Switching

Hello,

we are experiencing problems trying to connect an old VC EX4200-4550 (with 2x EX4450) and a 2x Aruba 8360 VSX with 2x 10Gbit/s f.o. links and LACP.

Physical and LACP links go up, but the logical link doesn't work properly. Examples:

• some clients connected to the Aruba 8360 are reachable, others no, depending on which physical link is up or the sequence of up-downs on physical links, and depending from where we try to ping (different clients on the same network attached to Juniper can/cannot ping clients attached to Aruba simultaneously). This also happens on different VLANs
• if we try to ping clients connected to Juniper starting from clients connected to Aruba, it works and suddenly also the reverse ping (that was not working) starts to work

It seems like that the LACP link works properly only when the LACP "primary" physical interface at the Aruba side is the only up interface (and the "secondary" is switched off).

Any clues on how to solve this? Maybe a configuration error? I post below the configurations and some command outputs of both sides when everything is physically up.

Many thanks in advance for your support.

Regards

JUNIPER

show configuration interfaces xe-4/0/30

ether-options {
    802.3ad ae18;
}
------

show configuration interfaces xe-5/0/30

ether-options {
    802.3ad ae18;
}
------

show configuration interfaces ae18

description HPE;
mtu 9216;
aggregated-ether-options {
    lacp {
        active;
    }
}
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members [ p150_storage-tvcc-host s224 s253 s199 ];
        }
        native-vlan-id s199;
    }
}
------

show lacp interfaces ae18

Aggregated interface: ae18
    LACP state:       Role   Exp   Def  Dist  Col  Syn  Aggr  Timeout  Activity
      xe-4/0/30      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
      xe-4/0/30    Partner    No    No   Yes  Yes  Yes   Yes     Fast    Active
      xe-5/0/30      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
      xe-5/0/30    Partner    No    No   Yes  Yes  Yes   Yes     Fast    Active
    LACP protocol:        Receive State  Transmit State          Mux State 
      xe-4/0/30                 Current   Fast periodic Collecting distributing
      xe-5/0/30                 Current   Fast periodic Collecting distributing

ARUBA (primary)

sh running-config interface 1/1/46

interface 1/1/46
    description LAG46 Port
    no shutdown 
    mtu 9100
    lag 46
    exit
------

interface lag 46 multi-chassis
    description LAG46
    no shutdown
    no routing
    vlan trunk native 199
    vlan trunk allowed 150,199,224,253
    lacp mode active
    hash l2-src-dst
    lacp rate fast
    exit
------

sh lacp interfaces multi-chassis

State abbreviations :
A - Active        P - Passive      F - Aggregable I - Individual
S - Short-timeout L - Long-timeout N - InSync     O - OutofSync
C - Collecting    D - Distributing 
X - State m/c expired              E - Default neighbor state

Actor details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Port    Port     State   System-ID         System   Aggr    
           name       id      Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  46      1        ASFNCD  02:01:00:01:00:00 65534    46      
[...]

Partner details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Partner Port     State   System-ID         System   Aggr    
           name       Port-id Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  36      127      ASFNCD  00:1f:12:3f:bb:00 127      19      
[...]

Remote Actor details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Port    Port     State   System-ID         System   Aggr    
           name       id      Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  1046    1        ASFNCD  02:01:00:01:00:00 65534    46      

Remote Partner details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Partner Port     State   System-ID         System   Aggr    
           name       Port-id Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  35      127      ASFNCD  00:1f:12:3f:bb:00 127      19

Is the problem in VLAN s199? You have included s199 as member in ae18 and also made it native VLAN. In the older EX series (non ELS, including 2200/3300/4200/4550), this is not the way to do it. Here, the native VLAN is specified with native-vlan-id 199(you used s199, which is the name, the ID, tag, 199 should be used). So, remove s199 from the member list and correct the native-vlan-id s199 to native-vlan-id 199and perhaps this will be sorted.

I don't know how the Aruba will to the same, namely vlan trunk native 199 combined with vlan trunk allowed 150,199,224,253 where 199 is also mentioned. Perhaps this is correct on that end.

Hello,

we are experiencing problems trying to connect an old VC EX4200-4550 (with 2x EX4450) and a 2x Aruba 8360 VSX with 2x 10Gbit/s f.o. links and LACP.

