2 Juniper vMX 14 on ESXi don't ping each other

Before posting something, READ the changelog, WATCH the videos, howto and provide following:
Your install is: Bare metal, ESXi, what CPU model, RAM, HD, what EVE version you have, output of the uname -a and any other info that might help us faster.

Moderator: mike

shvlad1
Posts: 8
Joined: Sun Mar 18, 2018 4:46 pm

2 Juniper vMX 14 on ESXi don't ping each other

Post by shvlad1 » Sun Mar 18, 2018 5:26 pm

Good day,
I have ESXi 6.5.0 server with eve-ng on it.
ESXi

Code: Select all

Version: 1.8.0

Build number: 4516221

ESXi version: 6.5.0

ESXi build number: 4887370
Eve-ng

Code: Select all

root@eve-ng:~# dpkg -l eve-ng
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name           Version      Architecture Description
+++-==============-============-============-=================================
ii  eve-ng         2.0.3-86     amd64        A new generation software for net
root@eve-ng:~#


I have the lab with two connected via bridge Juniper vMX with profile in attachment
They cannot ping each other but they are able to ping IP on the corresponding bridge of EVE-NG VM.
I tried em1000/tpl network emulation and different network interfaces (em2/ge-0/0/0), it didn't help me.
I see arp in arp tables and drops on the bridge vnet0_1
root@eve-ng:~# ifconfig vnet0_1
vnet0_1 Link encap:Ethernet HWaddr 96:51:74:0e:bd:a3
inet addr:192.168.1.3 Bcast:0.0.0.0 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:9000 Metric:1
RX packets:955 errors:0 dropped:337 overruns:0 frame:0
TX packets:569 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:99582 (99.5 KB) TX bytes:53410 (53.4 KB)
What should I do to fix it?
Thank you.

Code: Select all

Model: vmx
Junos: 14.1R1.10
JUNOS Base OS Software Suite [14.1R1.10]
JUNOS Base OS boot [14.1R1.10]
JUNOS Crypto Software Suite [14.1R1.10]
JUNOS Online Documentation [14.1R1.10]
JUNOS Kernel Software Suite [14.1R1.10]
JUNOS Packet Forwarding Engine Support (M320) [14.1R1.10]
JUNOS Packet Forwarding Engine Support (M/T/EX Common) [14.1R1.10]
JUNOS Routing Software Suite [14.1R1.10]
JUNOS Runtime Software Suite [14.1R1.10]
JUNOS Services AACL PIC package [14.1R1.10]
JUNOS Services Application Level Gateway [14.1R1.10]
JUNOS Services Application Level Gateway (xlp64) [14.1R1.10]
JUNOS Services Application Level Gateway (xlr64) [14.1R1.10]
JUNOS AppId Services PIC Package [14.1R1.10]
JUNOS Services AppId PIC package (xlr64) [14.1R1.10]
JUNOS Border Gateway Function PIC package [14.1R1.10]
JUNOS Services Captive Portal and Content Delivery PIC package [14.1R1.10]
JUNOS Services HTTP Content Management PIC package [14.1R1.10]
JUNOS Services HTTP Content Management PIC package (xlr64) [14.1R1.10]
JUNOS IDP Services PIC Package [14.1R1.10]
JUNOS Packet Forwarding Engine Trio Simulation Package [14.1R1.10]

Juniper configs

Code: Select all

interfaces {
    inactive: ge-0/0/0 {
        mac 50:00:00:02:00:02;
        unit 0 {
            family inet {
                address 10.0.0.2/30;
            }
        }
    }
    ge-0/0/1 {
        mac 50:00:00:02:00:03;
        unit 0 {
            family inet {
                address 192.168.1.2/24;
            }
        }
    }
    em2 {
        unit 0 {
            family inet {
                address 10.0.0.2/24;
            }
        }
    }
}
protocols {
    lldp {
        interface all;
    }
}

You do not have the required permissions to view the files attached to this post.

shvlad1
Posts: 8
Joined: Sun Mar 18, 2018 4:46 pm

Re: 2 Juniper vMX 14 on ESXi don't ping each other

Post by shvlad1 » Sun Mar 18, 2018 6:46 pm

Code: Select all

root@eve-ng:~# ./evenginfo.sh
***** EVE-NG INFORMATION TOOL - CREATED BY R! ******
Sun Mar 18 20:44:54 EET 2018

