Network Management

 View Only
  • 1.  LACP not working between Juniper EX4550 and Aruba 8360 VSX

    Posted May 06, 2024 11:13 AM

    Hello,

    we are experiencing problems trying to connect an old VC EX4200-4550 (with 2x EX4450) and a 2x Aruba 8360 VSX with 2x 10Gbit/s f.o. links and LACP.

    Physical and LACP links go up, but the logical link doesn't work properly. Examples:

    • some clients connected to the Aruba 8360 are reachable, others no, depending on which physical link is up or the sequence of up-downs on physical links, and depending from where we try to ping (different clients on the same network attached to Juniper can/cannot ping clients attached to Aruba simultaneously). This also happens on different VLANs
    • if we try to ping clients connected to Juniper starting from clients connected to Aruba, it works and suddenly also the reverse ping (that was not working) starts to work

    It seems like that the LACP link works properly only when the LACP "primary" physical interface at the Aruba side is the only up interface (and the "secondary" is switched off).

    Any clues on how to solve this? Maybe a configuration error? I post below the configurations and some command outputs of both sides when everything is physically up.

    Many thanks in advance for your support.

    Regards


    JUNIPER

    show configuration interfaces xe-4/0/30

    ether-options {
        802.3ad ae18;
    }
    ------

    show configuration interfaces xe-5/0/30

    ether-options {
        802.3ad ae18;
    }
    ------

    show configuration interfaces ae18

    description HPE;
    mtu 9216;
    aggregated-ether-options {
        lacp {
            active;
        }
    }
    unit 0 {
        family ethernet-switching {
            port-mode trunk;
            vlan {
                members [ p150_storage-tvcc-host s224 s253 s199 ];
            }
            native-vlan-id s199;
        }
    }
    ------

    show lacp interfaces ae18

    Aggregated interface: ae18
        LACP state:       Role   Exp   Def  Dist  Col  Syn  Aggr  Timeout  Activity
          xe-4/0/30      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
          xe-4/0/30    Partner    No    No   Yes  Yes  Yes   Yes     Fast    Active
          xe-5/0/30      Actor    No    No   Yes  Yes  Yes   Yes     Fast    Active
          xe-5/0/30    Partner    No    No   Yes  Yes  Yes   Yes     Fast    Active
        LACP protocol:        Receive State  Transmit State          Mux State 
          xe-4/0/30                 Current   Fast periodic Collecting distributing
          xe-5/0/30                 Current   Fast periodic Collecting distributing

    ARUBA (primary)

    sh running-config interface 1/1/46

    interface 1/1/46
        description LAG46 Port
        no shutdown 
        mtu 9100
        lag 46
        exit
    ------

    interface lag 46 multi-chassis
        description LAG46
        no shutdown
        no routing
        vlan trunk native 199
        vlan trunk allowed 150,199,224,253
        lacp mode active
        hash l2-src-dst
        lacp rate fast
        exit
    ------

    sh lacp interfaces multi-chassis

    State abbreviations :
    A - Active        P - Passive      F - Aggregable I - Individual
    S - Short-timeout L - Long-timeout N - InSync     O - OutofSync
    C - Collecting    D - Distributing 
    X - State m/c expired              E - Default neighbor state

    Actor details of all interfaces:
    ----------------------------------------------------------------------------------
    Intf       Aggregate  Port    Port     State   System-ID         System   Aggr    
               name       id      Priority                           Priority Key     
    ----------------------------------------------------------------------------------
    [...]
    1/1/46     lag46(mc)  46      1        ASFNCD  02:01:00:01:00:00 65534    46      
    [...]

    Partner details of all interfaces:
    ----------------------------------------------------------------------------------
    Intf       Aggregate  Partner Port     State   System-ID         System   Aggr    
               name       Port-id Priority                           Priority Key     
    ----------------------------------------------------------------------------------
    [...]
    1/1/46     lag46(mc)  36      127      ASFNCD  00:1f:12:3f:bb:00 127      19      
    [...]

    Remote Actor details of all interfaces:
    ----------------------------------------------------------------------------------
    Intf       Aggregate  Port    Port     State   System-ID         System   Aggr    
               name       id      Priority                           Priority Key     
    ----------------------------------------------------------------------------------
    [...]
    1/1/46     lag46(mc)  1046    1        ASFNCD  02:01:00:01:00:00 65534    46      


    Remote Partner details of all interfaces:
    ----------------------------------------------------------------------------------
    Intf       Aggregate  Partner Port     State   System-ID         System   Aggr    
               name       Port-id Priority                           Priority Key     
    ----------------------------------------------------------------------------------
    [...]
    1/1/46     lag46(mc)  35      127      ASFNCD  00:1f:12:3f:bb:00 127      19



  • 2.  RE: LACP not working between Juniper EX4550 and Aruba 8360 VSX

    Posted May 07, 2024 08:35 AM

    Ciao Adamo, apparenty - with provided details - the Layer 2 connectivity appears to be quit good (1st: if I were you I would change the mtu 9100 to mtu 9198at interface 1/1/46 level on both the VSX members, 2nd: what's the reason to set the hash l2-src-dst option at lag 46 (multi-chassis) level?). One question would be: is there routing involved potentially impacting your test? if so, who is performing the routing between hosts involved in your test?




  • 3.  RE: LACP not working between Juniper EX4550 and Aruba 8360 VSX

    Posted May 07, 2024 09:42 AM

    Hello!

    Thank you very much for your answer and suggestions. We changed the MTU and removed the hash l2 command. This didn't affect apparently the way LACP works, as we are still having the same issues.

    No L3 routing is involved. Clients are always on the same VLAN.

    Another example:

    • client connected to Juniper on VLAN 224 tries to ping a client connected to Aruba on the same VLAN and ping works
    • we shut down the LACP physical link on the primary Aruba, ping stops working
    • we turn on again the primary physical link, ping starts to work again
    • for other pairs of clients ping always works

    When ping is not working (primary LACP link down), if we try to ping the way back from Aruba to Juniper, it works and then it starts to work also in the Juniper-Aruba direction.

    It seems like Juniper and Aruba are not agreeing how to forward packets on LACP interfaces for certain destination clients connected to Aruba.

    Any other ideas? :)

    Thanks again!