SRX

 View Only
last person joined: 4 days ago 

Ask questions and share experiences about the SRX Series.

Whenever manual failover from SRX 345 Node0 to Node1, Node1 created duplicate (double) multicast outbound packets.

  • 1.  Whenever manual failover from SRX 345 Node0 to Node1, Node1 created duplicate (double) multicast outbound packets.

    Posted 12-21-2022 06:48
    Edited by Wilson Cheng 20 days ago

    Does anyone has similar issues? JTAC couldn't provide an immediate response. Hope someone can provide some technical guidance. Thanks. :)

    Problem Description:
     
    Whenever manual failover from SRX 345 Node0 to Node1, Node1 created duplicate (double) multicast outbound packets. No duplicate outbound multicast packets creation when the RG1 is primary on Node0.  

    Detailed Troubleshooting Action Description: Multicast traffic sourced behind the MSN RTR+FW side towards the ESB RTR+FW routed out using OSPF to multiple remote sites through each point-to-point GRE Tunnels. OSPF and GRE tunnels are operating inside the ESB RTR+FW connected to multiple remote sites. 

    Packet captured inbound multicast packages reaching the ESB Reth interfaces resulted in a normal number of multicast packages when either Node0 or 1 is primary. At the same time, packet captured outbound multicast traffic from 4-Non-Reth physical interfaces produced duplicate (double) multicast packets when ONLY Node1 is the primary. Please remind that we did change to different physical interfaces and SPF modules have the same effect. 

    We observed the duplicate multicast packets have one more (non-decrement) TTL value compared to the normal (non-duplicate) scenario based on our Wireshark capture output. It seems the SRX has not decremented the TTL value when transmitting out the packet when ONLY Node1 is operating. 

    ------------------------------------------------------------------------------------------------------------------------

    ESB RTR+FW Model: Juniper SRX 345-dual-ac                      JUNOS Software Release: 22.1R1.10 

    WAN & MSN RTR+FW Model: Juniper SRX 345    JUNOS Software Release: before 22.1R1.10 

    Chassis Cluster Mode: Active/Passive (All Firewalls) 

    Routing Protocol: Point-to-point OSPF adjacencies to multiple remote sites.  

    Tunneling: GRE tunnel between each remote site.            Multicast Traffic: VLAN 34 

    PIM-enabled Interfaces: (Upstream/Outbound) Only enabled PIM on each GRE interface connected to multiple remote sites. (Downstream) Only enabled PIM on reth1.34 interface connected downstream to the Fiber TAP. 

    Multicast Mode: PIM Sparse-Dense (ESB RTR+FW), PIM Sparse (MSN RTR+FW), No PIM (WAN RTR+FW) 

    ------------------------------
    Wilson Cheng
    ------------------------------