[j-nsp] MX240/SRX240 vpls loop problem
We have a core network with three MX240 routers. Most WAN sites are connected
either via an EX8208 switch or via SRX240 routers. We have a mixed environment
where new client zones are distributed using L3VPN, old vlans are distributed
using VPLS.
Unfortunately, we are having problems with VPLS on the SRX240 routers. When a
site is connected, we see MAC FLAP messages on the MX240s and show l2-learning
mac-move-buffer shows that hosts are flapping between their appropriate ports
and the LSI interfaces on SRX240 routers where they do not belong. This is
confirmed by examining the MAC address tables on MX240 using show vpls
mac-table.
Obviously, communication is very unreliable (~50% packet loss, lots of
duplicates.) All sites use Cisco 2950 and 2960 switches locally and there are
no physical loops; the problem appears even when connecting a site with only a
single access port on the relevant vlan, connected directly to the client host.
We have so far been unable to reproduce the problem in a test environment with
a handful of SRX240 routers and Cisco switches. This may suggest an
interop/signalling issue between MX240 and SRX240.
1. Has anyone else successfully deployed something similar?
2. Is there any way to show the MAC address table for a VPLS instance on the
SRX240?
oikt@RARUSK-GW-01 show configuration interfaces ge-0/0/6
description TRUNK to RABUBO;
vlan-tagging;
encapsulation flexible-ethernet-services;
unit 10 {
description RABUBO Site_Management;
vlan-id 10;
family inet {
address x.x.x.x/x;
}
}
unit 32 {
description RABUBO Intern Klientsone;
vlan-id 32;
family inet {
address x.x.x.x/x;
}
}
unit 56 {
description RABUBO Sikret Klientsone;
vlan-id 56;
family inet {
address x.x.x.x/x;
}
}
unit 158 {
description LEGACY_158_IpTelefoni;
encapsulation vlan-vpls;
vlan-id 158;
}
oikt@RARUSK-GW-01 show configuration routing-instances
VPLS-LEGACY_158_IP-telefoni
instance-type vpls;
interface ge-0/0/6.158;
route-distinguisher x.x.x.x:00158;
vrf-target target:65100:158;
protocols {
vpls {
site-range 25;
no-tunnel-services;
site RARUSK {
site-identifier 13;
}
}
}
--
Regards,
Andreas Lund
(storage/backup/network/databases)
Øyeren IKT -- http://www.oikt.no http://www.oikt.no
Servicedesk: 6383 5200
Direkte: tlf.6383 5287, mob.900 77 162
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] MX240/SRX240 vpls loop problem
Hi, 2. Is there any way to show the MAC address table for a VPLS instance on the SRX240? show route forwarding-table? Alex ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] MX240/SRX240 vpls loop problem
Thanks, I only knew about show vpls mac-table. Incidentally, the MAC table on the SRX240 looks as it should; all addresses are pushed to the MX240 except the locally connected one. This is in contrast to the MX240 which flaps between the correct ports and the SRX240. So, it seems to me the SRX240 is echoing packets back to the MX240, possibly ARP broadcasts since the problem is intermittent. The big question remains why. -Andreas. -Opprinnelig melding- Fra: Alexander Frolkin [mailto:a...@eldamar.org.uk] Sendt: 25. juli 2011 11:43 Til: Andreas Lund Kopi: juniper-nsp@puck.nether.net Emne: Re: [j-nsp] MX240/SRX240 vpls loop problem Hi, 2. Is there any way to show the MAC address table for a VPLS instance on the SRX240? show route forwarding-table? Alex ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] JUNIPER-COS-MIB support in open source monitoring tools
Hi all, Is anyone aware of any effort to wrangle JUNIPER-COS-MIB support into open source monitoring tools such as MRTG, cacti etc.? Are there any commercial network monitoring/management packages that understand this MIB? I'm looking for something to allow us to graph/present things like utilisation, bps, pps, and drop rates *per forwarding-class*. If you've done this in your shop, could you please let me know? I'm willing to have a go at getting something happening, preferably with cacti. Cheers, Dale ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] MVPN Rosen interoperation configuration Cisco and Juniper
Can someone please share the working Rosen MVPN configuration of Cisco and Juniper? Do I have to use vrf-table-label or VT interface on Juniper router to make it working? -- David W. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] JUNIPER-COS-MIB support in open source monitoring tools
We look at this these items now in Vitalnet. Its an Alcatel-Lucent product I think. Derick Winkworth CCIE #15672 (RS, SP), JNCIE-M #721 http://blinking-network.blogspot.com From: Dale Shaw dale.shaw+j-...@gmail.com To: Juniper-Nsp juniper-nsp@puck.nether.net Sent: Mon, July 25, 2011 5:10:47 PM Subject: [j-nsp] JUNIPER-COS-MIB support in open source monitoring tools Hi all, Is anyone aware of any effort to wrangle JUNIPER-COS-MIB support into open source monitoring tools such as MRTG, cacti etc.? Are there any commercial network monitoring/management packages that understand this MIB? I'm looking for something to allow us to graph/present things like utilisation, bps, pps, and drop rates *per forwarding-class*. If you've done this in your shop, could you please let me know? I'm willing to have a go at getting something happening, preferably with cacti. Cheers, Dale ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] JUNIPER-COS-MIB support in open source monitoring tools
In .edu, so not surprisingly we rolled our own. We use three queues and I grab the following per queue. jnxCosIfqTxedBytes, jnxCosIfqTxedPkts, jnxCosQstatTailDropPkts, jnxCosQstatTotalRedDropBytes, jnxCosQstatTotalRedDropPkts At 15 instances per ifl and 449 ifls on one box alone, it's a lot to grab every 5 minutes. At times snmp becomes unresponsive on an mx960 RE-2000. -Michael On 7/25/2011 5:10 PM, Dale Shaw wrote: Hi all, Is anyone aware of any effort to wrangle JUNIPER-COS-MIB support into open source monitoring tools such as MRTG, cacti etc.? Are there any commercial network monitoring/management packages that understand this MIB? I'm looking for something to allow us to graph/present things like utilisation, bps, pps, and drop rates *per forwarding-class*. If you've done this in your shop, could you please let me know? I'm willing to have a go at getting something happening, preferably with cacti. Cheers, Dale ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
