Quantcast
Channel: All Ethernet Switching posts
Viewing all 10307 articles
Browse latest View live

Re: EX4300 Q-in-Q + common trunk (ELS)...how to ??

October 18, 2018, 12:44 pm
$
0
0

Hi RCC, thanx for your answer.

 

I couldn't figure out yet how can I make a simple vlan trunk to be able of extracting one vlan (or in this case, ae unit) and add it to the service vlan syntax.

 

e.g:

set vlans Vlan1191_S-Vlan interface ae0.1191   ---> S-Vlan
set vlans Vlan1191_S-Vlan interface ge-0/0/0.550 ---> C1-vlan
set vlans Vlan1191_S-Vlan interface ge-0/0/1.544 ---> C2-vlan
set vlans Vlan1191_S-Vlan interface ae1.687 ---> C3-vlan (vlan from the trunk)

set interfaces ae1 unit 687 ???????

I'll try to open a case with the Jtac and wait for their knowledge

Search

juniper ex3400 stack and network testers

October 19, 2018, 12:42 pm
$
0
0

So we have a large location where we rely on fluke testers to identify which port a particular network jack is connected to. For some reason tests are returning port numbers with values greater than the number of ports even in the switch stack. 


In the example of the attached image we have a 8 stack virtual chassis of ex3400s. Is there any way to get the port output to show something like ge-1/0/32 instead of the non-sensical port 860(only 384 ports in the stack)? Anyone else ever run into this before?

Re: EX2300 not completing ZTP process

October 19, 2018, 2:44 pm
$
0
0

Try removing or adding the leading / in the ZTP_OPTION.config-file-name and/or ZTP_OPTION.image-file-name path of your dhcpd.conf file. That fixed my issue for EX2300. For some reason EX2300 handle the directory path differently. 

 

I was able to get ZTP working after I changed the path. 

-Matt

 

Re: EX2300 not completing ZTP process

October 19, 2018, 2:46 pm
$
0
0
I will give it a try. Appreciate the advice.

Re: EX2300 not completing ZTP process

October 19, 2018, 3:04 pm
$
0
0

eg:

host test {
hardware ethernet xx:xx:xx:xx:xx:xx;
fixed-address 10.x.x,x;
option host-name "test";
option option-150 10.x.x.x;
option routers 10.x.x,x;
option subnet-mask 255.255.255.0;
option ZTP_OPTION.transfer-mode "ftp";
option ZTP_OPTION.config-file-name "test.conf";
option ZTP_OPTION.image-file-name "junos-arm-32-15.1X53-D59.3.tgz";
}

 

VS.

 

host test {
hardware ethernet xx:xx:xx:xx:xx:xx;
fixed-address 10.x.x,x;
option host-name "test";
option option-150 10.x.x.x;
option routers 10.x.x,x;
option subnet-mask 255.255.255.0;
option ZTP_OPTION.transfer-mode "ftp";
option ZTP_OPTION.config-file-name "/test.conf";
option ZTP_OPTION.image-file-name "/junos-arm-32-15.1X53-D59.3.tgz";
}

Re: juniper ex3400 stack and network testers

October 19, 2018, 3:16 pm
$
0
0

It's probably returning the interface index number. You might try configuring:

 

set protocols lldp port-id-subtype interface-name
set protocols lldp port-description-type interface-description
set protocols lldp interface all

Re: EX2300 not completing ZTP process

October 19, 2018, 3:17 pm
$
0
0
I will double check my config and let you know.

Thanks,
Mark

Need to block internet traffic in particular port in qfx 6k series

October 20, 2018, 12:08 am
$
0
0

Kindly help with sample configuration

Search

QFX10k Major alarm FPC 0 Errors

October 22, 2018, 1:18 am
$
0
0

Hi all;

We have QFX10002-36q running 15.1X53-D62.5 version, we some strange logs and major alarm on FPC 0 as you can see below, have you already seen this issue, how to solve it ? is it a juniper bug ?

 

thanks for your replies

 

---------------------------------------------------------------------------------------------------------------

qfx10k-1> show chassis alarms

1 alarms currently active
Alarm time Class Description
2018-10-21 06:12:31 CEST Major FPC 0 Major Errors

