In a test set up I have 3 switches interconnected <switch-1> --- <switch-2> --- <switch-3> each with an irb iterface in the same vlan on each switch, where i see all MAC and IP address in the switching table and see in arp table ip address of the irb interfaces. But I just cant ping from switch-1 to switch-3. I can ping from sw-1 to sw-2 and sw-3 to switch-2.
We have done this before succesfuly with indentical setup and config, so really puzzeled.
Any help welcome?
Do you have filters configured? Can you monitor interface and check the direction of traffic loss? Please share relevant configurations if possible.
Its possible that you don't have route on sw-1 for sw-3 and vice-versa. If you can configure static route on sw-1 for sw-3 irb ip which points to sw-2 and vice versa it might work.
Can you please provide the configuration that you have on any of the switch?
Thank you for the interest, all irb interfaces are within the same VLAN and all vlans are trunked, the RTG and TRUNKS are up and I can see the remote ends, i have no filters. So simply results as follows (sanitised)
set vlans TEST vlan-id 4091set vlans TEST l3-interface irb.4091
SW-3> show arpMAC Address Address Name Interface Flags00:00:00:00:00:40 10.0.0.1 10.0.0.1 irb.4091 [rtg0.16383] none00:00:00:00:00:c1 10.0.0.3 10.0.0.3 irb.4091 [rtg0.16383] none00:00:00:00:00:41 10.0.0.4 10.0.0.4 irb.4091 [rtg0.16383] none
SW-1> show arp
00:00:00:00:00:40 10.1.1.1 10.1.1.1 irb.4091 [ae0.0] none00:00:00:00:00:a1 10.1.1.2 10.1.1.2 irb.4091 [ae0.0] none00:00:00:00:00:41 10.1.1.4 10.1.1.4 irb.4091 [ae0.0] none
LAGs are up and RSTP disabled on RTG and TRUNK links
So I can see the IP addresses but cant ping end to end, I can ping either end-point to transit switch though.
logically, it's possible your sw2 has intercepted sw1 to sw3 ping.
Try a few things:
1. Remove irb from sw2
2. ping with 10 pps (since ARP is learned), check on which interface traffic are getting dropped
3. Perform "monitor traffic interface" on sw2 and sw3, when you ping from sw1 to sw3
I understand this is a lab setup so I dont think you will have problems testing the following:
-Try different IPs on switch 1 and 3. I have seen weird similar issues resolved by that.
-Try deleting the ae interface and use regular interfaces only.
-Try bypassing or removing switch2 and confirm if it works. You can plug a cable from SW1 directly to SW2; of course you will need to disconnect one of the existing links to prevent a loop.
Thank you for your suggestions, tried a few of them. In the end had to get JTAC involved and it stumped the support engineer.
Therefore when all avenues are a dead end it is the inevitable reload of the QFX VCF and its master, backup and members, something not done lightly, but fixed the problem.