I've been working with routers for a long time, but I'm relatively new at Juniper. I noted that NTP was not syncing on QFX switches and MX routers. After some troubleshooting it turned out to be this issue:
So on some NTP packets the source IP address is changed to the loopback address of our own device. I have a couple of comments on that:
1) The operator would not expect this behavior
2) The operator can't see the altered packet with either "monitor traffic" or with tcpdump
3) After adding counters to the filter terms there are some hits on the lo0 term and some on the NTP term. So the behavior appears to apply to some NTP packets but not others.
Given the above, I don't think we'd ever be able to diagnose this except by tripping over the linked article.
So first question, as a technical curiosity, why is the source address change necessary? The article describes it as "internally forwarded [...] to the routing engine", but if the source address has to change that sounds more like a proxy or NAT situation rather than internal forwarding. Or put another way, why couldn't the internal process forward the packet unaltered?
Second, do I need to worry about this behavior with any other protocol, or only NTP?
Finally, why is this not considered a bug? Normally, a software design that produces a behavior the operator would never expect is something I would call a bug, but I see forum questions about this going back to at least 2008.....so I guess people don't see a need to fix/change it. Why not?