[j-nsp] Verifying Juniper ECMP
ryanL
ryan.landry at gmail.com
Sat Aug 9 12:00:38 EDT 2014
oh man... this might be the answer to a long standing problem i've been
having with the EX4500's at my core. they do BGP to a bunch of proxy
machines (exabgp) that advertise the same /32 (as a VIP). once every so
often (becoming more often as traffic grows), a TCP packet is forwarded by
the EX to one of the machines which has no knowledge of the original flow.
that machine of course sends back a RST and breaks the whole flow.
i've done exhaustive packet captures for juniper on this, thinking that
somehow the EX was actually duplicating a packet incorrectly out one
interface. but this stateless ECMP rehash for all flows every time a new
flow is added or taken away makes a lot more sense to me, and also really
sucks if true.
case 2014-0123-0781, if anyone at juniper is listening. that case is
_still_ open.
More information about the juniper-nsp
mailing list