Routing

last person joined: yesterday 

Ask questions and share experiences about ACX Series, CTP Series, MX Series, PTX Series, SSR Series, JRR Series, and all things routing, including portfolios and protocols.

  • 1.  ex4300 VC BGP neighbors have same MAC address

    Posted 11-07-2014 02:42

    Hi, 

    I would like to ask if anyone can suggest a working solution.

     

    I got 2 routing egines in 4300 VC connected to a router via Shaper and Riverbed WAN optimalization device. Because of the RB device I need to use two different subnets between the VC switch and router. I am running eBGP on these two subnets. For BGP sessions Router's IPs are on interfaces and switch IPs are on IRB interfaces, Problem I am facing is that the router sees both IP addresses from VC switch with the same MAC address, even they are from different vlan/irb. How can I fix this?

    thx

    ---------------------|     |----------------  |     |-------------|     | ------------------------------|-

    ex4300 node0 | -- | RB(inpath0) -- |SHAPER | -- | Cisco router (int gi0/0) |

    ex4300 node1 | -- | RB(inpath1) | -- |SHAPER | --  | Cisco router (int gi0/1) |

    ---------------------|    | ----------------  |     |-------------|     |--------------------------------|

     



  • 2.  RE: ex4300 VC BGP neighbors have same MAC address

    Posted 11-07-2014 13:22

    Hello,

    There are at least 2 ways to do it:

    1/ in JUNOS 13.3, MAC address per IRB unit is user-configurable, at least on MX. Never tried it on EX4300, but give this a try:

     

    set interfaces irb unit X mac 02:02:02:00:00:00

     

    2/ if the above fails, make one IRB unit a VRRP master with own IP:

     

    set interfaces irb unit X family inet address 198.18.1.1/30 vrrp-group 10 virtual-address 198.18.1.1
set interfaces irb unit X family inet address 198.18.1.1/30 vrrp-group 10 priority 255
set interfaces irb unit X family inet address 198.18.1.1/30 vrrp-group 10 accept-data

    For security-conscious, You can add VRRP authentication and block VRRP packets from going out by using output filter.

    After that, address 198.18.1.1 shall answer ARP requests with VMAC. Don't forget to clear ARP on Cisco routers.

    HTH

    Thanks

    Alex

     



  • 3.  RE: ex4300 VC BGP neighbors have same MAC address

    Posted 11-16-2014 15:19

    Hi Alex,

     

    thank you for your reply ,

    the first option is not available so I have used the second one. it worked as expected but after 20 minutes the VRRP mac address is overwritten by the duplicated MAC address. If I clear ARP on Cisco router I will get VRRP MAC back from Juniper and again after 20 minutes this MAC will be replaced. I have configured "arp-resp unrestricted" and "arp-resp unrestricted" on EX4300 but it is still the same. Do you know why is it behaving this way?

    jiri



  • 4.  RE: ex4300 VC BGP neighbors have same MAC address
    Best Answer

    Posted 11-17-2014 12:33

    Hello,

    20min is the default JUNOS ARP timeout.

    What I suspect is happening is that EX sends ARP requests for CSCO IP using physical MAC rather than VMAC.

    Unfortunately, ARP RFC is written in the way that ARP opcode is checked AFTER inserting src MAC into the ARP table, i.e. ARP request and ARP response could both update the ARP table.

    You will need to add static ARP mapping on EX side to prevent this from happening.

    http://www.juniper.net/techpubs/en_US/junos14.2/topics/usage-guidelines/interfaces-configuring-static-arp-table-entries.html 

    HTH

    Thanks

    Alex