I'm having an interesting problem with what I think is spanning tree, and I'm wondering if anyone has any advice. I'm not a full-time network engineer, and I've inherited this so none of this is my design...
The scenario: we have two sites. One site has a pair of EX9204s handling the L3 routing, and a VC of EX4300s for access. The other site has a single Cisco 6509 handling both L2 and L3 in the same chassis. The Cisco is hopefully going in the garbage soon - which might make this problem moot anyway - but for now I'm stuck with it. We're using VSTP on the Juniper side, and PVST+ (spanning-tree mode pvst
) on the Cisco side.
The sites are connected to each other over a VPLS connection. There are two ports on the EX4300 VC connected to two separate ETX devices at one site, and two ports on the 6509 connected to two ETX devices at the other site. We use a single VLAN to do L3 across the VPLS to provide site-to-site connectivity. Complicating things further, we also have connections to our 3rd party cloud provider into the VPLS - however, the routing for these is handled by separate routers, but also connected to the same switches.
The problem is this - when I plug in the second connection in the first site (with the EX4300 VC), after a few seconds everything goes nuts. The counters on both the interfaces on the EX4300 VC connected to the ETXs rapidly start to climb. The DDoS protection on the EX9204s start to kick in, complaining of a spike in VRRP and OSPF packets. The Cisco 6509 in the other site complains that it's suddenly getting a firehose of OSPF packets. These things suggest to me that there's a loop somewhere. Unplugging one of the connections to the EX4300 VC makes the problem instantly go away.
After doing a bit more reading, I have a feeling I also need to configure RSTP and add the same native VLAN on the EX4300 VC side as is being used on the Cisco side, but I'm honestly out of my depth at this point. Any suggestions would be gratefully received :-)
No comments:
Post a Comment