[prev in list] [next in list] [prev in thread] [next in thread]
List: juniper-nsp
Subject: Re: [j-nsp] SRX 550 BGP Flapping
From: Payam Chychi <pchychi () gmail ! com>
Date: 2018-01-31 6:10:26
Message-ID: CAJMkcM2o9u+mwpxGQaTMxySBMS9qahNKaHgYFWWP2OS44W=KvA () mail ! gmail ! com
[Download RAW message or body]
On Tue, Jan 30, 2018 at 9:43 PM sameer mughal <pcs.sameer1@gmail.com> wrote:
> Thank you all for your interests.
> Following are the interface stats FYR.
>
> Link-level type: Ethernet, MTU: 1514, LAN-PHY mode, Link-mode:
> Full-duplex, Speed: 1000mbps, BPDU Error: None,
> MAC-REWRITE Error: None, Loopback: Disabled, Source filtering: Disabled,
> Flow control: Disabled,
> Auto-negotiation: Enabled, Remote fault: Online
> Device flags : Present Running
> Interface flags: SNMP-Traps Internal: 0x0
> Link flags : None
> CoS queues : 8 supported, 8 maximum usable queues
> Current address: 00:10:db:ff:10:02, Hardware address: 58:00:bb:58:35:02
> Last flapped : 2018-01-30 05:27:06 GMT+5 (18:48:35 ago)
> Input rate : 32985528 bps (6226 pps)
> Output rate : 29967832 bps (5722 pps)
> Active alarms : None
> Active defects : None
> Interface transmit statistics: Disabled
>
> Logical interface ge-0/0/2.0 (Index 67) (SNMP ifIndex 520)
> Flags: Up SNMP-Traps 0x0 Encapsulation: ENET2
> Input packets : 222627215
> Output packets: 167230114
> Security: Zone: Null
> Protocol aenet, AE bundle: reth2.0 Link Index: 0
>
> {primary:node0}
> show interfaces ge-9/0/2
> Physical interface: ge-9/0/2, Enabled, Physical link is Up
> Interface index: 177, SNMP ifIndex: 565
> Link-level type: Ethernet, MTU: 1514, LAN-PHY mode, Link-mode:
> Full-duplex, Speed: 1000mbps, BPDU Error: None,
> MAC-REWRITE Error: None, Loopback: Disabled, Source filtering: Disabled,
> Flow control: Disabled,
> Auto-negotiation: Enabled, Remote fault: Online
> Device flags : Present Running
> Interface flags: SNMP-Traps Internal: 0x0
> Link flags : None
> CoS queues : 8 supported, 8 maximum usable queues
> Current address: 00:10:db:ff:10:02, Hardware address: 58:00:bb:58:bc:02
> Last flapped : 2018-01-30 03:50:09 GMT+5 (20:25:37 ago)
> Input rate : 0 bps (0 pps)
> Output rate : 0 bps (0 pps)
> Active alarms : None
> Active defects : None
> Interface transmit statistics: Disabled
>
> Logical interface ge-9/0/2.0 (Index 89) (SNMP ifIndex 575)
> Flags: Up SNMP-Traps 0x0 Encapsulation: ENET2
> Input packets : 3584089
> Output packets: 4832617
> Security: Zone: Null
> Protocol aenet, AE bundle: reth2.0 Link Index: 0
>
> {primary:node0}
>
>
> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon> \
> Virus-free. www.avast.com
> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link>
> <#m_8948595383215198987_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>
> On Wed, Jan 31, 2018 at 1:42 AM, Payam Chychi <pchychi@gmail.com> wrote:
>
> > On Tue, Jan 30, 2018 at 9:29 AM Alexander Arseniev <
> > arseniev@btinternet.com>
> > wrote:
> >
> > > Hello,
> > >
> > > BGP KA size is 19 bytes without authentication, circa 39 with. Plus IP
> > > overhead, plus Ethernet OVH - still below 100 B.
> > >
> > > SRX reth default MTU is 1500B.
> > >
> > > Are You sure that checking & setting MTU helps to fix BGP holdtime
> > expiry?
> > >
> > > I would bet that either SRX550 reth interface is saturated, or SRX550
> > > CPU is busy.
> > >
> > > HTH
> > >
> > > Thx
> > > Alex
> > >
> > >
> > > On 30/01/2018 06:25, Emille Blanc wrote:
> > > > You might want to check the MTU of the path, or ensure that pmtu is
> > > enabled.
> > > > It looks like you're using a redundant ethernet interface (reth). If
> > > you're using a non-standard MTU, make sure it is set correctly for its
> > > member interface(s).
> > > >
> > > > ________________________________________
> > > > From: juniper-nsp [juniper-nsp-bounces@puck.nether.net] On Behalf Of
> > > sameer mughal [pcs.sameer1@gmail.com]
> > > > Sent: Monday, January 29, 2018 8:20 PM
> > > > To: juniper-nsp@puck.nether.net
> > > > Subject: Re: [j-nsp] SRX 550 BGP Flapping
> > > >
> > > > I have seen hold time error. what will be the fix on this issue?
> > > >
> > > >
> > >
> > > _______________________________________________
> > > juniper-nsp mailing list juniper-nsp@puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/juniper-nsp
> > >
> > Bgp exchanges routes, those routes get sent as an update packet, that
> > packet can fill up the size of the packet to the mtu-ip/tcp(40byte), so
> > yes, if you have mix match of mtu, your bgp session will
> > drop/reconnect/drop... (repeat) if the update pkt size gets fragmented
> >
> >
> > --
> > Payam Tarverdyan Chychi
> > Network Security Specialist / Network Engineer
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp@puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> >
>
> interfaces do not look very stable... what are they connected to? What do
your logs show?
--
Payam Tarverdyan Chychi
Network Security Specialist / Network Engineer
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic