[j-nsp] SRX 550 BGP Flapping

sameer mughal pcs.sameer1 at gmail.com
Wed Jan 31 00:43:39 EST 2018


Thank you all for your interests.
Following are the interface stats FYR.

  Link-level type: Ethernet, MTU: 1514, LAN-PHY mode, Link-mode:
Full-duplex, Speed: 1000mbps, BPDU Error: None,
  MAC-REWRITE Error: None, Loopback: Disabled, Source filtering: Disabled,
Flow control: Disabled,
  Auto-negotiation: Enabled, Remote fault: Online
  Device flags   : Present Running
  Interface flags: SNMP-Traps Internal: 0x0
  Link flags     : None
  CoS queues     : 8 supported, 8 maximum usable queues
  Current address: 00:10:db:ff:10:02, Hardware address: 58:00:bb:58:35:02
  Last flapped   : 2018-01-30 05:27:06 GMT+5 (18:48:35 ago)
  Input rate     : 32985528 bps (6226 pps)
  Output rate    : 29967832 bps (5722 pps)
  Active alarms  : None
  Active defects : None
  Interface transmit statistics: Disabled

  Logical interface ge-0/0/2.0 (Index 67) (SNMP ifIndex 520)
    Flags: Up SNMP-Traps 0x0 Encapsulation: ENET2
    Input packets : 222627215
    Output packets: 167230114
    Security: Zone: Null
    Protocol aenet, AE bundle: reth2.0   Link Index: 0

{primary:node0}
show interfaces ge-9/0/2
Physical interface: ge-9/0/2, Enabled, Physical link is Up
  Interface index: 177, SNMP ifIndex: 565
  Link-level type: Ethernet, MTU: 1514, LAN-PHY mode, Link-mode:
Full-duplex, Speed: 1000mbps, BPDU Error: None,
  MAC-REWRITE Error: None, Loopback: Disabled, Source filtering: Disabled,
Flow control: Disabled,
  Auto-negotiation: Enabled, Remote fault: Online
  Device flags   : Present Running
  Interface flags: SNMP-Traps Internal: 0x0
  Link flags     : None
  CoS queues     : 8 supported, 8 maximum usable queues
  Current address: 00:10:db:ff:10:02, Hardware address: 58:00:bb:58:bc:02
  Last flapped   : 2018-01-30 03:50:09 GMT+5 (20:25:37 ago)
  Input rate     : 0 bps (0 pps)
  Output rate    : 0 bps (0 pps)
  Active alarms  : None
  Active defects : None
  Interface transmit statistics: Disabled

  Logical interface ge-9/0/2.0 (Index 89) (SNMP ifIndex 575)
    Flags: Up SNMP-Traps 0x0 Encapsulation: ENET2
    Input packets : 3584089
    Output packets: 4832617
    Security: Zone: Null
    Protocol aenet, AE bundle: reth2.0   Link Index: 0

{primary:node0}

<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon>
Virus-free.
www.avast.com
<https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link>
<#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>

On Wed, Jan 31, 2018 at 1:42 AM, Payam Chychi <pchychi at gmail.com> wrote:

> On Tue, Jan 30, 2018 at 9:29 AM Alexander Arseniev <
> arseniev at btinternet.com>
> wrote:
>
> > Hello,
> >
> > BGP KA size is 19 bytes without authentication, circa 39 with. Plus IP
> > overhead, plus Ethernet OVH - still below 100 B.
> >
> > SRX reth default MTU is 1500B.
> >
> > Are You sure that checking & setting MTU helps to fix BGP holdtime
> expiry?
> >
> > I would bet that either SRX550 reth interface is saturated, or SRX550
> > CPU is busy.
> >
> > HTH
> >
> > Thx
> > Alex
> >
> >
> > On 30/01/2018 06:25, Emille Blanc wrote:
> > > You might want to check the MTU of the path, or ensure that pmtu is
> > enabled.
> > > It looks like you're using a redundant ethernet interface (reth). If
> > you're using a non-standard MTU, make sure it is set correctly for its
> > member interface(s).
> > >
> > > ________________________________________
> > > From: juniper-nsp [juniper-nsp-bounces at puck.nether.net] On Behalf Of
> > sameer mughal [pcs.sameer1 at gmail.com]
> > > Sent: Monday, January 29, 2018 8:20 PM
> > > To: juniper-nsp at puck.nether.net
> > > Subject: Re: [j-nsp] SRX 550 BGP Flapping
> > >
> > > I have seen hold time error. what will be the fix on this issue?
> > >
> > >
> >
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> >
>  Bgp exchanges routes, those routes get sent as an update packet, that
> packet can fill up the size of the packet to the mtu-ip/tcp(40byte), so
> yes, if you have mix match of mtu, your bgp session will
> drop/reconnect/drop... (repeat) if the update pkt size gets fragmented
>
>
> --
> Payam Tarverdyan Chychi
> Network Security Specialist / Network Engineer
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>


More information about the juniper-nsp mailing list