Junos
Highlighted
Junos

Re: USP_IF_TOOLKIT: Duplicate attach for ifl_indexXX, flags 3, localaddr 0xXXXXXXXX local_plen 32

[ Edited ]
‎05-16-2020 01:59 PM

Hi Lingabasappa,

 

Thanks a lot for your reply!

 

Regarding logs from commangs, interfaces 0/0/0 and 0/0/1 are electrical, so no any output from them:

 

root@SRXFW> show interfaces diagnostics optics ge0/0/1

 

root@SRXFW> show interfaces diagnostics optics ge0/0/0

 

 

After i deleted DHCP config i lost connection to the internet, so can't wait generating logs and set DHCP back after about 2 minutes

 

Static IP i can get next Monday, so untill this maybe you have suggestions how we can fix this "strange" connection drops, i'm 99% sure that  it's smthg with 0/0/0  (untrust) configuration

 

In the description of this log wrote that this log message is informational and can be ignored, but in my case this log dropping my internet connection for 30 minutes (actually my kids learn remote from home and and these drops affect the connection for ZOOM app)

 

Thanks,

Vadim

Highlighted
Junos

Re: USP_IF_TOOLKIT: Duplicate attach for ifl_indexXX, flags 3, localaddr 0xXXXXXXXX local_plen 32

‎05-16-2020 11:24 PM

Hello Vadim,

Thanks for the reply.

 

Yes, please get a static public IP and delete the "family inet dhcp" from ge-0/0/0 and check for the below logs. I am sure there won't be below logs after deleting. 

 

DH_SVC_SENDMSG_FAILURE: sendmsg() from 37.26.16.219 to port 67 at 37.26.63.129 via interface 73 and routing instance default failed: No route to host

 

Regarding the connection lost to the internet:

 

security {
screen {
ids-option untrust-screen {
icmp {
ping-death;
}
ip {
source-route-option;
tear-drop;
}
tcp {
syn-flood {
alarm-threshold 1024;
attack-threshold 200;
source-threshold 1024;
destination-threshold 2048;
timeout 20;
}
land;
}
}
}

 

 

security-zone untrust {
description Internet;
screen untrust-screen;
interfaces {
ge-0/0/0.0 {
host-inbound-traffic {
system-services {
dhcp;
}
}
}
}
}

 

I see ge-0/0/0 is in the untrust zone, and getting IP from the DHCP and is used to connect to the Internet. Hence, the zone untrust. I see "screen untrust-screen" is also configured for the untrust zone were in its is used to prevent attacks, such as IP address sweeps, port scans, denial of service (DOS) attacks, ICMP, UDP, and SYN floods.

There are chances that the connectivity is being lost due to the above screen ids-option where any of the above is failing and tearing down the connection.

 

https://www.juniper.net/documentation/en_US/junos/topics/topic-map/security-introduction-to-adp.html

 

Once, you get the static IP from ISP, can you check the connectivity, and if the connectivity is lost, disable the  "untrust-screen" from the edit mode for testing and check for the behavior.

deactivate security zones security-zone untrust screen untrust-screen

 

and activate it after some time and observe the behavior.

activate security zones security-zone untrust screen untrust-screen

 

Regarding the below log:

 

May 16 20:59:29 SRXFW USP_IF_TOOLKIT: Duplicate attach for ifl_index72, flags 3, localaddr 0x122bf303 local_plen 32

 

As explained earlier, These messages are seen when an address change occurs on an interface that has an address of the same subnet. In this scenario, the log message only indicates that either a secondary IP address or a duplicate IP address (within the same subnet) has been assigned on an interface due to the Virtual Router Redundancy Protocol (VRRP). The log is usually generated when there is VRRP state change.

The log message is informational and can be ignored.

https://kb.juniper.net/InfoCenter/index?page=content&id=KB35058

 

Let us only concentrate on the "DH_SVC_SENDMSG_FAILURE" log which is due to DHCP:

 

DH_SVC_SENDMSG_FAILURE: sendmsg() from 37.26.16.219 to port 67 at 37.26.63.129 via interface 73 and routing instance default failed: No route to host

 

As per my understanding, you are losing connectivity due to the above log, not because of the " Duplicate attach".