***** EVE-NG VERSION INSTALLED  *****
eve-ng 2.0.3-86

***** HOSTNAME INFORMATION *****
   Static hostname: eve-ng
    Virtualization: vmware
  Operating System: Ubuntu 16.04.4 LTS
            Kernel: Linux 4.9.40-eve-ng-ukms-2+
      Architecture: x86-64

***** FILE SYSTEM DISK SPACE USAGE *****
Filesystem                    Size  Used Avail Use% Mounted on
udev                          3.9G     0  3.9G   0% /dev
tmpfs                         799M   19M  781M   3% /run
/dev/mapper/eve--ng--vg-root   97G   13G   81G  14% /
tmpfs                         3.9G     0  3.9G   0% /dev/shm
tmpfs                         5.0M     0  5.0M   0% /run/lock
tmpfs                         3.9G     0  3.9G   0% /sys/fs/cgroup
/dev/sda1                     472M   83M  365M  19% /boot

 ***** CPU INFORMATION  *****
model name      : Intel(R) Xeon(R) CPU           E5507  @ 2.27GHz

 ***** FREE AND USED MEMORY *****
              total        used        free      shared  buff/cache   available
Mem:           7.8G        381M        7.1G         26M        355M        7.1G
Swap:          979M          0B        979M

 ***** INTERFACE INFORMATION *****
pnet0           8000.000c29efbc30       no              eth0
pnet1           8000.000000000000       no
pnet2           8000.000000000000       no
pnet3           8000.000000000000       no
pnet4           8000.000000000000       no
pnet5           8000.000000000000       no
pnet6           8000.000000000000       no
pnet7           8000.000000000000       no
pnet8           8000.000000000000       no
pnet9           8000.000000000000       no

 ***** KVM CHECK INFORMATION  *****
INFO: /dev/kvm exists
KVM acceleration can be used

 ***** APACHE STATUS  *****
* apache2.service - LSB: Apache2 web server
   Active: active (running) since Sun 2018-03-18 20:28:19 EET; 16min ago

 ***** CHECKING INERNET STATUS  *****
PING www.google.com (173.194.73.104) 56(84) bytes of data.
64 bytes from lq-in-f104.1e100.net (173.194.73.104): icmp_seq=1 ttl=50 time=93.6                                                                                                                                                              ms

--- www.google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 93.664/93.664/93.664/0.000 ms

 ***** COPY or SCREENSHOT THIS INFORMATION FOR EVE SUPPORT TO HELP/UNDERSTAND YO                                                                                                                                                             UR SYSTEM INFORMATION.******
 ***** http://www.eve-ng.net/forum/ ******


Uldis (UD)
Posts: 5190
Joined: Wed Mar 15, 2017 4:44 pm
Location: London
Contact:

Re: 2 Juniper vMX 14 on ESXi don't ping each other

Post by Uldis (UD) » Sun Mar 18, 2018 7:48 pm

if you want connect lab node to EVE, you have to use cloud interface...

here in my setup vMX is connected to Mgmt/cloud0
and have internet on it.

UD
You do not have the required permissions to view the files attached to this post.

shvlad1
Posts: 8
Joined: Sun Mar 18, 2018 4:46 pm

Re: 2 Juniper vMX 14 on ESXi don't ping each other

Post by shvlad1 » Mon Mar 19, 2018 5:01 pm

I do not need to connect the VMXs to my LAN, I just want to connect them to each other.
Well, I'll try a different type of network, thank you

shvlad1
Posts: 8
Joined: Sun Mar 18, 2018 4:46 pm

Re: 2 Juniper vMX 14 on ESXi don't ping each other

Post by shvlad1 » Mon Mar 19, 2018 6:22 pm

I tried different netrwork types (cloud, mgm, bridge) in the lab, different network cards on the host system (em1000) but nothing could help me.
I have unetlab 1.0.0-6 on the same esxi, two junipers in the VM in Unetlab pings each other.
If I set up IP from the ge-0/0/0 network on the bridge in EVE, I can see both of the juns.
I have the following configs of the juniper and bridge in VM:

MX1

Code: Select all

root@mx1# show interfaces ge-0/0/0
mac 50:00:00:01:00:02;
unit 0 {
    family inet {
        address 10.0.0.1/24;
    }
}

[edit]
root@mx1#

[edit]
root@mx1# run ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2): 56 data bytes
^C
--- 10.0.0.2 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss

[edit]
root@mx1#
MX2

Code: Select all

[edit]
root@mx2# show interfaces ge-0/0/0
mac 50:00:00:02:00:02;
unit 0 {
    family inet {
        address 10.0.0.2/24;
    }
}

