Quantcast
Channel: Ethernet Switching topics
Viewing all 2326 articles
Browse latest View live

EX2200 Switch reset password for virtual chassis system.

May 29, 2018, 12:00 pm
$
0
0

Hello,

 

I am trying to get into a 4 switch virtual chassis system that I've taken over that had no documentation. I'm not totally familar with Juniper switches so I'm likely missing something. I've tried the Virtual Chassis reset process. in that link but when I restarted the switch that I believed to be the master after all the others were turned off it booted saying that it's not the master. 

 

Any assistance would be welcome as at this point I'm not sure what to do. I would like to keep the configurations on the devices, but if there is no other option then so be it. 

 

Thanks

Search

MC-LAG on Both QFX10002 and QFX5110

May 30, 2018, 9:11 am
$
0
0

Hi experts. I want your help in configuring MC-LAG on both layers i.e for QFX5110 and QFX10002. Please put me wise will this design work without any issue? I am using virtual environment on server side with converged switching modules as shown in attached diagram. Thanks

EX4200 VC port options are only 0-23 on a 48 port switch

May 30, 2018, 9:02 pm
$
0
0

We have a EX4200 that is connected to a 2200-c and it was never put into VC.  Before someone says something about "best practices" these two are on separate floors and will never saturate a 1GB link the VC is strictly for configuration ease.  Anyway, upon setting up the 4200 it was discovered that the only port options are 0..23.  It is a ex4200-48px and I am confused why I can't select port 47. (which is where the 2200-c is connected)  The 2200-c has the option of 0..47 and it's a little guy.  Both switches are using the best practice firmware (12.3R12-S7).  I fired up an old lab ex4200-48t and same thing.  only options 0..23 when it comes to the port settings (older 12.3 firmware)

 

User493@MAIN4200> request virtual-chassis vc-port set pic-slot 0 port ?
Possible completions:<port>               Port number (0..23)
{master:0}

I am just wonder why this is and is there a way to change it.  Thanks in advanced

SNMP 1 GB interface

May 31, 2018, 12:33 am
$
0
0

Hello all,

 

Am able to poll TX and RX laser power of a 10 Gb interface from my MX with OID 1.3.6.1.4.1.2636.3.60.1.1.1.1.5.775 and 1.3.6.1.4.1.2636.3.60.1.1.1.1.7.775.

I would like to poll the laser power of a 1 Gb interface but am not able to identify the OID. Can you please help.

Am able to see the RX power using "show interfaces diagnostics optics".

 

Breaking apart a EX4600 and EX4300 mixed mode chassis

May 31, 2018, 9:31 am
$
0
0

Hello everyone,

 

I'm looking to replace my EX4300 with another EX4600 in my mixed mode virtual chassis right now. I'm having a bit of dicciculty finding how to do this properly so I was hoping one of you guys would be able to assist.

 

Thank you.

LAG port goes BLK DIS state after adding to VSTP

June 1, 2018, 2:20 am
$
0
0

Hi,

 

I have a VSTP running between a virtual chassis (2 x QFX5110) and Cisco VSS (2 x Catalyst 6509E), the Root Bridge is on the Juniper VC and the LAG between them works just fine.

I wanted to add another Cisco switch to the Juniper VC, so I created another ae14 LAG, added ports to LAG and when I add the ae14 port to the VSTP configuration (not even attaching cables) it automatically goes into BLK (Blocking) DIS (Disable) state. Even after I do cabling it stays in that state making the LAG not working at all.

 

What I do wrong ?

 

This is my configuration of STP protocols on Juniper.

rstp {
    bridge-priority 4k;
}
vstp {
    bpdu-block-on-edge;
    interface ae0;
    interface ae14;
    vlan all {
        bridge-priority 4k;
    }
}

And this is when I added ae14 to config.

john@core-vc> show spanning-tree interface

Spanning tree interface parameters for VLAN 10

Interface                  Port ID    Designated         Designated         Port    State  Role
                                       port ID           bridge ID          Cost
ae0                          128:3        128:3   4106.d007ca44b990         1000    FWD    DESG

Spanning tree interface parameters for VLAN 14

Interface                  Port ID    Designated         Designated         Port    State  Role
                                       port ID           bridge ID          Cost
ae0                          128:3        128:3   4110.d007ca44b990         1000    FWD    DESG
ae14                        128:17       128:17   4110.d007ca44b990        10000    BLK    DIS

Not all VLANs which are on ae0 are on ae14 that is why ae14 is not showing up on VLAN10 for example.

 

Why ae14 is getting blocked ?? (Without even cabled).

OID for SNMP monitoring line cards in EX9204

June 1, 2018, 2:29 pm
$
0
0

Hello,

 

I need to add the line cards of EX9200 switch for snmp monitoring. Can anyone please tell me what is the proper OID to monitor?

