Hello Folks,
we are testing the load balancing feature with 2 AF5x NxN, but dont get a tunnel load balanced.
on both sides we have an epr6 see the image
Image may be NSFW.
Clik here to view.
we set the load balancing per wizard on both sides. Added the tunnel and routes.
Config R1
firewall {
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
modify MDF {
rule 10 {
action modify
modify {
lb-group LB
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
bridge br0 {
aging 300
bridged-conntrack disable
firewall {
in {
modify MDF
}
}
hello-time 2
max-age 20
priority 32768
promiscuous disable
stp false
}
ethernet eth0 {
duplex auto
speed auto
}
ethernet eth1 {
address 10.255.248.225/28
duplex auto
mtu 1540
poe {
output off
}
speed auto
}
ethernet eth2 {
address 10.255.248.211/28
duplex auto
mtu 1540
poe {
output off
}
speed auto
}
ethernet eth3 {
bridge-group {
bridge br0
}
duplex auto
firewall {
in {
modify MDF
}
}
mtu 1540
poe {
output off
}
speed auto
}
ethernet eth4 {
duplex auto
speed auto
}
ethernet eth5 {
duplex auto
speed auto
}
loopback lo {
}
switch switch0 {
address 10.255.249.242/28
firewall {
in {
modify MDF
}
}
mtu 1540
switch-port {
interface eth0 {
}
interface eth4 {
}
interface eth5 {
}
vlan-aware disable
}
}
tunnel tun0 {
bridge-group {
bridge br0
}
encapsulation gre-bridge
firewall {
in {
modify MDF
}
}
local-ip 10.255.249.242
mtu 1540
multicast disable
remote-ip 10.255.248.193
ttl 255
}
}
load-balance {
group LB {
interface eth1 {
route {
table 1
}
route-test {
initial-delay 60
interval 10
type {
ping {
target 10.255.248.228
}
}
}
}
interface eth2 {
route {
table 2
}
route-test {
initial-delay 60
interval 10
type {
ping {
target 10.255.248.214
}
}
}
}
lb-local enable
}
}
protocols {
static {
interface-route 10.255.248.192/28 {
next-hop-interface eth1 {
distance 1
}
next-hop-interface eth2 {
distance 1
}
}
route 0.0.0.0/0 {
next-hop 10.255.249.241 {
}
}
table 1 {
route 0.0.0.0/0 {
next-hop 10.255.248.228 {
}
}
}
table 2 {
route 0.0.0.0/0 {
next-hop 10.255.248.214 {
}
}
}
}
}
service {
gui {
http-port 80
https-port 443
older-ciphers enable
}
ssh {
port 22
protocol-version v2
}
}
system {
host-name ubnt
login {
user ubnt {
authentication {
encrypted-password $1$zKNoUbAo$gomzUbYvgyUMcD436Wo66.
}
level admin
}
}
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
}
/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "config-management@1:conntrack@1:cron@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@5:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:ubnt-util@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: v1.9.0.4901118.160804.1131 */
Config R2
firewall {
all-ping enable
broadcast-ping disable
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
modify MDF {
rule 10 {
action modify
modify {
lb-group LB
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
bridge br0 {
aging 300
bridged-conntrack disable
firewall {
in {
modify MDF
}
}
hello-time 2
max-age 20
priority 32768
promiscuous disable
stp false
}
ethernet eth0 {
duplex auto
speed auto
}
ethernet eth1 {
address 10.255.248.228/28
duplex auto
mtu 1540
poe {
output off
}
speed auto
}
ethernet eth2 {
address 10.255.248.214/28
duplex auto
mtu 1540
poe {
output off
}
speed auto
}
ethernet eth3 {
bridge-group {
bridge br0
}
duplex auto
firewall {
in {
modify MDF
}
}
mtu 1540
poe {
output off
}
speed auto
}
ethernet eth4 {
duplex auto
speed auto
}
ethernet eth5 {
duplex auto
speed auto
}
loopback lo {
}
switch switch0 {
address 10.255.248.193/28
firewall {
in {
modify MDF
}
}
mtu 1500
switch-port {
interface eth0 {
}
interface eth4 {
}
interface eth5 {
}
vlan-aware disable
}
}
tunnel tun0 {
bridge-group {
bridge br0
}
encapsulation gre-bridge
firewall {
in {
modify MDF
}
}
local-ip 10.255.248.193
mtu 1540
multicast disable
remote-ip 10.255.249.242
ttl 255
}
}
load-balance {
group LB {
interface eth1 {
route {
table 1
}
route-test {
initial-delay 60
interval 10
type {
ping {
target 10.255.248.225
}
}
}
}
interface eth2 {
route {
table 2
}
route-test {
initial-delay 60
interval 10
type {
ping {
target 10.255.248.211
}
}
}
}
lb-local enable
}
}
protocols {
static {
interface-route 10.255.249.242/32 {
next-hop-interface eth1 {
distance 1
}
next-hop-interface eth2 {
distance 1
}
}
route 0.0.0.0/0 {
next-hop 10.255.249.242 {
}
}
table 1 {
route 0.0.0.0/0 {
next-hop 10.255.248.225 {
}
}
}
table 2 {
route 0.0.0.0/0 {
next-hop 10.255.248.211 {
}
}
}
}
}
service {
gui {
http-port 80
https-port 443
older-ciphers enable
}
ssh {
port 22
protocol-version v2
}
}
system {
host-name ubnt
login {
user ubnt {
authentication {
encrypted-password $1$zKNoUbAo$gomzUbYvgyUMcD436Wo66.
}
level admin
}
}
ntp {
server 0.ubnt.pool.ntp.org {
}
server 1.ubnt.pool.ntp.org {
}
server 2.ubnt.pool.ntp.org {
}
server 3.ubnt.pool.ntp.org {
}
}
syslog {
global {
facility all {
level notice
}
facility protocols {
level debug
}
}
}
time-zone UTC
}
/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "config-management@1:conntrack@1:cron@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@5:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:ubnt-util@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: v1.9.0.4901118.160804.1131 */When we make a speedtest through the routers only eth2 wil used for the test.
thanks for the help...