Inconsistent Paths for Incoming and Outgoing Traffic Lead to a Failure to Access the Server

Publication Date:  2014-01-06 Views:  251 Downloads:  0
Issue Description
An SRG20 connects to a telecom PPPoE link, and a USG5320 connects to a telecom optical fiber. China Telecom provides one IP address for the SRG20 and USG5320. The USG5320 uses the fixed IP address 1.1.1.1 to map an internal server, and the data to the server is returned to the public network from the SRG20. Session-based link status detection is disabled on the SRG20 and USG5320. Traffic from the public network fails to reach the server. If the route back to the public network is changed to the optical fiber, the fault is rectified. 
Alarm Information
None
Handling Process
Collect traffic statistics on the USG5320 and SRG20 to check whether packets are lost.
Traffic statistics on the USG5320 are as follows:
Protocol(TCP) SourceIp(192.168.3.10) DestinationIp(180.169.105.45) 
SourcePort(80) DestinationPort(6575) VpnIndex(public) 
           Receive           Forward           Discard 
Obverse : 3          pkt(s) 3          pkt(s) 0         pkt(s) 
Reverse : 0          pkt(s) 0          pkt(s) 0          pkt(s)

Traffic statistics on the SRG20 are as follows:
Protocol(TCP) SourceIp(1.1.1.1) DestinationIp(180.169.105.45) 
SourcePort(80) DestinationPort(6575) VpnIndex(public) 
           Receive           Forward           Discard 
Obverse : 3          pkt(s) 3          pkt(s) 0         pkt(s) 
Reverse : 0          pkt(s) 0          pkt(s) 0          pkt(s)

No packets loss occurs on Huawei devices. Instruct the customer to configure policy-based routing to make data traffic return in the same path as traffic is sent.
Root Cause
1. Packets are lost on the SRG20 and USG5320.
2. Packets are lost on carrier devices.
Suggestions
This is a method for troubleshooting the fault when services are interrupted due to inconsistent paths for incoming and outgoing traffic.

END