[j-nsp] igmp snooping layer 2 querier breaks ospf in other devices

nebu thomas nebuvthomas at yahoo.com
Sat Feb 3 23:56:23 EST 2024 

 Hi Aaron,
 since ACX series  is based on Broadcom PFE , and based on your description of the issue..

=> When you enable igmp-snooping (in Broadcom based PFE devices like EX3400/QFX5100s) there are some associated dynamic filters / IFP/VFP  gets created in PFE , and if there are some descrepancies in that it can match some unassociated multicast potentially dropping it . 

=> But if this is a bug in these areas  , you should be seeing the same behaviour in your lab with exact configs/topology (in same release)
So, in your lab , please try with exact same configuration as in your production device ..Especially ,Pls use the firewall filters configured in the production device and your lab device and make it same   (loopback filters ) .
-thanks, Nebu, 

    On Friday, 2 February, 2024 at 11:00:40 pm IST, Aaron Gould via juniper-nsp <juniper-nsp at puck.nether.net> wrote:  
 
 thanks for this... i think i misunderstood the use of l2-querier from a 
previous project i worked on, and put it here where i really didn't need 
it.  moving forward i will only use igmp snooping in the vlan, and not 
the l2-querier option.  but with all that said, i still don't understand 
why ospf inside an l2circuit is affected by my pim/igmp configs ... 
furthermore, why it breaks in the field and works in the lab


-Aaron


On 2/2/2024 10:32 AM, Crist Clark wrote:
> I thought this was asked, but don’t recall an answer, what’s the point 
> of turning on a querier if the switch is already a PIM router? You 
> don’t need an IGMP snooping querier if it’s a multicast router.
>
>
> On Fri, Feb 2, 2024 at 8:21 AM Aaron Gould via juniper-nsp 
> <juniper-nsp at puck.nether.net> wrote:
>
>    I tried to recreate the scenario in my lab with no success
>
>    21.2R3-S4.8 - in lab - problem not seen
>    20.2R3-S7.3 - in lab - problem not seen
>    19.2R3-S6.1 - in lab - problem not seen
>    18.3R3-S6.1 - in lab - problem not seen
>    17.4R2-S11  - in lab - problem not seen
>
>    17.4R2-S11  - in field - problem seen
>
>
>    again, the problem is, when i enabled this command...
>
>    set protocols igmp-snooping vlan vlan100 l2-querier source-address
>    10.100.4.1
>
>    ...a customer riding an l2circuit on ge-0/0/2 report to me that their
>    multicast stops working... ospf goes down and stays in INIT...
>
>    when i remove all pim and igmp, then there OSPF neighbors up and
>    stabilizes
>
>    i just don't know how running igmp inside vlan 100 with ports
>    ge-0/0/4,
>    5 and 6 would have anything to do with an l2circuit on ge-0/0/2
>
>
>    -Aaron
>
>    _______________________________________________
>    juniper-nsp mailing list juniper-nsp at puck.nether.net
>    https://puck.nether.net/mailman/listinfo/juniper-nsp
>
-- 
-Aaron
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list