Packet Lost When There Are More Than 2 Subnet Set For 3rd-party VPN Device (JunOS12 or higher) In App Network Manager (Doc ID 2213615.1)

Last updated on DECEMBER 13, 2016

Applies to:

Corente Cloud Services Exchange - Version 9.4 and later
Information in this document applies to any platform.

Symptoms

The VPN configuration is CSG with GRE tunnel and has set a partner with a Juniper SRX240H2 (JunOS12). It works well when there are 2 subnets (10.0.0.0/16, 10.1.0.0/16) set on the 3rd-party VPN device in App Network Manager. No packet lost for Oracle Compute Cloud instances to ping customer's on-premise devices through CSG e.g. 10.0.x.x/16.

But when adding any one or more subnets to the 3rd-party VPN device in App Network Manager (e.g. 10.0.0.0/16, 10.1.0.0/16 and 10.3.0.0/16, save and then start). The same ping to 10.0.x.x/16 starts loss packet to up to 80%. The issue is not related to any x of 10.x.0.0/16 subnet added (we tried every x in 0 to 12). Anytime when the quantity of subnet set down back to 2 (no matter what the 2 subnet are), the packet loss stopped (no matter what IP pinged).

Another symptom is that the SAs are being instructed to tear down on the CSG every 5 seconds in /var/log/secure.

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms