Knowledge Search


×
 

[MX/ACX] Unexpected packet drops seen if AE interface is used for PE-CE connection in single-active mode

  [KB34770] Show Article Properties


Summary:

This article demonstrates what happens when one AE interface is used to connect two provider edge (PE) routers in a single-active scenario and recommends the correct design to be used in this case to avoid packet drops and duplicate packets.

Symptoms:

Here is an example of using an AE interface in single-active mode for CE-PE connection:

Topology

                           +--------------+
                           |   ce-1       |
      +--------------------+              +---------------------+
      |                    |              |                     |
      |                    +--------------+                     |
      |                                                         |
      |                                                         |
      |                                                         |
+-----+---------+                                               |
|               |                                      +--------+----+
|     mx-1      |                                      |             |
|               |                                      |  mx-2       |
|               |                                      |             |
+-----+---------+                                      +------+------+
      |                                                       |
      |                                                       |
      |                                                       |
      |                    +--------------+                   |
      |                    |   ce-2       |                   |
      +--------------------+              +-------------------+
                           |              |
                           +--------------+

ce-1 and ce-2 are customer edge (CE) devices, which are multihomed to mx-1 and mx-2.

Configuration on ce-1

labroot@ ce-1 # show interfaces ae7
aggregated-ether-options {
    lacp {
        active;
    }
}
unit 0 {
    family ethernet-switching {
        interface-mode trunk;
        vlan {
            members SW1;
        }
    }
}

{master:0}[edit]
labroot@ ce-1 # show interfaces irb
unit 844 {
    family inet {
        address 10.50.9.241/24;

labroot@ ce-1 # run show interfaces irb         
Physical interface: irb, Enabled, Physical link is Up
  Interface index: 640, SNMP ifIndex: 502
  Type: Ethernet, Link-level type: Ethernet, MTU: 1514
  Device flags  : Present Running
  Interface flags: SNMP-Traps
  Link type     : Full-Duplex
  Link flags    : None
  Current address: c8:e7:f0:a0:7c:61, Hardware address: c8:e7:f0:a0:7c:61
  Last flapped  : Never
    Input packets : 0
    Output packets: 0

Configuration on ce-2

labroot@ ce-2# show interfaces ae8
aggregated-ether-options {
    lacp {
        active;
    }
}
unit 0 {
    family ethernet-switching {
        interface-mode trunk;
        vlan {
            members SW2;
        }
    }
}

{master:0}[edit]
labroot@ ce-2# show interfaces irb
unit 844 {
    family inet {
        address 10.50.9.201/24;
    }
}

labroot@ ce-2# run show interfaces irb
Physical interface: irb, Enabled, Physical link is Up
  Interface index: 641, SNMP ifIndex: 502
  Type: Ethernet, Link-level type: Ethernet, MTU: 1514
  Device flags  : Present Running
  Interface flags: SNMP-Traps
  Link type     : Full-Duplex
  Link flags    : None
  Current address: c8:e7:f0:a0:79:61, Hardware address: c8:e7:f0:a0:79:61
  Last flapped  : Never
    Input packets : 0
Output packets: 0

As shown below, on mx-1 and mx-2, the MAC address is learned correctly:

labroot@mx-1-re1> show evpn database instance SBC-EVPN   
Instance: SBC-EVPN
VLAN  MAC address        Active source                  Timestamp        IP address
844   c8:e7:f0:a0:79:61  00:00:00:00:00:00:02:08:44:02  Jul 03 11:55:35
844   c8:e7:f0:a0:7c:61  00:00:00:00:00:00:02:08:44:01  Jul 03 11:55:35

labroot@mx-1-re1> show bridge mac-table instance SBC-EVPN

MAC flags       (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
    O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)

Routing instance : SBC-EVPN
Bridging domain : SBC-Domain, VLAN : 844
   MAC                 MAC      Logical          NH    RTR
   addresssss          flags    interface        Index ID
   c8:e7:f0:a0:79:61   D       ae8.0          
   c8:e7:f0:a0:7c:61   D       ae7.0    
 

labroot@mx-2-re0> show bridge mac-table instance SBC-EVPN

MAC flags       (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
    O -OVSDB MAC, SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)

Routing instance : SBC-EVPN
Bridging domain : SBC-Domain, VLAN : 844
   MAC                 MAC      Logical          NH    RTR
   addresssss          flags    interface        Index ID
   c8:e7:f0:a0:79:61   DC                        1048576 1048576
   c8:e7:f0:a0:7c:61   DC                        1048575 1048575

labroot@mx-2-re0> show evpn database instance SBC-EVPN
Instance: SBC-EVPN
VLAN  MAC address        Active source                  Timestamp        IP address
844   c8:e7:f0:a0:79:61  00:00:00:00:00:00:02:08:44:02  Jul 03 11:55:32
844   c8:e7:f0:a0:7c:61  00:00:00:00:00:00:02:08:44:01  Jul 03 11:55:32

However, CE-to-CE ping does not work:

labroot@@ ce-2# run ping 10.50.9.241 source 10.50.9.201   
PING 10.50.9.241 (10.50.9.241): 56 data bytes
^C
--- 10.50.9.241 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss

As indicated, unexpected packet drops are seen.

Cause:

It is incorrect design to have one AE interface connecting to two PEs in a single-active scenario.

Refer to the following:

Solution:

As per design, in a single-active scenario, it is recommended that a multihomed CE should have either stand-alone interfaces or different AE interfaces connecting to both PE devices. 

Related Links: