Mailing List Archive

> On Jun 24, 2016, at 1:19 PM, Gerald <gerald@ax.tc> wrote:
>
> Is there a way to stop this? I would have my "route-only" ports Layer2
> free and not disturb other Layer2 systems behind.

Old old notes I found said basically 1) “bpdus are sent even with route-only”, and 2) "you should reboot after applying route-only".

Both of which may not helpful to you.


_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

The MLX got a reboot some weeks ago, this seems not to help. I'am afraid
of your (1) note... :-(.

Gerald

Am 24.06.2016 um 21:27 schrieb Steven Raymond:
>
>> On Jun 24, 2016, at 1:19 PM, Gerald <gerald@ax.tc> wrote:
>>
>> Is there a way to stop this? I would have my "route-only" ports Layer2
>> free and not disturb other Layer2 systems behind.
>
> Old old notes I found said basically 1) “bpdus are sent even with route-only”, and 2) "you should reboot after applying route-only".
>
> Both of which may not helpful to you.
>
>
>
_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

You should create some "dummy" vlans on route-only ports, to avoid that.
No problem having untagged vlan on any port with IP/routing configuration. You even ca do this without any disturbance.

Le 24 juin 2016 21:53:08 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>The MLX got a reboot some weeks ago, this seems not to help. I'am
>afraid
>of your (1) note... :-(.
>
>Gerald
>
>Am 24.06.2016 um 21:27 schrieb Steven Raymond:
>>
>>> On Jun 24, 2016, at 1:19 PM, Gerald <gerald@ax.tc> wrote:
>>>
>>> Is there a way to stop this? I would have my "route-only" ports
>Layer2
>>> free and not disturb other Layer2 systems behind.
>>
>> Old old notes I found said basically 1) “bpdus are sent even with
>route-only”, and 2) "you should reboot after applying route-only".
>>
>> Both of which may not helpful to you.
>>
>>
>>
>_______________________________________________
>foundry-nsp mailing list
>foundry-nsp@puck.nether.net
>http://puck.nether.net/mailman/listinfo/foundry-nsp

--
Sent from my phone.
Please excuse any typos or mistakes.
But not both !
_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

Thx Clement for this advice, did you mean something like this:

!
int eth 1/2
enable
route-only
ip addres 10.0.0.1/14
!
vlan 666 name dummy-layer3-vlan
untag eth 2/12
!


Gerald

Am 24.06.2016 um 21:59 schrieb Clement Cavadore:
> You should create some "dummy" vlans on route-only ports, to avoid that.
> No problem having untagged vlan on any port with IP/routing configuration. You even ca do this without any disturbance.
>
> Le 24 juin 2016 21:53:08 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>> The MLX got a reboot some weeks ago, this seems not to help. I'am
>> afraid
>> of your (1) note... :-(.
>>
>> Gerald
>>
>> Am 24.06.2016 um 21:27 schrieb Steven Raymond:
>>>
>>>> On Jun 24, 2016, at 1:19 PM, Gerald <gerald@ax.tc> wrote:
>>>>
>>>> Is there a way to stop this? I would have my "route-only" ports
>> Layer2
>>>> free and not disturb other Layer2 systems behind.
>>>
>>> Old old notes I found said basically 1) “bpdus are sent even with
>> route-only”, and 2) "you should reboot after applying route-only".
>>>
>>> Both of which may not helpful to you.
>>>
>>>
>>>
>> _______________________________________________
>> foundry-nsp mailing list
>> foundry-nsp@puck.nether.net
>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>
_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

Oops, need sleep ;-)

!
int eth 1/2
enable
route-only
ip addres 10.0.0.1/24
!
vlan 666 name dummy-layer3-vlan
untag eth 1/2
!