----------------------------------------------------------------------------------------------------------------

qfx10k-1> show log messages.5.gz | except bgp_listen_accept

Oct 21 06:12:31 qfx10k-1 fpc0 PE ChipSmiley TongueE-1[1]: HMCIF: Link4: HMC Fatal Error cmd:62 lng:1 ltag:2 dinv:0 errstat:127 err_cnt:0x40000000
Oct 21 06:12:31 qfx10k-1 fpc0 PE ChipSmiley TongueE-1[1]: HMCIF: Link5: HMC Fatal Error cmd:62 lng:1 ltag:2 dinv:0 errstat:127 err_cnt:0x40000000
Oct 21 06:12:31 qfx10k-1 alarmd[3599]: Alarm set: FPC color=RED, class=CHASSIS, reason=FPC 0 Major Errors
Oct 21 06:12:31 qfx10k-1 craftd[3600]: Receive FX craftd set alarm message: color: 1 class: 100 object: 104 slot: 0 silent: 0 short_reason=FPC 0 Major Errors long_reason=FPC 0 Major Errors id=150995048 reason=150994944
Oct 21 06:12:31 tls00-1-q10k craftd[3600]: Major alarm set, FPC 0 Major Errors

---------------------------------------------------------------------------------------------------------------

Re: QFX10k Major alarm FPC 0 Errors

October 22, 2018, 1:34 am
$
0
0

If you cannot find a PR matching these errors I would suspect HW-failure/error. My memory tells me that HMC refers to the "hyper/hybrid memory cubes" used on this platform.

 

Please raise a ticket with JTAC to validate this.

Re: QFX10k Major alarm FPC 0 Errors

October 22, 2018, 4:46 am

Re: QFX10k Major alarm FPC 0 Errors

October 22, 2018, 4:48 pm
$
0
0

JTAC could verify it conclusively but it does seem similar.  If you don't want to go through the verification process with JTAC you could upgrade to the fixed version listed in the PR and see it clears.

 

ip fabric design

October 23, 2018, 4:16 am
$
0
0

Hi All,

 

I have a general question about capacity planning when it come with deploing an IP Fabric scenario:
Assuming I have:
- qfx5200-32c -> 32x100Gbps interfaces -> Spine
-  qfx5200-48y ->  Leaf

In theory to this spine I can connect up to 32 qfx5200-48y (100 Gbps uplink).

Each leaf than have 48 x 10Gbps access interfaces.

Question: I need to understand the correct approach on how to calculate the max numbers of leaf that can be connected to one spine. I am sure that oversubscription and maximum throughput for each single switch play a role but i am not sure how to combine them to roll out some numbers.

Any suggestion?

Thank you.

Communication on Different VLAN IDs on Cisco vs Juniper

October 24, 2018, 2:26 am
$
0
0

Hi Guys,

I have different VLANs on Juniper EX4200 and Cisco 6509 and they are connected via access port. All my ports are access( switch to switch and switch to servers).

Servers in different VLANs are able to reach each other. Any one can explain this behavior please ?

Cisco_Juniper.PNG

 

 

 

Swtich to switch link configurations:

 

Cisco 6509

interface GigabitEthernet1/48
 description to JNPR_es_4200_ge-0/0/38
 switchport
 switchport access vlan 10
 switchport mode access
 no cdp enable
end
------------------------------------------
show run vlan 10
Building configuration...

Current configuration:
!
vlan 10
 name TEST_10
end

Juniper EX4200

show configuration interfaces ge-0/0/38
description to_csco_6509:gi1/48;
unit 0 {
    family ethernet-switching {
        vlan {
            members 20
------------------------------------------>>> show configuration vlans | match 20 | display set
set vlans TEST vlan-id 20

Thanks

 

Re: Communication on Different VLAN IDs on Cisco vs Juniper

October 24, 2018, 2:43 am
$
0
0

Hello,

First things first - there appears to be an error on Your diagram : Your CSCO 6509 Juniper-facing port shows on Your diagram as Gi1/37 but in the printouts it is referred to as Gi1/48.

Secondly, the behaviour You described is expected with inter-switch access ports. In more detail:

1/ an untagged Ethernet frame from Server_04/_03 enters CSCO 6509

2/ it exits as untagged from CSCO 6509 Gi1/48

3/ JNPR EX4200 receives this frame as untagged on ge-0/0/38 access port

4/ JNPR EX4200 passes this frame as untagged to access ports connected to Server_01/_02.

The same happens in reverse direction as well.

HTH

Thx

Alex

 

Search

Re: Communication on Different VLAN IDs on Cisco vs Juniper

October 24, 2018, 4:09 am
$
0
0

Hi MYN,

 

Whenever you send a frame out of an access port the vlan information is not carried along the frame. So the only way a switch classifies the vlan of an incoming frame on an interface is through the vlan of the port on which the frame was received. 

 

On the other hand, frames sent out a trunk port carry vlan id information as a tag along with them which will help the receiving switch classify the frame to the corresponding vlan. 

 

In your topology frames are sent out through access ports on both cisco and juniper devices and hence though the frames originated from different vlans, the receiving switches classified the frames based on the vlan configured on the ports where frames were recieved. 

 

This is why it is recommended to always configure the interswitch links as trunk links instead of access links.

EVPN / VXLAN ON 5110/5100 tunnels drop after adding vlans??

