[j-nsp] SRX secure wire and layer 2 pdus
Ross Vandegrift
ross at kallisti.us
Tue Apr 28 11:43:39 EDT 2015
Hi all,
The documentation for SRX secure wire has thrown me for a loop. It
says: secure wire is a kind of transparent mode, and transparent mode
interfaces pass all ARP and non-IP broadcast/multicast. So a secure
wire should pass BPDUs and LACPDUs.
I think that's a mistake. If both secure wire interfaces land on the
same switch, RSTP/MSTP ought to block one of the interfaces. Separate
switches won't help if both are multihomed to common distribution
switches. The secure wire will look like two edge interfaces were
cabled together, and RSTP/MSTP will block.
I setup a test with two ex4200s and a secure wire between them. No
BPDUs or LACPDUs make it across. Seems good, but now I'm nervous
that the behavior doesn't match the documentation.
Have I missed something? Case is open, but it stalled at the repeat
the documentation stage.
https://www.juniper.net/techpubs/en_US/junos12.3x48/topics/concept/layer-2-secure-wire-understanding.html
Ross
More information about the juniper-nsp
mailing list