 

Update the thread after the next course of action.

 

I hope this helps. Please mark this post "Accept as solution" if this answers your query.

 

Kudos are always appreciated! Smiley Happy

 

Best Regards,

Lingabasappa H

 

 

 

 

Junos

Re: USP_IF_TOOLKIT: Duplicate attach for ifl_indexXX, flags 3, localaddr 0xXXXXXXXX local_plen 32

[ Edited ]
‎05-16-2020 11:32 PM

Hello Vadim,

 

Also, when I checked the configuration, there is no VRRP configured.

Hence, I think it's safe to suppress the "Duplicate" logs as explained earlier..

 

Kudos are always appreciated! Smiley Happy

 

Best Regards,

Lingabasappa H

Highlighted
Junos

Re: USP_IF_TOOLKIT: Duplicate attach for ifl_indexXX, flags 3, localaddr 0xXXXXXXXX local_plen 32

‎05-17-2020 12:04 AM

Nice explanation Lin 🙂 Smiley Happy

Highlighted
Junos

Re: USP_IF_TOOLKIT: Duplicate attach for ifl_indexXX, flags 3, localaddr 0xXXXXXXXX local_plen 32

‎05-17-2020 01:58 AM

Hi Lingabasappa

 

Thanks a lot for your reply with explanation, i really appreciate your support!

 

My next step is get the static IP from ISP and register it on untrust interface, delete dhcp config on it and check logs

 

Then if logs appear again, i will disable screen untrust-screen and check again

 

Will update you as soon i will get any results

 

Thanks a lot for your support!

 

BR,

Vadim

 

 

Highlighted
Junos

Re: USP_IF_TOOLKIT: Duplicate attach for ifl_indexXX, flags 3, localaddr 0xXXXXXXXX local_plen 32

‎05-17-2020 02:27 AM

Hello Vadim,

 

Thanks for the reply.

 

Yes, you are right in drafting the next plan of action. Once, you get it done, please update the thread.

 

Kudos are always appreciated! Smiley Happy

 

Best Regards,

Lingabasappa H

Highlighted
Junos

Re: USP_IF_TOOLKIT: Duplicate attach for ifl_indexXX, flags 3, localaddr 0xXXXXXXXX local_plen 32

[ Edited ]
‎05-19-2020 04:23 AM

Hi Lingabasappa,

 

Here is some updates regarding this this issue

 

Already got static IP from ISP, through dhcp settings i can get this IP, but when i try to config static, connection is not established

 

I know, that to configure static ip you need just 2 commands

 

set interface ge-0/0/0 unit 0 family inet address (static ip)/26
set routing-options static route 0.0.0.0/0 next-hop (gateway ip)


interfaces {
   ge-0/0/0 {
        unit 0 {
            family inet {
                  address (static ip)/26;

 

routing-options {
        static {
             route 0.0.0.0/0 next-hop (gateway ip);

 

Maybe i missed somthing?

 

 

Regarding these logs, after disable/enable 0/0/0 interface, this log appear but without connection dropping

 

May 18 23:39:46 SRXFW flowd_octeon_hm: appqoe_client_handler: Invalid subtype
May 18 23:39:48 SRXFW USP_IF_TOOLKIT: Duplicate attach for ifl_index75, flags 3, localaddr 0x1228509f local_plen 32
May 18 23:39:48 SRXFW mib2d[2030]: SNMP_TRAP_LINK_DOWN: ifIndex 511, ifAdminStatus down(2), ifOperStatus down(2), ifName ge-0/0/0
May 18 23:39:50 SRXFW JBCM:jbcm_drv_port_stop: port is already down
May 18 23:39:55 SRXFW mgd[27597]: UI_COMMIT_COMPLETED: commit complete

 

