Dear experts<o:p></o:p>
I've a strange behaviour on one of my customer.<o:p></o:p>
Currently in place two types of Virtaul-chassis with two members:<o:p></o:p>
POD1 = 2 x QFX mixed (QFX5110 master routing engine + QFX5100 line card)<o:p></o:p>
POD2 = 2 x QFX mixed but the first two member are equivalent (QFX5110 master routing engine + QFX5110 backup routing engine when we'll add the third member it will be QFX5100)<o:p></o:p>
<o:p> </o:p>
Each POD is connected with two different AE to two different MX over VPLS (multihomed active passive), loops are managed via VPLS multihoming feature and RSTP over the trunks.<o:p></o:p>
On POD there is Layer2, Layer3 and systems connected speaking OSPF with MX.<o:p></o:p>
What happens ?<o:p></o:p>
During testing phase once we try a failover of the trunks POD to MX we see DDOS protection mechanism triggered on MX only for POD1 and never for POD2.<o:p></o:p>
Depending on the quantity of traffic we also see VRRP failover, BFD flaps, etc on MX<o:p></o:p>
Trunks MX to POD are on the two different members, which is:<o:p></o:p>
for POD1 Master RE-trunk to MX1 and Backup RE-trunk to MX2<o:p></o:p>
for POD2 Master RE-trunk to MX1 and linecard-trunk to MX2<o:p></o:p>
The questions: what can cause the issue ? syncronization Master RE to lincard create a loop ? a storm ? why not happens in the POD2 scenario where we have Master and backup routing engine only ?<o:p></o:p>
<o:p> </o:p>
Thanks in advance for your help<o:p></o:p>
James<o:p></o:p>
------------------------------
james lasky
------------------------------