October 25, 2018, 9:00 am
$
0
0

I have a simple leaf a spine topology set up 5110 spines (irb gws) and 5100 leafs (l2 vtep only). This works fine no issues until you try and change any config! has anyone seen any behaviour like this before?

 

See below the behaviour:

 

All 3 tunnels operational and working fine.

 

{master:0}[edit]

root@LEAF-1# run show ethernet-switching vxlan-tunnel-end-point remote

Logical System Name       Id  SVTEP-IP         IFL   L3-Idx

<default>                 0   10.10.1.3        lo0.0    0

RVTEP-IP         IFL-Idx   NH-Id

10.10.1.1        555       1720

    VNID          MC-Group-IP

    600           0.0.0.0

    102           0.0.0.0

    101           0.0.0.0

RVTEP-IP         IFL-Idx   NH-Id

10.10.1.2        557       1749

    VNID          MC-Group-IP

    600           0.0.0.0

    101           0.0.0.0

    102           0.0.0.0

RVTEP-IP         IFL-Idx   NH-Id

10.10.1.4        556       1736

   VNID          MC-Group-IP

    600           0.0.0.0

    101           0.0.0.0

    102           0.0.0.0

 

A trunk port which connects to a server (the vlans are all assigned to a vtep)

 

{master:0}[edit]

root@LEAF-1# run show configuration interfaces ge-0/0/48

unit 0 {

    family ethernet-switching {

        interface-mode trunk;

        vlan {

            members [ SERVER CLIENT CLIENT2 ];

        }

    }

}

 

I then remove a VLAN from the trunk port and…..

 

{master:0}[edit]

root@LEAF-1# show | compare

[edit interfaces ge-0/0/48 unit 0 family ethernet-switching vlan]

-       members [ SERVER CLIENT CLIENT2 ];

+       members [ SERVER CLIENT ];

 

{master:0}[edit]

root@LEAF-1# commit

[edit protocols]

  'bgp'

    warning: requires 'bgp' license

[edit vlans CLIENT]

  'vxlan'

    warning: requires 'vxlan' license

configuration check succeeds

commit complete

 

No more vteps.

 

 

{master:0}[edit]

root@LEAF-1# run show ethernet-switching vxlan-tunnel-end-point remote

Logical System Name       Id  SVTEP-IP         IFL   L3-Idx

<default>                 0   10.10.1.3        lo0.0    0

 

{master:0}[edit]

root@LEAF-1# run show ethernet-switching vxlan-tunnel-end-point remote

Logical System Name       Id  SVTEP-IP         IFL   L3-Idx

<default>                 0   10.10.1.3        lo0.0    0

 

If I now clear BGP the VTEPs come back up.

 

This is proving to be very difficult to fix and Juniper themselves are running out of options, I think I have tried every combination of firmware.

 

Currenlty both the 5110 and the 5100 are on 17.4

 

Has anyone every witnessed anything like this? i am speaking to ATAC at the moment who also right now have no idea what it can be. 

 

This has been set up in a lab with a view of taking it in production. When it works. 

 

BPDU block clarification

October 26, 2018, 7:44 am
$
0
0

Can anyone explain the difference between these two commands, under what case I should use one or the other, and if there are best practice documents that you can refer me to. Thanks in advance.

 

This command defines all interfaces as edge ports and enables bpdu-block on those edge ports under RSTP with 'set protocols rstp bpdu-block-on-edge interface all edge', the other defines all interfaces with bpdu-block under ethernet-switching-options with 'set ethernet-switching-options bpdu-block interface all'?

 

I realize the first one only applies bpdu-block to ports defined as edge, but are ther other differences? When would I use one vs the other? Why is one configured under RSTP and the other under Ethernet-switching? 

 

 

 

Re: BPDU block clarification

October 26, 2018, 3:34 pm
$
0
0

 

"set ethernet-switching-options bpdu-block interface all" command blocks the BPDUs on all interfaces without define under xSTP.

 

"set protocols rstp bpdu-block-on-edge" command blocks BPDUs only if an interface is configured as edge under xSTP.

 

You can use two different commands to do blocking BPDUs on the different topology. Documentation is below; please review all document within examples.

 

https://www.juniper.net/documentation/en_US/junos/topics/topic-map/spanning-tree-bpdu-protection.html#id-understanding-bpdu-protection-for-spanning-tree-instance-interfaces

Re: EX4300 inter vlan + gateway in one of the VLANs

October 27, 2018, 12:21 am
$
0
0

Hi,

 

we actually have another route now that we can use (10.16.12.2). Can we use two different static routes, does this require virtual routing instances? We can only ping 10.16.12.2 from our 10.16.12.0 netowork, and 10.16.11.3 from our 10.16.11.0 network.

Viewing all 10307 articles
Browse latest View live
Search