List Info

Thread: NetScreen/Juniper problem
NetScreen/Juniper problem
user name
 2006-03-28 12:43:50 
Apologies for anyone also on nnqorbit for this
cross-posting, I figured I'd
post this here now aswell.

We're trying to get multicast working on a
Juniper/NetScreen 25 running
ScreenOS 5.3.0r1.0.

We have PIM-SM successfully established, and the upstream
Cisco route is
forwarding traffic for the particular multicast group to the
NetScreen
ethernet3 (Untrust zone/trust-vr) interface. This interface
does not seem to
be recognizing/registering the multicast data traffic:
Hardware 64-bit counters for interface ethernet3:
in bytes                 772953924749 |  out bytes
1554508676111
in ucast                   2205056934 |  out ucast
3381480232
in mcast                            0 |  out mcast
0
in bcast                            0 |  out bcast
0

When we debug flow all, with an ffilter setup for our
source, we see the
following:
****** 5250133.0: <Untrust/ethernet3> packet received
[1356]******
  ipid = 0(0000), c7d44110
  packet passed sanity check.
 
ethernet3:132.185.236.60/32783->233.122.227.201/5554,17&l
t;Root>
  existing session found. sess token 6
  flow got session.
  flow session id 25564
  POLL_DROP_PAK: vlist 0x14337c4, 0x14336e8
  super fast vector 3
****** 5250133.0: <Untrust/ethernet3> packet received
[1356]******
  ipid = 0(0000), c7d45110
  packet passed sanity check.
 
ethernet3:132.185.236.60/32783->233.122.227.201/5554,17&l
t;Root>
  existing session found. sess token 6
  flow got session.
  flow session id 25564
  POLL_DROP_PAK: vlist 0x14337c4, 0x14336e8
****** 5250133.0: <Untrust/ethernet3> packet received
[1356]******
  ipid = 0(0000), c7d45910
  packet passed sanity check.
 
ethernet3:132.185.236.60/32783->233.122.227.201/5554,17&l
t;Root>
  existing session found. sess token 6
  flow got session.
  flow session id 25564
  POLL_DROP_PAK: vlist 0x14337c4, 0x14336e8

This leads me to believe we may be dropping this traffic at
the NetScreen?
Would could this be? We have the following multicast routes
for this group:
(*, 233.122.227.201)  RP 217.154.130.100 02:00:38/-        
Flags: LF
  Zone            : Untrust
  Upstream        : ethernet3           State          :
Joined
  RPF Neighbor    : 217.154.52.38       Expires        :
00:00:23
  Downstream      :
  ethernet1    02:00:38/-         Join        
233.122.227.201  FC

(132.185.236.60/27, 233.122.227.201)   02:00:37/00:02:54 
Flags: TLF
  Zone            : Untrust
  Upstream        : ethernet3           State          :
Joined
  RPF Neighbor    : 217.154.52.38       Expires        :
00:00:24
  Downstream      :
  ethernet1    02:00:37/-         Join        
233.122.227.201
132.185.236.60 FC

Which leads me to believe all is okay. Yet no multicast
traffic appearing on
ethernet1.

I'm pretty sure this must be a bug, can anyone else shed
any light, or give
me any ideas on what else I could check? We have at times
seen a few packets
from this stream passed, but it has been random and sporadic
and only a few
packets.

Cheers,
Chris.

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.3.2/293 - Release
Date: 26/03/2006
 

_______________________________________________
juniper-nsp mailing list juniper-nsppuck.nether.net
h
ttp://puck.nether.net/mailman/listinfo/juniper-nsp
NetScreen/Juniper problem
user name
 2006-03-29 11:29:00 
Sorry to reply to self, but further to this we've just
tried to register
this on the Netscreen site which isn't accepting the serial
number we give
it. We can't raise a fault with Juniper until we can
register it... We can't
register because of a fault on the website. We've mailed
supportjuniper.net, is there anyone from J reading that
could contact me so
we can get this registered and go through the normal
channels to raise a
ticket please?

Cheers,
Chris.

