Odd router brokenness
mark at amplex.net
Wed Nov 23 11:01:32 CST 2011
On 11/23/11 11:41 AM, Keegan Holley wrote:
> 2011/11/23 Saku Ytti<saku at ytti.fi>
>> On (2011-11-23 09:41 -0500), Mark Radabaugh wrote:
>>> The question is: How does a router break in this manner? It
>>> appears to unintentionally be doing something different with traffic
>>> based on the source address, not the destination address. I
>>> realize this can be done intentionally - but that is not the case
>>> here (unless somebody isn't telling me something).
>> I don't think we can determine that it has anything to do with source
>> address based on data shown.
>> 188.8.131.52 could very well be 6500 and somehow broken adjacency to
>> 184.108.40.206, perhaps hardware adjacency having MTU of 0B, causing punt
>> which is rate-limited by different policer than TTL exceeded policer.
>> Agree. I've seen similar effects with a different ISP who had one side of
> an ether-channel go south without the port showing down. Stuff hashed over
> the good like was fine, stuff hashed over the bad like wasn't. Led to some
> painful support calls from customers. I agree this list is a haven of
> speculation and OT comments. In order to avoid making a bad problem worse
> you should probably contact cogent.
It's fixed at this point. You are correct in that it was quite
painful getting this escalated far enough to get it fixed. The tools
that are available (at least that I know of) to try to prove the issue
to level 1 and 2 support just doesn't get the job done.
It's the eternal problem of convincing L1/2 support that you really have
a problem not of your own making.
More information about the NANOG