Physical and LACP links go up, but the logical link doesn't work properly. Examples:

• some clients connected to the Aruba 8360 are reachable, others no, depending on which physical link is up or the sequence of up-downs on physical links, and depending from where we try to ping (different clients on the same network attached to Juniper can/cannot ping clients attached to Aruba simultaneously). This also happens on different VLANs
• if we try to ping clients connected to Juniper starting from clients connected to Aruba, it works and suddenly also the reverse ping (that was not working) starts to work

It seems like that the LACP link works properly only when the LACP "primary" physical interface at the Aruba side is the only up interface (and the "secondary" is switched off).

Any clues on how to solve this? Maybe a configuration error? I post below the configurations and some command outputs of both sides when everything is physically up.

Many thanks in advance for your support.

Regards

JUNIPER

show configuration interfaces xe-4/0/30

ether-options {
    802.3ad ae18;
}
------

show configuration interfaces xe-5/0/30

ether-options {
    802.3ad ae18;
}
------

show configuration interfaces ae18

description HPE;
mtu 9216;
aggregated-ether-options {
    lacp {
        active;
    }
}
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members [ p150_storage-tvcc-host s224 s253 s199 ];
        }
        native-vlan-id s199;
    }
}
------

show lacp interfaces ae18

Aggregated interface: ae18
    LACP state:       Role   Exp   Def  Dist  Col  Syn  Aggr  Timeout  Activity
      xe-4/0/30      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
      xe-4/0/30    Partner    No    No   Yes  Yes  Yes   Yes     Fast    Active
      xe-5/0/30      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
      xe-5/0/30    Partner    No    No   Yes  Yes  Yes   Yes     Fast    Active
    LACP protocol:        Receive State  Transmit State          Mux State 
      xe-4/0/30                 Current   Fast periodic Collecting distributing
      xe-5/0/30                 Current   Fast periodic Collecting distributing

ARUBA (primary)

sh running-config interface 1/1/46

interface 1/1/46
    description LAG46 Port
    no shutdown 
    mtu 9100
    lag 46
    exit
------

interface lag 46 multi-chassis
    description LAG46
    no shutdown
    no routing
    vlan trunk native 199
    vlan trunk allowed 150,199,224,253
    lacp mode active
    hash l2-src-dst
    lacp rate fast
    exit
------

sh lacp interfaces multi-chassis

State abbreviations :
A - Active        P - Passive      F - Aggregable I - Individual
S - Short-timeout L - Long-timeout N - InSync     O - OutofSync
C - Collecting    D - Distributing 
X - State m/c expired              E - Default neighbor state

Actor details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Port    Port     State   System-ID         System   Aggr    
           name       id      Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  46      1        ASFNCD  02:01:00:01:00:00 65534    46      
[...]

Partner details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Partner Port     State   System-ID         System   Aggr    
           name       Port-id Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  36      127      ASFNCD  00:1f:12:3f:bb:00 127      19      
[...]

Remote Actor details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Port    Port     State   System-ID         System   Aggr    
           name       id      Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  1046    1        ASFNCD  02:01:00:01:00:00 65534    46      

Remote Partner details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Partner Port     State   System-ID         System   Aggr    
           name       Port-id Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  35      127      ASFNCD  00:1f:12:3f:bb:00 127      19

Hello, thank you for your answer.

We could not test on VLAN 199 as it has no clients. 

We tested on VLANs 224 and 253 and both show problems.

We'll correct on the Juniper side as you suggested and I'll report if it solves the issue.

Many thanks again.

Regards

Is the problem in VLAN s199? You have included s199 as member in ae18 and also made it native VLAN. In the older EX series (non ELS, including 2200/3300/4200/4550), this is not the way to do it. Here, the native VLAN is specified with native-vlan-id 199(you used s199, which is the name, the ID, tag, 199 should be used). So, remove s199 from the member list and correct the native-vlan-id s199 to native-vlan-id 199and perhaps this will be sorted.

I don't know how the Aruba will to the same, namely vlan trunk native 199 combined with vlan trunk allowed 150,199,224,253 where 199 is also mentioned. Perhaps this is correct on that end.

