[c-nsp] strange behavior over MPLS network - remote desktop won't work

[Chris Hale]

All -

We have a simple three node MPLS network that we've deployed for a customer
across our backbone.  Two sites connect to POP "N" and one site connects to
POP "H".  We have CE (Juniper J2320's) that provide OSPF updates to the PE
for customer routes, and Internet is also provided via a second circuit to
the site off POP "H".

Site W and Site S are off POP N.

Site B is off POP H.

POP N and POP H are connected directly to each other via GigE over wireless
backhaul.  Sites W, S, and B are connected to POPs via wireless bridges and
use 802.1q trunks to aggregate traffic to the core routers.

Here is a simple ASCII text:

Site W
   |
cisco 7206 (POP-N) ->---wireless backhaul gige ---->-cisco-7206
(POP-H)--->fastE--->cisco7206(POP-H)--->---Site B ----> Cisco ASA --->
Internet
   |
Site S

All CE routers pick up the routes from the other CE routers, and ICMP works
fine throughout network. Users in Sites W & S can access Internet.

Users between Site W and Site S can use remote desktop/VNC to access other
desktops/servers within these sites (i.e. between Site S and Site W, remote
desktop is fine).

The issue is when users in Site B try to remote desktop into Site W or Site
S, or either Site W or S go to Site B.  Again, site S<-->W is fine.

I have packet captures with and without the CE routers, and I see traffic
going back and forth between W and B for a test on TCP 3389.  Again, pings
and other traffic work fine between these sites, it just seems to be remote
desktop or VNC.  The customer can get the login window to pop up but then it
seems to hang after a few seconds.

They are migrating off a p2p T1 connect between W<---->B<---->S, and they
used plain 1600 series routers.  Remote desktop/VNC worked fine before
migrating to our MPLS connections.

Thanks,
Chris