Solved

Juniper SSG 5 Multiple wan for internet load balncing

Posted on 2013-11-23
4
581 Views
Last Modified: 2016-05-31
Hi I have a ssg-5 router currently configured to do round robin internet load sharing between two adsl connections one via pppoe and the other plain dhcp. I want to add two more adsl connections to it. However when I add the 3rd connection the ssg-5 is not offering any traffic to it.
How do I get 4 connections sharing all internet traffic.

Thx
0
Comment
Question by:Bush300
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 18

Expert Comment

by:Sanga Collins
ID: 39672055
Have you tried usinfncustom virtual routers to configure additional WAN interfaces.
0
 
LVL 70

Accepted Solution

by:
Qlemo earned 500 total points
ID: 39672515
The SSGs aren't really load balancing (that is not in their feature set). You have the choices of
1. "round-robin default routes", which is probably what you have used up to now, and
2. source/destination/policy-based static routing

For 1. the default (me thinks) for same-cost routes is 2, so adding more interfaces will not allow them to be chosen for default routes unless you issue
set vrouter «vr-name» max-ecmp-routes 4

Open in new window

(with «vr-name» probably being trust-vr).
I don't know whether you are aware of it, but HTTP(s) connections and the like will have issues with this kind of "load balancing", as the multiple sessions created usually have different public IP addresses when spread over the WAN connections, and so are unrelated. Logging in to a HTTPS site will not allow to assign sessions reliably, so it is by accident if it works.

Hence 2. is the better way. You have reliable rules how traffic will flow, but you can't spread traffic for the same source or target or protocol or combination. That is, you can e.g. send all traffic from 192.168.0.0/64 to one interface, 192.168.0.64/64 to the next, aso.

You could also do a mixture of both; sensitive protocols, like HTTPS, will be restricted to a single interface by policy-based routing, other protocols are left to the round-robin.
0

Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cisco RV042 router is a popular small network interfacing device that is often used as an internet gateway. Network administrators need to get at the management interface to make settings, change passwords, etc. This access is generally done usi…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question