Junos OS

 View Only
last person joined: 19 hours ago 

Ask questions and share experiences about Junos OS.

Unknown Unicast in EVPN using DHCP-Relay Issue - Junos EVO

  • 1.  Unknown Unicast in EVPN using DHCP-Relay Issue - Junos EVO

    Posted 06-25-2024 10:52

    Looking to see if anyone has come across a similar issue I'm having with DHCP-Relay in an EVPN creating Unknown Unicast.  


    The scenario is the network is Cisco NCS's across numerous sites, but one site is an ACX7100.  For the ACX site, DHCP-Relay works as expected, however, with the IRB interface enabled with DHCP-Relay, other sites have end users/devices that are experiencing issues getting an address.  If I disable the IRB on the ACX, the same user/device gets an IP.  What the DHCP server is seeing is a Discover come from the host/device MAC at a remote site(Cisco site), but it also see's the same MAC come from the ACX.  The service is part of a network wide EVPN(MAC-VRF in JunosEVO).  

    Here is a snippet of the DHCP Server Logs showing the issue described above...

    NOTE:  
    10.1.42.48 = Remote Site Cisco Device
    10.1.42.5 = ACX7100

    Jun 18 09:10:06 ns4 dhcpd[24814]: DHCPDISCOVER from b8:94:70:9c:cf:65 via 10.1.42.5: unknown network segment
    Jun 18 09:10:06 ns4 dhcpd[24814]: DHCPDISCOVER from b8:94:70:9c:cf:65 (router) via 10.1.42.48
    Jun 18 09:10:06 ns4 dhcpd[24814]: DHCPOFFER on 10.226.32.50 to b8:94:70:9c:cf:65 (router) via 10.1.42.48
    Jun 18 09:10:09 ns4 dhcpd[24814]: DHCPDISCOVER from b8:94:70:9c:cf:65 via 10.1.42.5: unknown network segment
    Jun 18 09:10:09 ns4 dhcpd[24814]: DHCPDISCOVER from b8:94:70:9c:cf:65 (router) via 10.1.42.48
    Jun 18 09:10:09 ns4 dhcpd[24814]: DHCPOFFER on 10.226.32.50 to b8:94:70:9c:cf:65 (router) via 10.1.42.48
    Jun 18 09:10:12 ns4 dhcpd[24814]: DHCPDISCOVER from b8:94:70:9c:cf:65 via 10.1.42.5: unknown network segment
    Jun 18 09:10:12 ns4 dhcpd[24814]: DHCPDISCOVER from b8:94:70:9c:cf:65 (router) via 10.1.42.48
    Jun 18 09:10:12 ns4 dhcpd[24814]: DHCPOFFER on 10.226.32.50 to b8:94:70:9c:cf:65 (router) via 10.1.42.48

    To me, it makes no sense why the ACX7100 would be sending a Discover on behalf of a MAC address that resides at another site that has it's own BVI (IRB in Junos speak).  

    I've tried practically everything to get this to stop behaving this way, with no success::

    no-snooping
    storm control profile
    firewall filter

    Anyone ever seen this behavior?  

    On a side note, the Cisco's have a command unknown-unicast-suppression turned on, and I can not find a similar(working) command in JUNOS that I believe is what is causing the ACX to behave this why and the Cisco's are not.