Hello,

we are experiencing problems trying to connect an old VC EX4200-4550 (with 2x EX4450) and a 2x Aruba 8360 VSX with 2x 10Gbit/s f.o. links and LACP.

Physical and LACP links go up, but the logical link doesn't work properly. Examples:

• some clients connected to the Aruba 8360 are reachable, others no, depending on which physical link is up or the sequence of up-downs on physical links, and depending from where we try to ping (different clients on the same network attached to Juniper can/cannot ping clients attached to Aruba simultaneously). This also happens on different VLANs
• if we try to ping clients connected to Juniper starting from clients connected to Aruba, it works and suddenly also the reverse ping (that was not working) starts to work

It seems like that the LACP link works properly only when the LACP "primary" physical interface at the Aruba side is the only up interface (and the "secondary" is switched off).

Any clues on how to solve this? Maybe a configuration error? I post below the configurations and some command outputs of both sides when everything is physically up.

Many thanks in advance for your support.

Regards

JUNIPER

show configuration interfaces xe-4/0/30

ether-options {
    802.3ad ae18;
}
------

show configuration interfaces xe-5/0/30

ether-options {
    802.3ad ae18;
}
------

show configuration interfaces ae18

description HPE;
mtu 9216;
aggregated-ether-options {
    lacp {
        active;
    }
}
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members [ p150_storage-tvcc-host s224 s253 s199 ];
        }
        native-vlan-id s199;
    }
}
------

show lacp interfaces ae18

Aggregated interface: ae18
    LACP state:       Role   Exp   Def  Dist  Col  Syn  Aggr  Timeout  Activity
      xe-4/0/30      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
      xe-4/0/30    Partner    No    No   Yes  Yes  Yes   Yes     Fast    Active
      xe-5/0/30      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
      xe-5/0/30    Partner    No    No   Yes  Yes  Yes   Yes     Fast    Active
    LACP protocol:        Receive State  Transmit State          Mux State 
      xe-4/0/30                 Current   Fast periodic Collecting distributing
      xe-5/0/30                 Current   Fast periodic Collecting distributing

ARUBA (primary)

sh running-config interface 1/1/46

interface 1/1/46
    description LAG46 Port
    no shutdown 
    mtu 9100
    lag 46
    exit
------

interface lag 46 multi-chassis
    description LAG46
    no shutdown
    no routing
    vlan trunk native 199
    vlan trunk allowed 150,199,224,253
    lacp mode active
    hash l2-src-dst
    lacp rate fast
    exit
------

sh lacp interfaces multi-chassis

State abbreviations :
A - Active        P - Passive      F - Aggregable I - Individual
S - Short-timeout L - Long-timeout N - InSync     O - OutofSync
C - Collecting    D - Distributing 
X - State m/c expired              E - Default neighbor state

Actor details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Port    Port     State   System-ID         System   Aggr    
           name       id      Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  46      1        ASFNCD  02:01:00:01:00:00 65534    46      
[...]

Partner details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Partner Port     State   System-ID         System   Aggr    
           name       Port-id Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  36      127      ASFNCD  00:1f:12:3f:bb:00 127      19      
[...]

Remote Actor details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Port    Port     State   System-ID         System   Aggr    
           name       id      Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  1046    1        ASFNCD  02:01:00:01:00:00 65534    46      

Remote Partner details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Partner Port     State   System-ID         System   Aggr    
           name       Port-id Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  35      127      ASFNCD  00:1f:12:3f:bb:00 127      19

The change to VLAN 199 shouldn't affect the others, but you should correct it anyway.  These commands can help find the issue:

show lacp statistics interfaces

show lacp interfaces extensive

show ethernet-switching table

I do think this is an Aruba issue as the EX side is very simple. Are you sure the VLANs are all tagged to all interfaces you need them to be? I think one of the Aruba units is blackholing the MAC addresses (receiving traffic but not forwarding it properly).

Hello, thank you for your answer.

We could not test on VLAN 199 as it has no clients. 

We tested on VLANs 224 and 253 and both show problems.

We'll correct on the Juniper side as you suggested and I'll report if it solves the issue.

Many thanks again.

