[j-nsp] ISIS between ERX 1440 and MX960
david.roy at orange-ftgroup.com
david.roy at orange-ftgroup.com
Fri May 20 07:59:25 EDT 2011
Hi,
I don't know how to go on with the ERX. I tried many things without success. More traces below. Thanks for your help : May be a bug ?!?
Regards,
David
ERX :
#######
interface loopback 50
ip address x.x.x.x 255.255.255.255
no ip redirects
!
interface gigabitEthernet 12/0
mtu 4488
ip address y.y.y.1 255.255.255.252
no ip redirects
ip router isis 31337
isis circuit-type level-2-only
isis authentication-key level-2 foo123
!
router isis 31337
is-type level-2-only
passive-interface loopback50
net 49.0001.xxxx.xxxx.xxxx.00
domain-authentication psnp
domain-authentication csnp
domain-message-digest-key 1 hmac-md5 foo123
metric-style wide
!
MX :
#######
ge-2/2/2 {
mtu 4484;
unit 0 {
family inet {
address y.y.y.2/30;
}
family iso;
}
}
isis {
level 2 {
authentication-key "xxxxxxxx"; ## SECRET-DATA = foo123
authentication-type md5;
wide-metrics-only;
}
interface ge-2/2/2.0 {
level 1 disable;
level 2 {
hello-authentication-key "$9$fQ39yrv8xdBIs4aJDjCtpBhS"; ## SECRET-DATA = foo123
hello-authentication-type simple;
}
}
}
Trace on MX :
##############
show interfaces ge-2/2/2
Physical interface: ge-2/2/2, Enabled, Physical link is Up
Interface index: 251, SNMP ifIndex: 556
Description: Connection To LNS
Link-level type: Ethernet, MTU: 4484, Speed: 1000mbps, BPDU Error: None, MAC-REWRITE Error: None, Loopback: Disabled,
Source filtering: Disabled, Flow control: Enabled, Auto-negotiation: Enabled, Remote fault: Online
Device flags : Present Running
Interface flags: SNMP-Traps Internal: 0x4000
Link flags : None
CoS queues : 8 supported, 8 maximum usable queues
Schedulers : 0
Current address: 84:18:88:e8:c9:9e, Hardware address: 84:18:88:e8:c9:9e
Last flapped : 2011-05-20 11:54:46 EEST (01:08:11 ago)
Input rate : 6144 bps (8 pps)
Output rate : 0 bps (0 pps)
Active alarms : None
Active defects : None
Logical interface ge-2/2/2.0 (Index 75) (SNMP ifIndex 656)
Flags: SNMP-Traps 0x4000000 Encapsulation: ENET2
Input packets : 27981
Output packets: 600
Protocol inet, MTU: 4470
Flags: Sendbcast-pkt-to-re
Addresses, Flags: Is-Preferred Is-Primary
Destination: x.x.x.x/30, Local: x.x.x.x, Broadcast: x.x.x.x
Protocol iso, MTU: 4467 <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<ISO MTU
Protocol multiservice, MTU: Unlimited
monitor traffic interface ge-2/2/2.0 layer2-headers no-resolve size 4488
verbose output suppressed, use <detail> or <extensive> for full protocol decode
Address resolution is OFF.
