[j-nsp] juniper-nsp Digest, Vol 67, Issue 15

Richard A Steenbergen ras at e-gerbil.net
Thu Jun 12 05:45:55 EDT 2008 

On Wed, Jun 11, 2008 at 09:11:46PM +0100, Brendan Regan wrote:
> Hi,
> With the advice of everyone and the following link I have managed to get the
> Lacp working by removing tagged ports.

You can definitely run LACP + .1q tagging just fine (well on everything 
except original Juniper FPC non-E's, the kind with B-Chip 2.0, but that 
shouldn't be a concern for you on an M10i). What you're probably hitting 
is an incompatibility with how the LACP control packets are delivered over 
a trunked port.

I've hit this issue plenty of times, and the first time it comes up it's 
pretty hard to figure out whats going on. Basically Cisco (switches, 
anything catalyst based at any rate) has a concept for its 802.1q tagged 
("trunked" ports in Cisco-speak) called a "native vlan", which is one 
specific vlan that you must assign for every trunk port where any untagged 
packets end up, and which does't transmit a vlan tag on outgoing packets 
from this vlan. Juniper has no such concept (and rightfully so, it's a 
horrible Ciscoism), and expects every data packet on a vlan-tagging port 
to actually be tagged. Cisco "fixed" this really nasty historical behavior 
by adding a software option to tag the native vlan, but one side-effect of 
having this enabled is that it tries to 802.1q tag the LACP control 
packets when it sends them over the wire. Juniper flatly refuses to parse 
the LACP packets like this, thus preventing the LACP trunk from coming up, 
and the only workaround is to disable native vlan tagging on the Cisco (or 
maybe to manually push/pop the tag of the native vlan id on the Juniper 
side :P). I haven't actually bothered to read the 802.3ad spec to see who 
is in the right here, but my gut feelig is that Juniper's behavior is 
technically correct.

I can't speak to Foundry RX specifically, but certainly on other Foundry 
platforms and versions of code there have been sometimes evolving concepts 
of being able to configure a tagged port as mixed tagged and untagged, or 
not. There have also been plenty of Foundry bugs too. :P You should 
probably just put a sniffer on the wire and see whats actually going on 
here, or just try to tcpdump it on the Juniper and see if you're actually 
receiving the LACP control packets to the RE.

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)

More information about the juniper-nsp mailing list