Hi I'm not sure what happens exactly without show output during the failure.
I was just guessing that you need loop protection because you have a failure of an intermediate device, so interface is still up but you stop receiving BPDUs, and thus transition from blocking to forwarding on your specific mgmt VLAN, and creating a black hole. Again just a guess I might be wrong. EX4200 and EX4550 have dedicated high speed VC ports, but you can use your 10G optical interfaces instead. Then you will have all active/active and can skip STP all together. https://www.juniper.net/us/en/local/pdf/implementation-guides/8010018-en.pdf /Roger On Sun, Jul 16, 2017 at 5:17 PM, Victor Sudakov <v...@mpeks.tomsk.su> wrote: > Roger Wiklund wrote: >> > There is a ring of EX4200 switches, please look at >> > http://noc.sibptus.ru/jun1.png >> > >> > If MUX1 fails, the MSTP topology adjusts and the PCs continue to see >> > one another just fine. >> > >> > However, some switches become inaccessible in the management vlan >> > (vlan3 in this example). For example, you can still ping 192.168.1.3 >> > from 192.168.1.2, but not 192.168.1.4 from 192.168.1.2. >> > >> > One important note. If MUX1 fails, the corresponding interfaces on >> > 192.168.1.2 and 192.168.1.4 don't go down, it is only the traffic >> > (including BPDUs) that stops flowing through the mux. >> > >> > If I shutdown the corresponding interfaces on 192.168.1.2 and >> > 192.168.1.4 (or use OAM to shutdown the interfaces automatically when >> > the mux fails), the problem disappears and I can ping any switch from >> > any switch. >> > >> > What's the theory behind this? >> > >> > "clear arp" and "clear ethernet-switching table" don't fix the >> > problem. >> >> Have you configured loop protection? >> https://www.juniper.net/documentation/en_US/junos/topics/example/stp-loop-protection-qfx-series.html > > Dear Roger, > > I have configured OAM (link-down on link-adjacency-loss) which helped. > > But I'm wondering why the situation in question was happening without > the interfaces going physically down. > >> >> On a design note, why not use Virtual Chassis instead? > > Sorry, I don't understand. Virtual Chassis uses a special short cable, > doesn't it? My switches are not located nearby enough to use that > cable. In fact, they are connected by multiplexers and can be far > away from one another. > > > -- > Victor Sudakov, VAS4-RIPE, VAS47-RIPN > AS43859 _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp