Switching

Hi so yesterday I wanted to test out some network equipment. I had previously done this testing a month or two ago and it worked fine. however either i'm running into a bug or i'm not setting it up correctly. 

I have 2 Ex4200's both 48 port. 

Switch 1 is the " Distribution Switch" It has one trunk port 0 that leads to a sonicwall nsa2650. this trunk caries all customer vlans. IE vlan101 thru vlan125. The vlans are separate from each other so no vlans can communicate, this is handled at the sonicwall level with firewall rules. 

All the other Ports on Switch 1 are also trunk ports. For example Port 1 goes to Rack1, Which for example sake could contain vlan101 and vlan102.

port 2 on switch 1 goes to rack2 and could contain whatever customer is located on that rack. 

Ok so Switch 2 is basically any switch that sits at the rack level. We have 16 racks so each rack gets one switch the each trunks back to switch 1 to the appropriate port. 

Lets focus on Switch 2 that goes to rack one. Port 0 on Switch 2 Rack 1 trunks back to Switch 1 Port 1. This trunk handles vlan101 and vlan102. 

Ports 1-5 are access ports for vlan101

ports 6-10 are access for vlan 102. 

to me this seems like it all should work, Trunk from sonicwall to SW1 carrying vlan101 and 102. Port 1 Trunked to SW2R1 on port 0. Access ports on SW2R1 for client machines. 

However it doesn't and I cant seem to figure out why, I had tested it months ago and it worked perfect. 

So I said ok lets take out Switch 2 and just try to accomplish this off switch 1 to see if my vlans are even making it from there to the sonicwall. So I left port 0 on Switch1 as the trunk to the sonicwall, Port1 as an access for vlan101 and port 2 as an access for vlan102. 

plug my laptop into port1, perfect obtain ip in vlan101 range

plug into port2, again perfect obtain ip in vlan102 range.  

So I know that the vlans are working from sonicwall to switch1

But when I add in the 2nd switch I don't get anything. 

Anyone have any ideas? I don't have the switches with me right now so I cant post the config file, I also don't remember the exact version of junos they are running. I think its 12. something. Also both of these switches are running the same version of junos and I factory reset them to see if that eliminated problems, it did not 😞

Any help is appreciated!!

The outline and process is correct so there is a problem with the configuration on one of the switches.  We will need to look at the  port configurations involved to troubleshoot.

here is the port info from Switch1

interfaces {
ge-0/0/0 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ Customer1 Customer2 Customer3 Customer4 Customer5 ];
}
}
}
}
ge-0/0/1 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ Customer1 Customer2 ];

Here is the port info from Switch2

interfaces {
ge-0/0/0 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ Customer1 Customer2 ];
}
}
}
}
ge-0/0/1 {
unit 0 {
family ethernet-switching;
}

I'm looking at this and im thinking port 1 on switch2 is missing something. Its supposed to be an access port for vlan101

Ok so I have it working now, Sort of though.

I use the default vlan for managment of the switches. Switch1 is 172.16.1.11 Switch 2 is 172.16.1.12 the subnet mask is /24 and the gateway is 172.16.1.1. I use port 46 on each switch to act as the "managment port" from there all the switches connect to a seperate switch that serves as the "managament switch" where all the switches managment lines plug into. The managment switch connects to the sonicwall on the lan port which is seperate from the customers. this works fine as I am able to hook up to the managment switch and access all the switches. 

However When I go to test out the customers like I was trying to do in the original post, It doesnt work. I cant grab an ip etc etc. If I unplug the managment line to the switch though Almost instantly I grab an ip and it works as it should. 

I think the problem is in the static routing. By default there is one static route and its 0.0.0.0/0 next hop 172.16.1.1

anyone have any ideas why this is screwing up the trunking/ vlan access ports? 

You can confirm if the default route is the issue by moving that mgmt port to a separate virtual router routing instance and using this for the mgmt access.  This will prevent that route from affecting the other vlan traffic.

Add the external interface to this instance

set routing-instance oob instance-type virtual router

set routing-instance oob interface ge-0/0/46.0

Delete the current static route and put it into the virtual router

delete routing-options static route 0.0.0.0/0

set routing-instance oob routing-options static route 0.0.0.0/0 next-hop 172.16.1.1

Thank You! I will give this a shot!

Is there anyother way to get around this? Like using the me0 port on the back of the switches? 

I had also previously been using vlan1000 instead of the default vlan. same problem with that as i'm expereicing now. 

Thanks again!

ok so i reset the switches and set them up again. this time I used the oob port on the back of the unit. This seems to have solved the issue!

Thank You for all the help!