Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EX] Static route stops working after changing L2 next-hop

0

0

Article ID: KB35759 KB Last Updated: 06 May 2020Version: 1.0
Summary:

On EX4300 platform, layer 3 IP route is deleted when an L2 next-hop change is seen (e.g., the VRRP/STP/LAG state change of interfaces). This causes traffic drop and only affects static routes.

Symptoms:

Test Topology:

  • MX480 and MX240 are running in VRRP in several groups. MX480 is the master role and MX240 is the backup role.
  • Two middle EX4300's are the virtual-chassis. Above EX4300 member is the VC master. Below EX4300 is the VC backup.
  • Ae0 and ae1 are running rtg. Ae0’s link is configured as the primary one.

VRRP Configuration:
------------------------------‚Äč
Mx480:
root@mx480# show interfaces irb.2701
family inet {
    address 20.0.0.5/28 {
        vrrp-group 100 {
            virtual-address 20.0.0.4;
            priority 200;
            accept-data;
        }
    }
}
root@mx480# show interfaces irb.3701   
family inet {
    address 30.0.0.2/24 {
        vrrp-group 200 {
            virtual-address 30.0.0.1;
            priority 200;
            track {
                interface ge-0/0/1.0 {
                    priority-cost 150;
                }
            }
        }
    }
}

Mx240:

root@MX240_RE0# show interfaces irb.2701
family inet {
    address 20.0.0.6/28 {
        vrrp-group 100 {
            virtual-address 20.0.0.4;
            priority 100;
        }
    }
}
root@MX240_RE0# show interfaces irb.3701   
family inet {
    address 30.0.0.3/24 {
        vrrp-group 200 {
            virtual-address 30.0.0.1;
            priority 100;
        }
    }
}
------------------------------

Test Step:

  1. Power off the VC Master.
  2. Ping EX3400 irb.3701:30.0.0.254 from EX4300-1 10.0.0.1/24. Customer found communication did not recover successfully.

Before power off fpc1:

VC status:

root@EX4300VC# run show virtual-chassis status

Virtual Chassis ID: 3e20.4b49.b1ea
Virtual Chassis Mode: Enabled
                                                Mstr           Mixed Route Neighbor List
Member ID  Status   Serial No    Model          prio  Role      Mode  Mode ID  Interface
0 (FPC 0)  Prsnt    TW3719140133 ex4300-32f     128   Backup       N  VC   1  vcp-255/1/0
1 (FPC 1)  Prsnt    TW3719140007 ex4300-32f     128   Master*      N  VC   0  vcp-255/1/0
-------------------------

VRRP status:

MX480
[MASTER][edit]
root@mx480# run show vrrp summary 
Interface     State       Group   VR state       VR Mode    Type   Address
irb.2701      up            100   master          Active    lcl    20.0.0.5        
                                                            vip    20.0.0.4        
irb.3701      up            200   master          Active    lcl    30.0.0.2      
                                                            vip    30.0.0.1 

MX240:

[edit]
root@MX240_RE0# run show vrrp summary
Interface     State       Group   VR state       VR Mode    Type   Address
irb.2701      up            100   backup          Active    lcl    20.0.0.6        
                                                            vip    20.0.0.4        
irb.3701      up            200   backup          Active    lcl    30.0.0.3      
                                                            vip    30.0.0.1
 
root@EX4300VC# run show route table vrf_mobile_001.inet.0   
 
vrf_mobile_001.inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
 
0.0.0.0/0          *[Static/5] 01:05:45  <<<<
                    > to 20.0.0.4 via irb.2701
20.0.0.0/28      *[Direct/0] 01:05:54
                    > via irb.2701
20.0.0.1/32      *[Local/0] 01:05:54
                      Local via irb.2701
100.80.0.6/32      *[Local/0] 01:07:09
                      Reject
10.0.0.0/24     *[Direct/0] 01:05:12
                    > via irb.1301
10.0.0.0.254/32   *[Local/0] 01:05:12
                      Local via irb.1301
 
