[j-nsp] SRX fab links through EX VC- seeing enumerating MAC addresses

Phil Fagan philfagan at gmail.com
Fri Oct 4 17:52:21 EDT 2013


Very little is said other than indeed using MAC addresses is how the
cluster speaks via the FAB

http://forums.juniper.net/jnet/attachments/jnet/srx/1659/1/L2HAAppNotev2.pdf

As you noted direct connect FAB is ideal; but a very very interesting find.

Its possible there is a correct aging for your SRX VLAN that might help the
CPU.

https://www.juniper.net/techpubs/en_US/junos/topics/reference/configuration-statement/mac-table-aging-time-bridging.html






On Fri, Oct 4, 2013 at 2:45 PM, Andy Litzinger <
Andy.Litzinger at theplatform.com> wrote:

> Hi,
> while troubleshooting high CPU on our EX mixed-mode VC (4200 and 4550) our
> JTAC engineer noticed that one pair of ports is making changes to the MAC
> learning table at an alarming rate.  My SRX3400 fab links are connected to
> the ports in question (I'm waiting on parts to correct this and directly
> connect the fab ports).  If you watch the mac-learning-log it looks like
> the SRX is sending packets over the fab link that use a private/fake
> Ethernet address and are quickly enumerating through a list of Ethernet
> addresses.
>
> Has anyone else ever seen this?  is there a way to stop it or minimize its
> potential effect on the switch cpu?  Note that it's not yet proven this is
> the source of the high cpu.
>
> > show ethernet-switching mac-learning-log
> <snip>
> Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:dd:32:00:00 was
> deleted on xe-0/0/28.0
> Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:e1:a0:00:00 was
> learned on xe-2/0/28.0
> Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:dd:50:00:00 was
> deleted on xe-0/0/28.0
> Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:dd:61:00:00 was
> deleted on xe-0/0/28.0
> Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:dd:26:00:00 was
> deleted on xe-0/0/28.0
> Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:dd:17:00:00 was
> deleted on xe-0/0/28.0
> Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:e1:a1:00:00 was
> learned on xe-2/0/28.0
> Fri Oct  4 12:45:21 2013  vlan_name srx_fab_temp mac 00:00:dd:44:00:00 was
> deleted on xe-0/0/28.0
> Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:e1:a2:00:00 was
> learned on xe-2/0/28.0
> Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:e1:a3:00:00 was
> learned on xe-2/0/28.0
> Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:dd:48:00:00 was
> deleted on xe-0/0/28.0
> Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:dd:1b:00:00 was
> deleted on xe-0/0/28.0
> Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:dd:2a:00:00 was
> deleted on xe-0/0/28.0
> Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:e1:a4:00:00 was
> learned on xe-2/0/28.0
> Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:e1:a5:00:00 was
> learned on xe-2/0/28.0
> Fri Oct  4 12:45:22 2013  vlan_name srx_fab_temp mac 00:00:dd:51:00:00 was
> deleted on xe-0/0/28.0
> Fri Oct  4 12:45:23 2013  vlan_name srx_fab_temp mac 00:00:e1:a6:00:00 was
> learned on xe-2/0/28.0
> Fri Oct  4 12:45:23 2013  vlan_name srx_fab_temp mac 00:00:dd:60:00:00 was
> deleted on xe-0/0/28.0
> Fri Oct  4 12:45:23 2013  vlan_name srx_fab_temp mac 00:00:dd:33:00:00 was
> deleted on xe-0/0/28.0
> Fri Oct  4 12:45:23 2013  vlan_name srx_fab_temp mac 00:00:e1:a7:00:00 was
> learned on xe-2/0/28.0
>
> the EX port config:
> > show configuration interfaces xe-0/0/28
> Oct 04 13:00:13
> description srx01-xe-1/0/1;
> mtu 9216;
> unit 0 {
>     family ethernet-switching {
>         vlan {
>             members 500;
>         }
>     }
> }
>
> > show configuration interfaces xe-2/0/28
> Oct 04 13:32:52
> description srx02-xe-1/0/1;
> mtu 9216;
> unit 0 {
>     family ethernet-switching {
>         vlan {
>             members 500;
>         }
>     }
> }
>
> SRX:
> srx01> show configuration interfaces fab0
> fabric-options {
>     member-interfaces {
>         xe-1/0/1;
>     }
> }
>
> srx01> show configuration interfaces fab1
> fabric-options {
>     member-interfaces {
>         xe-9/0/1;
>     }
> }
> srx01> show configuration interfaces xe-1/0/1
> srx01> show configuration interfaces xe-9/0/1
> srx01>
>
> thanks!
> -andy
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>



-- 
Phil Fagan
Denver, CO
970-480-7618


More information about the juniper-nsp mailing list