[f-nsp] Management VRF and management port on ICX
Franz Georg Köhler
lists at openunix.de
Fri Jan 27 07:51:42 EST 2017
Hello,
I wonder how management VRF and management port work together on ICX?
On Netiron, you can configure management vrf and place the management
port in the management vrf.
On ICX, you cannot set a VRF for the management port (vrf command not
available of the management port).
The manual says:
"When a management VRF is configured, the management traffic is allowed
through the ports belonging to the specified VRF and the out-of-band
management port. The management traffic through the ports belonging to
the other VRFs and the default VRF are dropped, and the rejection
statistics are incremented."
The problem is, if the vrf does not contain any ports, it is down (the
management port doesn't count because it cannot be added with vrf command).
I have created a loopback device bound to the management vrf to keep it up.
However, the management port does not seem to be part of the VRF.
Secondly, the system will only send out management packets on loopback1,
not on the management port.
How do you address those problems?
Best regards,
Franz Georg Köhler
More information about the foundry-nsp
mailing list