SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Load Balancing SRX210 based on protocol

    Posted 12-03-2012 10:24

    Hello,

     

    I currently have an SRX210 running, wth 1 ISP uplink.

     

    However, it's possible to connect a second ISP uplink to it (different provider).

     

    I would like to add some load balancing, but was wondering how to set it up so I can load balance outgoing traffic based on protocol?

     

    For example, is it possible to configure:

     - All HTTP/S traffic over ISP1

     - All FTP traffic over ISP2

     - All other protocols go round robin over ISP1 and ISP2

     

    This would cover all scenario's whatever is needed in the future 🙂

     

    Pointers in which direction I should look are welcome.



  • 2.  RE: Load Balancing SRX210 based on protocol
    Best Answer

    Posted 12-03-2012 11:10
    It's possible to do what you're looking to do, with that said it does add a certain layer of complexity in regards to failing over from one link to another. But, regardless if this is what you want to do, here's how you would do it. 
    The feature you're looking for is called filter based forwarding (much like policy based routing). You can fbf into a virtual router with ISP2's internet link as the default route. As long as you do a source nat of the interface return routing should just work fine. 
    Here's an example document. While this is written for the ex the process is the same. http://www.juniper.net/techpubs/en_US/junos9.5/topics/example/filter-based-forwarding-with-firewall-filter-ex-series.pdf
    Good luck,

     

     

    @CumpsD wrote:

    Hello,

     

    I currently have an SRX210 running, wth 1 ISP uplink.

     

    However, it's possible to connect a second ISP uplink to it (different provider).

     

    I would like to add some load balancing, but was wondering how to set it up so I can load balance outgoing traffic based on protocol?

     

    For example, is it possible to configure:

     - All HTTP/S traffic over ISP1

     - All FTP traffic over ISP2

     - All other protocols go round robin over ISP1 and ISP2

     

    This would cover all scenario's whatever is needed in the future 🙂

     

    Pointers in which direction I should look are welcome.

     



  • 3.  RE: Load Balancing SRX210 based on protocol

    Posted 12-03-2012 12:22

    Thanks, that set me in the right direction.

     

    Using that info, I also ended up at http://kb.juniper.net/InfoCenter/index?page=content&id=KB17223 which gives some more information 🙂