Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[Subscriber Management] Subscribers are unable to login due to 'clientAddRoute: Route prefix exists'

0

0

Article ID: KB31799 KB Last Updated: 30 May 2017Version: 1.0
Summary:

This article describes a  scenario where the subscriber/CPE fails to establish a PPPoE session when running an Enhanced Subscriber Management build starting from Junos 15.1R3 and higher, which is a next-generation broadband edge software architecture for Subscriber Management.

Symptoms:

In the following scenario, two CPEs are installed for redundancy purposes. Both CPEs are getting different IP addresses but have the same Framed-Route.  As a result, one CPE is able to connect while the other fails to connect.

The following attributes were sent by radius for both the subscriber.

May 19 18:52:31.527601 radius-access-accept: Framed-Route received: 198.19.23.0/29 198.19.22.5 1 <-- Subscriber A
May 19 18:54:31.626908 radius-access-accept: Framed-Route received: 198.19.23.0/29 198.19.22.6 5 <-- Subscriber B

Configuration

jtac@ERX-MX960-II-RE0# show groups rnayar-AGC dynamic-profiles PPPOE
interfaces {
    pp0 {
        unit "$junos-interface-unit" {
            no-traps;
            ppp-options {
                pap;
            }
            pppoe-options {
                underlying-interface "$junos-underlying-interface";
                server;
            }
            keepalives interval 30;
            family inet {
                unnumbered-address lo0.0;
            }
        }
    }
}
routing-options {
    access {
        route $junos-framed-route-ip-address-prefix {
            next-hop "$junos-framed-route-nexthop";
            metric "$junos-framed-route-cost";
            preference "$junos-framed-route-distance";
            tag "$junos-framed-route-tag";
        }
    }

Subscriber-A

Subscriber is able to connect successfully.

jtac@ERX-MX960-II-RE0# run show subscribers extensive
Type: PPPoE
User Name: rnayar-xtac1
IP Address: 198.19.22.5
IP Netmask: 255.255.255.255
Logical System: default
Routing Instance: default
Interface: pp0.3221225873
Interface type: Dynamic
Underlying Interface: xe-8/0/0.1661
Dynamic Profile Name: PPPOE
Dynamic Profile Version: 1
MAC Address: 00:13:01:00:00:01
State: Active
Radius Accounting ID: 422
Session ID: 422
PFE Flow ID: 483
VLAN Id: 1661
Login Time: 2017-05-19 18:52:31 IST
Dynamic configuration:
  junos-framed-route-ip-address-prefix: 198.19.23.0/29
      junos-framed-route-nexthop: 0.0.0.0
          junos-framed-route-cost: 1
 
 
jtac@ERX-MX960-II-RE0# run show system subscriber-management route prefix 198.19.23.0/29
 
Route:  198.19.23.0/29
     Routing-instance:         default:default
     Kernel rt-table id :      0
     Family:                   AF_INET
     Route Type:               Access
     Protocol Type:            (null)
     Interface:                pp0.3221225873
     Interface index:          483
     Internal Interface index: 483
     Route index:              317
     Next-Hop:                 597
     Reference-count:          1
     L2 Address:               00:13:01:00:00:01
     Flags:                    0x100000
     Dirty Flags:              0x0
 

Subscriber-B

Subscriber failed to connect as bbe-smgd daemon sends NACK with following the error message:

ERR: clientAddRoute: Route prefix exists. routeIndex 317, 198.19.23.0/29
ERR: bbe_route_dprof_add_cb: dprof_send_nack() for FRAMED_ROUTE_CONFIG for request id: 10038, error route add error
Cause:

Upon debugging the error condition, it was noticed that bbe-smgd is rejecting the subscriber due to duplicate Framed-Route.

AAA

May 19 18:54:31.626832 radius-access-accept: Framed-IP-Address received: 198.19.22.6
May 19 18:54:31.626846 processRadiusAttrib22: wholeString: [198.19.23.0/29 198.19.22.6 5]
May 19 18:54:31.626879 processRadiusAttrib22: Attribute 22 missing nextHop, using default [0.0.0.0]
May 19 18:54:31.626890 processRadiusAttrib22: Received FR Attributes
May 19 18:54:31.626908 radius-access-accept: Framed-Route received: 198.19.23.0/29 198.19.22.6 5
May 19 18:54:31.626924 Framework - module(radius) return: SUCCESS 
May 19 18:54:31.626935 authd_advance_module_for_aaa_response_msg: result:2

BBE-SMGD

May 19 18:54:31 bbe_route_framed_create_framed_config:130 IPv4 framed-route profile name PPPOE$$01
May 19 18:54:31 bbe_route_dprof_create_framed_full_config:Framed route IPV4 dprof_af IPV4 prefixLen = 29, value = 198.19.23.0
May 19 18:54:31 bbe_route_framed_save_next_hop: next-hop address 0.0.0.0
May 19 18:54:31 bbe_route_dprof_create_framed_full_config: route metric 5 being used for prefix 198.19.23.0 profile PPPOE$$01
May 19 18:54:31 bbe_route_dprof_create_framed_full_config: dprof_get_int32 FAILED for route preference PPPOE$$01 error 17
May 19 18:54:31 bbe_route_dprof_create_framed_full_config: dprof_get_int32 FAILED for route tag PPPOE$$01 error 17
May 19 18:54:31 clientAddRoute: 198.19.23.0/29, lsri default:default, flags 0x00100000, iff 0xd4c82f8, nhGwType 1
May 19 18:54:31 ERR: clientAddRoute: Route prefix exists. routeIndex 317, 198.19.23.0/29
May 19 18:54:31 ERR: bbe_route_add_framed_route: Failed to add framed route for 198.19.23.0/29, error route add error
May 19 18:54:31 bbe_route_add_framed_config: Failed to add all framed routes 198.19.23.0/29 for ifl pp0.3221225874, error route add error
May 19 18:54:31 bbe_route_config_dprof_find:517 Route config db
May 19 18:54:31 ERR: bbe_route_dprof_add_cb: dprof_send_nack() for FRAMED_ROUTE_CONFIG for request id: 10038, error route add error
May 19 18:54:31 dprof_build_and_send_response: NACK from ROUTE sent for request: 10038, error: 13
Solution:

Next Generation Subscriber Management handling is functioning as designed when a duplicate prefix is configured. The second identical prefix/prefix_len will fail. In earlier releases, even if the route duplication was allowed for add, only one route would be added to the route table.


 
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search