[edit]
root@mx2#

EVE-NG

Code: Select all

root@eve-ng:~# ip addr show dev pnet1
4: pnet1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc noqueue state UP group default qlen 1000
    link/ether 3a:d0:bf:c9:26:f9 brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.3/24 scope global pnet1
       valid_lft forever preferred_lft forever
    inet6 fe80::545e:b0ff:fe06:7b26/64 scope link
       valid_lft forever preferred_lft forever
root@eve-ng:~# ping 10.0.0.1
PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data.
64 bytes from 10.0.0.1: icmp_seq=1 ttl=64 time=1.74 ms
^C
--- 10.0.0.1 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.741/1.741/1.741/0.000 ms
root@eve-ng:~# ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=1.62 ms
^C
--- 10.0.0.2 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.622/1.622/1.622/0.000 ms
root@eve-ng:~# brctl showmacs pnet1
port no mac addr                is local?       ageing timer
  1     00:05:86:71:19:00       no                18.09
  2     00:05:86:71:89:00       no                 6.06
  2     3a:d0:bf:c9:26:f9       yes                0.00
  2     3a:d0:bf:c9:26:f9       yes                0.00
  2     50:00:00:01:00:02       no                 2.80
  1     50:00:00:02:00:02       no                 1.26
  1     f6:f9:5c:f3:71:22       yes                0.00
  1     f6:f9:5c:f3:71:22       yes                0.00
root@eve-ng:~#

Uldis (UD)
Posts: 5190
Joined: Wed Mar 15, 2017 4:44 pm
Location: London
Contact:

Re: 2 Juniper vMX 14 on ESXi don't ping each other

Post by Uldis (UD) » Mon Mar 19, 2018 8:11 pm

to interconnect nodes no need add any bridge on topology
straight connection...
you MUST not touch EVE pnet interfaces at all please..

check this video how to interconnect nodes in eve
Video 8
http://www.eve-ng.net/index.php/documentation/howto-s-2

UD
You do not have the required permissions to view the files attached to this post.

shvlad1
Posts: 8
Joined: Sun Mar 18, 2018 4:46 pm

Re: 2 Juniper vMX 14 on ESXi don't ping each other

Post by shvlad1 » Tue Mar 20, 2018 7:45 am

Ok, thank you.
I'll try a straight link between two junipers, but what about a bridge?
Why doesn't it foraward packets between nodes although the bridge sees both of hosts?

shvlad1
Posts: 8
Joined: Sun Mar 18, 2018 4:46 pm

Re: 2 Juniper vMX 14 on ESXi don't ping each other

Post by shvlad1 » Tue Mar 20, 2018 5:08 pm

I changed to direct link between junipers but it did't help me so I have got the same issue.
I see arp in the cache, lldp neighbor but can't ping another jun.
What should I do to fix the problem?

Code: Select all

root@mx1> ping 10.0.0.2                             
PING 10.0.0.2 (10.0.0.2): 56 data bytes
^C
--- 10.0.0.2 ping statistics ---
4 packets transmitted, 0 packets received, 100% packet loss

root@mx1> show configuration interfaces ge-0/0/0 
mac 50:00:00:01:00:02;
unit 0 {
    family inet {
        address 10.0.0.1/24;
    }
}

root@mx1> show interfaces ge-0/0/0  
Physical interface: ge-0/0/0, Enabled, Physical link is Up
  Interface index: 137, SNMP ifIndex: 513
  Link-level type: Ethernet, MTU: 1514, MRU: 1522, Speed: 1000mbps,
  BPDU Error: None, MAC-REWRITE Error: None, Loopback: Disabled,
  Source filtering: Disabled, Flow control: Enabled
  Pad to minimum frame size: Disabled
  Device flags   : Present Running
  Interface flags: SNMP-Traps Internal: 0x4000
  Link flags     : None
  CoS queues     : 8 supported, 8 maximum usable queues
  Current address: 50:00:00:01:00:02, Hardware address: 00:05:86:71:f7:00
  Last flapped   : 2018-03-20 16:50:58 UTC (00:11:55 ago)
  Input rate     : 64 bps (0 pps)
  Output rate    : 232 bps (0 pps)
  Active alarms  : None
  Active defects : None
  Interface transmit statistics: Disabled

