Dear experts
I've a strange behaviour on one of my customer.
Currently in place two types of Virtaul-chassis with two members:
POD1 = 2 x QFX mixed (QFX5110 master routing engine + QFX5100 line card)
POD2 = 2 x QFX mixed but the first two member are equivalent (QFX5110 master routing engine + QFX5110 backup routing engine when we'll add the third member it will be QFX5100)
Each POD is connected with two different AE to two different MX over VPLS (multihomed active passive), loops are managed via VPLS multihoming feature and RSTP over the trunks.
On POD there is Layer2, Layer3 and systems connected speaking OSPF with MX.
What happens ?
During testing phase once we try a failover of the trunks POD to MX we see DDOS protection mechanism triggered on MX only for POD1 and never for POD2.
Depending on the quantity of traffic we also see VRRP failover, BFD flaps, etc on MX
Trunks MX to POD are on the two different members, which is:
for POD1 Master RE-trunk to MX1 and Backup RE-trunk to MX2
for POD2 Master RE-trunk to MX1 and linecard-trunk to MX2
The questions: what can cause the issue ? syncronization Master RE to lincard create a loop ? a storm ? why not happens in the POD2 scenario where we have Master and backup routing engine only ?
Thanks in advance for your help
James
------------------------------
james lasky
------------------------------