We are connecting three sites using MPLS Layer3 VPN technology. We are using service provider network for MPLS (core) connectivity. All of our 3 sites are connecting over MP-IBGP and then forwarding Internet traffic to one of PE, which is forwarding internet traffic to firewall and firewall is doing NAT for the CE routes.
We have strange problem, all sites are having stable connectivity while doing CE to CE or Site to Site ping, but external core connectivity is not stable, there is nothing to wrong with basic configuration because all the sites are working fine as for as local (internal) are internet (external) concerns, so PE is leaking routes to firewall and firewall is doing NAT the way it should. But sometimes some of the sites just got stuck at Internet PE the one leaking routes to firewall from customer VRF, and it starts working again after 1 or 2 hours ï
We don't have control over service provider network, how do you guys troubleshoot such issues when you don't have access to core and traffic between sites is fine but external traffic is fluctuating. Here is the logical and physical topologyâ¦
VRF-A and their own
firewall nat to internet