Link to home
Start Free TrialLog in
Avatar of FireBall
FireBall

asked on

SRX routing problem

User generated image
We are using policy based routing  for to send udp traffic from different route
We have started a TCPdump on cent os server and realize that traffic succesfully arriving to the cent os from expected route
And it is answering it

19:27:15.218635 IP (tos 0x0, ttl 118, id 11236, offset 0, flags [none], proto: UDP (17), length: 62) 88.236.126.6.59836 > 185.9.157.18.9987: UDP, length 34
19:27:15.218831 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: UDP (17), length: 60) 185.9.157.18.9987 > 88.236.126.6.59836: UDP, length 32
19:27:15.221301 IP (tos 0x0, ttl 118, id 11237, offset 0, flags [none], proto: UDP (17), length: 207) 88.236.126.6.59836 > 185.9.157.18.9987: UDP, length 179
19:27:15.791476 IP (tos 0x0, ttl 118, id 11241, offset 0, flags [none], proto: UDP (17), length: 62) 88.236.126.6.59836 > 185.9.157.18.9987: UDP, length 34
19:27:15.791568 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: UDP (17), length: 60) 185.9.157.18.9987 > 88.236.126.6.59836: UDP, length 32
19:27:15.794575 IP (tos 0x0, ttl 118, id 11242, offset 0, flags [none], proto: UDP (17), length: 207) 88.236.126.6.59836 > 185.9.157.18.9987: UDP, length 179
19:27:16.491439 IP (tos 0x0, ttl 118, id 11247, offset 0, flags [none], proto: UDP (17), length: 62) 88.236.126.6.59836 > 185.9.157.18.9987: UDP, length 34
19:27:16.491498 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: UDP (17), length: 60) 185.9.157.18.9987 > 88.236.126.6.59836: UDP, length 32
19:27:16.494480 IP (tos 0x0, ttl 118, id 11248, offset 0, flags [none], proto: UDP (17), length: 207) 88.236.126.6.59836 > 185.9.157.18.9987: UDP, length 179
19:27:17.491905 IP (tos 0x0, ttl 118, id 11251, offset 0, flags [none], proto: UDP (17), length: 62) 88.236.126.6.59836 > 185.9.157.18.9987: UDP, length 34
19:27:17.492084 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: UDP (17), length: 60) 185.9.157.18.9987 > 88.236.126.6.59836: UDP, length 32
19:27:17.494781 IP (tos 0x0, ttl 118, id 11252, offset 0, flags [none], proto: UDP (17), length: 207) 88.236.126.6.59836 > 185.9.157.18.9987: UDP, length 179
19:27:18.791610 IP (tos 0x0, ttl 118, id 11266, offset 0, flags [none], proto: UDP (17), length: 62) 88.236.126.6.59836 > 185.9.157.18.9987: UDP, length 34
19:27:18.791708 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: UDP (17), length: 60) 185.9.157.18.9987 > 88.236.126.6.59836: UDP, length 32
19:27:18.893045 IP (tos 0x0, ttl 118, id 11269, offset 0, flags [none], proto: UDP (17), length: 207) 88.236.126.6.59836 > 185.9.157.18.9987: UDP, length 179

Open in new window



We put counters to trace udp traffic for 185.9.157.18 and udp answers arrive to the srx from xe-1/0/1 as expected but not go outside from any where on the device 


Filter: Bloker2
Counters:
Name                                                Bytes              Packets
UDPFROMxe102                                1200                   20
Filter: Bloker3
Counters:
Name                                                Bytes              Packets
UDPTOXE101                                             5385                   40

Open in new window



and there is no output
no IDS log on screens
when i change tcp and udp traffic routings to the opposite it is working perfectly
Whenever i put to udp traffic to different uplink then main gateway'a L3 port it is stopping


what should be the problem ?
Avatar of Rafael
Rafael
Flag of United States of America image
What does your route table look like ? Are you able to post it ? Please do.

HTH
-Rafael
ASKER CERTIFIED SOLUTION
Avatar of FireBall
FireBall
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Rafael
Rafael
Flag of United States of America image
OK. Glad it worked out.

Don't forget to close your request for help.

HTH
-Rafael
Avatar of FireBall
FireBall

ASKER

Delete