  Logical interface ge-0/0/0.0 (Index 329) (SNMP ifIndex 523)
    Flags: Up SNMP-Traps 0x4004000 Encapsulation: ENET2
    Input packets : 28
    Output packets: 51
    Protocol inet, MTU: 1500
      Flags: Sendbcast-pkt-to-re, Is-Primary
      Addresses, Flags: Is-Default Is-Preferred Is-Primary
        Destination: 10.0.0/24, Local: 10.0.0.1, Broadcast: 10.0.0.255
    Protocol multiservice, MTU: Unlimited
      Flags: Is-Primary

root@mx1> 

root@mx1> 

root@mx1> show arp 
MAC Address       Address         Name                      Interface           Flags
50:00:00:02:00:02 10.0.0.2        10.0.0.2                  ge-0/0/0.0          none

root@mx1> 

Code: Select all

root@mx2> show configuration 
## Last commit: 2018-03-19 18:11:49 UTC by root
version 14.1R1.10;
system {
    host-name mx2;
    root-authentication {
        encrypted-password "$1$nYRh9iTU$n1gJPeZ1PTkNd5ChfeWze."; ## SECRET-DATA
    }
    services {
        telnet;
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {                            
    ge-0/0/0 {
        mac 50:00:00:02:00:02;
        unit 0 {
            family inet {
                address 10.0.0.2/24;
            }
        }
    }
}
protocols {
    lldp {
        interface all;
    }
}

root@mx2> show interfaces em2 
Physical interface: em2, Enabled, Physical link is Up
  Interface index: 67, SNMP ifIndex: 116
  Type: Ethernet, Link-level type: Ethernet, MTU: 2000
  Device flags   : Present Running
  Interface flags: Promiscuous SNMP-Traps
  Link flags     : None
  Current address: 50:00:00:02:00:02, Hardware address: 50:00:00:02:00:02
  Last flapped   : Never
    Input packets : 32
    Output packets: 26

root@mx2> ping 10.0.0.1 
PING 10.0.0.1 (10.0.0.1): 56 data bytes
^C
--- 10.0.0.1 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss

root@mx2> show lldp neighbors 
Local Interface    Parent Interface    Chassis Id          Port info          System Name
ge-0/0/0           -                   00:05:86:71:fa:c0   513                mx1                 

Uldis (UD)
Posts: 5190
Joined: Wed Mar 15, 2017 4:44 pm
Location: London
Contact:

Re: 2 Juniper vMX 14 on ESXi don't ping each other

Post by Uldis (UD) » Tue Mar 20, 2018 7:27 pm

it is your image issue only.

Straight link between routers IS a bridge link !!!
get image vmx-14.1R4.8-domestic

its the best from 14 vMX series

shvlad1
Posts: 8
Joined: Sun Mar 18, 2018 4:46 pm

Re: 2 Juniper vMX 14 on ESXi don't ping each other

Post by shvlad1 » Wed Mar 21, 2018 5:47 pm

with vmx-14.1R4.8-domestic i got the same problem
I got next error, what does it mean?
Thank you

em2error setting host MAC filter table
em2error setting host MAC filter table


Code: Select all

root# show 
## Last changed: 2018-03-21 17:40:16 UTC
version 14.1R4.8;
system {
    root-authentication {
        encrypted-password "$1$mSzBAjtK$3xI2.zoo4ubgCiB9wbBlI/"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    inactive: ge-0/0/0 {
        mac 50:00:00:01:00:02;
        unit 0 {
            family inet {               
                address 10.0.0.1/24;
            }
        }
    }
    em2 {
        inactive: mac 50:00:00:01:00:02;
        unit 0 {
            family inet {
                address 10.0.0.1/24;
            }
        }
    }
}

[edit]
root# commit 
em2error setting host MAC filter table
em2error setting host MAC filter table
commit complete

[edit]
root# run show route 

inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.0.0.0/24        *[Direct/0] 00:00:04
                    > via em2.0
10.0.0.1/32        *[Local/0] 00:00:04
                      Local via em2.0

[edit]
root# run ping 10.0.0.2 
PING 10.0.0.2 (10.0.0.2): 56 data bytes
^C
--- 10.0.0.2 ping statistics ---
15 packets transmitted, 0 packets received, 100% packet loss

[edit]
root# run show arp 
MAC Address       Address         Name                      Interface           Flags
50:00:00:02:00:02 10.0.0.2        10.0.0.2                  em2.0               none

