[j-nsp] bgp routes not passing traffic between routers,
traffic dropped
Bill Petrisko
billp at wjp.net
Wed Nov 10 14:26:43 EST 2004
I am having a strange problem with certain BGP routes
not being forwarded correctly to a neighboring router.
It started yesterday with one /17 prefix not working,
and today we have another handful of /20, /23, /24's
all not forwarding.
Router 1 is our colo router M20 6.2R2.2
Router 2 is our core router M20 5.6R2.4
Path should be server->router 1->router 2->internet/core
>From a local server (same from router 1 itself)-
# traceroute 66.173.240.20
traceroute to 66.173.240.20 (66.173.240.20), 30 hops max, 38 byte packets
1 xx.xx.xx.xx (router 1)
2 * * (router 2)
>From router 1-
The route in BGP looks good:
bill at router1> show route 66.173.240.20
inet.0: 150815 destinations, 150824 routes (150802 active, 15 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
66.173.240.0/23 *[BGP/170] 5d 18:52:15, MED 0, localpref 100, from 69.28.139.222
AS path: 3549 701 16810 23241 I
to 69.28.139.249 via ge-1/1/0.0
> to 69.28.139.253 via ge-2/1/0.0
The next-hops look good:
bill at router1> show route 69.28.139.249
inet.0: 150794 destinations, 150803 routes (150792 active, 4 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
69.28.139.248/30 *[Direct/0] 2w1d 10:53:27
> via ge-1/1/0.0
bill at router1> show route 69.28.139.253
inet.0: 150794 destinations, 150803 routes (150792 active, 4 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
69.28.139.252/30 *[Direct/0] 1d 21:21:30
> via ge-2/1/0.0
bill at router1> show route forwarding-table destination 66.173.240.20
Routing table: inet
Internet:
Destination Type RtRef Next hop Type Index NhRef Netif
66.173.240.0/23 user 0 indr 976 48557
ulst 1335 522
69.28.139.249 ucst 421 3 ge-1/1/0.0
69.28.139.253 ucst 422 3 ge-2/1/0.0
bill at router1> show route resolution 66.173.240.0/23
Table inet.3 Nodes 0
66.173.240.0/23 Originating RIB: inet.0
Metric: 30 Node path count: 1
Indirect nexthops: 1
Protocol Nexthop: 208.50.254.245 Metric: 30
Indirect nexthop: 8763180 976
Indirect path forwarding nexthops: 2
Nexthop: 69.28.139.249 via ge-1/1/0.0
Nexthop: 69.28.139.253 via ge-2/1/0.0
Table inet.0 Nodes 150801
66.173.240.0/23 Originating RIB: inet.0
Metric: 30 Node path count: 1
Indirect nexthops: 1
Protocol Nexthop: 208.50.254.245 Metric: 30
Indirect nexthop: 8763180 976
Indirect path forwarding nexthops: 2
Nexthop: 69.28.139.249 via ge-1/1/0.0
Nexthop: 69.28.139.253 via ge-2/1/0.0
Table inet.2 Nodes 150801
66.173.240.0/23 Originating RIB: inet.0
Metric: 30 Node path count: 1
Indirect nexthops: 1
Protocol Nexthop: 208.50.254.245 Metric: 30
Indirect nexthop: 8763180 976
Indirect path forwarding nexthops: 2
Nexthop: 69.28.139.249 via ge-1/1/0.0
Nexthop: 69.28.139.253 via ge-2/1/0.0
Putting a filter on the router2 interface shows the packets are
being received for this prefix:
bill at router2-re0> show configuration firewall filter trackit
term log {
from {
destination-address {
66.173.240.20/32;
}
}
then {
count trackit;
log;
accept;
}
}
term default {
then accept;
}
(applied only to router1->router2 ckt #1)
bill at router2-re0> show firewall filter trackit
Filter: trackit
Counters:
Name Bytes Packets
trackit 51900 67
(applied only to router1->router2 ckt #1)
bill at router2-re0> show firewall filter trackit
Filter: trackit
Counters:
Name Bytes Packets
trackit 44016 42
Route works fine from router 2-
bill at router2-re0> traceroute 66.173.240.20
traceroute to 66.173.240.20 (66.173.240.20), 30 hops max, 40 byte packets
1 ge-3-2-0.ar5.phx1.gblx.net (64.208.170.253) 1.040 ms 0.946 ms 11.765 ms
2 so1-0-0-2488M.ar1.LAX2.gblx.net (67.17.67.169) 16.094 ms so0-0-0-2488M.ar1.LAX2.gblx.net (67.17.72.106) 10.722 ms 10.569 ms
3 208.51.134.2 (208.51.134.2) 11.994 ms 11.863 ms 11.874 ms
4 0.so-0-3-0.XL1.LAX9.ALTER.NET (152.63.115.2) 12.005 ms 12.201 ms 11.991 ms
5 0.so-0-0-0.TL1.LAX9.ALTER.NET (152.63.115.138) 12.252 ms 12.402 ms 12.123 ms
6 0.so-5-0-0.TL1.DCA6.ALTER.NET (152.63.0.142) 77.508 ms 77.866 ms 77.399 ms
7 0.so-4-2-0.CL1.PHL1.ALTER.NET (152.63.37.77) 82.556 ms 82.682 ms 82.059 ms
8 POS6-0.GW7.PHL1.ALTER.NET (152.63.39.121) 85.052 ms 82.167 ms 79.855 ms
9 cavtelOC12-gw.customer.alter.net (65.207.92.238) 82.241 ms 82.135 ms 82.714 ms
10 64.83.67.90 (64.83.67.90) 83.943 ms 84.489 ms 83.822 ms
^C
Also, I have tried static routing these blocks from router1 -> router2,
still does not work.
If I static route these blocks from router1->router3 (another colo router
with external connectivity) --- it works fine.
Any clues where I should start looking to find out why these prefixes
are not working properly between router1->router2 ?
This is the strangest thing I have seen in a long time.
thanks
bill
More information about the juniper-nsp
mailing list