Traffic comming through wrong interface/route on BGP router

Hi folks,

I have BGP router that’s connected to a single upstream provider using separate VLAN circuits for international and domestic traffic. So there are 2 BGP peers established: one providing domestic routes only and other a default route for the rest of Internet. Normally domestic traffic here is dominant, but I’ve noticed that somehow international is 2-3 times that of domestic. After little research I’ve found that some domestic routes have incoming traffic through international VLAN interface. Using torch I’ve discovered that traffic of the same connection (that should be domestic) enters through international and leaves through domestic interface (torching the same internal IP:port shows zero bytes/sec for according tx/rx on different vlans).

The weird part is that this applies only to some routes from the domestic route list advertised by our provider. I’ve tried to artificially generate traffic from local and oversea servers and only particular routes were always affected in that way, I can practically pull the list of them. Traceroute to these prefixes show the correct path through my upstream providers router for international traffic though.

My question is how is this possible that while having specific prefix in my routing table with correct interface and gateway, traffic still comes through different interface and further more leaves through another? Is there a way to somehow force traffic from domestic routes to go in and out via interface it suppose to?

You are determining the outbound path based on the routes provided by the upstream but the return path depends on the effective routing applied at the upstream provider’s router. The intermediate routers have no notion of “connections” so they simply follow their routing rules. It sounds as if the routing policy in effect at the upstream router does not fully mirror the routes being provided via each VLAN.

I suspected so. Because to my knowledge, if something is wrong with my configurations (they are very simple), this would apply to all traffic, not only for particular routes. And you are right, the outbound traffic does go through the correct interface (from my point of view), which has that route. Only inbound traffic comes through wrong interface. But this doesn’t explain why it only affects some routes, not all. One explanation you provided, it’s routing policies applied by my upstream. I’m trying to get clear here, so I know what to tell my ISP. I’d like to be sure that it’s their issue, not mine.