May 18 23:41:32 SRXFW flowd_octeon_hm: appqoe_client_handler: Invalid subtype
May 18 23:41:37 SRXFW USP_IF_TOOLKIT: Duplicate attach for ifl_index75, flags 3, localaddr 0xd54ee4b local_plen 32
May 18 23:41:37 SRXFW mib2d[2030]: SNMP_TRAP_LINK_UP: ifIndex 511, ifAdminStatus up(1), ifOperStatus up(1), ifName ge-0/0/0
May 18 23:41:40 SRXFW mgd[27597]: UI_COMMIT_COMPLETED: commit complete

 

 

BR,

Vadim

 

Highlighted
Junos

Re: USP_IF_TOOLKIT: Duplicate attach for ifl_indexXX, flags 3, localaddr 0xXXXXXXXX local_plen 32

‎05-19-2020 05:06 AM

Hello Feratti,

 

Thanks for the reply.

 

set interface ge-0/0/0 unit 0 family inet address (static ip)/26
set routing-options static route 0.0.0.0/0 next-hop (gateway ip)


interfaces {
   ge-0/0/0 {
        unit 0 {
            family inet {
                  address (static ip)/26;

 

routing-options {
        static {
             route 0.0.0.0/0 next-hop (gateway IP);

 

As per my understanding, this config is sufficient for the connection to come up.

 

Check if you are using the correct gateway IP and try pinging the static IP from your device and check if it succeeds?

 

Regarding the Logs:

 

>Below Logs are expected when the interface goes down and comes back up. hence these are expected.

 

May 18 23:39:48 SRXFW mib2d[2030]: SNMP_TRAP_LINK_DOWN: ifIndex 511, ifAdminStatus down(2), ifOperStatus down(2), ifName ge-0/0/0
May 18 23:39:50 SRXFW JBCM:jbcm_drv_port_stop: port is already down

May 18 23:41:37 SRXFW mib2d[2030]: SNMP_TRAP_LINK_UP: ifIndex 511, ifAdminStatus up(1), ifOperStatus up(1), ifName ge-0/0/0

 

Regarding Duplicate Logs:

 

May 18 23:39:48 SRXFW USP_IF_TOOLKIT: Duplicate attach for ifl_index75, flags 3, localaddr 0x1228509f local_plen 32

 

>As informed earlier, these messages are seen when an address change occurs on an interface that has an address of the same subnet. In this scenario, the log message only indicates that either a secondary IP address or a duplicate IP address (within the same subnet) has been assigned on an interface due to the Virtual Router Redundancy Protocol (VRRP). The log is usually generated when there is VRRP state change.

The log message is informational and can be ignored.

https://kb.juniper.net/InfoCenter/index?page=content&id=KB35058

 

user@lab-re0# show system syslog user * {
    any emergency;
} file messages {
    any notice;
    match "!(.*Duplicate.*)";
}

 

Please perform the above activity and suppress the duplicate logs as they are just informational and inorder to avoid confusion.

 

Our main focus should be on below logs:

 

SRXFW jdhcpd: DH_SVC_SENDMSG_FAILURE: sendmsg() from 185.40.158.210 to port 67 at 37.26.63.129 via interface 72 and routing instance default failed: No route to host

 

Are you seeing the above logs on the device now after removing the "family inet dhcp"?

 

I hope this helps. Please mark this post "Accept as solution" if this answers your query.

 

Kudos are always appreciated! Smiley Happy

 

Best Regards,

Lingabasappa H

Highlighted
Junos

Re: USP_IF_TOOLKIT: Duplicate attach for ifl_indexXX, flags 3, localaddr 0xXXXXXXXX local_plen 32

‎05-19-2020 01:45 PM

Hi Lingabasappa

Thanks a lot for reply!

