feature set). You have the choices of
1. "round-robin default routes", which is probably what you have used up to now, and
2. source/destination/policy-based static routing

For 1. the default (me thinks) for same-cost routes is 2, so adding more interfaces will not allow them to be chosen for default routes unless you issue
set vrouter «vr-name» max-ecmp-routes 4

Open in new window

(with «vr-name» probably being trust-vr).
I don't know whether you are aware of it, but HTTP(s) connections and the like will have issues with this kind of "load balancing", as the multiple sessions created usually have different public IP addresses when spread over the WAN connections, and so are unrelated. Logging in to a HTTPS site will not allow to assign sessions reliably, so it is by accident if it works.

Hence 2. is the better way. You have reliable rules how traffic will flow, but you can't spread traffic for the same source or target or protocol or combination. That is, you can e.g. send all traffic from 192.168.0.0/64 to one interface, 192.168.0.64/64 to the next, aso.

You could also do a mixture of both; sensitive protocols, like HTTPS, will be restricted to a single interface by policy-based routing, other protocols are left to the round-robin.
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Choice of router 8 40
Router Question 12 75
Wifi addin for wireshark? 5 49
software inventory tools 3 68
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question