Hi all
I seem to be having a strange issue with some EX's and their loopback firewall that I can't seem to figure out.
I have a EX4600 virtual chassis and multiple EX4300 virtual chassis which are connected to the EX4600's.
I have some VLAN's that have their layer 3 handled by the EX4600's. The EX4300's are only layer 2 for those networks - they do not have any irb interface in them at all.
For the VLAN's in question, the EX4600's have router advertisements configured. I confirmed they are working (from a capture on the device itself as well as from a server attached). On the EX4300's I have a v6 filter attached to the loopback interface. For testing purposes the firewall simply has one rule - allow all traffic. With the filter attached to the loopback interface no clients connected to the EX4300 see any router advertisements. Solicits also fail - I don't see the counter incrementing on the EX4600's.
I then removed the loopback filter on the EX4300's and router advertisements work as expected. I don't understand why that is - the filter simply has an allow all rule.
Has anyone ran into a similar issue?
No comments:
Post a Comment