Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

LTE disconnections occur when external syslog server is sourced from 10.0.0.x

0

0

Article ID: KB37613 KB Last Updated: 22 Oct 2021Version: 1.0
Summary:

On SRX branch series, when we apply the 10.0.0.x as a external syslog server source-address under the configuration, the LTE connection starts flapping continuously.

Symptoms:

The LTE keeps disconnecting as seen in mlte debug logs:

[Mon Aug 23 19:58:56.243 LOG: Info] LTE event: SIM 1 disconnected, reason: generic-unspecified cm  (1,3,1028).
Cause:

Even though there is a source NAT rule in place, the syslog packets (port 514) originating from the source-address 10.0.0.x are not performing NAT. So the internal IP packets are reaching the LTE operator which results in dropping the LTE connection, since it is expecting public IPs to work with.

This occurs because the LTE module has a control interface on 10.0.0.x:

# ifconfig
. . .
eth0.4093 Link encap:Ethernet  HWaddr 00:00:02:03:04:05
          inet addr:10.0.0.2  Bcast:10.0.0.255  Mask:255.255.255.0
Find below the packet capture on the dl0 interface.

LTE disconnection:
==================
18           2021-08-10 21:20:06.215997       10.0.0.1               172.16.48.40      LOCAL4.ERR: Aug 10 21:20:05 dor2-fc-edg      0x387c (14460)  JuniperN_c2:b1:95           JuniperN_c2:b1:94           514               Syslog    514        137        101       
19           2021-08-10 21:20:06.216023       10.0.0.1               172.16.53.69      LOCAL4.ERR: Aug 10 21:20:06 dor2-fc-edg      0x387e (14462)  JuniperN_c2:b1:95           JuniperN_c2:b1:94           514               Syslog    514        127        91          
Solution:

When using any IP address that is not part of 10.0.0.x, the LTE disconnection stops.

user@router# show system syslog

host 172.22.30.1 {
    any notice;
}
host 172.22.56.1 {
    any notice;
}
source-address 10.0.4.1; 

Once the syslog source-address is changed to non 10.0.0.x (10.0.4.1), the syslog packets starts getting NATed to the LTE IP address without LTE disconnection. 
166.147.178.231 is the assigned ISP LTE IP address
53           2021-08-10 21:36:55.208239       166.147.178.231              172.16.53.69               AUTH.NOTICE: Aug 10 21:36:55 dor2-fc-edg-       0x7419 (29721)  JuniperN_c2:b1:95               JuniperN_c2:b1:94           514        Syslog    514        186        150        
54           2021-08-10 21:36:55.208382       166.147.178.231              172.16.48.40               AUTH.NOTICE: Aug 10 21:36:55 dor2-fc-edg-       0x741a (29722)  JuniperN_c2:b1:95               JuniperN_c2:b1:94           514        Syslog    514        186        150        

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search