[j-nsp] Asymmetric Routing

Dave Bell me at geordish.org
Tue Oct 13 09:18:48 EDT 2015 

Hi Chad,

How is this iBGP session formed? Is it over L3 links via the EX, or do
they have a direct physical link?

If it is via the EX, then the issue may be with it not having a full
routing table, like your MX80s.

Packet is sent to the EX. It does a route lookup, and has its default
route set at MX80 A. Packet is forwarded to MX80 A.
Packet is received by MX80 A. It does a route lookup, and the best
route is via MX80 B. Packet is forwarded to EX.
EX receives packet. It does a route lookup. Default route is via...

Do a route lookup for the destination on each of the MX's, see where
it thinks it should be forwarding the packet.

Regard,
Dave

On 13 October 2015 at 14:04, Chad Levy <clevy417 at outlook.com> wrote:
> Hi Mark,
>
> The default gateway of the machine is the EX4500.
>
> I have since tried another scenario. If I place both ISPs on the same MX80, and the same asymmetric route exists on the ingress and egress, there is no longer an issue with connectivity. I only have an issue when the ingress and egress paths traverse different MX80 devices.
>
> Thank you,
> Chad
>
>> Subject: Re: [j-nsp] Asymmetric Routing
>> To: clevy417 at outlook.com; juniper-nsp at puck.nether.net
>> From: mark.tinka at seacom.mu
>> Date: Tue, 13 Oct 2015 08:07:36 +0200
>>
>>
>>
>> On 13/Oct/15 04:56, Chad Levy wrote:
>>
>> > Hi all,
>> >
>> > I am having an issue with a new set of Juniper MX80 routers and an EX4500 switch. My topology is extremely simple, each MX80 has its own internet provider running full BGP routes, and iBGP between the two. The EX4500 is connected to both MX80 devices with /30 P2P running OSPF with route redistribution. The MX80s are originating a default route to the EX4500 via OSPF.
>> >
>> > I have a single /24 announced to both of my internet providers with a machine connected to the EX4500 via a /30.
>> >
>> > Both MX80 devices can ping the machine, and vice-versa. My issue becomes when I have an inbound route traverse "ISP A" on one MX, but the return path tries to egress "ISP B" on the other MX. Traffic is dropped and never reaches its final destination. The same behavior happens when the ingress is on "ISP B" and egress on "ISP A".
>> >
>> > If the ingress and egress paths are symmetrical, connectivity is fine. Additionally, if I override the OSPF learned route for the machines /30 on the ingress MX80, and point a static route to the egress path MX80 for the /30, traffic flows perfectly fine.
>> >
>> > I do not have any elaborate firewall filters or anything such as RPF enabled, etc on any of the devices at this time. My carriers are also not filtering any traffic on their side.
>> >
>> > Are there any default configurations in place on either the MX80 or EX4500 that could cause this behavior? One MX80 is running JunOS 13.3, the second MX and the EX4500 are both running JunOS 12.3. The behavior is similar to using a pair of SRX devices in flow mode with traffic ingress on one device, and egress on another.
>>
>> What is the PC's default gateway? The MX80's or the EX4500?
>>
>> Mark.
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list