Ethernet Switching
Reply
Trusted Contributor
wsanders
Posts: 88
Registered: ‎08-10-2009
0
Accepted Solution

Default route for vme/me management ports?

[ Edited ]

I just tried setting up the vme0 port on a large stack of EX4200s.  I assigned vme0.0 an IP address in our "legacy" Cisco network, and the port was reachable, but I presumed that packets from vme0 were getting routed back through the trunks on other interfaces in the stack via the routes found in the routing table, rather than egressing back though the vme0 port. The "legacy" and "new Juniper" networks are connected together at only one point, distant from the stack.

 

Since I did not see an option to set a default route on the vme0 port independently of the static routes in routing-options, I added a static route for the legacy subnet the vme0 port was on, and the whole stack went offline. (dhcpd died and dumped core as well.) So I rolled back (from the serial console) and all is OK. I am stiil looking through the logs trying to figure out what happened, most likely a spanning tree issue.

 

I have some general questions:

 

1) Do I have to consider spanning tree when attaching a vme or me interface to a network, i.e. does it send out BPDUs?

 

2) Do I have to consider routing issues on vme or me interfaces? I have my OSPF config set to:

 

export export-edgeroutes;
area 0.0.0.0 {
    interface vlan.0 {

 

with

 

vlan {

default {
    l3-interface vlan.0;

 

I.e. with the vme / me interface uncommitted to a VLAN, will it join the default vlan and start participating in OSPF?

 

3) Do vme0 and me0 basically behave identically to with respect to the above two questions?

 

Thanks,

 

-w

 

 

 

 

 

 

 

W Sanders
System and Network Administrator
St Marys College of California
Recognized Expert
Loup2
Posts: 301
Registered: ‎04-22-2008
0

Re: Default route for vme/me management ports?

Hi W, I hope that you already know that but just to be sure,

 

The ME and VME interfaces are Out-of-Band interfaces which means that you cannot route packets from a host conncted on an other interface of the switch or via a "trunk" of this switch.

You can only route packet "going to / comming to" the local routing engine.

 

I am not sure That this is your main problem but I think it could be.

 

Just tell me If you knew this point

Regards

 

Trusted Contributor
wsanders
Posts: 88
Registered: ‎08-10-2009
0

Re: Default route for vme/me management ports?

I know the me and vme interfaces are out of band, but how do they get their default route? They have to either get it by listening to a dynamic protocol or via a static in the routing-options section, right?

W Sanders
System and Network Administrator
St Marys College of California
Recognized Expert
Loup2
Posts: 301
Registered: ‎04-22-2008
0

Re: Default route for vme/me management ports?

Hi,

 

Of course you need some route to be able to go to the management site via the ME or VME interfaces.

 

In a regular config you will use a static route but you can also use a routing protocol.

In case you use a routing protocol you must take care not to interact with your IGP use in your production network.

 

So the best config would use a stic route without redistributing it in a routing protocol, to be sure not to disturb your production network.

 

The typical statement would be this kind:

 

 

User@Switch# show routing-options 

static {

    route 0.0.0.0/0 {

        next-hop 192.168.0.254;

        no-readvertise;

    }

}


Hope this will help you

 

 

Trusted Contributor
BuckWeet
Posts: 159
Registered: ‎08-29-2008
0

Re: Default route for vme/me management ports?

I know where you're going with this (I assume).. What you're looking for is to have your normal routing table default route a long with default route for teh VME/ME interfaces.. Simply put, not possible.

 

If you code a default route for the VME it will over-ride any dynamically learned from a routing protocol.. I have put in a feature request with Juniper to allow this interface to be put into a VRF to allow for multiple routing tables.. Why this feature has never been thought of is beyond me..

 

To do this on any other series of platform you have to create a logical-router and put that interface into it.. As EX series don't support logical-routers at this time it's not possible to do so..

 

We're a Cisco shop reviewing EX devices and require the feature stated above (among many other), unfortunately since the platform doesn't have it we can't deploy EX devices as of now.

Trusted Contributor
wsanders
Posts: 88
Registered: ‎08-10-2009
0

Re: Default route for vme/me management ports?