Listening on ge-2/2/2.0, capture size 4488 bytes
TO ERX :
13:04:34.156857 Out 84:18:88:e8:c9:9e > 1:80:c2:0:0:15, 802.3, length 1509: LLC, dsap OSI (0xfe) Individual, ssap OSI (0xfe) Command, ctrl 0x03: OSI NLPID IS-IS (0x83): L2 Lan IIH, src-id 2131.3905.5002, lan-id 2131.3905.5002.00, prio 64, length 1492 <<< PDU length including hello padding of the MX
FROM ERX :
13:04:35.450255 In 0:90:1a:41:fa:f5 > 1:80:c2:0:0:15, 802.3, length 1514: LLC, dsap OSI (0xfe) Individual, ssap OSI (0xfe) Command, ctrl 0x03: OSI NLPID IS-IS (0x83): L2 Lan IIH, src-id 1921.6801.6029, lan-id 1921.6801.6029.01, prio 64, length 1497 <<< PDU length including hello padding of the ERX
Trace on ERX :
##############
sho int gi 12/0
GigabitEthernet12/0 is Up, Administrative status is Up
Hardware is PMC 3386, address is 0090.1a41.faf5
Primary MAU is 1000BASE-LX 10km, secondary MAU is 1000BASE-LX 10km
MTU: Operational 4488, Administrative 4488 <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< MTU seems good
Duplex Mode: Operational Full Duplex, Administrative Auto Negotiate
Speed: Operational 1000 Mbps, Administrative Auto Negotiate
Debounce: State is Disabled
Link: Operational Primary Link Selected,
Administrative Link Selected Automatically
Link Failover Timeout: Operational 727 ms, Administrative default
Primary link selected 258 times, Secondary link selected 252 times
Primary link signal detected, Secondary link signal not detected
No baseline has been set
5 minute input rate 1024 bits/sec, 0 packets/sec
5 minute output rate 19456 bits/sec, 12 packets/sec
In: Bytes 789821048435, Unicast 4769999720
Multicast 2224876, Broadcast 2088
Errors 0, Discards 36549, Mac Errors 0, Alignment 0 <<<<<<<<<<<<<<<<< IIH coming from MX are discarded
CRC 0, Too Longs 0, Symbol Errors 0
Out: Bytes 6824490336601, Unicast 6292729944
Multicast 4577411, Broadcast 103
Errors 0, Discards 0, Mac Errors 0, Deferred 0, No Carrier 0
Collisions: Single 0, Multiple 0, Late 0, Excessive 0
Policed Statistics:
In: 0, Out: 0
ARP Statistics:
In: ARP requests 211, ARP responses 8
Errors 0, Discards 6
Out: ARP requests 103, ARP responses 204
Errors 0, Discards 7
Administrative qos-shaping-mode: none
Operational qos-shaping-mode: frame
queue 0: traffic class best-effort, bound to ethernet GigabitEthernet12/0
Queue length 0 bytes
Forwarded packets 0, bytes 0
Dropped committed packets 0, bytes 0
Dropped conformed packets 0, bytes 0
Dropped exceeded packets 0, bytes 0
queue 1: traffic class control, bound to GigabitEthernet12/0
Queue length 0 bytes
Forwarded packets 22347807, bytes 1630937549
Dropped committed packets 0, bytes 0
Dropped conformed packets 0, bytes 0
Dropped exceeded packets 0, bytes 0
sho clns interface gi 12/0
GigabitEthernet12/0 is up, line protocol is up
Checksums Enabled, MTU 4470, Encapsulation SNAP <<<<<<<<<< MTU ISO
Next ESH/ISH is 7 seconds
Routing Protocol: IS-IS
Circuit Type: level-2
Interface number 0x495886, local circuit ID 0x1
Level-1 Metric: 10, DIS Priority: 0, Priority: 64,
Circuit ID: BRAS3-WDOO.01
L1 Designated IS: Disabled
Number of active level-1 adjacencies: 0
Level-2 Metric: 10, DIS Priority: 64, Priority: 64,
Circuit ID: BRAS3-WDOO.01
L2 Designated IS: BRAS3-WDOO:default.01 (not us)
Number of active level-2 adjacencies: 0
Next IS-IS LAN Level-1 Hello in 0 seconds
Next IS-IS LAN Level-2 Hello in 6 seconds
BFD disabled
Mesh Group Inactive
Authentication Level-2:
Key-id: 0 Type: password*
Start Accept: THU MAY 19 18:08:31 2011
Start Generate: THU MAY 19 18:08:31 2011
Stop Accept: 0
Stop Generate: 0
sho clns traffic detail
IS-IS: Baseline last set 28 days, 22 hours, 11 minutes, 17 seconds
IS-IS: Corrupted LSPs: 0
IS-IS: L1 LSP Database Overloads: 0
IS-IS: L2 LSP Database Overloads: 0
IS-IS: Area Addresses Dropped: 0
IS-IS: Attempts to Exceed Max Sequence: 0
IS-IS: Sequence Numbers Skipped: 0
IS-IS: Total LSPs Purged: 414
IS-IS: Own LSPs Purged: 0
IS-IS: System ID Length Mismatches: 0
IS-IS: Maximum Area Mismatches: 0
IS-IS: Area/Domain Authentication Failures: 0
IS-IS: Level-1 LSPs Sent: 0 Rcvd: 0 Dropped: 0
