vSRX hypervisor is VMware. After changing the interface from ge-0/0/1 to reth10, vSRX cannot ping the peer device.
vSRX can ping peer device when configuring ge-0/0/1 as below:
{primary:node0}[edit]
root@vsrx-node0# show interfaces
ge-0/0/1 {
unit 0 {
family inet {
address 10.85.154.151/25;
}
}
}
{primary:node0}
root@vsrx-node0> ping 10.85.154.130 count 10 rapid
PING 10.85.154.130 (10.85.154.130): 56 data bytes
!!!!!!!!!!
--- 10.85.154.130 ping statistics ---
10 packets transmitted, 10 packets received, 0% packet loss
round-trip min/avg/max/stddev = 3.942/9.800/10.796/1.980 ms
After changing ge-0/0/1 to reth10, the ping fails:
{primary:node0}[edit]
root@vsrx-node0# show interfaces
ge-0/0/1 {
gigether-options {
redundant-parent reth10;
}
}
ge-7/0/1 {
gigether-options {
redundant-parent reth10;
}
}
reth10 {
redundant-ether-options {
redundancy-group 1;
}
unit 0 {
family inet {
address 10.85.154.151/25;
}
}
}
{primary:node0}
root@vsrx-node0> ping 10.85.154.130 count 10 rapid
PING 10.85.154.130 (10.85.154.130): 56 data bytes
..........
--- 10.85.154.130 ping statistics ---
10 packets transmitted, 0 packets received, 100% packet loss
When monitoring traffic for reth10, it is discovered that SRX sent an ARP request, but did not receive an ARP reply:
{primary:node1}
root@vsrx-node1> monitor traffic interface reth10 extensive no-resolve no-domain-names no-promiscuous
Address resolution is OFF.
Listening on reth10, capture size 1514 bytes
22:20:32.537596 Out
Juniper PCAP Flags [Ext], PCAP Extension(s) total length 16
Device Media Type Extension TLV #3, length 1, value: Ethernet (1)
Logical Interface Encapsulation Extension TLV #6, length 1, value: Ethernet (14)
Device Interface Index Extension TLV #1, length 2, value: 160
Logical Interface Index Extension TLV #4, length 4, value: 75
-----original packet-----
00:10:db:ff:10:0a > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: arp who-has 10.85.154.130 tell 10.85.154.131
22:20:33.337308 Out
Juniper PCAP Flags [Ext], PCAP Extension(s) total length 16
Device Media Type Extension TLV #3, length 1, value: Ethernet (1)
Logical Interface Encapsulation Extension TLV #6, length 1, value: Ethernet (14)
Device Interface Index Extension TLV #1, length 2, value: 160
Logical Interface Index Extension TLV #4, length 4, value: 75
-----original packet-----
00:10:db:ff:10:0a > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: arp who-has 10.85.154.130 tell 10.85.154.131
Confirmed the SRX configuration is good, but the VMware setting for data interface shows the following:
MAC Address Changes: Reject
After changing "MAC Address Changes" to "Accept", the ping is successful:
MAC Address Changes: Accept
{primary:node0}
root@vsrx-node0> ping 10.85.154.130 count 10 rapid
PING 10.85.154.130 (10.85.154.130): 56 data bytes
!!!!!!!!!!
--- 10.85.154.130 ping statistics ---
10 packets transmitted, 10 packets received, 0% packet loss
round-trip min/avg/max/stddev = 3.942/9.800/10.796/1.980 ms
When configuring ge-0/0/1 with 20.20.20.1/24, it will use the ge-0/0/1 mac address. For example: 4c:96:14:25:67:01.
When configuring interface reth0 with 20.20.20.1/24, it will use mac address 00:10:db:ff:10:0a.