I have similar Frontier NNI's out of One Wilshire, some 1gig some 10. While I haven't seen the half-IP-reachable issue you describe I have spent days and days chasing performance issues on them. I finally got gig line-rate capable iperf3 boxes at both ends and see distinct differences in single-TCP stream performance vs running 3-4 streams, and the difference disappears like clockwork at "unbusy hours" (1am-7am) every day. After running hundreds of tests and adjusting my buffering and RED on both ends of these circuits I just have come to the conclusion that they have some LAGs somewhere "in the middle" that get busy during the day, and they don't care if I have to run 4 TCP streams to max a 1gig circuit. It makes browser-based speedtests look really bad but otherwise the circuits are usable. We're trying to replace the worst ones with wavelength services. -Will Orton On Fri, Nov 06, 2020 at 08:59:28AM -0800, Jay Hennigan wrote:
We have a strange issue that defies logic. We have a NNI at our POP with Frontier serving as an aggregation circuit with different customers on different VLANs. It's working well to several customers.
Bringing up a new customer shows roughly half of the IP addresses unreachable across the link, as if there's some kind of load-balancing or hashing function that's mis-directing half of the traffic. It's consistent, if an address is reachable it's always reachable. If it's not reachable, it's never reachable. Everything ARPs fine.
The Frontier circuit is layer 2 so shouldn't care about IP addresses. Frontier tech shows no trouble. They changed the RAD device on-premise. We've triple-checked configurations, torn down and rebuilt subinterface, etc. with no joy.
Any suggestions?
-- Jay Hennigan - jay@west.net Network Engineering - CCIE #7880 503 897-8550 - WB6RDV