Does anyone have any suggestions for how to investigate what looks like
certain paths of inter-virtual-router layer 3 switching (routing, via
routes leaked into the VR) on a Juniper EX4600 (and I'd guess QFX5100)
being sent via the supervisor CPU? Searching online turns up lots of
advice for investigating, eg, "process switching" on Cisco (eg,
http://www.cisco.com/c/en/us/support/docs/ios-nx-os-software/ios-software-releases-121-mainline/12809-tuning.html#process_level),
but I'm not finding much documented for Juniper :-(
From the customer point of view the most obvious symptom is
approximately 10-20 ms additional latency on a local routed path (VLAN A
on VR 1 to VLAN B on VR 2), but apparently only in one direction (ie, if
we bypass the EX4600 in the problematic direction then it "seems to be
okay". It happens even when there's basically no traffic (eg, under
1Mbps on a 1Gbps link), and only a couple of dozen devices on each VLAN.
(At times we've seen the latency as high as 1000+ ms -- so over 1s,
for local traffic -- but that was at a busier site.)
From an internal point of view, the most obvious symptom is that the
forwarding-options analzyer shows ingress/egress on one of the VLANs,
but only ingress on the other VLAN; and "monitor traffic ..." shows only
the missing egress traffic. Since I'd understood "monitor traffic" to
only see traffic that goes via the supervisor CPU, I'm starting to
wonder if the latency is coming due to the packet flow in that direction
going through the processor CPU -- for some unknown reason.
This is happening at two sites, but they're basically identical EX4600s
facing basically identical switches, and equivalently configured routing
instances in each. The two VLANs are sub-interfaces on the same
aggregation (ae1) to the same switch, so it's sort of hairpinned, but
via leaked static routes in the two routing instances. The on-VLAN
hardware at each site is pretty similar too. So we're guessing the
cause is the same, but don't know what it is. We've already tried
testing with the aggregation down to a single link, and it appears to
make no difference. We've also forced ethernet flow control off at both
ends, without making a difference.
Any thoughts, particularly to see what path through the EX4600 packets
are taking, welcomed. Or documentation for how the EX4600/QFX5100
packet forwarding engine architecture works (I can find M/T/MX
documents, but not the one I want...).
Thanks,
Ewen
_______________________________________________
NZNOG mailing list
[email protected]
https://list.waikato.ac.nz/mailman/listinfo/nznog
