Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EX/QFX] MAC learning when assigning a non-MC-AE VLAN on ICL

0

0

Article ID: KB34797 KB Last Updated: 30 Jul 2019Version: 1.0
Summary:

When assigning a VLAN on the interchassis control link (ICL), if the VLAN does not belong to MC-AE, MAC learning does not happen on the ICL. Further, Address Resolution Protocol (ARP) information is not forwarded to the ICL.

This article gives the cause for the problem and introduces the recommended topology and solution for the problem.

 

Symptoms:

In an MC-LAG topology, ICL is used to forward traffic across MC-LAG devices. For example, if one MC-LAG link goes down, traffic can reach another MC-LAG link via ICL. And ICL is also used for a single-homed client if the client belongs to one of the MC-LAG devices.

On the other hand, if you set a non-MC-AE VLAN to ICL, MAC learning does not happen on that VLAN through ICL. And the ARP received from the non-MC-AE VLAN is not forwarded to ICL and so the MC-LAG peer cannot learn it.

For example, in the following topology, vlan100 has been assigned to ICL, but it is not part of MC-AE. In this case, ICL will not learn the MAC address in vlan100.

 

Cause:

This behavior is as per design whereby the ICL interface cannot learn the MAC address directly. See MC-LAG Technical Overview for more information.

As per design, MAC address learning from the data path is disabled on the ICL and MAC address learning on the ICL depends on the software installing the MAC addresses that are replicated through Inter-Chassis Control Protocol (ICCP).

Although ICL cannot learn a MAC address locally, it can learn through ICCP whenever it is part of MC-LAG.

Here is the working topology:

If vlan100 belongs to MC-AE, the MAC address entry will be replicated through ICCP so that traffic can pass through ICL although there is a single-homed device. The ARP packets can apply the same design as that described for MAC address learning on ICL.

 

Solution:

ICL is designed for MC-LAG and so a non-MC-AE VLAN should not be combined with an MC-AE VLAN.

If such a combination is required, it is recommended to divide a link from ICL for the non-MC-AE VLAN as shown in this example.

To divide a VLAN, add physical links between QFX5100 and configure as shown here:

<Combined>

set interfaces ae1 description ICL-LINK
set interfaces ae1 aggregated-ether-options lacp active
set interfaces ae1 aggregated-ether-options lacp periodic fast
set interfaces ae1 unit 0 family ethernet-switching interface-mode trunk
set interfaces ae1 unit 0 family ethernet-switching vlan members all

<After Division>

set interfaces ae1 description ICL-LINK
set interfaces ae1 aggregated-ether-options lacp active
set interfaces ae1 aggregated-ether-options lacp periodic fast
set interfaces ae1 unit 0 family ethernet-switching interface-mode trunk
set interfaces ae1 unit 0 family ethernet-switching vlan members vlan200

set interfaces ae2 description non-MC-AE-LINK
set interfaces ae2 aggregated-ether-options lacp active
set interfaces ae2 aggregated-ether-options lacp periodic fast
set interfaces ae2 unit 0 family ethernet-switching interface-mode trunk
set interfaces ae2 unit 0 family ethernet-switching vlan members vlan100

Note: Assign ae2 to the added physical links.

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search