SRX

Hi all,

Topology briefly:

Ex VC-----------------------ge-0/0/2 SRX-----------------

1-) Any idea why L2 channel errors occur?

2-) How it is possible MTU is 1518 as in Junos environemnt it is 1514Byte by default.

Physical interface: ge-0/0/2, Enabled, Physical link is Up
Link-level type: Ethernet, MTU: 1518, LAN-PHY mode, Link-mode: Full-duplex, Speed: 1000mbps, BPDU Error: None, MAC-REWRITE Error: None,
Errors: 0, Drops: 0, Framing errors: 0, Runts: 0, Policed discards: 29, L3 incompletes: 0, L2 channel errors: 1944, L2 mismatch timeouts: 0,
Logical interface ge-0/0/2.71 (Index 78) (SNMP ifIndex 526) (Generation 143)
Incoming NAT errors: 0
User authentication errors: 0
Logical interface ge-0/0/2.74 (Index 79) (SNMP ifIndex 531) (Generation 144)
Incoming NAT errors: 0
User authentication errors: 0
Logical interface ge-0/0/2.86 (Index 80) (SNMP ifIndex 532) (Generation 145)
Incoming NAT errors: 0
User authentication errors: 0
Logical interface ge-0/0/2.87 (Index 81) (SNMP ifIndex 524) (Generation 146)
Incoming NAT errors: 0
User authentication errors: 0
Logical interface ge-0/0/2.32767 (Index 82) (SNMP ifIndex 533) (Generation 147)
Incoming NAT errors: 0
User authentication errors: 0

-------------------------------------------------------------------------------------------

>show configuration interfaces ge-0/0/2 | display set

set interfaces ge-0/0/2 vlan-tagging
set interfaces ge-0/0/2 unit 71 vlan-id 71
set interfaces ge-0/0/2 unit 71 family inet address XXXX/30

set interfaces ge-0/0/2 unit 74 vlan-id 74
set interfaces ge-0/0/2 unit 74 family inet filter input FWFilter-VirR-netaccess
set interfaces ge-0/0/2 unit 74 family inet filter output FWfilter-lim-download
set interfaces ge-0/0/2 unit 74 family inet address YYYY/28

set interfaces ge-0/0/2 unit 86 vlan-id 86
set interfaces ge-0/0/2 unit 86 family inet filter input FWFilter-lim-upload
set interfaces ge-0/0/2 unit 86 family inet address MMMM/28

set interfaces ge-0/0/2 unit 87 vlan-id 87
set interfaces ge-0/0/2 unit 87 family inet address KKKK/29

Hi Arix ,

Since you have used the keyword "vlan-taggin" under the interface the MTU changes from default 1514 to 1518 .

[edit]
labroot@test-re0# run show interfaces ge-3/0/0 extensive |match mtu
Link-level type: Ethernet, MTU: 1514, MRU: 0, LAN-PHY mode, Speed: 1000mbps, BPDU Error: None, MAC-REWRITE Error: None, Loopback: Disabled,

after adding the "vlan-tagging"

[edit]
labroot@test-re0# show interfaces ge-3/0/0
vlan-tagging;

[edit]
labroot@test-re0# run show interfaces ge-3/0/0 extensive |match mtu
Link-level type: Ethernet, MTU: 1518, MRU: 0, LAN-PHY mode, Speed: 1000mbps, BPDU Error: None, MAC-REWRITE Error: None, Loopback: Disabled,

HTH

BR,

Avinash

'Please Mark My Solution Accepted if it Helped, Kudos are also welcome'

Hi Arix ,

Regarding the L2 channel errros this might happen due to bad SFP , Fiber or some corruption in the packet received so check if you can identify and narrow it down accordingly .

HTH

BR,

Avinash

'Please Mark My Solution Accepted if it Helped, Kudos are also welcome'

Hi Arix ,

Some additional reasons for L2 channel errors could be linked to received vlan tagged packet other than what is configured on the interface .

https://kb.juniper.net/InfoCenter/index?page=content&id=KB24550

HTH

BR,

Avinash

'Please Mark My Solution Accepted if it Helped, Kudos are also welcome'

Hi Arix,

Regarding the MTU size, as Avinash explained, it is because of the vlan-tagging which adds 4 bytes to the L2 frame.

"L2 Channel errors arise due to the following reasons:

• An untagged interface on the SRX receiving VLAN tagged packets