 

user@switch> show chassis hardware | grep EX9200 
Routing Engine 0 REV 07   750-063458   CAKxxxx          RE-S-EX9200-2X00x6
CB 0             REV 09   750-062852   CAKDxxx          EX9200-SF2
FPC 2            REV 13   750-064569   CAKFxxxx          EX9200 32x10G SFP

user@switch>

I am searching for a  proper way to find those OIDs.

Log message meaning, EX4500-40f "Power not OK on uplink in pic_slot = 3"

June 2, 2018, 1:17 am
$
0
0

Hi fellow network enthusiasts,

 

I am seeing these logs flooding my EX4500-40f, can you please help me understand what these logs mean in detail:

 

Jun 1 09:45:05 xx: %DAEMON-3: Power not OK on uplink in pic_slot = 3
Jun 1 09:45:05 xx: %DAEMON-2: cm_uplink_init:CM uplink FRU init failed. Cannot init
Jun 1 09:45:06 xx: %DAEMON-3: Power not OK on uplink in pic_slot = 3
Jun 1 09:45:06 xx: %DAEMON-2: cm_uplink_init:CM uplink FRU init failed. Cannot init

As a layman, I understand that there is a power issue with PIC 3. I expect a better level of detailing on these and in what cases do we see such logs hit the device.

 

I would appreciate your response, ThanQ!

 

//Nexon

Search

Firewall filter types

June 2, 2018, 3:30 am
$
0
0

What is the difference between port, VLAN and RVI filters? Of course, they are applied differently in the configuration, but is it all, that there is?

 

Regards,

Pawel Mazurkiewicz

VACL and RVI

June 2, 2018, 6:20 am
$
0
0

Does an ingress vlan filtrer (VACL) apply to traffic entering the vlan from its (internal) rvi

interface? I.e. to traffic routed from another vlan?

Similarly, does an egress vlan filter apply to traffic destined to its rvi - ie traffic routed to another vlan?

 

(Lets assume that we talk about a single switch - rvis are local to this switch)

 

Regards,

Pawel Mazurkiewicz

EX2300 not completing ZTP process

June 2, 2018, 7:29 am
$
0
0
Hello all,
I have a working Cent OS server that is giving out dhcp and is also acting as a ftp server. ZTP works as it should on EX-2200 switches but something is off when I try to perform the same process on s EX-2300. Has anyone experienced anything similar? Only thing I can think of is the Software difference. Any info on this is greatly appreciated.

I manually changed the date and time on the switch but I am still getting a error:

Auto Image Upgrade: Tried [2] attempts to fetch "file_name".txt file from s erver x.x.x.x through vme. Summary: "Failed to change directory.". To ret ry [4] times.

and it seems to see the server

Auto Image Upgrade: DHCP Options for client interface vme.0 ConfigFile: /configs/ex2300/file_name.txt ImageFile: /image/ex2300/junos-arm-32-15.1X53-D58.3.tgz Gateway: x.x.x.x DHCP Server:

x.x.x.x File Server: x.x.x.x Options state: All options set

Auto Image Upgrade: Active on client interface: vme.0

Auto Image Upgrade: Interface:: "vme"

Auto Image Upgrade: Server:: "x.x.x.x"

Auto Image Upgrade: Image File:: "junos-arm-32-15.1X53-D58.3.tgz"

Auto Image Upgrade: Server File:: "file_name.txt"

Auto Image Upgrade: Gateway:: "x.x.x.x"

Auto Image Upgrade: Protocol:: "ftp"

Its very strange as my ZTP server works with ex-2200.

Any ideas on why this would happen? Do I need a Network Director in order for this to work? I spent 3 hours with JTAC on the phone with no solution, just trying to figure out if it is possible to do without Network Director.

show wrong vlan with interface range

June 6, 2018, 1:50 am
$
0
0

Hello,

 

For purpose learning. I created a VLAN named CAMERA-VLAN (id 999) and created a interface-range named  CAMERA-RANGES belong to CAMERA-VLAN


interface-range CAMERA-RANGES {
member-range ge-0/0/0 to ge-0/0/4;
unit 0 {
family ethernet-switching {
vlan {
members CAMERA-VLAN;
}
}
}

 

 

VLAN 1 : 192.168.10.x/24

VLAN 999 : IP address belongs ASA zone (IP Addr : 17.126.0.x/16)

 

Then I plugged the network cable from the asa into the juniper (port 0-4) and PCs worked (have ip address 17.126.0.x ) but 

when I type "show vlans" command  it shows information as below:

 

vlans.png

 

and 

show ethernet-switching interfaces

 

vlans_@.png

 

Can anyone help me explain why interface-range CAMERA-RANGES  is still VLAN 1.

Thank you.

 

Sang

EX2300 DHCP-Security

June 6, 2018, 7:46 am
$
0
0

Hi,

I'm installing a few EX2300 and getting a strange/random behaviour with dhcp-security.

