Juniper EX4400 – Virtual Chassis not working

Michael McNamara — Tue, 17 Oct 2023 01:43:43 +0000

We made the jump from the EX4300 to the EX4400 this year and while things have been good, we’ve seen a number of bugs and issues with the early software releases.

If you run into issues with Virtual Chassis, my first suggestion is to check the software release.

By default, the QSFP28 ports on the back of the Juniper EX4400 should be setup as “Virtual Chassis” ports for stacking. You can issue the following command to change the configuration if needed;

request virtual-chassis mode network-port disable reboot

The issue I found is that ~ 70% of the time a Juniper EX4400 would fail to see the Virtual Chassis ports (and fail to “stack” properly) if it was running 21.2R3.8 software – the software release Juniper was shipping on switches sold in early 2023. An upgrade to 21.4R3-S3.4 or even the current recommendation of 22.2R3-S2.8 immediately resolves the issue.

I’ve also observed a number of odd PoE/interface issues impacting Juniper MIST Access Points, Kronos clocks along with other assorted PoE devices, such that they receive power but are unable to establish a LINK on the port with either 1Gbps or 2.5Gbps.

I’m currently running 21.4R3-S3.4 in production but we’re seeing a lot of intermittent BFD timeouts which we suspect is a software issue. We’re currently testing 22.2R3-S2.8 in a number of locations.

Cheers

Power over Ethernet Plus (PoE+)

Michael McNamara — Sat, 22 Mar 2008 15:00:00 +0000

I just recently learned that the majority of 802.11n products in design will likely out pace the current 13-15 watts of power provided by the 802.3af specification. It seems the IEEE is already working on 803.at, a new specification labeled “PoE+” by some.

What does this mean for the thousands of PoE (802.3af) ports already deployed throughout organizations?

Here’s a good article, A Look at POE Plus, in Network Computing by Peter Morrissey.

There are also some interesting articles over at Network World regarding 802.11n.

I’m not sure about everyone else out there but I won’t be rushing to deploy 802.11n or 802.3at gear anytime soon. We’ve actually standardized on using PoE capable network switches throughout the network going forward. The price cost between a PoE switch and a non-PoE switch is almost negligible when you consider the time and effort required to replace that switch in the future if PoE is required for some new application.

If you’re seriously thinking about deploying 802.11n you’ll need to consider how you’re going to power those devices.

Cheers!

Nortel ERS 5520 PwR Switch (Part 2)

Michael McNamara — Wed, 24 Oct 2007 01:19:00 +0000

[ad name=”ad-articlebodysq”]In my previous post I outlined all the commands that you would need to configure a Nortel Ethernet Routing Switch 5520 to support deploying Nortel’s i2002/i2004 Internet Telephones using LLDP-MED in conjunction with ADAC (Automatic Detection and Automatic Configuration). If you followed the steps your probably well on your way to getting things work. Unfortunately things can sometimes go wrong even with the best documentation and understanding of the product.

In this post I’m going to outline some of the basic commands you can use to troubleshoot any issues you might have between the ERS5520 and the i2002/i2004 phones.

Q. How can I check the log file?
A. show logging

ERS-5520# show logging
Type Time                    Idx  Src Message
---- ----------------------- ---- --- -------
S    00:00:00:00             1    NVR SNTP: Could not sync to NTP servers.
S    2007-04-05 17:18:08 GMT 2    NVR SNTP: Could not sync to NTP servers.
S    2007-04-05 17:22:07 GMT 3    NVR Audit data initialized - incorrect magic number: 0xffffffff
I    2007-04-19 01:21:03 GMT 4        Web server starts service on port 80.
I    2007-04-19 01:21:19 GMT 5        IGMP: Unknown Multicast Filter disabled
I    2007-04-19 01:21:19 GMT 6        PoE Port Detection Status:  Port 1 Status: Delivering Power
I    2007-04-19 01:21:22 GMT 7        PoE Port Detection Status:  Port 35 Status: Delivering Power
I    2007-04-19 01:21:49 GMT 8        Port 0/47 reenabled by VLACP
I    2007-04-19 01:21:49 GMT 9        Port 0/48 reenabled by VLACP
I    2007-04-19 01:23:05 GMT 10       SNTP: First synchronization successful.
I    2007-04-19 01:23:18 GMT 11       Warm Start Trap
I    2007-04-19 01:23:19 GMT 12       Link Up Trap Port: 1
I    2007-04-19 01:23:20 GMT 13       Trap:  pethPsePortOnOffNotification
I    2007-04-19 01:23:20 GMT 14       Trap:  bsAdacPortConfigNotification for Port: 47, Config: Applied

