Switching

last person joined: 20 hours ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
  • 1.  EX 4550 - 've done a silly thing with my management port

    Posted 06-29-2014 16:10

    Or I may have. Or somebody may have ..

     

    I have a pair of EX 4550 in a vitual chassis.  We keep our back end managment interfaces (IPMI, switches) hanging from a Cisco 2950 (which is in turn behind a VPN).  Sometime between May, and now, I lost my ability to acess the switches via SSH or HTTP.

     

    I can still login (ssh or web as required) to other devices hanging from that Cisco - the server IPMI, the Cisco itself - just not the switches.

     

    I even restarted the switch thinking 'why not' (on a Sunday).

     

    I'm the sole IT guy here but not a networking guy by any means: I'm about to open a ticket as well but ... where does one start to troubleshoot this kind of a problem?

     



  • 2.  RE: EX 4550 - 've done a silly thing with my management port

     
    Posted 06-29-2014 22:58

    Can you ping the management IP address of the VC?

     

    Do you still have ssh/telnet/web access configured on the VC?

     

    [edit]
    root@EX# show system services
    ssh;
    telnet;
    web-management {
    http;
    }

    [edit]
    root@EX#

     

     

     

    =====

    If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.



  • 3.  RE: EX 4550 - 've done a silly thing with my management port

    Posted 06-30-2014 00:21

    Adding more helpful hints to troubleshoot this.

     

    1) Check if the management interface is up on the switch.

     

    show interfaces terse | match vme

     

    2) if its up, please check the gateway configuration

     

    show configuration routing-options

     

    3) Try to ping the g/w.

     

    Based on the above results we could plan next-steps.

     

    Thanks,

    Partha



  • 4.  RE: EX 4550 - 've done a silly thing with my management port

    Posted 06-30-2014 08:37

    1) Check if the management interface is up on the switch.

     

    2) if its up, please check the gateway configuration

     

    {master:1}[edit]
    root@tn.sw-01# show interfaces vme
    unit 0 {
    family inet {
    address 192.168.1.1/32;
    }
    }

    {master:1}[edit]
    root@tn.sw-01# show routing-options
    static {
    route 0.0.0.0/0 next-hop 192.168.1.0;
    }

     

    3) Try to ping the g/w.

     

    root@tn.sw-01> ping 192.168.1.0
    PING 192.168.1.0 (192.168.1.0): 56 data bytes
    ping: sendto: No route to host
    ping: sendto: No route to host

     

    ... Is that the wrong gateway address?



  • 5.  RE: EX 4550 - 've done a silly thing with my management port
    Best Answer

    Posted 06-30-2014 12:44

    .0 is reserved for Network address. I believe only CISCO will let you configure and use it as an address. So your 0/0 next-hop may be incorrect. However you can also verify, by connecting to a PC that is on the 192.168.1.0 network and then you should be able to access the switch.



  • 6.  RE: EX 4550 - 've done a silly thing with my management port

    Posted 06-30-2014 12:54

    That was a big help.

     

    I went back through the wiki documents left by me predessor, and an email from him while he was configuring this switch, last year.

     

    What I did was

     

    - delete VME

     

    add ip 192.168.1.1 to me0, unit 0, no static route.

     

    This enables it to be reached from our Cisco switch, which has a 192.168.0.0 subnet.

     

    Now, this has some drawbacks: namely if unit 0 does down, we won't be able to login to the switch and manage it.  And that one could login to the port of the switch when it is the slave.

     

    The former problem (why doesn't VME work with our setup) is one we set aside to troubleshoot at a later day.

     

    The latter problem is fixed by executing 'request session member 1' when one is logged into member 0.

     

     

     



  • 7.  RE: EX 4550 - 've done a silly thing with my management port

    Posted 06-30-2014 13:23

    In th eVC, you should rename me0 to vme. Edit interfaces, then rename me0 to vme. This will allow the connections to any of the management ports to be redirected to master port. Unit 0 is just a logical construct and unless there is a software bug or failure of the physical interface, you should have no problem with unit 0.



  • 8.  RE: EX 4550 - 've done a silly thing with my management port

    Posted 06-30-2014 08:31

    Can you ping the management IP address of the VC?

     

    No ..

     

    $ ping 192.168.1.1
    PING 192.168.1.1 (192.168.1.1): 56 data bytes
    Request timeout for icmp_seq 0
    Request timeout for icmp_seq 1

     

    But I can ping another host in that subnet - in this case the IPMI card on one of my hosts

     

    ping 192.168.1.10
    PING 192.168.1.10 (192.168.1.10): 56 data bytes
    64 bytes from 192.168.1.10: icmp_seq=0 ttl=63 time=5.527 ms
    64 bytes from 192.168.1.10: icmp_seq=1 ttl=63 time=4.786 ms

     

    Do you still have ssh/telnet/web access configured on the VC?

     

    Yes!

     

    {master:1}[edit]
    root@tn.sw-01# show system services
    ssh {
    protocol-version v2;
    connection-limit 3;
    rate-limit 5;
    }
    web-management {
    https {
    system-generated-certificate;
    }
    }