Quantcast
Channel: All Ethernet Switching posts
Viewing all 10307 articles
Browse latest View live

DHCP snooping doesn't update lease timer during a lease renewal

January 29, 2016, 8:59 am
$
0
0

Hi,

there is an issue I observe on a Juniper virtual-chassis made of a pair of EX 4550 switches running by Junos 12.3R11.2.

 

The environment looks like this:

Windows dhcp-client connected to the virtual-chassis, to the particular routing instance where we have enabled DHCP-relay agent, DHCP snooping, dynamic ARP inspection (DAI) and IP source guard (IPSG).

 

During the DHCP lease process the dhcp-client requests IP address and switch writes the lease information down to dhcp-snooping table, which then being used for DAI and IPSG. Halfway through the lease period, the DHCP client requests a lease renewal, and the DHCP server extends the lease. The problem I have faced with is that during the renewal procces switch doen't not updates the lease timer in it's dhcp-snooping table. Consequently, after lease timer expires on the switch, DAI starts to drop a traffic generated by the host.

 

Does anybody had something similar and know how to fix this?

Search

Re: btu air conditioner

January 29, 2016, 9:39 am

How to connect two switches

January 29, 2016, 10:03 am
$
0
0
Hi folks,

Is there away I can connect two juniper switches
togather with two links between them. Two link I mean primary route and protection route. What kind of config will I put on the switchs to enable them switch traffic when failure occures on one link.

Re: How to connect two switches

January 29, 2016, 10:21 am
$
0
0

Just configure both switch interfaces as an AE/LAG.  Search on-line you'll find plenty of docs.

Ex4300 Virtual Chassis member issue

January 29, 2016, 1:48 pm
$
0
0

Hi everyone! It's my first time configuring Juniper devices and I would like to ask some help if you may.

 

Scenario: We have SRX240 HA Cluster connected 2 EX4300 in virtual chassis. I attached the topology.

 

Issue: When the member1 switch is the Master, I can ping from router to switch, router to server, and vice-versa so basically no problem at all. But when member0 switch becomes the Master, I cannot ping from router to switch, router to server, or vice versa. There is also RTO when member0 is down.

 

Here is the virtual chassis status:

 

root@EX-4300# run show virtual-chassis

Virtual Chassis ID: c14c.9326.a5d7
Virtual Chassis Mode: Enabled
                                                Mstr           Mixed Route Neighbor List
Member ID  Status   Serial No    Model          prio  Role      Mode  Mode ID  Interface
0 (FPC 0)  Prsnt    PE3715020154 ex4300-48t     255   Backup       N  VC   1  vcp-255/1/3
1 (FPC 1)  Prsnt    PE3713320098 ex4300-48t     255   Master*      N  VC   0  vcp-255/1/0

Member ID for next new member: 2 (FPC 2)

 

root@EX-4300# run show virtual-chassis vc-port
fpc0:
--------------------------------------------------------------------------
Interface   Type              Trunk  Status       Speed        Neighbor
or                             ID                 (mbps)       ID  Interface
PIC / Port
1/3         Configured         -1    Up           40000        1   vcp-255/1/0

fpc1:
--------------------------------------------------------------------------
Interface   Type              Trunk  Status       Speed        Neighbor
or                             ID                 (mbps)       ID  Interface
PIC / Port
1/0         Configured         -1    Up           40000        0   vcp-255/1/3

 

 

Here are the interfaces between SRX and EX:

 

SRX-A ge-0/0/14 ---> EX1 ge-0/0/46

SRX-A ge-0/0/15 ---> EX2 ge-1/0/46

SRX-B ge-5/0/14 ---> EX1 ge-0/0/47

SRX-B ge-5/0/15 ---> EX1 ge-1/0/47

 

EX1 ge-0/0/10 ---> Server

EX2 ge-1/0/10 ---> Server

 