[edit]
root# run show version 
Model: vmx
Junos: 14.1R4.8
JUNOS Base OS Software Suite [14.1R4.8]
JUNOS Base OS boot [14.1R4.8]
JUNOS Crypto Software Suite [14.1R4.8]
JUNOS Online Documentation [14.1R4.8]
JUNOS Kernel Software Suite [14.1R4.8]
JUNOS Routing Software Suite [14.1R4.8]
JUNOS Runtime Software Suite [14.1R4.8]
JUNOS Services AACL PIC package [14.1R4.8]
JUNOS Services Application Level Gateway [14.1R4.8]
JUNOS Services Application Level Gateway (xlp64) [14.1R4.8]
JUNOS Services Application Level Gateway (xlr64) [14.1R4.8]
JUNOS AppId Services PIC Package [14.1R4.8]
JUNOS Services AppId PIC package (xlr64) [14.1R4.8]
JUNOS Border Gateway Function PIC package [14.1R4.8]
JUNOS Services Captive Portal and Content Delivery PIC package [14.1R4.8]
JUNOS Services HTTP Content Management PIC package [14.1R4.8]
JUNOS Services HTTP Content Management PIC package (xlr64) [14.1R4.8]
JUNOS IDP Services PIC Package [14.1R4.8]
JUNOS Services JFLOW PIC package [14.1R4.8]
JUNOS Services JFLOW PIC package (xlp64) [14.1R4.8]
JUNOS Services LL-PDF PIC package [14.1R4.8]
                                        
[edit]
root# 

Code: Select all

root# show 
## Last changed: 2018-03-21 17:41:01 UTC
version 14.1R4.8;
system {
    root-authentication {
        encrypted-password "$1$LDox/q79$1FcJ8KBumLom/kx4TnIMI/"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    inactive: ge-0/0/0 {
        mac 50:00:00:02:00:02;
        unit 0 {
            family inet {               
                address 10.0.0.2/24;
            }
        }
    }
    em2 {
        inactive: mac 50:00:00:02:00:02;
        unit 0 {
            family inet {
                address 10.0.0.2/24;
            }
        }
    }
}

[edit]
root# commit 
em2error setting host MAC filter table
em2error setting host MAC filter table
commit complete

[edit]
root# run show route 

inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.0.0.0/24        *[Direct/0] 00:00:54
                    > via em2.0
10.0.0.2/32        *[Local/0] 00:00:54
                      Local via em2.0

[edit]
root# run ping 10.0.0.1 
PING 10.0.0.1 (10.0.0.1): 56 data bytes
^C
--- 10.0.0.1 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss

[edit]
root# run show version 
Model: vmx
Junos: 14.1R4.8
JUNOS Base OS Software Suite [14.1R4.8]
JUNOS Base OS boot [14.1R4.8]
JUNOS Crypto Software Suite [14.1R4.8]
JUNOS Online Documentation [14.1R4.8]
JUNOS Kernel Software Suite [14.1R4.8]
JUNOS Routing Software Suite [14.1R4.8]
JUNOS Runtime Software Suite [14.1R4.8]
JUNOS Services AACL PIC package [14.1R4.8]
JUNOS Services Application Level Gateway [14.1R4.8]
JUNOS Services Application Level Gateway (xlp64) [14.1R4.8]
JUNOS Services Application Level Gateway (xlr64) [14.1R4.8]
JUNOS AppId Services PIC Package [14.1R4.8]
JUNOS Services AppId PIC package (xlr64) [14.1R4.8]
JUNOS Border Gateway Function PIC package [14.1R4.8]
JUNOS Services Captive Portal and Content Delivery PIC package [14.1R4.8]
JUNOS Services HTTP Content Management PIC package [14.1R4.8]
JUNOS Services HTTP Content Management PIC package (xlr64) [14.1R4.8]
JUNOS IDP Services PIC Package [14.1R4.8]
JUNOS Services JFLOW PIC package [14.1R4.8]
JUNOS Services JFLOW PIC package (xlp64) [14.1R4.8]
JUNOS Services LL-PDF PIC package [14.1R4.8]
                                        
[edit]
root# run show arp 
MAC Address       Address         Name                      Interface           Flags
50:00:00:01:00:02 10.0.0.1        10.0.0.1                  em2.0               none

[edit]
root# show 
## Last changed: 2018-03-21 17:41:12 UTC
version 14.1R4.8;
system {
    root-authentication {
        encrypted-password "$1$LDox/q79$1FcJ8KBumLom/kx4TnIMI/"; ## SECRET-DATA
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    inactive: ge-0/0/0 {
        mac 50:00:00:02:00:02;
        unit 0 {
            family inet {               
                address 10.0.0.2/24;
            }
        }
    }
    em2 {
        inactive: mac 50:00:00:02:00:02;
        unit 0 {
            family inet {
                address 10.0.0.2/24;
            }
        }
    }
}

[edit]
root# 

Post Reply