No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FAQ-In an Internet Backbone network, why all services are working fine except by DNS sevice

Publication Date:  2012-07-27 Views:  34 Downloads:  0
Issue Description
Q:
This Internet backbone network is formed by four NE40E routers, two as edge routers (EDGE, direclty connected to external ISPs, see attached image) and two distribution routers (DIST, connected to local public networks, see attached image). All services work fine by have been transmitted using BGP routing procol through LPU GigabitEthernet interfaces, except by DNS service which performs slow responds. Why all services are working fine except DNS service?

Alarm Information
Null


Handling Process
A:
  1. DIST routers learn local IP public addresses and import them to BGP, EDGE routers learn those local addresses through BGP as sent them to ISPs. Internet routes are also learned by EDGE routers through BGP and are sent to DIST routers which act as gateway of local devices.
  2. DNS service route comes from a C-Corp firewall, which is learned by DIST routers and is sent to EDGE routers and Internet DNS devices. In this particular case, when the packets return from Internet and reach the EDGE routers, the packets are not been forwarded through BGP because there is an static route that points to firewall network segment, using interface GigabitEthernet 0/0/0, which is the MPU board interface (this route was configured by customer, using management interface G0/0/0 as next-hop interface).
  3. MPU board interface has some forwarding limitation by using MPU-CPU for packets forwarding; R&D has confirmed that this generates some delay and jitter on packets forwarding, also if some high-value of packets for been processed by MPU-CPU is reach, some packets are dropped, generating retransmission from and to firewall.
  4. The static route was removed and on DIST and EDGE routers DNS network segment was configure into BGP, making routers use service paths with LPU intefaces, which counts with NPU for forwarding process and making all service working fine.


Root Cause
Null


Suggestions
Do not use MPU interfaces to forward service packets, this interface purpose is for remote management of routers.


END