Hi
PROBLEMS
1. EX2200 can't ping Brocade ip
I create trunk lacp between Juniper EX2200 and Brocade FCX648S
My problem was I can't ping from Juniper to Brocade and vice versa, but Brocade can ping Cisco or Gateway
What's wrong with my Juniper config?
tq
BROCADE
#show running-config
Current configuration:
ver 08.0.30sT7f3
stack unit 1
module 1 fcx-48-port-management-module
module 2 fcx-cx4-2-port-16g-module
!
lag CISCO dynamic id 1
ports ethernet 1/1/47 to 1/1/48
primary-port 1/1/47
lacp-timeout short
deploy
!
lag JUNIPER dynamic id 2
ports ethernet 1/1/1 to 1/1/2
primary-port 1/1/1
deploy
!
vlan 1 name DEFAULT-VLAN by port
router-interface ve 1
!
vlan 10 name WAN1 by port
tagged ethe 1/1/47 to 1/1/48
router-interface ve 10
!
vlan 20 name DMZ by port
tagged ethe 1/1/47 to 1/1/48
router-interface ve 20
!
vlan 30 name SVR by port
tagged ethe 1/1/47 to 1/1/48
router-interface ve 30
!
vlan 40 name USR by port
tagged ethe 1/1/47 to 1/1/48
untagged ethe 1/1/25
router-interface ve 40
!
vlan 50 name VOICE by port
tagged ethe 1/1/47 to 1/1/48
router-interface ve 50
!
vlan 60 name GUEST by port
tagged ethe 1/1/47 to 1/1/48
router-interface ve 60
!
vlan 80 name HA by port
tagged ethe 1/1/47 to 1/1/48
router-interface ve 80
!
vlan 88 name WAN2 by port
tagged ethe 1/1/47 to 1/1/48
router-interface ve 88
!
vlan 90 name STR by port
tagged ethe 1/1/47 to 1/1/48
router-interface ve 90
!
vlan 100 name MGMT by port
tagged ethe 1/1/47 to 1/1/48
router-interface ve 100
aaa authentication web-server default local
aaa authentication enable default local
aaa authentication login default local
aaa authentication login privilege-mode
boot sys fl sec
boot sys fl pri
chassis name FCX01
jumbo
enable super-user-password .....
enable port-config-password .....
enable read-only-password .....
enable aaa console
enable acl-per-port-per-vlan
hostname SWFCX648S
ip ssl cert-key-size 2048
ip dns domain-list ngtrain.com
ip dns server-address 8.8.8.8 9.9.9.9
ip route 0.0.0.0/0 10.0.10.1
no telnet server
username admin2 password .....
username admin1 password .....
clock timezone gmt GMT+07
ntp
server 103.31.225.225
web-management https
banner motd ^C
Do not disturb the setup ^C
interface management 1
no ip dhcp-client enable
interface ve 1
interface ve 10
ip address 10.0.10.216 255.255.255.0
interface ve 20
interface ve 30
interface ve 40
interface ve 50
interface ve 60
interface ve 80
interface ve 88
interface ve 90
interface ve 100
ip address 10.0.100.216 255.255.255.0
ip ssh authentication-retries 2
ip ssh timeout 30
ip ssh idle-time 30
ip ssh key-exchange-method dh-group14-sha1
ip ssh encryption disable-aes-cbc
end
JUNIPER
# show
## Last changed: 2018-01-19 19:02:52 WIT
version 15.1R6.7;
system {
time-zone Asia/Jakarta;
root-authentication {
encrypted-password "$1$WoekkUPE$BtBx7i5XNsWLfTDAfZ7tZ1"; ## SECRET-DATA
}
name-server {
8.8.8.8;
4.2.2.2;
}
services {
ssh;
dhcp {
pool 10.0.10.0/24 {
address-range low 10.0.10.101 high 10.0.10.200;
router {
10.0.10.1;
}
}
}
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
ntp;
}
chassis {
aggregated-devices {
ethernet {
device-count 1;
}
}
alarm {
management-ethernet {
link-down ignore;
}
}
}
ge-0/1/2 {
ether-options {
802.3ad ae0;
}
}
ge-0/1/3 {
ether-options {
802.3ad ae0;
}
}
ae0 {
aggregated-ether-options {
minimum-links 1;
lacp {
active;
}
}
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ WAN1 WAN2 DMZ SVR USR VOICE GUEST HA STR MGMT ];
}
native-vlan-id default;
}
}
}
vlan {
unit 0 {
family inet;
}
unit 10 {
family inet {
address 10.0.10.213/24;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 10.0.10.1;
}
}
protocols {
igmp-snooping {
vlan all;
}
rstp;
lldp {
interface all;
}
lldp-med {
interface all;
}
}
ethernet-switching-options {
storm-control {
interface all;
}
}
vlans {
DMZ {
vlan-id 20;
}
GUEST {
vlan-id 60;
}
HA {
vlan-id 80;
}
MGMT {
vlan-id 100;
}
STR {
vlan-id 90;
}
SVR {
vlan-id 30;
}
USR {
vlan-id 40;
}
VOICE {
vlan-id 50;
}
WAN1 {
vlan-id 10;
l3-interface vlan.10;
}
WAN2 {
vlan-id 88;
}
default {
l3-interface vlan.0;
}
}
# run show lacp interfaces
Aggregated interface: ae0
LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity
ge-0/1/2 Actor No No Yes Yes Yes Yes Fast Active
ge-0/1/2 Partner No No Yes Yes Yes Yes Slow Active
ge-0/1/3 Actor No No Yes Yes Yes Yes Fast Active
ge-0/1/3 Partner No No Yes Yes Yes Yes Slow Active
LACP protocol: Receive State Transmit State Mux State
ge-0/1/2 Current Slow periodic Collecting distributing
ge-0/1/3 Current Slow periodic Collecting distributing
# run show ethernet-switching interfaces
Interface State VLAN members Tag Tagging Blocking
ae0.0 up DMZ 20 tagged unblocked
GUEST 60 tagged unblocked
HA 80 tagged unblocked
MGMT 100 tagged unblocked
STR 90 tagged unblocked
SVR 30 tagged unblocked
USR 40 tagged unblocked
VOICE 50 tagged unblocked
WAN1 10 tagged unblocked
WAN2 88 tagged unblocked
# run show interfaces brief ae0
Physical interface: ae0, Enabled, Physical link is Up
Link-level type: Ethernet, MTU: 1514, Speed: 2Gbps, Loopback: Disabled,
Source filtering: Disabled, Flow control: Disabled
Device flags : Present Running
Interface flags: SNMP-Traps Internal: 0x4000
Logical interface ae0.0
Flags: Up SNMP-Traps 0x40004000 Encapsulation: ENET2
eth-switch