I am facing very strange behavior of CRS326-24G-2S+.
Maybe it is a bug.
ROS version: 6.47.9
Description:
Network has:
ipv4 DHCP in vlan 17
ipv6 ND/SLAAC in vlan 888.
I have some ports in hybrid mode on CRS326: vlan 17 - native, vlan 50, 888 – tagged.
Hosts have dhcp-client on vlan 17 and get ip-addresses without problem.
Hosts have only one native interfaces, without any tagged sub-interfaces.
And then strange magic happened: all hosts connected to hybrid ports with vlan 17 access and vlan 888 in tagged mode get ipv6 addresses (global from ND/SLAAC-router)!
But only with one-way traffic flow: hosts get ipv6 address and they can't even ping ipv6 default gateway.
Hosts get ipv6 addresses from vlan 888 without self-tagging interfaces in this vlan! Hosts have only native (access) ethernet-interfaces but ipv6 address from Router!
Please help with this issue, if anybody know anything about something like this…
Configuration:
Code: Select all
/interface bridge
add comment="-M- bridge-switch" ingress-filtering=yes name=bridge1-switch priority=0xA000 protocol-mode=mstp vlan-filtering=yes
/interface bridge port
/interface bridge
add ageing-time=5m arp=enabled arp-timeout=auto auto-mac=yes comment="-M- bridge-switch" dhcp-snooping=no disabled=no ether-type=0x8100 fast-forward=yes forward-delay=15s frame-types=admit-all igmp-snooping=no \
ingress-filtering=yes max-hops=20 max-message-age=20s mtu=auto name=bridge1-switch priority=0xA000 protocol-mode=mstp pvid=1 region-name="" region-revision=0 transmit-hold-count=6 vlan-filtering=yes
/interface bridge port
add auto-isolate=no bpdu-guard=no bridge=bridge1-switch broadcast-flood=yes disabled=no edge=auto fast-leave=no frame-types=admit-all horizon=none hw=yes ingress-filtering=yes interface=ether17 \
internal-path-cost=10 learn=auto multicast-router=temporary-query path-cost=10 point-to-point=auto priority=0x80 pvid=17 restricted-role=no restricted-tcn=no tag-stacking=no trusted=no \
unknown-multicast-flood=yes unknown-unicast-flood=yes
/interface bridge settings
set allow-fast-path=no use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=no
/interface bridge vlan
add bridge=bridge1-switch comment=mngmt disabled=no tagged=bridge1-switch,ether1,ether6,ether7,ether22,ether23 untagged=ether2,ether9,ether13 vlan-ids=17
add bridge=bridge1-switch comment=ipv6_core disabled=no tagged=ether1,ether3,ether9,ether13,ether17,ether18,ether22,ether23 untagged="" vlan-ids=888