Citrix SD-WAN

ECMP load balancing

Equal Cost Multi-Path (ECMP) groups allow you to group multiple paths with the same cost, destination, and service. The connections or session data is load balanced across all the paths in the ECMP group depending on the type of ECMP group. For example, consider a network with two WAN links between a branch and a data center having the same route cost. Traditionally, one of the WAN links would be active and the other remains dormant acting as a fallback link. With ECMP Groups, you can group these WAN links together and allow traffic to be load balanced through both the WAN links. ECMP load balancing ensures:

  • Distribution of traffic over multiple equal-cost paths.
  • Optimal usage of available bandwidth.
  • Dynamic transfer of traffic to other ECMP member path, if a link fails. ECMP supports static routes on IPsec / GRE tunnels.

ECMP load balancing is supported on Virtual Paths and Intranet services. ECMP groups are defined at the global level. You can define a maximum of 254 ECMP groups in your network. The maximum number of ECMP eligible routes in an ECMP group depend on your appliance and license type. The following two types of ECMP groups are supported on Citrix SD-WAN:

  • Source/destination IP address: Networks where multiple clients try to connect to the same destination, the connections are load balanced across equal cost WAN links.
  • Session: Networks where a single client is connected to a destination and multiple sessions are spawned. The session data is load balanced across equal cost WAN links.

To configure an ECMP group, in the configuration editor, navigate to Global > ECMP Groups. Provide a name for the ECMP group and select the type as Src/Dest IP address or Session as required.

ECMP group

You can associate the ECMP groups to Virtual Path and Intranet Default Sets.

Associate default sets to ECMP group

The following are the three ways to associate an ECMP group to the Virtual Path and Intranet services:

  • Inherit: The service inherits the ECMP group associated to the Default Set. If there is no ECMP group associated with the Default Set, the service is not associated to any ECMP group.

    Inherit

  • None: The service is not associated to any ECMP group even if the Default Set is associated to an ECMP group.

    None

  • ECMP Group: Select one of the ECMP groups defined at the global level to associate the ECMP group with the service. The selected ECMP group overrides the ECMP group associated with the Default Set.

    None

To monitor ECMP load balancing, in the SD-WAN UI, navigate to Monitoring > Statistics > Routes and filter the search results using the ECMP group name.

Monitoring

In the sample data, we see that all the routes within a service having a common ECMP group are part of that ECMP group. For example, 6.6.6.0/24 and 5.5.5.0/24 are in the ECMP Group Tonowhere. However, the traffic load is balanced between the services New_Intranet_Service-3 and New_Intranet_Service-4 that share a destination IP 5.5.5.0/24 and are associated to the same ECMP group.

Note

For the SIA and Zscaler service, you can load balance across two IPsec tunnel paths with ECMP (Active/Active).

The ECMP load balancing functionality is not supported on the following SD-WAN appliances:

  • Citrix SD-WAN 1000 SE / PE
  • Citrix SD-WAN 2000 SE / PE
  • Citrix SD-WAN 4000 SE
ECMP load balancing

In this article