Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[MX] RSVP inter-op between 16.1R4-S2.2 and 17.4R3-S1.2

0

0

Article ID: KB37076 KB Last Updated: 11 Oct 2021Version: 1.0
Summary:

RSVP neighbor and RSVP session flaps are seen between MX nodes running Junos 16.x and 17.x.

Symptoms:

Two nodes have periodic RSVP neighbor flaps:

16.1R4-S2.2       <>  17.4R3-S1.2
router-A          <>  Router-B
172.27.15.194     <>  172.27.15.198


On Junos 16.x, the neighbor state is recorded as Up/Down count. The Rx message count is less than Tx msgcount.
On Junos 17.x, the neighbor state stays in Idle state and times out before repeating. The Rx message count is less than Tx msg count
The session "172.27.15.198:dt-rsvp-FULL-MESH" shows flap.
 

router-A> show rsvp neighbor
RSVP neighbor: 6 learned
Address            Idle Up/Dn LastChange HelloInt HelloTx/Rx MsgRcvd
172.27.15.198         0 18252/18251       2:48        9 411680/365039 0
172.27.15.199         0 18252/18251       2:27        9 412155/365412 0

====
Address: 172.27.15.198 status: Up (Remote Node neighbor)
Last changed time: 2:46, Idle: 0 sec, Up cnt: 18254, Down cnt: 18253
Message received: 0
Hello: sent 411725, received: 365079, interval: 9 sec
Remote instance: 0xd52a1105, Local instance: 0x24cbd7b
Refresh reduction:  operational
Remote end: enabled, Ack-extension: enabled
Enhanced FRR: Enabled
LSPs (total 2): Phop 0, PPhop 0, Nhop 0, NNhop 2
====

router-B> show rsvp neighbor
RSVP neighbor: 6 learned
Address            Idle Up/Dn LastChange HelloInt HelloTx/Rx MsgRcvd
172.27.15.194      1:35  0/0        1:35        9 1227342/746585 0
172.27.15.195      1:10  0/0        1:13        9 1366996/885661 50

router-B> show rsvp neighbor detail
RSVP neighbor: 6 learned
Address: 172.27.15.194 status: Down (Remote Node neighbor)
Last changed time: 2:58, Idle: 2:55 sec, Up cnt: 0, Down cnt: 0
Message received: 0
Hello: sent 1227331, received: 746585, interval: 9 sec
Remote instance: 0x0, Local instance: 0xd52a1105
Refresh reduction:  not operational
Remote end: disabled, Ack-extension: disabled
Enhanced FRR: Disabled
Cause:

Output shows node hellos are enabled by default:

router-A> show rsvp version
Resource ReSerVation Protocol, version 1. rfc2205
RSVP protocol: Enabled
R(refresh timer): 1200 seconds
K(keep multiplier): 3
RSVP Node-ID based Hello: Enabled
RSVP Hello acknowledgements: Enabled
Preemption: Normal
Soft-preemption cleanup: 30 seconds
Graceful deletion timeout: 30 seconds
Solution:

Node hello’s are enabled by-default from Junos 16.1 which is formed between the loopback of PLR and merge point. If authentication is required, it should use the global authentication  parameter. If global authentication is not configured, it will use the interface authentication key.  But since the packet is destined for remote loopback, it ends up failing authentication.

Remove the interface authentication or configuring the same global authentication key on both peers. In the following example, global authentication is configured and the RSVP session remained stable.

router-A# set protocols rsvp authentication-key <authentication-key>
 

Refer to the following document for guidance on how to enable the rsvp authentication globally, such as at the “edit protocol rsvp” hierarchy level:

  • authentication-key (Protocols RSVP)

    "Authentication key (password): Neighboring routers use the password to verify the authenticity of packets sent from this interface or peer interface. To authenticate node hellos or remote messages between the Point of Local Repair (PLR) to the Merge Point (MP), enable authentication-key at the [edit protocols rsvp] hierarchy  level."

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search