Regards

Is the problem in VLAN s199? You have included s199 as member in ae18 and also made it native VLAN. In the older EX series (non ELS, including 2200/3300/4200/4550), this is not the way to do it. Here, the native VLAN is specified with native-vlan-id 199(you used s199, which is the name, the ID, tag, 199 should be used). So, remove s199 from the member list and correct the native-vlan-id s199 to native-vlan-id 199and perhaps this will be sorted.

I don't know how the Aruba will to the same, namely vlan trunk native 199 combined with vlan trunk allowed 150,199,224,253 where 199 is also mentioned. Perhaps this is correct on that end.

Hello,

we are experiencing problems trying to connect an old VC EX4200-4550 (with 2x EX4450) and a 2x Aruba 8360 VSX with 2x 10Gbit/s f.o. links and LACP.

Physical and LACP links go up, but the logical link doesn't work properly. Examples:

• some clients connected to the Aruba 8360 are reachable, others no, depending on which physical link is up or the sequence of up-downs on physical links, and depending from where we try to ping (different clients on the same network attached to Juniper can/cannot ping clients attached to Aruba simultaneously). This also happens on different VLANs
• if we try to ping clients connected to Juniper starting from clients connected to Aruba, it works and suddenly also the reverse ping (that was not working) starts to work

It seems like that the LACP link works properly only when the LACP "primary" physical interface at the Aruba side is the only up interface (and the "secondary" is switched off).

Any clues on how to solve this? Maybe a configuration error? I post below the configurations and some command outputs of both sides when everything is physically up.

Many thanks in advance for your support.

Regards

JUNIPER

show configuration interfaces xe-4/0/30

ether-options {
    802.3ad ae18;
}
------

show configuration interfaces xe-5/0/30

ether-options {
    802.3ad ae18;
}
------

show configuration interfaces ae18

description HPE;
mtu 9216;
aggregated-ether-options {
    lacp {
        active;
    }
}
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members [ p150_storage-tvcc-host s224 s253 s199 ];
        }
        native-vlan-id s199;
    }
}
------

show lacp interfaces ae18

Aggregated interface: ae18
    LACP state:       Role   Exp   Def  Dist  Col  Syn  Aggr  Timeout  Activity
      xe-4/0/30      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
      xe-4/0/30    Partner    No    No   Yes  Yes  Yes   Yes     Fast    Active
      xe-5/0/30      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
      xe-5/0/30    Partner    No    No   Yes  Yes  Yes   Yes     Fast    Active
    LACP protocol:        Receive State  Transmit State          Mux State 
      xe-4/0/30                 Current   Fast periodic Collecting distributing
      xe-5/0/30                 Current   Fast periodic Collecting distributing

ARUBA (primary)

sh running-config interface 1/1/46

interface 1/1/46
    description LAG46 Port
    no shutdown 
    mtu 9100
    lag 46
    exit
------

interface lag 46 multi-chassis
    description LAG46
    no shutdown
    no routing
    vlan trunk native 199
    vlan trunk allowed 150,199,224,253
    lacp mode active
    hash l2-src-dst
    lacp rate fast
    exit
------

sh lacp interfaces multi-chassis

State abbreviations :
A - Active        P - Passive      F - Aggregable I - Individual
S - Short-timeout L - Long-timeout N - InSync     O - OutofSync
C - Collecting    D - Distributing 
X - State m/c expired              E - Default neighbor state

Actor details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Port    Port     State   System-ID         System   Aggr    
           name       id      Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  46      1        ASFNCD  02:01:00:01:00:00 65534    46      
[...]

Partner details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Partner Port     State   System-ID         System   Aggr    
           name       Port-id Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  36      127      ASFNCD  00:1f:12:3f:bb:00 127      19      
[...]

Remote Actor details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Port    Port     State   System-ID         System   Aggr    
           name       id      Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  1046    1        ASFNCD  02:01:00:01:00:00 65534    46      

Remote Partner details of all interfaces:
----------------------------------------------------------------------------------
Intf       Aggregate  Partner Port     State   System-ID         System   Aggr    
           name       Port-id Priority                           Priority Key     
----------------------------------------------------------------------------------
[...]
1/1/46     lag46(mc)  35      127      ASFNCD  00:1f:12:3f:bb:00 127      19