ISP ---> SRX-A ge-0/0/7

 

root@EX-4300# run show interfaces terse | match ae*
Interface               Admin Link Proto    Local                 Remote
ge-0/0/10.0             up    up   aenet    --> ae3.0
ge-0/0/46.0             up    up   aenet    --> ae0.0
ge-0/0/47.0             up    up   aenet    --> ae0.0
ge-1/0/10.0             up    up   aenet    --> ae3.0
ge-1/0/46.0             up    up   aenet    --> ae1.0
ge-1/0/47.0             up    up   aenet    --> ae1.0
ae0                     up    up
ae0.0                   up    up   eth-switch
ae1                     up    up
ae1.0                   up    up   eth-switch
ae3                     up    up
ae3.0                   up    up   eth-switch

 

root@SRX-B> show interfaces terse | match reth*
ge-0/0/7.0              up    up   aenet    --> reth2.0
ge-0/0/14.0             up    up   aenet    --> reth0.0
ge-0/0/15.0             up    up   aenet    --> reth1.0
ge-5/0/7.0              up    down aenet    --> reth2.0
ge-5/0/14.0             up    up   aenet    --> reth0.0
ge-5/0/15.0             up    up   aenet    --> reth1.0
reth0                   up    up
reth0.0                 up    up   inet     10.10.0.1/24
reth1                   up    up
reth1.0                 up    up   inet     10.10.0.2/24
reth2                   up    up
reth2.0                 up    up   inet     210.4.118.114/29

 

If you guys have any idea what could possibly be wrong or has suggestions, I would be happy to try them out.

Re: How to connect two switches

January 29, 2016, 9:03 pm
$
0
0
Hi Rccpgm,

Thanks a lot for the response, apart from LAG, is there any other option?

Sheeel.

Re: How to connect two switches

January 29, 2016, 11:40 pm
$
0
0

apart from LAG, is there any other option? 

 

Yes you could use RTG /(redundant trunk group) defined on one of the switches. ( google for that )

 

regards

 

alexander

Re: Ex4300 Virtual Chassis member issue

January 30, 2016, 7:10 am
$
0
0
Hi,

Have you tried to enable the no-split-detection statement ?

{master:0}[edit]
root@switch# set virtual-chassis ?
Possible completions:
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
> fast-failover Fast failover mechanism
id Virtual chassis identifier, of type ISO system-id
> mac-persistence-timer How long to retain MAC address when member leaves virtual chassis
> member Member of virtual chassis configuration
no-split-detection Disable split detection. This command is recommended to only be enabled in a 2 member setup
preprovisioned Only accept preprovisioned members
> traceoptions Global tracing options for virtual chassis

{master:0}[edit]
root@switch# set virtual-chassis no-split-detection
root@switch# commit

If not , and if this didn't help , can you share with us the following ?
1- related configuration
2- versions
Search

Re: DHCP snooping doesn't update lease timer during a lease renewal

January 30, 2016, 7:57 am
$
0
0
Hi,

I don't this is configuration related issue . I think its version related issue , I would suggest upgrading to the recommended version, and then if issue remain , raise a case to JTAC .

I didn't see any related PR for this, but it might be confidential PR .

Re: DHCP snooping doesn't update lease timer during a lease renewal

January 30, 2016, 8:03 am

Re: DHCP snooping doesn't update lease timer during a lease renewal

January 30, 2016, 8:52 am
$
0
0

But he uses junos version 12.3R11

Re: DHCP snooping doesn't update lease timer during a lease renewal

January 30, 2016, 9:08 am
$
0
0
Hi,

Yes I noticed that . Thats why in the first place I recommended raising the issue to JTAC .
Now according to PR864078 they say it fixed at the 12.3R3 and it fixed again at the 13.2R1 which means this issue got fixed twice .

Re: DHCP snooping doesn't update lease timer during a lease renewal

January 30, 2016, 9:13 am
$
0
0

Andrei,

what is happening with dhcp-client during renewal process (successfully or not)? Are any log error messages?

