[dns-operations] ECN & Juniper load balancing breaks TCP queries
Doug Porter
dsp at dsp.name
Thu Aug 31 21:47:26 UTC 2017
On Thu, Aug 31, 2017 at 2:30 AM, O'Hara, Ben <Ben.O'Hara at team.neustar> wrote:
>
> We are using Juniper routers in-front of our anycast dns nodes in some
> locations.
>
> Noticed if the client set the ECN flags in a TCP query the router sends the
> threeway handshake to one node, but the data to a second node which
> correctly sends a RESET.
Some of my coworkers debugged and fixed this recently at Facebook.
Remove type of service/traffic class from your hash key.
<https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/enhanced-hash-key-edit-forwarding-options.html>
--
dsp
More information about the dns-operations
mailing list