[j-nsp] SRX fab links through EX VC- seeing enumerating MAC addresses

Andy Litzinger Andy.Litzinger at theplatform.com
Fri Oct 4 16:45:28 EDT 2013 

Hi,
while troubleshooting high CPU on our EX mixed-mode VC (4200 and 4550) our JTAC engineer noticed that one pair of ports is making changes to the MAC learning table at an alarming rate.  My SRX3400 fab links are connected to the ports in question (I'm waiting on parts to correct this and directly connect the fab ports).  If you watch the mac-learning-log it looks like the SRX is sending packets over the fab link that use a private/fake Ethernet address and are quickly enumerating through a list of Ethernet addresses.

Has anyone else ever seen this?  is there a way to stop it or minimize its potential effect on the switch cpu?  Note that it's not yet proven this is the source of the high cpu.

> show ethernet-switching mac-learning-log
<snip>
Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:dd:32:00:00 was deleted on xe-0/0/28.0
Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:e1:a0:00:00 was learned on xe-2/0/28.0
Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:dd:50:00:00 was deleted on xe-0/0/28.0
Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:dd:61:00:00 was deleted on xe-0/0/28.0
Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:dd:26:00:00 was deleted on xe-0/0/28.0
Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:dd:17:00:00 was deleted on xe-0/0/28.0
Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:e1:a1:00:00 was learned on xe-2/0/28.0
Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:dd:44:00:00 was deleted on xe-0/0/28.0
Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:e1:a2:00:00 was learned on xe-2/0/28.0
Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:e1:a3:00:00 was learned on xe-2/0/28.0
Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:dd:48:00:00 was deleted on xe-0/0/28.0
Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:dd:1b:00:00 was deleted on xe-0/0/28.0
Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:dd:2a:00:00 was deleted on xe-0/0/28.0
Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:e1:a4:00:00 was learned on xe-2/0/28.0
Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:e1:a5:00:00 was learned on xe-2/0/28.0
Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:dd:51:00:00 was deleted on xe-0/0/28.0
Fri Oct  4 12:45:23 2013  vlan_name srx_fab_temp mac 00:00:e1:a6:00:00 was learned on xe-2/0/28.0
Fri Oct  4 12:45:23 2013  vlan_name srx_fab_temp mac 00:00:dd:60:00:00 was deleted on xe-0/0/28.0
Fri Oct  4 12:45:23 2013  vlan_name srx_fab_temp mac 00:00:dd:33:00:00 was deleted on xe-0/0/28.0
Fri Oct  4 12:45:23 2013  vlan_name srx_fab_temp mac 00:00:e1:a7:00:00 was learned on xe-2/0/28.0

the EX port config:
> show configuration interfaces xe-0/0/28
Oct 04 13:00:13
description srx01-xe-1/0/1;
mtu 9216;
unit 0 {
    family ethernet-switching {
        vlan {
            members 500;
        }
    }
}

> show configuration interfaces xe-2/0/28
Oct 04 13:32:52
description srx02-xe-1/0/1;
mtu 9216;
unit 0 {
    family ethernet-switching {
        vlan {
            members 500;
        }
    }
}

SRX:
srx01> show configuration interfaces fab0
fabric-options {
    member-interfaces {
        xe-1/0/1;
    }
}

srx01> show configuration interfaces fab1
fabric-options {
    member-interfaces {
        xe-9/0/1;
    }
}
srx01> show configuration interfaces xe-1/0/1
srx01> show configuration interfaces xe-9/0/1
srx01>

thanks!
-andy

More information about the juniper-nsp mailing list