Community discussions

MUM Europe 2020
 
francois
just joined
Topic Author
Posts: 18
Joined: Thu Dec 01, 2011 10:10 am

L2 vlan help needed

Fri Nov 29, 2019 12:20 pm

Hi,

I have 3x l2 services between 2 parts of my network as seen in the image attached. I am able to run 2x L2 (10g Service and the 2G service) fine as the ports are isolated on the right side crs317 and the vlans terminate on a separet interface.

However, attempting to get the 1G service up creates a loop as soon as its added to the bridge on both CRS's. Having one side disabled in the bridge keeps the l2 up.

How can I make use of all 3x l2s? I only have 1 port connected to the switch from the 2x crs on the left
You do not have the required permissions to view the files attached to this post.
 
francois
just joined
Topic Author
Posts: 18
Joined: Thu Dec 01, 2011 10:10 am

Re: L2 vlan help needed

Fri Nov 29, 2019 12:28 pm

O, and also only have vlan fltering enable on the right switch, left switch has no filtering enabled
 
sindy
Forum Guru
Forum Guru
Posts: 4193
Joined: Mon Dec 04, 2017 9:19 pm

Re: L2 vlan help needed

Sat Nov 30, 2019 5:22 pm

One reason why no one responds may be that a lot of information is missing in what you wrote so far.

I assume that each "service" provides an L2-transparent "pipe" between the two sites. Do you want to dedicate each "service" to an independent group of VLANs, or do you plan some redundancy (some VLANs to prefer one of the "services" but use another if the preferred one becomes unavailable)?

Also, you mention the two ports at the right CRS to be isolated, but you didn't say whether the one for the 1 Gbit/s service is isolated too. If it is not, there is no surprise you get a loop.

When testing the VLAN filtering on a software bridge (i.e. not the CRS3xx product line), I've seen that it actually only worked in one direction (I don't remember whether it was ingress or egress), so it wasn't enough to be set at just one end of the connection. It may be the same case with the CRS 3xx, I can't say, I have never practically tested that.

It is also not clear why you cannot set port isolation (and vlan filtering) at both CRS3xx.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.

Who is online

Users browsing this forum: MSN [Bot] and 92 guests