[j-nsp] Asymmetric Routing
Chad Levy
clevy417 at outlook.com
Mon Oct 12 22:56:35 EDT 2015
Hi all,
I am having an issue with a new set of Juniper MX80 routers and an EX4500 switch. My topology is extremely simple, each MX80 has its own internet provider running full BGP routes, and iBGP between the two. The EX4500 is connected to both MX80 devices with /30 P2P running OSPF with route redistribution. The MX80s are originating a default route to the EX4500 via OSPF.
I have a single /24 announced to both of my internet providers with a machine connected to the EX4500 via a /30.
Both MX80 devices can ping the machine, and vice-versa. My issue becomes when I have an inbound route traverse "ISP A" on one MX, but the return path tries to egress "ISP B" on the other MX. Traffic is dropped and never reaches its final destination. The same behavior happens when the ingress is on "ISP B" and egress on "ISP A".
If the ingress and egress paths are symmetrical, connectivity is fine. Additionally, if I override the OSPF learned route for the machines /30 on the ingress MX80, and point a static route to the egress path MX80 for the /30, traffic flows perfectly fine.
I do not have any elaborate firewall filters or anything such as RPF enabled, etc on any of the devices at this time. My carriers are also not filtering any traffic on their side.
Are there any default configurations in place on either the MX80 or EX4500 that could cause this behavior? One MX80 is running JunOS 13.3, the second MX and the EX4500 are both running JunOS 12.3. The behavior is similar to using a pair of SRX devices in flow mode with traffic ingress on one device, and egress on another.
I appreciate any insight that can be provided.
Thank you,
Chad
More information about the juniper-nsp
mailing list