[ Edited ]

That's the answer I was looking for - it does seem odd that the feature is missing. Most other "management ports" attempt to be Out-Of-Band and have their IP settings separate from the rest of the config. Otherwise it's "Out of Band Sort-Of".

 

I don't have any problem with in-band management in my shop, I only live a 10-minute drive away from all my devices, and I never make mistakes working from home, ha ha ha. But I was very impressed that I could bring down my backbone by misconfiguring the vme interface.

 

I guess the market for used RS232 terminal servers has to be kept alive somehow.

W Sanders
System and Network Administrator
St Marys College of California
Trusted Contributor
BuckWeet
Posts: 159
Registered: ‎08-29-2008
0

Re: Default route for vme/me management ports?

Haha, totally understand what you are saying.

 

The company I work for (financial firm) has a huge Cisco presence and Juniper is barking to get in the door. However everytime we review their platforms they just don't seem to have the features needed to replace a Cisco box in our shop. It's not like we're doing anything crazy, it's just that Cisco has had many more years of experience in the enterprise environments so they've created all the tweak features needed. We mostly use Catalyst 6500 platform, while it doesn't do everything the best, it is the industry standard swiss army knife switching platform simply put as it can do about anything you can think of.

 

Juniper has been in many times asking how they can differentiate themselves from Cisco with their switching platforms.. I keep telling them "BE CISCO FIRST" then you can differentiate. What good to me is a box that can do features X, Y, Z when features A, B, and C are the ones that are mandatorily required (out of band mgmt being one) yet you don't have...

 

Rather frustrating.. I keep asing for features, but its like barking up a tree at times..

Recognized Expert
Loup2
Posts: 301
Registered: ‎04-22-2008
0

Re: Default route for vme/me management ports?

Hi all,

 

I don't understand what your talking about:

 

Why do you want to use a default route on the WME port?

Why don't you use a precise Static route to go to the management site ?

 

In case you were able to achieve this on other JUNIPER platforms with "logical-router" you must know that you can (on EX platform) separate your routing tables with "vitual-router, routing-instance type".

 

Realy I don't understand where you're stucked !

 

Here is an example of a routing table with default route received via OSPF and out-of-band management (with a precise route) at the same time working OK:

 

User@EX3200> show route   

inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[OSPF/150] 00:00:12, metric 0, tag 0
                    > to 10.0.0.2 via ge-0/0/0.0

10.0.0.0/30        *[Direct/0] 2d 12:58:02
                    > via ge-0/0/0.0
10.0.0.1/32        *[Local/0] 2d 12:58:02
                      Local via ge-0/0/0.0
10.20.0.0/16       *[Direct/0] 2d 17:20:55
                    > via me0.0

10.20.0.17/32      *[Local/0] 2d 17:20:55
                      Local via me0.0
10.50.0.0/16       *[Static/5] 00:06:40
                    > to 10.20.0.254 via me0.0

224.0.0.5/32       *[OSPF/10] 2d 12:58:03, metric 1
                      MultiRecv

Trusted Contributor
BuckWeet
Posts: 159
Registered: ‎08-29-2008
0

Re: Default route for vme/me management ports?

Try putting the VME interface in a VRF.. When you commit it, it will tell you that it is unsupported.. This is what we're speaking of. It is this way among all JUNOS platforms. You can get around this with platforms that support logical routers though.

 

He just wants to have two routing tables. As the VME shoudl be fully out of band, it should have a seperate routing table for that interface. However it is not possible. The VME and all other interfaces share the same routing-table by default, thus causing the issues.

 

 

BuckWeet

Trusted Contributor
BuckWeet
Posts: 159
Registered: ‎08-29-2008
0

Re: Default route for vme/me management ports?

Also to further clarify your question.. In our network we have several network management segments. Too many to want to individually static route for, so we just do the supernet route out the VME port. However since these switches participate in our routing-domain they get the more specific subnet routes from the routing protocol.

 

So what happens is that your request comes in via the VME interface, but return traffic uses in-band interfaces due to the better route being in the table..

 

Not all of us have a single network management segment.. My company has about 25 subnets spread across the globe. this is where this feature is important.

 

 

BuckWeet

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.