LLDP and Reth Interfaces

SpacemanSpiff · ‎09-24-2010

Equipment:

EX4200 - JunOS 10.4R9

2 x SRX240H in Active/Passive HA - JunOS 11.2R6.3

On both devices... LLDP enabled via:

set protocols lldp interface all

On the SRX cluster, the reth2 interface has a child on each SRX, the reth interface is in the trust zone, host-inbound-traffic set to allow all protocols and system-services.

Problem:

The EX4200 shows the SRX connected when I run show LLDP neighbors... when I run it on the SRX cluster however, no neighbors are shown.

My inclination is that I should add the two children to the trust zone as well.

*********************************
If something I said has two meanings and one of them pisses you off, I meant the other one.

wagnerflo · ‎07-07-2011

I've noticed that, too. Though I think I was on 11.4. During a case JTAC revealed that on SRX and J-Series LLDP is not supported over aggregated interface (and redundant ethernet interfaces are more or less the same). This limitation is listed in the release notes for 10.4 but was forgotten in later release notes. JTAC did file a request for correction of the documentation but I do not know if this has been honored. As such, that the limitation is also missing in the 12.1 notes could either mean that it has been lifted or that the documentation is still wrong. If you happen to try 12.1, I'd be interested in your results.

keithr · ‎09-10-2009

With support in newer releases for family ethernet-switching in clusters / reth interfaces, perhaps L2 protocol support is no longer unsupported and this is simply a bug?

-kr
JNCIS-SEC, JNCIA-ER, JNCIA-EX

---
If this solves your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated.

muttbarker · ‎01-29-2008

Hey Keith - I wonder if you have any more information on the status of LLDP and SRX. Poking around it appears that there are still issues with LLDP. I found a PR that says LLDP does not work on anything but unit.0 IF's.

Curious if you had anything more to add on this one.

Kevin Barker
JNCIP-SEC
JNCIS-ENT, FWV, SSL
JNCIA-ER, EX, IDP, UAC, WX
Juniper Networks Certified Instructor
Juniper Networks Ambassador

Juniper Elite Reseller
J-Partner Service Specialist - Implementation

If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.

keithr · ‎09-10-2009

muttbarker wrote:

Hey Keith - I wonder if you have any more information on the status of LLDP and SRX. Poking around it appears that there are still issues with LLDP. I found a PR that says LLDP does not work on anything but unit.0 IF's.

Curious if you had anything more to add on this one.

Kevin, I haven't looked at it in a long time...

I don't think I ever tried to use LLDP across a RVI... seems kinda chicken-and-eggy to me. I see LLDP/CDP as a layer 1.5 kind of thing... my physical port can only be connected to one other physical port. Running LLDP across a VLAN / virtual port seems... well... silly?

I don't have a test environment where I can easily bang on this right now... but I think we have a SRX240 and some switches in the lab that aren't being used for anything. If I can free up some gear and mess with it, I'll see what I come up with.

Can you link the PR that you mentioned?

-kr
JNCIS-SEC, JNCIA-ER, JNCIA-EX

---
If this solves your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated.

LLDP and Reth Interfaces

Re: LLDP and Reth Interfaces

Re: LLDP and Reth Interfaces

Re: LLDP and Reth Interfaces

Re: LLDP and Reth Interfaces