Am 24.06.2016 um 23:27 schrieb Gerald:
> Thx Clement for this advice, did you mean something like this:
>
> !
> int eth 1/2
> enable
> route-only
> ip addres 10.0.0.1/14
> !
> vlan 666 name dummy-layer3-vlan
> untag eth 2/12
> !
>
>
> Gerald
>
> Am 24.06.2016 um 21:59 schrieb Clement Cavadore:
>> You should create some "dummy" vlans on route-only ports, to avoid that.
>> No problem having untagged vlan on any port with IP/routing configuration. You even ca do this without any disturbance.
>>
>> Le 24 juin 2016 21:53:08 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>>> The MLX got a reboot some weeks ago, this seems not to help. I'am
>>> afraid
>>> of your (1) note... :-(.
>>>
>>> Gerald
>>>
>>> Am 24.06.2016 um 21:27 schrieb Steven Raymond:
>>>>
>>>>> On Jun 24, 2016, at 1:19 PM, Gerald <gerald@ax.tc> wrote:
>>>>>
>>>>> Is there a way to stop this? I would have my "route-only" ports
>>> Layer2
>>>>> free and not disturb other Layer2 systems behind.
>>>>
>>>> Old old notes I found said basically 1) “bpdus are sent even with
>>> route-only”, and 2) "you should reboot after applying route-only".
>>>>
>>>> Both of which may not helpful to you.
>>>>
>>>>
>>>>
>>> _______________________________________________
>>> foundry-nsp mailing list
>>> foundry-nsp@puck.nether.net
>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>>
_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

Yes thats it ;)

Le 24 juin 2016 23:30:02 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>Oops, need sleep ;-)
>
>!
>int eth 1/2
> enable
> route-only
> ip addres 10.0.0.1/24
>!
>vlan 666 name dummy-layer3-vlan
> untag eth 1/2
>!
>
>Am 24.06.2016 um 23:27 schrieb Gerald:
>> Thx Clement for this advice, did you mean something like this:
>>
>> !
>> int eth 1/2
>> enable
>> route-only
>> ip addres 10.0.0.1/14
>> !
>> vlan 666 name dummy-layer3-vlan
>> untag eth 2/12
>> !
>>
>>
>> Gerald
>>
>> Am 24.06.2016 um 21:59 schrieb Clement Cavadore:
>>> You should create some "dummy" vlans on route-only ports, to avoid
>that.
>>> No problem having untagged vlan on any port with IP/routing
>configuration. You even ca do this without any disturbance.
>>>
>>> Le 24 juin 2016 21:53:08 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>>>> The MLX got a reboot some weeks ago, this seems not to help. I'am
>>>> afraid
>>>> of your (1) note... :-(.
>>>>
>>>> Gerald
>>>>
>>>> Am 24.06.2016 um 21:27 schrieb Steven Raymond:
>>>>>
>>>>>> On Jun 24, 2016, at 1:19 PM, Gerald <gerald@ax.tc> wrote:
>>>>>>
>>>>>> Is there a way to stop this? I would have my "route-only" ports
>>>> Layer2
>>>>>> free and not disturb other Layer2 systems behind.
>>>>>
>>>>> Old old notes I found said basically 1) “bpdus are sent even with
>>>> route-only”, and 2) "you should reboot after applying route-only".
>
>>>>>
>>>>> Both of which may not helpful to you.
>>>>>
>>>>>
>>>>>
>>>> _______________________________________________
>>>> foundry-nsp mailing list
>>>> foundry-nsp@puck.nether.net
>>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>>>

--
Sent from my phone.
Please excuse any typos or mistakes.
But not both !
_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

All right, I've tested this and now the MLX seems to generate VLAN666
BPDUs by itself on this port. At least I can see that the "BPDU Config
tx" counter is still rising.

So I can stop flooding VLAN1 BPDUs from other ports but now we have new
VLAN666 BPDUs on that port transmitted.

