Load Balancing Application Flows Using Deep Packet Inspection Algorithm

The Deep Packet Inspection (DPI) algorithm helps in identification of application flows to facilitate detailed inspection of packets. The DPI algorithm deeply inspects the packets and therefore helps the service provider identify efficient ways to share bandwidth among parallel ethernet interfaces.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Prerequisites for ECMP Loadbalance with Tunnel Visibility

  • Enable entropy label feature to compute hashing in Layer 2 Virtual Private Networks (L2VPN) core network.

Restrictions for ECMP Loadbalance with Tunnel Visibility

  • Deep Packet Inspection (DPI) for flow-label in IPv6 is not supported.

  • DPI is not supported for fragment traffics.

Information About Load Balancing Using Deep Packet Inspection Algorithm

Packet Inspection and Identification Using Hash Value

The DPI algorithm performs deep inspection of packets to generate a unique hash value that helps in identification of packets that flow into parallel links. This helps in effective sharing of bandwidth among subscribers.

Preserve Key Control Configuration

If you choose to remove the DPI configurations, you can do that using the command no port-channel load-balance-hash-algo dpi algorithm command. This will remove all the DPI tunnel and key-control configurations.

Support for Tunnel and Tunnel-Less Packets

The DPI algorithm is supported for the following tunnels:

  • GRE

  • IPsec

  • IPinIP

  • VxLAN

  • In addition to supporting the above mentioned tunnels, DPI can also be performed for tunnel-less packets using port-channel load-balance-hash-algo dpi key-control default command.

    When you configure load balancing using DPI you can specify a specific tunnel using the port-channel load-balance-hash-algo dpi algorithm <tunnel-name> command. If you prefer to configure DPI for all the tunnels, use the port-channel load-balance-hash-algo dpi algorithm command without a tunnel name. This configures DPI for all the tunnels and port-channels.

Figure 1. Configuring Load Balancing Using DPI

This image is not available in preview/cisco.com

Example: Configuring DPI for IPinIP Tunnel with Key-Control Parameter

enable
configure terminal
(config)# port-channel load-balance-hash-algorithm dpi keycontrol tunnel-ipinip outer-src-dst-ip ignore-inner-ip 
ignore-inner-port

Configuring Load Balancing Using Deep Packet Inspection for Tunnel-Based Flow

enable
configure terminal
port-channel load-balance-hash-algo dpi algorithm <tunnelname>
port-channel load-balance-hash-algo dpi key-control <tunnel-name> <key-control variables> 
end

Examples for Configuring Load Balancing Using for Tunnel-Based Flow

Example: ECMP Loadbalance with Tunnel Visibility 

ip cef load-sharing algorithm dpi tunnel-gre tunnel-l2tp tunnel-ipsec tunnel-ipinip tunnel-vxlan l2vpn-mac
ip cef load-sharing key-control dpi tunnel-gre outer-src-dst-ip inner-src-dst-ip inner-src-dst-port
ip cef load-sharing key-control dpi tunnel-l2tp outer-src-dst-ip outer-src-dst-port inner-src-dst-ip inner-src-dst-port
ip cef load-sharing key-control dpi tunnel-ipsec outer-src-dst-ip
ip cef load-sharing key-control dpi tunnel-ipinip outer-src-dst-ip inner-src-dst-ip inner-src-dst-port
ip cef load-sharing key-control dpi tunnel-vxlan outer-src-dst-ip outer-src-dst-port inner-src-dst-mac inner-vlan 3
ip cef load-sharing key-control dpi l2vpn-mac outer-src-dst-mac outer-vlan 3 outer-src-dst-ip outer-src-dst-port inner-src-dst-mac inner-vlan 3 inner-src-dst-ip inner-src-dst-port

Additional References

Related Documents

Related Topic

Document Title

Cisco IOS commands

Cisco IOS Master Commands List, All Releases

MIBs

MIB

MIBs Link

No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.

To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:

http://www.cisco.com/go/mibs

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html

Feature Information for Load Balancing with DPI Algorithm

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1. Feature Information for Load Balancing Using DPI Algorithm

Feature Name

Releases

Feature Information

Load Balancing Application Flows Using Deep Packet Inspection

Cisco IOS XE Gibraltar 16.10.1.

The Deep Packet Inspection (DPI)

helps in identification of application flows to facilitate detailed inspection of packets. The DPI algorithm deeply inspects the packets and therefore helps the service provider identify efficient ways to share bandwidth among parallel Ethernet interfaces.

The following commands were modified:

port-channel load-balance-hash-algorithm dpi algorithm. .

port-channel load-balance-hash-algorithm dpi key-control. .