<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
The MLX platform is not a layer2 switch by default, so there are two
ways to solve this problem:<br>
<br>
a) Use a VLL-local to bridge VLAN 999 from the firewall, through the
MLX, to the ICX2. Then the MLX does not even learn the MAC addresses
of the packets which are passing through.<br>
<br>
b) Perform a "no route-only" on all the interfaces which are
involved in layer2 switching.<br>
<br>
<div class="moz-cite-prefix">On 03/01/2016 09:57 AM, Valeri
Streltsov wrote:<br>
</div>
<blockquote cite="mid:01be01d17398$6a0c28a0$3e2479e0$@tiera.org"
type="cite">
<pre wrap="">Hi
Looks like you have "route-only" globally or on physical port applied. Try to do "no route-only" on physical port first.
Valeri Streltsov
-----Original Message-----
From: foundry-nsp [<a class="moz-txt-link-freetext" href="mailto:foundry-nsp-bounces@puck.nether.net">mailto:foundry-nsp-bounces@puck.nether.net</a>] On Behalf Of Franz Georg Kohler
Sent: Tuesday, March 1, 2016 11:53 AM
To: <a class="moz-txt-link-abbreviated" href="mailto:foundry-nsp@puck.nether.net">foundry-nsp@puck.nether.net</a>
Subject: [f-nsp] Double-switched (looped) traffic on Netiron MLX
Hello,
I am currently seing traffic being blocked on a MLX setup where there are two VLANS:
First vlan (10 in this example) is a vlan with layer-3 ve interface.
Traffic is first sent via the internal VLAN to a firewall device.
Then it is switched using the external VLAN and finally being routed.
This is to make the traffic pass the firewall and not to switch it directly to the server, bypassing the firewall.
With this setup, MLX does not switch the traffic correctly until i set transparent-hw-flooding on the internal VLAN. ARP works but IP packets do not get forwarded.
Does anybody know why this is the case and if ther is any solution apart from setting transparent-hw-flooding?
+-------+
| | +-----------+
| ICX2 +---------------+ Server |
+------------+ | +-----------+
| +-------+
|
+-------+ |
| +-+
| MLX | VLAN 999
| +------------------+
+-------+ |
VLAN10/ve10 |
| +---+-------+
| | |
| | firewall |
+------------------+ |
+-----------+
Best regards,
Franz Georg Köhler
_______________________________________________
foundry-nsp mailing list
<a class="moz-txt-link-abbreviated" href="mailto:foundry-nsp@puck.nether.net">foundry-nsp@puck.nether.net</a>
<a class="moz-txt-link-freetext" href="http://puck.nether.net/mailman/listinfo/foundry-nsp">http://puck.nether.net/mailman/listinfo/foundry-nsp</a>
_______________________________________________
foundry-nsp mailing list
<a class="moz-txt-link-abbreviated" href="mailto:foundry-nsp@puck.nether.net">foundry-nsp@puck.nether.net</a>
<a class="moz-txt-link-freetext" href="http://puck.nether.net/mailman/listinfo/foundry-nsp">http://puck.nether.net/mailman/listinfo/foundry-nsp</a></pre>
</blockquote>
<br>
<div class="moz-signature">-- <br>
<div style="font-family: arial; font-size: 12px; vertical-align:
text-top;">Met vriendelijke groet / Kindest regards,
<br>
Martijn Schmidt</div>
<br>
<br>
<table height="185" width="600">
<tbody>
<tr>
<td>
<img src="cid:part1.01030505.04060000@i3d.net"
alt="i3D.net performance hosting" height="138"
width="251">
</td>
<td>
<div style="font-family: arial; font-size: 12px;
vertical-align: text-top;">
<b style="font-size: 18px;">Martijn Schmidt | Network
Architect</b><br>
Email: <a href="mailto://martijnschmidt@i3d.net">martijnschmidt@i3d.net</a>
| Tel: +31 10 8900070<br>
<br>
<b>i3D.net B.V. | Global Backbone AS49544</b><br>
Van Nelleweg 1, 3044 BC Rotterdam, The Netherlands<br>
VAT: NL 8202.63.886.B01<br>
<br>
<a class="one"
href="http://www.i3d.net/?utm_source=emailsignature&utm_medium=email&utm_campaign=home">Website</a>
|
<a class="one"
href="http://www.i3d.net/partners/?utm_source=emailsignature&utm_medium=email&utm_campaign=case-studies">Case
Studies</a> |
<a class="one"
href="https://www.linkedin.com/company/i3d-net">LinkedIn</a>
</div>
</td>
<td valign="top">
<br>
</td>
</tr>
</tbody>
</table>
</div>
</body>
</html>