Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX] When route load-balancing is configured, what is the source IP address for self-initiated traffic?

0

0

Article ID: KB33545 KB Last Updated: 12 Jan 2019Version: 1.0
Summary:

This article attempts to answer the following question: what is the source IP address for self-initiated traffic when route load-balancing is configured on SRX devices?

 

Symptoms:

Given:

  • Route load-balancing is already configured. To see an example of load-balancing BGP traffic, refer to Example: Load Balancing BGP Traffic.

  • The SRX device is configured with a lo0 interface that has an IP address.

  • Traffic is initiated from the SRX device towards a route for which load-balancing is configured.

 

Example

The following is an example topology to demonstrate the solution. Here the SRX device has BGP neighborship with Router1 and Router2. The route for IP address 10.0.0.1 on the SRX device is of equal cost towards both BGP neighbors, and is load-balanced on the SRX device.

Setup Output

 
ge-0/0/1.0              up    up   inet     1.1.1.1/24
ge-0/0/2.0              up    up   inet     2.2.2.1/24
lo0.0                   up    up   inet     10.10.10.10         --> 0/0

---------------------------

>run show route 10.0.0.1 

inet.0: 7 destinations, 8 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.0.0.1/32        *[BGP/170] 02:21:24, localpref 100, from 1.1.1.2
                      AS path: 1112 I, validation-state: unverified
                    >  to 1.1.1.2 via ge-0/0/1.0

                    [BGP/170] 01:37:13, localpref 100
                      AS path: 1112 I, validation-state: unverified
                    > to 2.2.2.2 via ge-0/0/2.0
 

Forwarding Table

 
Destination     Type     RtRef  Next hop   Type   Index   NhRef  Netif
10.0.0.1/32     user    0                 ulst   262142  2
                               1.1.1.2    ucst   1286    3      ge-0/0/1.0
                               2.2.2.2    ucst   1328    3      ge-0/0/2.0

 

Solution:
  1. When the lo0 interface is configured with an IP address and self-initiated traffic is generated, the traffic will have the source IP address of the lo0 interface always unless any other source IP address is specified, and it may take any of two routes:

>ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1): 56 data bytes

​Session ID: 451, Policy name: self-traffic-policy/1, Timeout: 50, Valid
In: 10.10.10.10/0 --> 10.0.0.1/3606;icmp, Conn Tag: 0x0, If: .local..0, Pkts: 1, Bytes: 84,  <<<<<<Source address of lo0
Out: 10.0.0.1/3606 --> 10.10.10.10/0;icmp, Conn Tag: 0x0, If: ge-0/0/2.0, Pkts: 0, Bytes: 0,                   
  1. When the lo0 interface does not have an IP address configured, the traffic may choose any of two routes and the source IP address of the egress interface. In this case, the behavior cannot be predicted.

Note: The above applies for all self-initiated traffic, including logging, IDP, download and so on, unless a specific source address is specified in the configuration.

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search