Q. How can I check the state of a port?
A. show interfaces

ERS-5520# show interfaces 47,48
Status                     Auto                      Flow
Port Trunk Admin   Oper Link LinkTrap Negotiation Speed    Duplex Control
---- ----- ------- ---- ---- -------- ----------- -------- ------ -------
47   1     Enable  Up   Up   Enabled  Enabled     1000Mbps Full   Asymm
48   1     Enable  Up   Up   Enabled  Enabled     1000Mbps Full   Asymm

Q. How can I check the VLACP state of a port?
A. show vlacp interface

ERS-5520# show vlacp interface 47,48
===============================================================================
VLACP Information
===============================================================================
PORT ADMIN   OPER    HAVE    FAST  SLOW  TIMEOUT TIMEOUT ETH  MAC
ENABLED ENABLED PARTNER TIME  TIME  TYPE    SCALE   TYPE ADDRESS
-------------------------------------------------------------------------------
0/47  true    true    yes    500   30000 short   3       8103 01:80:c2:00:11:00
0/48  true    true    yes    500   30000 short   3       8103 01:80:c2:00:11:00

Q. How can I check what FDB entries have been learned on a specific port?
A. show mac-address-table port

ERS-5520# show mac-address-table port 47
Mac Address Table Aging Time: 300
Number of addresses: 9

MAC Address      Source          MAC Address      Source
-----------------  --------      -----------------  --------
00-00-5E-00-01-01  Trunk: 1      00-15-40-45-68-00  Trunk: 1
00-17-D1-57-30-00  Trunk: 1      00-17-D1-57-30-10  Trunk: 1
00-17-D1-57-32-03  Trunk: 1      00-18-B0-CC-F0-00  Trunk: 1
00-18-B0-CC-F0-10  Trunk: 1      00-18-B0-CC-F2-01  Trunk: 1
00-1B-25-4C-74-00  Trunk: 1

Q. How can I check the FDB table for a specific MAC address?
A. show mac-address-table address

ERS-5520# show mac-address-table address 00:18:b0:cc:f0:10
Mac Address Table Aging Time: 300
Number of addresses: 1

MAC Address      Source          MAC Address      Source
-----------------  --------      -----------------  --------
00-18-B0-CC-F0-10  Trunk: 1

Q. How can I check to see if ADAC has been configured/enabled?
A. show adac

ERS-5520# show adac
ADAC Global Configuration
---------------------------------------
ADAC:  Enabled
Operating Mode:  Tagged Frames
Traps Control Status:  Enabled
Voice-VLAN ID:  12
Call Server Port:  None
Uplink Port:  48

Q. How can I check to see if ADAC has been applied to a specific port?
A. show adac interface

ERS-5520# show adac interface 20
Port  Auto-Detection  Auto-Configuration
----  --------------  ------------------
20       Enabled            Applied

Q. How can I check to see the LLDP information with a specific port?
A. show lldp port neighbor detail

ERS-5520# show lldp port 20 neighbor detail
-------------------------------------------------------------------------------
 lldp neighbor
-------------------------------------------------------------------------------
 Port: 20    Index: 5                  Time: 8 days, 13:47:49
 ChassisId: Network address    ipV4  192.168.100.101
 PortId:    MAC address        00:17:65:ff:e0:fc
 SysCap:    TB / TB            (Supported/Enabled)
 PortDesc:  Nortel IP Phone
 SysDescr:  Nortel IP Telephone 2002, Firmware:0604DAS

 PVID: 0                              PPVID Supported: not supported(0)
 VLAN Name List: none                 PPVID Enabled: none

 Dot3-MAC/PHY Auto-neg: supported/enabled       OperMAUtype:  100BaseTXFD
 PSE MDI power:         not supported/disabled  Port class:   PD
 PSE power pair:        signal/not controllable Power class:  2
 LinkAggr: not aggregatable/not aggregated      AggrPortID:   0
 MaxFrameSize: 1522
 PMD auto-neg:          10Base(T, TFD), 100Base(TX, TXFD)

 MED-Capabilities: CNLDI / CNDI       (Supported/Current)
 MED-Device type:  Endpoint Class 3
 MED-Application Type: Voice                    VLAN ID: 12
 L2 Priority: 6         DSCP Value: 46          Tagged Vlan, Policy defined
 Med-Power Type: PD Device            Power Source: Unknown
 Power Priority: High                 Power Value:    5.4 Watt
 HWRev:                               FWRev: 0604DAS
 SWRev:                               SerialNumber:
 ManufName: Nortel-01                 ModelName: IP Phone 2002
 AssetID:
-------------------------------------------------------------------------------
Port: 20    Index: 6                  Time: 8 days, 13:48:20
 ChassisId: Network address    ipV4  10.119.241.50
 PortId:    MAC address        00:17:65:ff:e0:fc
 SysCap:    TB / TB            (Supported/Enabled)
 PortDesc:  Nortel IP Phone
 SysDescr:  Nortel IP Telephone 2002, Firmware:0604DAS

