[j-nsp] Fwd: Ethernet OAM Issues
Shamen Snyder
ssnyder6676 at gmail.com
Thu Sep 4 09:06:59 EDT 2014
Good morning,
I’ve been trying to get Ethernet OAM CFM to work properly and the lo0 inet
filter is causing the layer 2 protocol to stay stuck in the ‘start’ state.
If I deactivate the lo0 filter and add the source IP to the trusted prefix
list commit then activate the filter OAM stays up.
If I remove the source IP from trusted prefix list OAM goes into a failed
state.
If I have the lo0 filter activated and source IP in the trusted prefix list
and try to bring OAM up it stays stuck in a start state.
The EX4200 at the customer location has no lo0 filter.
So it seems the initial connection is still being dropped by the lo0 filter.
Has anyone ran into this problem and now how to get around it? Deactivating
our lo0 filter is not a solution as this is a core MPLS router.
MX5 configuration:
root at mpr0> show configuration protocols oam
ethernet {
connectivity-fault-management {
traceoptions {
file oam;
flag all;
}
action-profile link-down-take-down {
event {
interface-status-tlv lower-layer-down;
port-status-tlv blocked;
adjacency-loss;
}
action {
interface-down;
}
}
maintenance-domain provider-md {
level 5;
maintenance-association customer-ma {
continuity-check {
interval 1s;
}
mep 101 {
interface ae0.2792;
direction down;
auto-discovery;
remote-mep 100 {
action-profile link-down-take-down;
}
}
}
}
}
}
root at mpr0> show configuration firewall filter lo0
term allow-ntp {
from {
source-address {
x.x.x.x/32;
y.y.y.y/32;
}
protocol udp;
port ntp;
}
then accept;
}
term allow {
from {
source-prefix-list {
trusted;
}
}
then accept;
}
term allow-tcp {
from {
protocol tcp;
tcp-established;
}
then accept;
}
term allow-icmp {
from {
protocol icmp;
}
then {
policer small-bw-limit;
log;
accept;
}
}
term allow-tracert {
from {
protocol udp;
destination-port 33434-33523;
}
then accept;
}
term allow-bgp {
from {
source-prefix-list {
bgp-peers;
}
protocol tcp;
destination-port bgp;
}
then accept;
}
term allow-snmp {
from {
source-prefix-list {
snmp-nms;
trusted;
}
protocol udp;
destination-port snmp;
}
then accept;
}
term allow-mcast {
from {
protocol pim;
}
then accept;
}
term deny-all {
then {
discard;
}
}
EX4200 configuration:
root at ms0> show configuration protocols oam
ethernet {
connectivity-fault-management {
action-profile link-down-take-down {
event {
adjacency-loss;
}
action {
interface-down;
}
}
maintenance-domain customer-md {
level 5;
maintenance-association customer-ma {
continuity-check {
interval 1s;
}
mep 100 {
interface ge-0/1/0.0 vlan-id 2792;
direction down;
auto-discovery;
remote-mep 101 {
action-profile link-down-take-down;
}
}
}
}
}
}
More information about the juniper-nsp
mailing list