For example:
I had a raspberry pi connected (it happens with other devices too) that didn't receive the DHCP offer and there was no entry in show dhcp-security binding for it. I connected my laptop on the same port, same vlan and got a DHCP offer and my mac was listed in the dhcp-security binding list. We have a linux dhcp server, and in both cases I can see the offers being sent by the server.
The DHCP server is connected on a trunk port that is trusted.

 

Here's sample of my configuration:

interfaces {
  ge-0/0/0 {
	description "Some random device"
        unit 0 {
            family ethernet-switching {
                interface-mode access;
                vlan {
                    members 30;
                }
                storm-control default;
            }
        }
    }
    xe-0/1/1 {
	description "DHCP Server"
        native-vlan-id 1;
        unit 0 {
            family ethernet-switching {
                interface-mode trunk;
                vlan {
                    members all;
                }
                storm-control link-storm;
            }
        }
    }
}
forwarding-options {
    storm-control-profiles default {
        all;                            
    }
    storm-control-profiles link-storm {
        all {
            bandwidth-level 10000;
            no-broadcast;
            no-unknown-unicast;
            no-multicast;
        }
    }
}
vlans {
    vlan30 {
        vlan-id 30;
        forwarding-options {
            dhcp-security {
                group links {
                    overrides {
                        trusted;
                    }
                    interface xe-0/1/1.0;
                }
            }
        }
    }
}


I'm missing something? Some clients are working just fine but others never get response sent by the DHCP server.

 

 PS: I'm running JUNOS 15.1X53-D58.3

 

Thanks,
Bruno

QoS/CoS not getting certain packets

June 6, 2018, 12:37 pm
$
0
0

Below is my configuration (in progress) for CoS on access switches. Trying my hand to setup one queue for BE, Voice, Voice-Control (DSCP 24/26), Video, and NC.

 

I can test packets going to many of the other queues successfully, but my TOS 96/104 will not go to FC-VC (queue 1). I'm doing the PING on same switch as CoS hasn't been sent through network. What could be going on to highjacking my packets? Rewrite rules?

 

set class-of-service classifiers dscp CLASSIFIER-DSCP import default
set class-of-service classifiers dscp CLASSIFIER-DSCP forwarding-class FC-VC loss-priority low code-points 011000
set class-of-service classifiers dscp CLASSIFIER-DSCP forwarding-class FC-VC loss-priority low code-points 011010
set class-of-service classifiers dscp CLASSIFIER-DSCP forwarding-class FC-VI loss-priority low code-points 100010
set class-of-service classifiers dscp CLASSIFIER-DSCP forwarding-class FC-VO loss-priority low code-points 101110
set class-of-service classifiers dscp CLASSIFIER-DSCP forwarding-class FC-NC loss-priority low code-points 110000
set class-of-service classifiers dscp CLASSIFIER-DSCP forwarding-class FC-NC loss-priority low code-points 111000

set class-of-service forwarding-classes class FC-BE queue-num 0
set class-of-service forwarding-classes class FC-VC queue-num 1
set class-of-service forwarding-classes class FC-VI queue-num 4
set class-of-service forwarding-classes class FC-VO queue-num 5
set class-of-service forwarding-classes class FC-NC queue-num 7

set class-of-service interfaces ge-* scheduler-map SCHEDMAP-ALL
set class-of-service interfaces ge-* unit 0 classifiers dscp CLASSIFIER-DSCP
set class-of-service interfaces ge-* unit 0 rewrite-rules dscp default
set class-of-service interfaces xe-* scheduler-map SCHEDMAP-ALL
set class-of-service interfaces xe-* unit 0 classifiers dscp CLASSIFIER-DSCP
set class-of-service interfaces xe-* unit 0 rewrite-rules dscp default
set class-of-service interfaces ae* scheduler-map SCHEDMAP-ALL
set class-of-service interfaces ae* unit 0 classifiers dscp CLASSIFIER-DSCP
set class-of-service interfaces ae* unit 0 rewrite-rules dscp default

set class-of-service scheduler-maps SCHEDMAP-ALL forwarding-class FC-VO scheduler SCHED-VO
set class-of-service scheduler-maps SCHEDMAP-ALL forwarding-class FC-VC scheduler SCHED-VC
set class-of-service scheduler-maps SCHEDMAP-ALL forwarding-class FC-NC scheduler SCHED-NC
set class-of-service scheduler-maps SCHEDMAP-ALL forwarding-class FC-VI scheduler SCHED-VI
set class-of-service scheduler-maps SCHEDMAP-ALL forwarding-class FC-BE scheduler SCHED-BE

set class-of-service schedulers SCHED-VO buffer-size percent 5
set class-of-service schedulers SCHED-VO priority strict-high
set class-of-service schedulers SCHED-VC transmit-rate percent 10
set class-of-service schedulers SCHED-VC buffer-size percent 5
set class-of-service schedulers SCHED-VC priority low
set class-of-service schedulers SCHED-NC buffer-size percent 5
set class-of-service schedulers SCHED-NC priority strict-high
set class-of-service schedulers SCHED-VI transmit-rate percent 20
set class-of-service schedulers SCHED-VI buffer-size percent 20
set class-of-service schedulers SCHED-VI priority low
set class-of-service schedulers SCHED-BE transmit-rate remainder
set class-of-service schedulers SCHED-BE buffer-size remainder
set class-of-service schedulers SCHED-BE priority low