From one hell to the other... which one is better :-/


Gerald

Am 24.06.2016 um 23:35 schrieb Clement Cavadore:
> Yes thats it ;)
>
> Le 24 juin 2016 23:30:02 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>> Oops, need sleep ;-)
>>
>> !
>> int eth 1/2
>> enable
>> route-only
>> ip addres 10.0.0.1/24
>> !
>> vlan 666 name dummy-layer3-vlan
>> untag eth 1/2
>> !
>>
>> Am 24.06.2016 um 23:27 schrieb Gerald:
>>> Thx Clement for this advice, did you mean something like this:
>>>
>>> !
>>> int eth 1/2
>>> enable
>>> route-only
>>> ip addres 10.0.0.1/14
>>> !
>>> vlan 666 name dummy-layer3-vlan
>>> untag eth 2/12
>>> !
>>>
>>>
>>> Gerald
>>>
>>> Am 24.06.2016 um 21:59 schrieb Clement Cavadore:
>>>> You should create some "dummy" vlans on route-only ports, to avoid
>> that.
>>>> No problem having untagged vlan on any port with IP/routing
>> configuration. You even ca do this without any disturbance.
>>>>
>>>> Le 24 juin 2016 21:53:08 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>>>>> The MLX got a reboot some weeks ago, this seems not to help. I'am
>>>>> afraid
>>>>> of your (1) note... :-(.
>>>>>
>>>>> Gerald
>>>>>
>>>>> Am 24.06.2016 um 21:27 schrieb Steven Raymond:
>>>>>>
>>>>>>> On Jun 24, 2016, at 1:19 PM, Gerald <gerald@ax.tc> wrote:
>>>>>>>
>>>>>>> Is there a way to stop this? I would have my "route-only" ports
>>>>> Layer2
>>>>>>> free and not disturb other Layer2 systems behind.
>>>>>>
>>>>>> Old old notes I found said basically 1) “bpdus are sent even with
>>>>> route-only”, and 2) "you should reboot after applying route-only".
>>
>>>>>>
>>>>>> Both of which may not helpful to you.
>>>>>>
>>>>>>
>>>>>>
>>>>> _______________________________________________
>>>>> foundry-nsp mailing list
>>>>> foundry-nsp@puck.nether.net
>>>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>>>>
>
_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

Oh, maybe the trick is disabling STP an the port too:

!
vlan 666 name dummy-layer3-vlan
untag eth 1/2
spanning-tree ethernet 1/2 disable
!

Am 24.06.2016 um 23:54 schrieb Gerald:
> All right, I've tested this and now the MLX seems to generate VLAN666
> BPDUs by itself on this port. At least I can see that the "BPDU Config
> tx" counter is still rising.
>
> So I can stop flooding VLAN1 BPDUs from other ports but now we have new
> VLAN666 BPDUs on that port transmitted.
>
> From one hell to the other... which one is better :-/
>
>
> Gerald
>
> Am 24.06.2016 um 23:35 schrieb Clement Cavadore:
>> Yes thats it ;)
>>
>> Le 24 juin 2016 23:30:02 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>>> Oops, need sleep ;-)
>>>
>>> !
>>> int eth 1/2
>>> enable
>>> route-only
>>> ip addres 10.0.0.1/24
>>> !
>>> vlan 666 name dummy-layer3-vlan
>>> untag eth 1/2
>>> !
>>>
>>> Am 24.06.2016 um 23:27 schrieb Gerald:
>>>> Thx Clement for this advice, did you mean something like this:
>>>>
>>>> !
>>>> int eth 1/2
>>>> enable
>>>> route-only
>>>> ip addres 10.0.0.1/14
>>>> !
>>>> vlan 666 name dummy-layer3-vlan
>>>> untag eth 2/12
>>>> !
>>>>
>>>>
>>>> Gerald
>>>>
>>>> Am 24.06.2016 um 21:59 schrieb Clement Cavadore:
>>>>> You should create some "dummy" vlans on route-only ports, to avoid
>>> that.
>>>>> No problem having untagged vlan on any port with IP/routing
>>> configuration. You even ca do this without any disturbance.
>>>>>
>>>>> Le 24 juin 2016 21:53:08 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>>>>>> The MLX got a reboot some weeks ago, this seems not to help. I'am
>>>>>> afraid
>>>>>> of your (1) note... :-(.
>>>>>>
>>>>>> Gerald
>>>>>>
>>>>>> Am 24.06.2016 um 21:27 schrieb Steven Raymond:
>>>>>>>
>>>>>>>> On Jun 24, 2016, at 1:19 PM, Gerald <gerald@ax.tc> wrote:
>>>>>>>>
>>>>>>>> Is there a way to stop this? I would have my "route-only" ports
>>>>>> Layer2
>>>>>>>> free and not disturb other Layer2 systems behind.
>>>>>>>
>>>>>>> Old old notes I found said basically 1) “bpdus are sent even with
>>>>>> route-only”, and 2) "you should reboot after applying route-only".
>>>
>>>>>>>
>>>>>>> Both of which may not helpful to you.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> _______________________________________________
>>>>>> foundry-nsp mailing list
>>>>>> foundry-nsp@puck.nether.net
>>>>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>>>>>
>>
_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

