subject:"\[j\-nsp\] srx cluster \- port channel \- cisco switches \- esx devices \- 12.1x45\-d15.5 some virtual machines can't be reached"

Re: [j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

2013-10-24 Thread pkc_mls


Le 24/10/2013 00:55, Ben Dale a écrit :
Can you confirm that you have two active port-channels configured on 
the Cisco side, one into each SRX? 
From the docs I found I was assuming a single port-channel could handle 
all interfaces attached to the same reth on srx.


For example, if ge-0/0/2, ge-0/0/3, ge-5/0/2, ge-5/0/3 are attached to 
reth0, can I connect all the ports to the same etherchannel on the stack ?



___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

2013-10-24 Thread Ben Dale

On 24 Oct 2013, at 5:48 pm, pkc_mls pkc_...@yahoo.fr wrote:

 Le 24/10/2013 00:55, Ben Dale a écrit :
 Can you confirm that you have two active port-channels configured on the 
 Cisco side, one into each SRX? 
 From the docs I found I was assuming a single port-channel could handle all 
 interfaces attached to the same reth on srx.
 
 For example, if ge-0/0/2, ge-0/0/3, ge-5/0/2, ge-5/0/3 are attached to reth0, 
 can I connect all the ports to the same etherchannel on the stack ?
 
 

No, there will be two sub-LAGs formed from the SRX - one on the active node, 
and one on the standby node.  To downstream devices, these appear as distinct 
LACP bundles, even though they are part of the same reth interface on the SRX.

There is a rather wordy explanation of it here, but the Note box in the middle 
of the page is probably a good summary:

http://www.juniper.net/techpubs/software/junos-security/junos-security10.2/junos-security-swconfig-interfaces/understand-lacp-in-cc-mode-section.html

Ben
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

2013-10-23 Thread pkc_mls


Hi all,

I'm running a cluster of srx 240 connected to a pair of cisco 2960 
switches with a port channel.


ESXi servers are also connected to the same stack of cisco switches.

vlan 1000 with ip 192.168.100.0 is used for out of band management and 
reachability.


I'm using a dedicated virtual router to route the traffic from this vlan 
to other vlans.


Some virtual machines can be reached but some others can't.

I upgraded today to 12.1X45-D15.5, as I require vpn termination on 
loopback interface,
and I suspect this release to have introduced weirdness into the 
configuration.


Does anyone use a pair of srx devices with this release 12.1X45-D15.5 
have some issues with

this kind of configuration ?

Are there any specific configurations to be used on the port channels 
connected to the srx on the cisco stack ?


Best regards.
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

2013-10-23 Thread Gabriel Blanchard

are the ciscos configured with a distributed port-channel as well? (On a
rethx from the SRX i'm assuming)

On 13-10-23 11:12 AM, pkc_mls wrote:
 Hi all,

 I'm running a cluster of srx 240 connected to a pair of cisco 2960
 switches with a port channel.

 ESXi servers are also connected to the same stack of cisco switches.

 vlan 1000 with ip 192.168.100.0 is used for out of band management and
 reachability.

 I'm using a dedicated virtual router to route the traffic from this
 vlan to other vlans.

 Some virtual machines can be reached but some others can't.

 I upgraded today to 12.1X45-D15.5, as I require vpn termination on
 loopback interface,
 and I suspect this release to have introduced weirdness into the
 configuration.

 Does anyone use a pair of srx devices with this release 12.1X45-D15.5
 have some issues with
 this kind of configuration ?

 Are there any specific configurations to be used on the port channels
 connected to the srx on the cisco stack ?

 Best regards.
 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

2013-10-23 Thread pkc_mls


Le 23/10/2013 17:15, Gabriel Blanchard a écrit :

are the ciscos configured with a distributed port-channel as well? (On a
rethx from the SRX i'm assuming)

Hi,
Can you please indicate what a distributed port channel is ?
this is a stack of 2960 devices.

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

2013-10-23 Thread Gabriel Blanchard

On 13-10-23 11:59 AM, pkc_mls wrote:
 Le 23/10/2013 17:15, Gabriel Blanchard a écrit :
 are the ciscos configured with a distributed port-channel as well? (On a
 rethx from the SRX i'm assuming)
 Hi,
 Can you please indicate what a distributed port channel is ?
 this is a stack of 2960 devices.
If they are stacked then it's not what you are using. I should have just
called it vpc. Which is cisco speak for it.

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

2013-10-23 Thread Ben Dale

On 24 Oct 2013, at 1:12 am, pkc_mls pkc_...@yahoo.fr wrote:

 Hi all,
 
 I'm running a cluster of srx 240 connected to a pair of cisco 2960 switches 
 with a port channel.
 
 ESXi servers are also connected to the same stack of cisco switches.
 
 vlan 1000 with ip 192.168.100.0 is used for out of band management and 
 reachability.
 
 I'm using a dedicated virtual router to route the traffic from this vlan to 
 other vlans.
 
 Some virtual machines can be reached but some others can't.
 
 I upgraded today to 12.1X45-D15.5, as I require vpn termination on loopback 
 interface,
 and I suspect this release to have introduced weirdness into the 
 configuration.
 
 Does anyone use a pair of srx devices with this release 12.1X45-D15.5 have 
 some issues with
 this kind of configuration ?
 
 Are there any specific configurations to be used on the port channels 
 connected to the srx on the cisco stack ?
 
 Best regards.
 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp
 

Can you confirm that you have two active port-channels configured on the 
Cisco side, one into each SRX?
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

Re: [j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

[j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

Re: [j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

Re: [j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

Re: [j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

Re: [j-nsp] srx cluster - port channel - cisco switches - esx devices - 12.1x45-d15.5 some virtual machines can't be reached

7 matches

Site Navigation

Mail list logo

Footer information