Re: Ex4300 Virtual Chassis member issue

January 30, 2016, 10:28 am
$
0
0

Hi Abed AL-R,

 

Thank you for your reply.

 

Yes, no-split-detection is already enabled. I have attached the full configuration.

 

root@EX-4300# show virtual-chassis

no-split-detection;

member 0{ mastership-priority 255; } member 1 { mastership-priority 255; }

 

Here are the versions:

--------------------------------------------------

root@EX-4300-GFL# run show system software

fpc0:

--------------------------------------------------------------------------

Information for fips-mode-powerpc:

Comment: JUNOS FIPS mode utilities [13.2X51-D26.2]

Information for jdocs-ex:

Comment: JUNOS Online Documentation [13.2X51-D26.2]

Information for junos:

Comment: JUNOS EX Software Suite [13.2X51-D26.2]

Information for junos-ex-4300:

Comment: JUNOS EX 4300 Software Suite [13.2X51-D26.2]

Information for jweb-ex:

Comment: JUNOS Web Management [13.2X51-D26.2]

Information for py-base-powerpc:

Comment: JUNOS py-base-powerpc [13.2X51-D26.2]

 

fpc1:

--------------------------------------------------------------------------

Information for fips-mode-powerpc:

Comment: JUNOS FIPS mode utilities [13.2X51-D26.2]

Information for jdocs-ex:

Comment: JUNOS Online Documentation [13.2X51-D26.2]

Information for junos:

Comment: JUNOS EX Software Suite [13.2X51-D26.2]

Information for junos-ex-4300:

Comment: JUNOS EX 4300 Software Suite [13.2X51-D26.2]

Information for jweb-ex:

Comment: JUNOS Web Management [13.2X51-D26.2]

Information for py-base-powerpc:

Comment: JUNOS py-base-powerpc [13.2X51-D26.2]

Re: Ex4300 Virtual Chassis member issue

January 30, 2016, 10:38 am
$
0
0
Hi eaguilar,

Thank you .

Please let us demonstrate the issue again .
Reboot the master deivce to let a failover happen again in order switch over the backup device , and lookup into the var log messages if you notice any log of this kind :

Nexthop index allocation failed


Alternativly, please provide us the output of show log messages after the testing .
Search

Re: EX2200-C POE+

February 2, 2016, 12:43 am
$
0
0

Hi there,

 

JUNOS Base OS boot [12.3R6.6]
JUNOS Base OS Software Suite [12.3R6.6]
JUNOS Kernel Software Suite [12.3R6.6]
JUNOS Crypto Software Suite [12.3R6.6]
JUNOS Online Documentation [12.3R6.6]
JUNOS Enterprise Software Suite [12.3R6.6]
JUNOS Packet Forwarding Engine Enterprise Software Suite [12.3R6.6]
JUNOS Routing Software Suite [12.3R6.6]
JUNOS Web Management [12.3R6.6]
JUNOS FIPS mode utilities [12.3R6.6

Re: Ex4300 Virtual Chassis member issue

February 2, 2016, 1:23 am
$
0
0

Hi,

 

Sorry for answering late .

 

I'll check the output you attached and then I'll update you .

Re: Warning: configuration block ignored: unsupported platform (ex4200-48px)

February 2, 2016, 1:30 am
$
0
0

That did the trick, thanks for the quick response

 

Just curious why the code would even commit if this block is in there

Re: EX2200-C POE+

February 2, 2016, 1:38 am
$
0
0

"show poe controller" output please.

Re: EX2200-C POE+

February 2, 2016, 1:54 am
$
0
0

root@as-4> show poe controller
Controller  Maximum   Power         Guard    Management   Status        Lldp
index       power     consumption   band                                Priority
   0        100.00W   51.00W          0W     Class        AT_MODE       Disabled

Viewing all 10307 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>