IS-IS: Level-2 LSPs Sent: 3086 Rcvd: 529403 Dropped: 0
IS-IS: LSP checksum errors received: 0
Interface: GigabitEthernet12/0
IS-IS: Baseline last set 28 days, 22 hours, 11 minutes, 17 seconds
IS-IS: Protocol PDUs (in/out): 0/0
IS-IS: Init Failures: 0
IS-IS: Adjacencies Changes: 0
IS-IS: Adjacencies Rejected: 0
IS-IS: Bad LSPs: 0
IS-IS: Level-1 Designated IS Changes: 2
IS-IS: Level-2 Designated IS Changes: 11
IS-IS: Invalid 9542s: 0
IS-IS: Malformed PDU reecived: 0
IS-IS: Authentication Failures: 0
IS-IS: Level-1 Hellos (in/out/dropped): 0/0/0
IS-IS: Level-2 Hellos (in/out/dropped): 0/300/0 <<<<<<<<<<<<< ONLY SENT IIH
IS-IS: Level-1 CSNPs (in/out): 0/0
IS-IS: Level-2 CSNPs (in/out): 0/0
IS-IS: Level-1 PSNPs (in/out): 0/0
IS-IS: Level-2 PSNPs (in/out): 0/0
IS-IS: LSPs Retransmitted : 0
David Roy
Orange - IP Domestic Backbone - TAC
Tel. +33(0)299876472
Mob. +33(0)685522213
Email. david.roy at orange-ftgroup.com
JNCIE-M/T #703 ; JNCIS-ENT
-----Message d'origine-----
De : sthaug at nethelp.no [mailto:sthaug at nethelp.no]
Envoyé : jeudi 19 mai 2011 21:35
À : ROY David DTF/DERX
Cc : kalirajv at gmail.com; juniper-nsp at puck.nether.net
Objet : Re: [j-nsp] ISIS between ERX 1440 and MX960
> 2. I tried but without success. I believe that the ISO MTU is less
> than the padded hello of the MX. I will try to set mtu of the gi 12/0
> of the ERX to 1518 : I will update you if it works
We have IS-IS running between MX and ERX with no problem. Use 4 byte more for the ERX MTU than the MX MTU on the physical interfaces, and you should be all set.
Example of working config below, lightly anonymized.
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
----------------------------------------------------------------------
interface gigabitEthernet 2/0
mtu 4488
ip address a.b.2.202 255.255.255.252
ip router isis
isis network point-to-point
isis circuit-type level-2-only
interface loopback 0
ip address a.b.0.75 255.255.255.255
ip router isis
isis circuit-type level-2-only
router isis
is-type level-2-only
net 47.0001.0000.0000.0075.00
metric-style wide level-2
interfaces {
ge-0/0/3 {
mtu 4484;
unit 0 {
family inet {
address a.b.2.201/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address a.b.0.78/32;
}
family iso {
address 47.0001.0000.0000.0078.00;
}
}
}
}
protocols {
isis {
level 2 wide-metrics-only;
level 1 disable;
interface ge-0/0/3.0 {
point-to-point;
}
interface lo0.0 {
level 2 passive;
}
}
}
********************************************************************************
IMPORTANT.Les informations contenues dans ce message electronique y compris les fichiers attaches sont strictement confidentielles
et peuvent etre protegees par la loi.
Ce message electronique est destine exclusivement au(x) destinataire(s) mentionne(s) ci-dessus.
Si vous avez recu ce message par erreur ou s il ne vous est pas destine, veuillez immediatement le signaler a l expediteur et effacer ce message
et tous les fichiers eventuellement attaches.
Toute lecture, exploitation ou transmission des informations contenues dans ce message est interdite.
Tout message electronique est susceptible d alteration.
A ce titre, le Groupe France Telecom decline toute responsabilite notamment s il a ete altere, deforme ou falsifie.
De meme, il appartient au destinataire de s assurer de l absence de tout virus.
IMPORTANT.This e-mail message and any attachments are strictly confidential and may be protected by law. This message is
intended only for the named recipient(s) above.
If you have received this message in error, or are not the named recipient(s), please immediately notify the sender and delete this e-mail message.
Any unauthorized view, usage or disclosure ofthis message is prohibited.
Since e-mail messages may not be reliable, France Telecom Group shall not be liable for any message if modified, changed or falsified.
Additionally the recipient should ensure they are actually virus free.
********************************************************************************
More information about the juniper-nsp
mailing list