[j-nsp] trouble setting up link agg between clustered SRX 550 and Cisco 6509

Per Westerlund p1 at westerlund.se
Fri Aug 16 03:54:00 EDT 2013 

The components of the SRX RETH-interfaces are not all active at the same time, this is a fail-over construct. One active link at the time.

You should be looking at the AE-interfaces instead, they are proper LACP aggregators.

/Per

16 aug 2013 kl. 00:55 skrev Andy Litzinger <Andy.Litzinger at theplatform.com>:

> Has anyone had any difficulty creating a port channel between an SRX cluster (in this case, SRX 550s) and Cisco switches (in this case 6509s, non-VSS)?
> 
> When I tried to bring up a second link in the link agg group the cisco side put it in state "I" which means:  standalone.  It also logged this message:
> %EC-SP-5-CANNOT_BUNDLE_LACP: Gi8/2 is not compatible with aggregators in channel 10 and cannot attach to them (flow control send of Gi8/2 is on, Gi8/1 is off)
> 
> I did some googling and found a couple articles that seemed to say that the SRX doesn't support flow-control so I tried turning it off on the cisco side.:
> interface 8/1 flowcontrol send off
> interface 8/2 flowcontrol send off
> interface po10 flowconftorl send off
> 
> This didn't help and when I shut/no shut the port channel on the cisco side the whole thing went offline and wouldn't come back until I rebuilt it.
> 
> any ideas?
> 
> SRX-A connects to 6509-A with 2 physical links bundled into reth0
> SRX-B connects to 6509-B with 2 physical links bundled into reth0
> 
> SRX side config:
>> show configuration interfaces ge-0/0/4
> gigether-options {
>    redundant-parent reth0;
> }
>> show configuration interfaces ge-0/0/6
> gigether-options {
>    redundant-parent reth0;
> }
>> show configuration interfaces ge-9/0/4
> gigether-options {
>    redundant-parent reth0;
> }
>> show configuration interfaces ge-9/0/6
> gigether-options {
>    redundant-parent reth0;
> }
> 
>> show configuration interfaces reth0
> vlan-tagging;
> redundant-ether-options {
>    redundancy-group 1;
>    lacp {
>        active;
>        periodic fast;
>    }
> }
> unit x {
>    vlan-id x;
>    family inet {
>        address x.x.x.x/zz;
>    }
> }
> unit y {
>    vlan-id y;
>    family inet {
>        address x.x.x.x/zz;
>    }
> }
> 
> 
> cisco side on 6509-A:
> interface GigabitEthernet8/1
> description srx01-g0/4
> switchport
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan x,y
> switchport mode trunk
> switchport nonegotiate
> spanning-tree portfast edge trunk
> channel-group 10 mode active
> end
> 
> interface GigabitEthernet8/2
> description srx01-g0/6
> switchport
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan x,y
> switchport mode trunk
> switchport nonegotiate
> shutdown
> spanning-tree portfast edge trunk
> channel-group 10 mode passive
> end
> 
> interface Port-channel10
> description srx01-internal
> switchport
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan x,y
> switchport mode trunk
> switchport nonegotiate
> spanning-tree portfast edge trunk
> end
> 
> the 6509-B config is identical
> 
> thanks!
> -andy
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list