 

Done with syslog config, log "Duplicate" disapeared

syslog {
archive size 100k files 3;
user * {
any emergency;
}
file messages {
any notice;
authorization info;
match "!(.*Duplicate.*)";
}
file interactive-commands {
interactive-commands any;
}
}

 

 

Regarding Static IP, still have problem with connection, after setting from DHCP to Static IP my connection breaks down, cant ping any ip, GW also

 

Here is config of interface, NAT, security-zone untrust

 

nat {
source {
rule-set From_Internal_To_Outside {
from zone [ Zone01 Zone02 Zone03 Zone04 ];
to zone untrust;
rule From_Internal_to_Outside {
description From_Internal_to_Outside;
match {
source-address 0.0.0.0/0;
destination-address 0.0.0.0/0;
}
then {
source-nat {
interface;

 

 

security-zone untrust {
description Internet;
screen untrust-screen;

 


interfaces {
ge-0/0/0.0 {
host-inbound-traffic {
system-services {
dhcp;


interfaces {
ge-0/0/0 {
unit 0 {
family inet {
address xx.xx.xx.xx/26;
}

 

 

No any logs regarding SRXFW jdhcpd: DH_SVC_SENDMSG_FAILURE: , connection good without drops, but i still cant test it with static IP config, only 'Static through DHCP' settings like:

 

interfaces {
ge-0/0/0 {
unit 0 {
family inet {
dhcp;

 

 

 

Br,

Vadim

 

 

Highlighted
Junos

Re: USP_IF_TOOLKIT: Duplicate attach for ifl_indexXX, flags 3, localaddr 0xXXXXXXXX local_plen 32

‎05-20-2020 07:51 PM

Hello Vadim,

 

Thanks for the reply.

 

As we have successfully achieved the stopping of the "Duplicate" and "DH_SVC_SENDMSG_FAILURE:" logs.

 

Regarding the Static IP,

Can you check the gateway Ip you are using as Next-Hop is correct?

 

Check the address by doing a "show route <address>". Use Static IP and gateway IP in address and check.

Also, use "traceroute <address>" to check where the actual issue is.

If the issue is still not resolved, you can check with the ISP if they can help.

 

The main agenda of this forum post was to suppress the logs, which we have achieved it.

 

I hope this helps. Please mark this post "Accept as solution" if this answers your query.

 

Kudos are always appreciated! Smiley Happy

 

Best Regards,

Lingabasappa H

 

 

Highlighted
Junos
Solution
Accepted by topic author feratti
‎05-21-2020 12:53 AM

Re: USP_IF_TOOLKIT: Duplicate attach for ifl_indexXX, flags 3, localaddr 0xXXXXXXXX local_plen 32

‎05-20-2020 07:58 PM

Also, please check the below links for configuring and verifying the  static routes:

 

https://www.juniper.net/documentation/en_US/junos/topics/example/routing-protocol-static-security-ba...

 

Configuring Static Route Preferences and Qualified Next Hops to Control Static Route Selection

 

https://www.juniper.net/documentation/en_US/junos/topics/example/routing-protocol-static-security-ro...

 

I hope this helps. Please mark this post "Accept as solution" if this answers your query.

 

Kudos are always appreciated! Smiley Happy

 

Best Regards,

Lingabasappa H

 

Highlighted
Junos

Re: USP_IF_TOOLKIT: Duplicate attach for ifl_indexXX, flags 3, localaddr 0xXXXXXXXX local_plen 32

‎05-21-2020 12:52 AM

Hi Lingabasappa

 

Thanks a lot for your reply!

 

You are absolutely right, logs are disapeared, connection already 3 days is stable.

 

Regarding static IP, i rent IP which allocated by ISP's billing system (/26) that is why i cant set it on the interface
I need /30 static IP from ISP, which much more expensive

 

I will test connection couple of weeks anyway with my existing configuration.

 

Thank you very much for the great support

 

BR,

Vadim

 

 

 

Highlighted
Junos

Re: USP_IF_TOOLKIT: Duplicate attach for ifl_indexXX, flags 3, localaddr 0xXXXXXXXX local_plen 32

‎05-21-2020 12:58 AM

Hello Vadim,

 

Thanks for accepting my solution.

Its been extreme pleasure working with you. I am glad that the issue is resolved.

Have a Great day.

 

 

Best Regards,

Lingu

Feedback