Hi Gerald,

There are more BPDU types than just spanning-tree.. :-) You should apply
"no fdp enable" and "no spanning-tree" on the physical interface ethe
1/2, as well as "no ip redirect" and "ipv6 nd suppress-ra" on the VE's
which are facing that interface. This should be enough to make the MLXe
shut up if "route-only" is also enabled on a global level (though it
should be ok with an interface-level "route-only" setting too).

Best regards,
Martijn Schmidt

On 06/24/2016 11:59 PM, Gerald wrote:
> Oh, maybe the trick is disabling STP an the port too:
>
> !
> vlan 666 name dummy-layer3-vlan
> untag eth 1/2
> spanning-tree ethernet 1/2 disable
> !
>
> Am 24.06.2016 um 23:54 schrieb Gerald:
>> All right, I've tested this and now the MLX seems to generate VLAN666
>> BPDUs by itself on this port. At least I can see that the "BPDU Config
>> tx" counter is still rising.
>>
>> So I can stop flooding VLAN1 BPDUs from other ports but now we have new
>> VLAN666 BPDUs on that port transmitted.
>>
>> From one hell to the other... which one is better :-/
>>
>>
>> Gerald
>>
>> Am 24.06.2016 um 23:35 schrieb Clement Cavadore:
>>> Yes thats it ;)
>>>
>>> Le 24 juin 2016 23:30:02 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>>>> Oops, need sleep ;-)
>>>>
>>>> !
>>>> int eth 1/2
>>>> enable
>>>> route-only
>>>> ip addres 10.0.0.1/24
>>>> !
>>>> vlan 666 name dummy-layer3-vlan
>>>> untag eth 1/2
>>>> !
>>>>
>>>> Am 24.06.2016 um 23:27 schrieb Gerald:
>>>>> Thx Clement for this advice, did you mean something like this:
>>>>>
>>>>> !
>>>>> int eth 1/2
>>>>> enable
>>>>> route-only
>>>>> ip addres 10.0.0.1/14
>>>>> !
>>>>> vlan 666 name dummy-layer3-vlan
>>>>> untag eth 2/12
>>>>> !
>>>>>
>>>>>
>>>>> Gerald
>>>>>
>>>>> Am 24.06.2016 um 21:59 schrieb Clement Cavadore:
>>>>>> You should create some "dummy" vlans on route-only ports, to avoid
>>>> that.
>>>>>> No problem having untagged vlan on any port with IP/routing
>>>> configuration. You even ca do this without any disturbance.
>>>>>> Le 24 juin 2016 21:53:08 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>>>>>>> The MLX got a reboot some weeks ago, this seems not to help. I'am
>>>>>>> afraid
>>>>>>> of your (1) note... :-(.
>>>>>>>
>>>>>>> Gerald
>>>>>>>
>>>>>>> Am 24.06.2016 um 21:27 schrieb Steven Raymond:
>>>>>>>>> On Jun 24, 2016, at 1:19 PM, Gerald <gerald@ax.tc> wrote:
>>>>>>>>>
>>>>>>>>> Is there a way to stop this? I would have my "route-only" ports
>>>>>>> Layer2
>>>>>>>>> free and not disturb other Layer2 systems behind.
>>>>>>>> Old old notes I found said basically 1) “bpdus are sent even with
>>>>>>> route-only”, and 2) "you should reboot after applying route-only".
>>>>>>>> Both of which may not helpful to you.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> foundry-nsp mailing list
>>>>>>> foundry-nsp@puck.nether.net
>>>>>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp


_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

Spanning tree is off by default too on mlx code, so you shouldn't be seeing
those regardless on the new vlan.

