Hi all,
I'm having some issues with traffic through an SRX3600 cluster. The traffic is between Active Directory servers in two different zones on directly connected subnets. Looking through a traceoptions capture I find the following:
Jan 26 11:05:10 11:05:10.436369:CID-01:FPC-08
IC-00:THREAD_ID-24:RT:Route-lookup for 10.64.0.72 yielded reject NH
Jan 26 11:05:10 11:05:10.436391:CID-01:FPC-08IC-00:THREAD_ID-24:RT:flow_ipv4_firstpath_route_lookup: no route to dest 10.64.0.72
Jan 26 11:05:10 11:05:10.436417:CID-01:FPC-08IC-00:THREAD_ID-24:RT: jsf drop pak pid 20, jbuf 0x8e869b90, release hold 0, sess_id 0
Jan 26 11:05:10 11:05:10.436442:CID-01:FPC-08IC-00:THREAD_ID-24:RT:[JSF] set ext handle 0x0 for plugin 20 on session 1069446912804
Jan 26 11:05:10 11:05:10.436459:CID-01:FPC-08IC-00:THREAD_ID-24:RT: After jsf gate hit. sid 0xdb24, pid 20, cookie 0x37, jbuf 0x8e8643d0. rc = 16
Jan 26 11:05:10 11:05:10.436481:CID-01:FPC-08IC-00:THREAD_ID-24:RT: packet dropped, denied by gate_hit callback
Jan 26 11:05:10 11:05:10.436491:CID-01:FPC-08IC-00:THREAD_ID-24:RT:denied by gate_hit callback
And I'm not sure what it all means. 10.64.0.0/22 is a directly connected subnet:
10.64.0.0/22 *[Direct/0] 22:29:16
> via reth50.0
Anyone know what the "Route lookup... yeilded reject NH" and the "denied by gate_hit callback" messages are referring to?
Thanks in andvace for any help!