General discussion

Experiences with ECMP - What is the best balancing option to correctly maintain sessions.

Hello, how are you doing? I hope everyone is well. Thanks for the collaboration and good vibes.

Based on your experience, what is the best balancing method that PA offers?

Based on what I have had to configure and thinking about the fidelity of the sessions, the best option has been "IP-HASH". Here I understand that by default it is based on source and destination address unless you check "source address only". Also the "Use Source/Destination Ports" check box appears.

Environment with main links between 150 to 300 Mbps and secondary links between 100 to 250 Mbps.

In other cases I applied the classic roung robin method and with weight, but in certain cases users reported problems with access to banks, office 365, the banks if it can be, because the change of IP to another, then there are systems that reflect and alert, therefore then it was forced with a PBF to banks, But what I found strange was towards Office 365 ( sharepoint and onedrive in particular ) searching and adjusting different methods until with IP Hash and WITHOUT the check of Address Only and with the check of "Use Source/Destination Ports" everything began to operate in an excellent way. I was surprised by the Office 365 issues since the SaaS reality of their services and the SD-WAN and optimization issues make me think that those office 365 apps are already more than prepared for those eventual changes from one link to others.

-Well, what have been your experiences with ECMP ? have you had to force some traffic as well ? What was the best configuration for your environment and specifications ?

Cheers