Mike
On Jun 24, 2016 6:09 PM, "i3D.net - Martijn Schmidt" <martijnschmidt@i3d.net>
wrote:

> Hi Gerald,
>
> There are more BPDU types than just spanning-tree.. :-) You should apply
> "no fdp enable" and "no spanning-tree" on the physical interface ethe
> 1/2, as well as "no ip redirect" and "ipv6 nd suppress-ra" on the VE's
> which are facing that interface. This should be enough to make the MLXe
> shut up if "route-only" is also enabled on a global level (though it
> should be ok with an interface-level "route-only" setting too).
>
> Best regards,
> Martijn Schmidt
>
> On 06/24/2016 11:59 PM, Gerald wrote:
> > Oh, maybe the trick is disabling STP an the port too:
> >
> > !
> > vlan 666 name dummy-layer3-vlan
> > untag eth 1/2
> > spanning-tree ethernet 1/2 disable
> > !
> >
> > Am 24.06.2016 um 23:54 schrieb Gerald:
> >> All right, I've tested this and now the MLX seems to generate VLAN666
> >> BPDUs by itself on this port. At least I can see that the "BPDU Config
> >> tx" counter is still rising.
> >>
> >> So I can stop flooding VLAN1 BPDUs from other ports but now we have new
> >> VLAN666 BPDUs on that port transmitted.
> >>
> >> From one hell to the other... which one is better :-/
> >>
> >>
> >> Gerald
> >>
> >> Am 24.06.2016 um 23:35 schrieb Clement Cavadore:
> >>> Yes thats it ;)
> >>>
> >>> Le 24 juin 2016 23:30:02 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
> >>>> Oops, need sleep ;-)
> >>>>
> >>>> !
> >>>> int eth 1/2
> >>>> enable
> >>>> route-only
> >>>> ip addres 10.0.0.1/24
> >>>> !
> >>>> vlan 666 name dummy-layer3-vlan
> >>>> untag eth 1/2
> >>>> !
> >>>>
> >>>> Am 24.06.2016 um 23:27 schrieb Gerald:
> >>>>> Thx Clement for this advice, did you mean something like this:
> >>>>>
> >>>>> !
> >>>>> int eth 1/2
> >>>>> enable
> >>>>> route-only
> >>>>> ip addres 10.0.0.1/14
> >>>>> !
> >>>>> vlan 666 name dummy-layer3-vlan
> >>>>> untag eth 2/12
> >>>>> !
> >>>>>
> >>>>>
> >>>>> Gerald
> >>>>>
> >>>>> Am 24.06.2016 um 21:59 schrieb Clement Cavadore:
> >>>>>> You should create some "dummy" vlans on route-only ports, to avoid
> >>>> that.
> >>>>>> No problem having untagged vlan on any port with IP/routing
> >>>> configuration. You even ca do this without any disturbance.
> >>>>>> Le 24 juin 2016 21:53:08 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
> >>>>>>> The MLX got a reboot some weeks ago, this seems not to help. I'am
> >>>>>>> afraid
> >>>>>>> of your (1) note... :-(.
> >>>>>>>
> >>>>>>> Gerald
> >>>>>>>
> >>>>>>> Am 24.06.2016 um 21:27 schrieb Steven Raymond:
> >>>>>>>>> On Jun 24, 2016, at 1:19 PM, Gerald <gerald@ax.tc> wrote:
> >>>>>>>>>
> >>>>>>>>> Is there a way to stop this? I would have my "route-only" ports
> >>>>>>> Layer2
> >>>>>>>>> free and not disturb other Layer2 systems behind.
> >>>>>>>> Old old notes I found said basically 1) “bpdus are sent even with
> >>>>>>> route-only”, and 2) "you should reboot after applying route-only".
> >>>>>>>> Both of which may not helpful to you.
> >>>>>>>>
> >>>>>>>>
> >>>>>>>>
> >>>>>>> _______________________________________________
> >>>>>>> foundry-nsp mailing list
> >>>>>>> foundry-nsp@puck.nether.net
> >>>>>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
> > _______________________________________________
> > foundry-nsp mailing list
> > foundry-nsp@puck.nether.net
> > http://puck.nether.net/mailman/listinfo/foundry-nsp
>
>
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp

You can look into this as well.