root@EX4300VC:RE:1% cprod -A fpc1 -c "show route ip hw lpm " | grep "Rtt\| 45 "
Rtt  VRF  Destination                       Type     NH-ID     Interface                 HW NH-ID  Src-MAC-Address   Port Dst-MAC-Address  
46   45   100.75.0.0/28                     Resolve  4466      irb        .2701 ifl 930   100128    88:e6:4b:8f:c2:21 0    00:00:00:01:02:03
46   45   191.168.0/24                      Resolve  4474      irb        .1301 ifl 932   100130    88:e6:4b:8f:c2:21 0    00:00:00:01:02:03
46   45   default                           Unicast  12123     irb        .2701 ifl 930   101151    88:e6:4b:8f:c2:21 2    00:00:5e:00:01:64   <<<< normal
 
root@EX4300VC:RE:1% cprod -A fpc0 -c 'set exbcm bcm "l3 defip show"' | grep " 45 "
524   45       100.75.0.0/28        00:00:00:00:00:00 100128    0     0     0    1 n
967   45       191.168.0.0/24       00:00:00:00:00:00 100130    0     0     0    1 n
1706  45       0.0.0.0/0            00:00:00:00:00:00 101151    0     0     0    0 n   <<<< normal
 
[master:0][edit]
root@EX4300-1#run ping 172.17.220.254   
PING 172.17.220.254 (172.17.220.254): 56 data bytes
64 bytes from 172.17.220.254: icmp_seq=0 ttl=62 time=2.556 ms
64 bytes from 172.17.220.254: icmp_seq=1 ttl=62 time=2.166 ms
64 bytes from 172.17.220.254: icmp_seq=2 ttl=62 time=4.166 ms
64 bytes from 172.17.220.254: icmp_seq=3 ttl=62 time=2.167 ms
64 bytes from 172.17.220.254: icmp_seq=4 ttl=62 time=2.534 ms

After power off fpc1

root@EX4300VC> show virtual-chassis status

Virtual Chassis ID: 3e20.4b49.b1ea
Virtual Chassis Mode: Enabled
                                                Mstr           Mixed Route Neighbor List
Member ID  Status   Serial No    Model          prio  Role      Mode  Mode ID  Interface
0 (FPC 0)  Prsnt    TW3719140133 ex4300-32f     128   Master*      N  VC   1  vcp-255/1/0
1 (FPC 1)  Prsnt    TW3719140007 ex4300-32f   

VRRP status

MX480:

[MASTER][edit]
root@mx480# run show vrrp summary   
Interface     State       Group   VR state       VR Mode    Type   Address
irb.2701      down          100   init            Active    lcl    20.0.0.5        init    vip    20.0.0.4       
                                                                                         
irb.3701      up            200   backup          Active    lcl    30.0.0.2       backup   vip    30.0.0.1                                               

MX240:

root@MX240_RE0# run show vrrp summary   
Interface     State       Group   VR state       VR Mode    Type   Address
irb.2701      up            100   master          Active    lcl    20.0.0.6       vip  20.0.0.4        
irb.3701      up            200   master          Active    lcl    30.0.0.3       vip   30.0.0.1
roroot@EX4300VC:RE:0% cprod -A fpc0 -c "show route ip hw lpm " | grep "Rtt\| 45 "
Rtt  VRF  Destination                   Type     NH-ID     Interface                  HW NH-ID  Src-MAC-Address        Port Dst-MAC-Address  
46   45  20.0.0.0/28                    Resolve  4466      irb        .2701 ifl 930   100128    88:e6:4b:8f:c2:21 0    00:00:00:01:02:03
46   45  10.0.0/24                      Resolve  4474      irb        .1301 ifl 932   100130    88:e6:4b:8f:c2:21 0    00:00:00:01:02:03

--->> default route(0.0.0.0/0) is missing
 
root@EX4300VC@:RE:0%  cprod -A fpc0 -c 'set exbcm bcm "l3 defip show"' | grep " 45 "
524   45      20.0.0.0/28        00:00:00:00:00:00 100128    0     0     0    1 n
967   45       30.0.0.0/24       00:00:00:00:00:00 100130    0     0     0    1 n
root@:RE:0% vty fpc0
--->>default route(0.0.0.0/0) is missing
 
{master:0}[edit]
root@EX4300-1# run ping 172.17.220.254
PING 172.17.220.254 (172.17.220.254): 56 data bytes
^C
--- 172.17.220.254 ping statistics ---
64 packets transmitted, 0 packets received, 100% packet loss
Solution:

This issue affects only static routes. It has been fixed per PR1389688. There is no workaround. Please refer to PR1389688 for fixed releases.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search