Hello group -
I have a pair of SRX 650's running in a cluster -
My issue is that I have 2 trunk links on each firewall passing completely
different VLAN's but when I enable any form of spanning tree, I'm seeing one of
those links blocked (3 out of the 4 links get blocked by STP). I've tried
rstp, stp and mstp - all with the same issue. The switches in use are 1-
EX-4500, and 2 EX-4200's in a VC. I may have a config issue - or is this
possibly a bug? Any help would be greatly appreciated!
Here is the relevant configuration:
ports 2/0/8 and 2/0/9 are my trunk links on each firewall
port 2/0/15 is the swfab on each firewall
------------------
ge-2/0/8 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ 200 201 250-260 ];
}
}
}
}
ge-2/0/9 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ 300 400 401 500 850 900 1701 1753 ];
}
}
}
}
ge-11/0/8 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ 200 201 250-260 ];
}
}
}
}
ge-11/0/9 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ 300 400 401 500 850 900 1701 1753 ];
}
}
}
}
swfab0 {
fabric-options {
member-interfaces {
ge-2/0/15;
}
}
}
swfab1 {
fabric-options {
member-interfaces {
ge-11/0/15;
}
}
}
----------------------
> show chassis cluster ethernet-switching status
Cluster ID: 1
Node Priority Status Preempt Manual failover
Redundancy group: 0 , Failover count: 1
node0 100 primary no no
node1 1 secondary no no
Redundancy group: 1 , Failover count: 1
node0 100 primary yes no
node1 1 secondary yes no
Ethernet switching status:
Probe state is UP. Both nodes are in single ethernet switching domain(s).
> show chassis cluster ethernet-switching interfaces
swfab0:
Name Status
ge-2/0/15 up
swfab1:
Name Status
ge-11/0/15 up
Privileged and Confidential:
The information contained in this message and any attachments hereto is
intended solely for the use of the individual or entity to which it was
addressed, and may contain confidential or privileged information. If you have
received this message in error, please notify the sender and delete the
message. The unauthorized use, disclosure, duplication or alteration of this
message is strictly forbidden. Although BLaST IU 17 has taken precautions to
ensure no viruses are present in this communication, BLaST accepts no
responsibility for any loss or damage arising from the use of this message or
attachments. BLaST additionally accepts no responsibility for any non-business
related content.
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