 PVID: 0                              PPVID Supported: not supported(0)
 VLAN Name List: 12                   PPVID Enabled: none

 Dot3-MAC/PHY Auto-neg: supported/enabled       OperMAUtype:  100BaseTXFD
 PSE MDI power:         not supported/disabled  Port class:   PD
 PSE power pair:        signal/not controllable Power class:  2
 LinkAggr: not aggregatable/not aggregated      AggrPortID:   0
 MaxFrameSize: 1522
 PMD auto-neg:          10Base(T, TFD), 100Base(TX, TXFD)

 MED-Capabilities: CNLDI / CNDI       (Supported/Current)
 MED-Device type:  Endpoint Class 3
 MED-Application Type: Voice                    VLAN ID: 12
 L2 Priority: 6         DSCP Value: 46          Tagged Vlan, Policy defined
 Med-Power Type: PD Device            Power Source: Unknown
 Power Priority: High                 Power Value:    5.4 Watt
 HWRev:                               FWRev: 0604DAS
 SWRev:                               SerialNumber:
 ManufName: Nortel-01                 ModelName: IP Phone 2002
 AssetID:
-------------------------------------------------------------------------------
Sys capability: O-Other; R-Repeater; B-Bridge; W-WLAN accesspoint; r-Router;
T-Telephone; D-DOCSIS cable device; S-Station only.
Med Capabilities-C: N-Network Policy; L-Location Identification; I-Inventory;
S-Extended Power via MDI - PSE; D-Extended Power via MDI - PD.

Those are some of the commands that you might have to execute if you needed to perform troubleshooting between an ERS5520 and a i2002/i2004 phone.

Your DHCP server logs will be your friend during your troubleshooting. If you don’t see the phone making a DHCP request (or a request in the proper VLAN) then you should check that ADAC was applied to the switch port. ADAC is the component that will automatically add the switch port (the switch port the phone is connected to) into the Voice VLAN. If ADAC is not applied (or enabled) on the port then you’ll be able to see that the switch port in question is only a member of the Data VLAN. You need to remember that ADAC works on MAC address ranges. You need to check that the MAC address of your phone is in the ADAC MAC address table.

5520-48T-PWR# show adac mac-range-table
Lowest MAC Address          Highest MAC Address
------------------------    -------------------------
00-0A-E4-01-10-20            00-0A-E4-01-23-A7
00-0A-E4-01-70-EC            00-0A-E4-01-84-73
00-0A-E4-01-A1-C8            00-0A-E4-01-AD-7F
00-0A-E4-01-DA-4E            00-0A-E4-01-ED-D5
00-0A-E4-02-1E-D4            00-0A-E4-02-32-5B
00-0A-E4-02-5D-22            00-0A-E4-02-70-A9
00-0A-E4-02-D8-AE            00-0A-E4-02-FF-BD
00-0A-E4-03-87-E4            00-0A-E4-03-89-0F
00-0A-E4-03-90-E0            00-0A-E4-03-B7-EF
00-0A-E4-04-1A-56            00-0A-E4-04-41-65
00-0A-E4-04-80-E8            00-0A-E4-04-A7-F7
00-0A-E4-04-D2-FC            00-0A-E4-05-48-2B
00-0A-E4-05-B7-DF            00-0A-E4-06-05-FE
00-0A-E4-06-55-EC            00-0A-E4-07-19-3B
00-0A-E4-08-0A-02            00-0A-E4-08-7F-31
00-0A-E4-08-B2-89            00-0A-E4-09-75-D8
00-0A-E4-09-BB-9D            00-0A-E4-09-CF-24
00-0A-E4-09-FC-2B            00-0A-E4-0A-71-5A
00-0A-E4-0A-9D-DA            00-0A-E4-0B-61-29
00-0A-E4-0B-BB-FC            00-0A-E4-0B-BC-0F
00-0A-E4-0B-D9-BE            00-0A-E4-0C-9D-0D

Total Ranges: 21

If the MAC address of your i2002/i2004 phone does not match any of the MAC address ranges in the switch you’ll need to add a range to include those MAC addresses. If the MAC address of your i2002 phone was 00:18:b0:11:22:33 you could use the following commands;

5520-48T-PWR> enable
5520-48T-PWR# config terminal
5520-48T-PWR (config)# adac mac-range-table low-end 00:18:b0:00:00:00 high-end 00:18:b0:ff:ff:ff

You might think you could configure a port mirror and run a quick packet capture to understand what’s going on… unfortunately you cannot configure any port with port mirroring that has ADAC enabled.

Thats all for now.

The last step is the DHCP server so stay tuned.