We are continuing to monitor for any further issues.
Posted Nov 03, 2023 - 04:03 GMT-03:00
Update
Defective device: Juniper MX cr-1 POP: Equinix SP4 Severity: Major
PROBLEM RFO
We identified a network packetloss failure today, 02/11/2023 ~08:00 AM (GMT/UTC-3), causing UDP and TCP discards.
Initially, we suspected of a Layer2 core-switch causing this issue due to hashing/LACP aggregation bottleneck, but after investigation, we discovered these issues was been caused by JunOS Flowspec ACL Rules.
BGP FlowSpec: Flow rule to redirect traffic to other VRF creates continuous loop when again routed back with static route and next table inet.0/original_vrf.inet.0.
this is because traffic again hits the FLOW SPEC rule and this create a end less loop till TTL expires.
this configuration is not support on Junos.
WORKAROUND
BGP FlowSpec: Flow rule to redirect traffic to other VRF can be routed back to orginal VRF with the help of loopback cable with one on orginal VRF and other on redirected VRF also we need to have static route on redirected VRF with next hop of IP configured on the end on original VRF
A fix has been implemented and we are monitoring the results.
Posted Nov 02, 2023 - 14:33 GMT-03:00
Investigating
We are currently investigating this issue. Some clients reported issues with packet drops / traffic intermitance. A Juniper TAC was opened for this case.
Posted Nov 02, 2023 - 11:27 GMT-03:00
This incident affected: South America (São Paulo).