Re: [j-nsp] Could you pls clarify a bit about OAM for link fault management?
Chuck Anderson wrote: > > > > > Something like this should do the trick once you've configured it on > > > > > both ends: > > > > > > > > > > set protocols oam ethernet link-fault-management action-profile UDLD > > > > > event link-adjacency-loss > > > > > > > > I have come to the conclusion that > > > > > > > > "set protocols mstp interface ge-0/0/22.0 bpdu-timeout-action block" > > > > > > > > might do the trick as well if configured on all interfaces connected to > > > > the MUXes. > > > > > > That would only work on the upstream interface facing the root bridge > > > where it is expected that it receive BPDUs. > > > > Still, if I enable "bpdu-timeout-action block" on every interface > > facing the MUX (and therefore facing each other), I am probably safe? > > In my experiece, if an interface configured with "bpdu-timeout-action > block" stops receiving BPDUs, it will block :-) I don't recall what > happens if it never receives a single BPDU initially (as a > non-root-facing port should experience since it should be sending > BPDUs not receiving them), I guess, in Cisco, the loop guard feature does not block designated ports. Is it different in Juniper? > but you are setting yourself up for pain if > it later does receive a BPDU, then stops receiving them. There may be > transient conditions in a MSTP network where this happens. What exactly problem can arise in this case? A port never coming up? Sorry, I cannot quite grasp the idea, could you illustrate? -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:suda...@sibptus.tomsk.ru ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Could you pls clarify a bit about OAM for link fault management?
Chuck Anderson wrote: > > > > > > Something like this should do the trick once you've configured it on both > > > ends: > > > > > > set protocols oam ethernet link-fault-management action-profile UDLD > > > event link-adjacency-loss > > > > I have come to the conclusion that > > > > "set protocols mstp interface ge-0/0/22.0 bpdu-timeout-action block" > > > > might do the trick as well if configured on all interfaces connected to > > the MUXes. > > That would only work on the upstream interface facing the root bridge > where it is expected that it receive BPDUs. The downstream interface > would be sending BPDUs in that case, and not expect to receive them. Then the rogue link will be blocked from the other side, won't it? > If the topology dictates that one should never expect to receive BPDUs > on such a port (the port should never lead to a root bridge), I would > configure: > > set protocols mstp interface no-root-port > > instead of the "bpdu-timeout-action block". The topology in question is basically a ring, so I guess the root bridge can emerge from either side of a non-root bridge. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:suda...@sibptus.tomsk.ru ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Could you pls clarify a bit about OAM for link fault management?
On Tue, Jul 22, 2014 at 12:25:40PM +0700, Victor Sudakov wrote: > Chuck Anderson wrote: > > > > > > > > Something like this should do the trick once you've configured it on > > > > both ends: > > > > > > > > set protocols oam ethernet link-fault-management action-profile UDLD > > > > event link-adjacency-loss > > > > > > I have come to the conclusion that > > > > > > "set protocols mstp interface ge-0/0/22.0 bpdu-timeout-action block" > > > > > > might do the trick as well if configured on all interfaces connected to > > > the MUXes. > > > > That would only work on the upstream interface facing the root bridge > > where it is expected that it receive BPDUs. > > Still, if I enable "bpdu-timeout-action block" on every interface > facing the MUX (and therefore facing each other), I am probably safe? In my experiece, if an interface configured with "bpdu-timeout-action block" stops receiving BPDUs, it will block :-) I don't recall what happens if it never receives a single BPDU initially (as a non-root-facing port should experience since it should be sending BPDUs not receiving them), but you are setting yourself up for pain if it later does receive a BPDU, then stops receiving them. There may be transient conditions in a MSTP network where this happens. > > But either way, I don't think this can be used as a substitute for the > > OAM configuration. > > Yes, OAM is more elegant. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Could you pls clarify a bit about OAM for link fault management?
Chuck Anderson wrote: > > > > > > Something like this should do the trick once you've configured it on both > > > ends: > > > > > > set protocols oam ethernet link-fault-management action-profile UDLD > > > event link-adjacency-loss > > > > I have come to the conclusion that > > > > "set protocols mstp interface ge-0/0/22.0 bpdu-timeout-action block" > > > > might do the trick as well if configured on all interfaces connected to > > the MUXes. > > That would only work on the upstream interface facing the root bridge > where it is expected that it receive BPDUs. Still, if I enable "bpdu-timeout-action block" on every interface facing the MUX (and therefore facing each other), I am probably safe? [dd] > But either way, I don't think this can be used as a substitute for the > OAM configuration. Yes, OAM is more elegant. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:suda...@sibptus.tomsk.ru ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Could you pls clarify a bit about OAM for link fault management?