> -----Original Message-----
> From: juniper-nsp-bouncespuck.nether.net
[mailto:juniper-nsp-
> bouncespuck.nether.net] On Behalf Of Chris Roberts
> Sent: 28 March 2006 13:44
> To: juniper-nsppuck.nether.net
> Subject: [j-nsp] NetScreen/Juniper problem
> 
> Apologies for anyone also on nnqorbit for this
cross-posting, I figured
> I'd
> post this here now aswell.
> 
> We're trying to get multicast working on a
Juniper/NetScreen 25 running
> ScreenOS 5.3.0r1.0.
> 
> We have PIM-SM successfully established, and the
upstream Cisco route is
> forwarding traffic for the particular multicast group
to the NetScreen
> ethernet3 (Untrust zone/trust-vr) interface. This
interface does not seem
> to
> be recognizing/registering the multicast data traffic:
> Hardware 64-bit counters for interface ethernet3:
> in bytes                 772953924749 |  out bytes
> 1554508676111
> in ucast                   2205056934 |  out ucast
> 3381480232
> in mcast                            0 |  out mcast
> 0
> in bcast                            0 |  out bcast
> 0
> 
> When we debug flow all, with an ffilter setup for our
source, we see the
> following:
> ****** 5250133.0: <Untrust/ethernet3> packet
received [1356]******
>   ipid = 0(0000), c7d44110
>   packet passed sanity check.
>  
ethernet3:132.185.236.60/32783->233.122.227.201/5554,17&l
t;Root>
>   existing session found. sess token 6
>   flow got session.
>   flow session id 25564
>   POLL_DROP_PAK: vlist 0x14337c4, 0x14336e8
>   super fast vector 3
> ****** 5250133.0: <Untrust/ethernet3> packet
received [1356]******
>   ipid = 0(0000), c7d45110
>   packet passed sanity check.
>  
ethernet3:132.185.236.60/32783->233.122.227.201/5554,17&l
t;Root>
>   existing session found. sess token 6
>   flow got session.
>   flow session id 25564
>   POLL_DROP_PAK: vlist 0x14337c4, 0x14336e8
> ****** 5250133.0: <Untrust/ethernet3> packet
received [1356]******
>   ipid = 0(0000), c7d45910
>   packet passed sanity check.
>  
ethernet3:132.185.236.60/32783->233.122.227.201/5554,17&l
t;Root>
>   existing session found. sess token 6
>   flow got session.
>   flow session id 25564
>   POLL_DROP_PAK: vlist 0x14337c4, 0x14336e8
> 
> This leads me to believe we may be dropping this
traffic at the NetScreen?
> Would could this be? We have the following multicast
routes for this
> group:
> (*, 233.122.227.201)  RP 217.154.130.100 02:00:38/-    
    Flags: LF
>   Zone            : Untrust
>   Upstream        : ethernet3           State         
: Joined
>   RPF Neighbor    : 217.154.52.38       Expires       
: 00:00:23
>   Downstream      :
>   ethernet1    02:00:38/-         Join        
233.122.227.201  FC
> 
> (132.185.236.60/27, 233.122.227.201)  
02:00:37/00:02:54  Flags: TLF
>   Zone            : Untrust
>   Upstream        : ethernet3           State         
: Joined
>   RPF Neighbor    : 217.154.52.38       Expires       
: 00:00:24
>   Downstream      :
>   ethernet1    02:00:37/-         Join        
233.122.227.201
> 132.185.236.60 FC
> 
> Which leads me to believe all is okay. Yet no multicast
traffic appearing
> on
> ethernet1.
> 
> I'm pretty sure this must be a bug, can anyone else
shed any light, or
> give
> me any ideas on what else I could check? We have at
times seen a few
> packets
> from this stream passed, but it has been random and
sporadic and only a
> few
> packets.
> 
> Cheers,
> Chris.
> 
> --
> No virus found in this outgoing message.
> Checked by AVG Free Edition.
> Version: 7.1.385 / Virus Database: 268.3.2/293 -
Release Date: 26/03/2006
> 
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsppuck.nether.net
> h
ttp://puck.nether.net/mailman/listinfo/juniper-nsp
> 
> 
> 
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.385 / Virus Database: 268.3.2/293 -
Release Date: 26/03/2006
> 
> 
> --
> No virus found in this incoming message.
> Checked by AVG Free Edition.
> Version: 7.1.385 / Virus Database: 268.3.2/293 -
Release Date: 26/03/2006
> 

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.385 / Virus Database: 268.3.3/295 - Release
Date: 28/03/2006
 

_______________________________________________
juniper-nsp mailing list juniper-nsppuck.nether.net
h
ttp://puck.nether.net/mailman/listinfo/juniper-nsp
[1-2]

about | contact  Other archives ( Real Estate discussion Medical topics )