No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Huawei E9000 CX311 cannot connect with Juniper Switch

Publication Date:  2017-08-22 Views:  91 Downloads:  0
Issue Description

the client informed us that he have a problem with Huawei E9000 CX311 who is impossible to connect with the Juniper Switch

Alarm Information


Now we have a interconnection issue between Huawei E9000 and Juniper QFX5100.

We setup the trunk on Huawei and Juniper( interface is  10GE2/17/1 on E9000 and xe-0/0/10 on Juniper, There are two vlans 740 and
vlan 742 on this trunk.

We setup vlanif 742 192.168.142.50/24 on E9000 and 192.168.142.40/24 on Juniper and there is a Firewall (192.168.142.1/24) is also
in vlan 742 and connect with Juniper Switch.

After cable connection, the interfaces are UP, but we cannot ping between E9000 and Juniper Switch, and we can not ping from E9000 to
Firewall.

 

 



Handling Process

After I analyzed the switch configuration I saw that the E9000 , Juniper Switch and Firewall IP is in the same VLAN , but the client didn't check if the Firewall IpTables is allow the packets to came fro the E9000. The client didn't have ping from Juniper Switch to E9000. He replaced the Juniper Switch with an Huawei Switch S5700 and the problem is solved. The conclusion is that the configuration from the Juniper switch it must be made it from beginning and restore it to factory setting  after saving the running configuration

 

 

Can you please check if the Juniper Switch it have ping on Firewall, here is very important to check if in your Iptables the packets are allowed to made traffic on the specific Ip address, in your case the ip address of E9000 192.168.142.50 .

Also, I saw that in your test 2) you replaced the Juniper Switch with a Huawei S5700 and you succeed to have ping and then on test 3) you replaced the E9000/CX311 with Huawei S5700, and
the ping failed, this it takes me to think that is a problem with the configuration on Juniper Switch

Keep in mind that LLDP is enabled on all interfaces by default. If it is disabled, you can enable LLDP by configuring it on all interfaces or on specific interfaces. To configure LLDP on a specific interface on juniper Switch use:

[edit protocols lldp]

user@switch# set interface interface-name

Anyway, from your configuration
I saw that 192.168.142.50  883f-d32d-b656 is in Vlan742  and you succeed to have ping on 192.168.142.1, who is also in Vlan742. My suggestion I
to configure a new port on Juniper Switch and to add it also n Vlan742 but don’t remember to check if all the packets from the IP addresses are allowed in
the Firewall Iptables.


If you already tried the Access mode and Trunk mode it seems that it cannot carry traffic for several VLANs simultaneously or a specific VLAN . I think that you
can try to restore the Juniper Switch to default configuration, first please make a safe copy of the config, and try if you have connection between CX311
and Juniper

Root Cause

the root cause is that the Juniper switch have issue with the configuration and also the Firewall Server need to allow packets that came from the switch and E9000

Solution

I saw that 192.168.142.50  883f-d32d-b656 is in Vlan742  and you succeed to have ping on 192.168.142.1, who is also in Vlan742. My suggestion I
to configure a new port on Juniper Switch and to add it also n Vlan742 but don’t remember to check if all the packets from the IP addresses are allowed in
the Firewall Iptables.


If you already tried the Access mode and Trunk mode it seems that it cannot carry traffic for several VLANs simultaneously or a specific VLAN . I think that you
can try to restore

Suggestions

first need to analyze the switch configuration and check if the E9000 and the Firewall must be on same VLAN like the Juniper Switch. Then need to check if the problem is the juniper Switch or the E9000 cx311 switch , and we saw that the problem is the Juniper Switch , who was replaced with a Huawei switch and it works

END