On Fri, Jul 18, 2014 at 04:24:28PM +0700, Victor Sudakov wrote: > Ben Dale wrote: > > > > Something like this should do the trick once you've configured it on both > > ends: > > > > set protocols oam ethernet link-fault-management action-profile UDLD event > > link-adjacency-loss > > I have come to the conclusion that > > "set protocols mstp interface ge-0/0/22.0 bpdu-timeout-action block" > > might do the trick as well if configured on all interfaces connected to > the MUXes. That would only work on the upstream interface facing the root bridge where it is expected that it receive BPDUs. The downstream interface would be sending BPDUs in that case, and not expect to receive them. If the topology dictates that one should never expect to receive BPDUs on such a port (the port should never lead to a root bridge), I would configure: set protocols mstp interface no-root-port instead of the "bpdu-timeout-action block". But either way, I don't think this can be used as a substitute for the OAM configuration. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Could you pls clarify a bit about OAM for link fault management?
Ben Dale wrote: > > Something like this should do the trick once you've configured it on both > ends: > > set protocols oam ethernet link-fault-management action-profile UDLD event > link-adjacency-loss I have come to the conclusion that "set protocols mstp interface ge-0/0/22.0 bpdu-timeout-action block" might do the trick as well if configured on all interfaces connected to the MUXes. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:suda...@sibptus.tomsk.ru ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Could you pls clarify a bit about OAM for link fault management?
Ben Dale wrote: > > Something like this should do the trick once you've configured it on both > ends: > > set protocols oam ethernet link-fault-management action-profile UDLD event > link-adjacency-loss > set protocols oam ethernet link-fault-management action-profile UDLD action > syslog > set protocols oam ethernet link-fault-management action-profile UDLD action > link-down > set protocols oam ethernet link-fault-management interface ge-0/0/23.0 > apply-action-profile UDLD > > We had a similar issue to solve at some sites connected via Free-Space Optics > units. Ben, thanks a lot, it works. The interface goes down as expected. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:suda...@sibptus.tomsk.ru ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Could you pls clarify a bit about OAM for link fault management?
Hi Victor, Something like this should do the trick once you've configured it on both ends: set protocols oam ethernet link-fault-management action-profile UDLD event link-adjacency-loss set protocols oam ethernet link-fault-management action-profile UDLD action syslog set protocols oam ethernet link-fault-management action-profile UDLD action link-down set protocols oam ethernet link-fault-management interface ge-0/0/23.0 apply-action-profile UDLD We had a similar issue to solve at some sites connected via Free-Space Optics units. Cheers, Ben On 11 Jul 2014, at 12:45 pm, Victor Sudakov wrote: > Colleagues, > > I have pairs of EX4200 switches connected via third party MUXes. When > the actual physical medium goes down, the MUXes do not shutdown their > Ethernet interfaces. So I need some sort of point-to-point L2 link fault > management between the EX4200s. > > I thought OAM could be used for this purpose. However after reading > http://www.juniper.net/techpubs/en_US/junos9.4/topics/task/configuration/lfm-ethernet-oam-configuring-ex-series-cli.html > and references therein I am a bit confused. I don't need those > "remote-loopback" and "allow-remote-loopback" features, profiles and > other complicated stuff, do I? > > All I need from OAM is some kind of L2 keepalive. Do you have a good > configuration example? > > Thanks a lot for any input. > > -- > Victor Sudakov, VAS4-RIPE, VAS47-RIPN > sip:suda...@sibptus.tomsk.ru > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Could you pls clarify a bit about OAM for link fault management?
Colleagues, I have pairs of EX4200 switches connected via third party MUXes. When the actual physical medium goes down, the MUXes do not shutdown their Ethernet interfaces. So I need some sort of point-to-point L2 link fault management between the EX4200s. I thought OAM could be used for this purpose. However after reading http://www.juniper.net/techpubs/en_US/junos9.4/topics/task/configuration/lfm-ethernet-oam-configuring-ex-series-cli.html and references therein I am a bit confused. I don't need those "remote-loopback" and "allow-remote-loopback" features, profiles and other complicated stuff, do I? All I need from OAM is some kind of L2 keepalive. Do you have a good configuration example? Thanks a lot for any input. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN sip:suda...@sibptus.tomsk.ru ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
