I am facing an issue that goes really beyond my understanding and technical knowledge and I would like to see if anyone has ever face the same issue.
I have two virtual border routers running vyos. Each of them connect to one uplink with ebgp with full route. I have ibgp running between the two routers.
These two routers are connected with ospf to a core router. Behind this core router I have a few virtual servers with public IP. Mostly webapps.
I received the complain that although web servers are accessible smoothly from the global internet, customers struggle to upload files to the web servers via http. It can be any size of file, it doesn’t matter.
I can replicate this issue by creating a test web server and attempting to upload images. The test webserver has no firewall, it is not behind a nat either.
I face the same problem by attempting to upload files via SCP to the test webserver. So it really looks like a network issue to me.
So I start to play a bit with my routing…
What I notice is the following:
Assuming user try to upload to the webserver from the internet:
If traffic come in via uplink 1 and come back via uplink 1, it works fine.
If traffic come in via uplink 2 and come back via uplink 2, it works fine.
If traffic come in via uplink 1 and come back via uplink 2, it works fine.
If traffic come in via uplink 2 and come back via uplink 1, it doesn’t work and get stuck.
The last two scenarios really bother me. And overall I believe asymmetric routing should not be such an issue. I have run a few SP networks connecting with multiple uplinks and receiving only default route, traffic was really asymmetric but works fine.
I can confirm there is no QoS involved or any sort of firewalling. Only routers.
Does this ring a bell to anybody? I am running out of ideas.