[j-nsp] MX80 MPLS L3VPN Fragment drops
Leigh Porter
leigh.porter at ukbroadband.com
Mon Nov 5 18:48:47 EST 2012
Hey All,
I have a very weird MX80 issue...
I have an LTE network and traffic is encaped into GTP tunnels. To keep the end-user MTU at 1500 the full-sized datagrams are stuffed into the GTP UDP tunnels and the tunnel datagrams are then fragmented, typically into a 1500 byte datagram and a subsequent 56 or so byte datagram. The base station re-assembles these and the whole process is transparent to an LTE user.
However..
We have a problem where almost always a TCP stream (i.e. an FTP or HTTP session) will stall and never recover.
A packet dump reveals that the TCP sender (FTP server) will send a segment, the LTE core will encap this segment and fragment the tunnel packet, these fragments enter into an MX80 and into a L3VPN instance but then only the first half of the fragmented datagram ever exits the MX80 as an MPLS packet.
This happens at various times during the transfer. Sometimes at say 30MB transferred, sometimes at 200MB transferred. But always the same issue, a fragmented packet is sent but only the first fragment makes it out of the MX80.
Now, TCP will re-send the segment and it does but then of EVERY SINGLE re-transmission the very same half of the datagram is dropped inside the MX80 never to be seen again. Which is odd because the transfer just happily sent upto hundreds of MB in exactly the same way.
Meanwhile the same base station and client is passing lots of other traffic without any issues.
There is no packet loss, the interfaces are clean. There are no odd flags on the datagrams in question, they look as though they are correctly formatted and wireshark correctly identifies the input to the MX80 as fragmented datagrams and reassembles them correctly.
I have a case open for this, but has anybody ever heard of anything like this?
--
Leigh Porter
______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________
More information about the juniper-nsp
mailing list