SRX Services Gateway
Reply
Visitor
xxxmen
Posts: 6
Registered: ‎03-06-2012
0
Accepted Solution

What is wrong with my PPPOE configuration

It is so wierd, with this configuration, some PC on my LAN can go to the internet , but some only can go to google and bing site (ping, nsookup is ok). They can use google search for something, but when click on the result link , it takes ...very long wait and then no page is display...: -(

Yesterday, it happened to my laptop too, even though days before i can go to the internet without any problem.

Could some one give me some help for this ?

Thanks

 

Note:

The PCs , laptops (have problems ) have no issues if I connect them to networks other than my LAN

Attached file is the configuration on my SRX 240

Recognized Expert
ronf
Posts: 229
Registered: ‎04-04-2011
0

Re: What is wrong with my PPPOE configuration

That sounds much like an MTU issue. You might try using either ping with various sizes, or the mturoute.exe utility to try to see if you can pinpoint the issue. Ron
JNCIE-SEC #127
Visitor
xxxmen
Posts: 6
Registered: ‎03-06-2012
0

Re: What is wrong with my PPPOE configuration

Thanks for your advice.

Iam a noob on Juniper box, so if it is a MTU issue -> what is the solutions ?

Super Contributor
johnrbaker
Posts: 210
Registered: ‎02-17-2011
0

Re: What is wrong with my PPPOE configuration

 
Super Contributor
johnrbaker
Posts: 210
Registered: ‎02-17-2011
0

Re: What is wrong with my PPPOE configuration

Hi

 

Remove the router 192.168.1.1 from your DHCP config, as this can stop the PPPOE DHCP allocation.

 

 

dhcp {
            pool 172.16.20.0/24 {
                address-range low 172.16.20.150 high 172.16.20.200;
                name-server {
                    8.8.8.8;
                }
                router {
                    172.16.20.1;
                }
                propagate-settings vlan.20;
            }
            pool 172.16.30.0/24 {
                address-range low 172.16.30.150 high 172.16.30.200;
                name-server {
                    8.8.8.8;
                }
                router {
                    172.16.30.1;
                }
                propagate-settings vlan.30;
            }
            propagate-settings ge-0/0/0.0;
        }

 

 

Here is my snippet from my PP0 config

 

    pp0 {
        unit 0 {
            ppp-options {
                chap {
                    default-chap-secret "PPPOE PASSWORD";
                    local-name "PPPOE  USERNAME";
                    passive;
                }
            }
            pppoe-options {
                underlying-interface ge--0/0/0.0;
                idle-timeout 0;
                auto-reconnect 5;
                client;
            }
            family inet {
                mtu 1492;
                negotiate-address;
            }
        }
    }

 

 

Super Contributor
johnrbaker
Posts: 210
Registered: ‎02-17-2011
0

Re: What is wrong with my PPPOE configuration

I noticed an error in my last post  "underlying-interface ge--0/0/0.0;" should be "underlying-interface ge-0/0/0.0;"

Visitor
rbevaart
Posts: 3
Registered: ‎07-26-2011
0

Re: What is wrong with my PPPOE configuration

Definately sounds like an MTU problem. You could try to lower the MTU from 1492 to something lower and check if the problem disappears? Try to find the correct MTU using ping as previously suggested by the other poster.

Recognized Expert
wimclend
Posts: 275
Registered: ‎04-03-2009
0

Re: What is wrong with my PPPOE configuration

to have the SRX modify the TCP MSS settings to alleviate the slow loading, etc, you can use the command:

 

set security flow tcp-mss all-tcp mss 1350

 

1350 is a starting point, you can fiddle with the numbers to find what works best, but iirc 1350 is a good starting point.

 

will

Visitor
xxxmen
Posts: 6
Registered: ‎03-06-2012
0

Re: What is wrong with my PPPOE configuration

[ Edited ]

Hi all,

 

At last problem is solved, it is MTU size issue as RON, RBEVAART, WIMCLEND identified.

By the way, just thing that make me confused.

- On my draytek router (default MTU: 1438), and this router is configured to be PPPOE client -> every one behind this runs OK

- But when I configured my SRX 240 to be PPPOE client with MTU: 1438 -> MTU issue happened ... :-(. I used ping to identify the optimal setting for MTU size -> it is 1272. Things work perfect.

Any explanation for this

 

Anyway, thank you all for helping to resolve my MTU issue.

 

 

Recognized Expert
ronf
Posts: 229
Registered: ‎04-04-2011
0

Re: What is wrong with my PPPOE configuration

Juniper MTU settings, unlike many vendors, include the frame size. So to set the MTU so that there can be a 1500-byte payload, you actually make the setting 1514 on JunOS devices. Technically more correct, but very confusing because everyone else uses the payload size as the setting. Ron
JNCIE-SEC #127
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.