Perhaps I'm missing a glaring obvious config, please assist!

Filter based routing and layer 2 Interface

June 6, 2018, 4:53 pm
$
0
0

Hi everyone

Please consider the following scenario:

EX SW is EX 4300, with vlan 100, RVI: vlan.10:   10.10.10.1/24, f1/f2 are access port in vlan 10

H1 10.10.10.10-------- f1  EX SW F3 30.30.30.1-----30.30.30.2 R2
H2 10.10.10.20-------- f2        F4 40.40.40.1-----40.40.40.2

EX 4300
vlan.10 family inet 10.10.10.1/24

set interface f1/1.0 family ethernet-switching vlan-member 10

set interface f2/1.0 family ethernet-switching vlan-member 10

set routing-options static route 50.50.50.0/24  next-hop 30.30.30.2

We want to do following on EX SW

All traffic sourced from 10.10.10.20, destined to 50.50.50.2 should be forwarded via F4 not F3.

We can use Filter base forwarding, my question is if we use that under f2, will it do the trick? I know it will do the trick if applied under vlan.10 but  I am just curious what if we apply under f2.



Thanks and have a nice evening.

Search

Location of Mac address on the Switch

June 7, 2018, 2:36 am
$
0
0

Hi,

 

I have a list of computer MAC addresses in my network. I need to locate the switch and port of all the listed MAC address. We have around 18 Ex switches and 60 odd computers to locate. The VLAN assigned to the computer are L3 VLAN.

 

There should be a way to do this but I cant find it. Any leads would be helpful.

 

Harish

Old Optics in New Switches, Any Benefit to Replace Them?

June 7, 2018, 7:36 am
$
0
0

We will be swapping out some EX-4200-48P switches due to EOS with EX-3400-48P switches. I see that the part numbers for the optics we need have not changed, e.g EX-SFP-10GE-SR. Is there any benefit to replacing these optics if they are still working fine?  Are there any noteable advancements in newer hardware revisions? 

Routing Multicast between VLANs in single switch (Example Configuration)

June 7, 2018, 12:43 pm

error: timeout communicating with l2cpd-service daemon - seen on ex4300

June 8, 2018, 5:57 am
$
0
0

Does anyone know what this error means?

We get the error after a few seconds when trying to check spanning tree statistics on a port..

 

switchA> show spanning-tree statistics interface ae3
error: timeout communicating with l2cpd-service daemon

 

When running the command on other interfaces it works and shows the statistics, so it looks like a problem specific to the interface. The background is that the EX switch (switchB) at the other end of the link went into STP blocking mode even though that switch is the root for all vlans, and disable/re-enable on the switchA ae3 interface cleared the blocking state on switchB but we still see the timeout when trying to view the spanning-tree statistics.

 

 

 

Copy junos from primary to backup

June 11, 2018, 3:31 am
$
0
0

Hello,
I have primary Junos running 15.x and backup image has 12.x version. How can I format/copy backup partition and copy 15.x to backup?

The output is like this

root> show system storage partitions
fpc0:
--------------------------------------------------------------------------
Boot Media: internal (da0)
Active Partition: da0s1a
Backup Partition: da0s2a
Currently booted from: active (da0s1a)

Partitions information:
  Partition  Size   Mountpoint
  s1a        183M   /
  s2a        183M   altroot
  s3d        369M   /var/tmp
  s3e        123M   /var
  s4d        62M    /config
  s4e               unused (backup config)

{master:0}
root> show system snapshot media internal
fpc0:
--------------------------------------------------------------------------
Information for snapshot on       internal (/dev/da0s1a) (primary)
Creation date: Jan 1 00:04:21 2010
JUNOS version on snapshot:
  jdocs-ex: 15.1R6.7
  junos  : ex-15.1R6.7
  junos-ex-4200: 15.1R6.7
  jweb-ex: 15.1R6.7
Information for snapshot on       internal (/dev/da0s2a) (backup)
Creation date: Jun 14 02:58:07 2013
JUNOS version on snapshot:
  jbase  : ex-12.3R3.4
WARNING: snapshot format is incompatible with the software currently running

Viewing all 2326 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>