'no dual-mode-default-vlan’

As I understand, it turns off the ‘all ports are part of VLAN1’ (or whatever your default VLAN is) ‘feature’.

/Ryan

Ryan Harden
Research and Advanced Networking Architect
University of Chicago - ASN160
P: 773.834.5441




> On Jun 24, 2016, at 5:08 PM, i3D.net - Martijn Schmidt <martijnschmidt@i3d.net> wrote:
>
> Hi Gerald,
>
> There are more BPDU types than just spanning-tree.. :-) You should apply
> "no fdp enable" and "no spanning-tree" on the physical interface ethe
> 1/2, as well as "no ip redirect" and "ipv6 nd suppress-ra" on the VE's
> which are facing that interface. This should be enough to make the MLXe
> shut up if "route-only" is also enabled on a global level (though it
> should be ok with an interface-level "route-only" setting too).
>
> Best regards,
> Martijn Schmidt
>
> On 06/24/2016 11:59 PM, Gerald wrote:
>> Oh, maybe the trick is disabling STP an the port too:
>>
>> !
>> vlan 666 name dummy-layer3-vlan
>> untag eth 1/2
>> spanning-tree ethernet 1/2 disable
>> !
>>
>> Am 24.06.2016 um 23:54 schrieb Gerald:
>>> All right, I've tested this and now the MLX seems to generate VLAN666
>>> BPDUs by itself on this port. At least I can see that the "BPDU Config
>>> tx" counter is still rising.
>>>
>>> So I can stop flooding VLAN1 BPDUs from other ports but now we have new
>>> VLAN666 BPDUs on that port transmitted.
>>>
>>> From one hell to the other... which one is better :-/
>>>
>>>
>>> Gerald
>>>
>>> Am 24.06.2016 um 23:35 schrieb Clement Cavadore:
>>>> Yes thats it ;)
>>>>
>>>> Le 24 juin 2016 23:30:02 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>>>>> Oops, need sleep ;-)
>>>>>
>>>>> !
>>>>> int eth 1/2
>>>>> enable
>>>>> route-only
>>>>> ip addres 10.0.0.1/24
>>>>> !
>>>>> vlan 666 name dummy-layer3-vlan
>>>>> untag eth 1/2
>>>>> !
>>>>>
>>>>> Am 24.06.2016 um 23:27 schrieb Gerald:
>>>>>> Thx Clement for this advice, did you mean something like this:
>>>>>>
>>>>>> !
>>>>>> int eth 1/2
>>>>>> enable
>>>>>> route-only
>>>>>> ip addres 10.0.0.1/14
>>>>>> !
>>>>>> vlan 666 name dummy-layer3-vlan
>>>>>> untag eth 2/12
>>>>>> !
>>>>>>
>>>>>>
>>>>>> Gerald
>>>>>>
>>>>>> Am 24.06.2016 um 21:59 schrieb Clement Cavadore:
>>>>>>> You should create some "dummy" vlans on route-only ports, to avoid
>>>>> that.
>>>>>>> No problem having untagged vlan on any port with IP/routing
>>>>> configuration. You even ca do this without any disturbance.
>>>>>>> Le 24 juin 2016 21:53:08 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>>>>>>>> The MLX got a reboot some weeks ago, this seems not to help. I'am
>>>>>>>> afraid
>>>>>>>> of your (1) note... :-(.
>>>>>>>>
>>>>>>>> Gerald
>>>>>>>>
>>>>>>>> Am 24.06.2016 um 21:27 schrieb Steven Raymond:
>>>>>>>>>> On Jun 24, 2016, at 1:19 PM, Gerald <gerald@ax.tc> wrote:
>>>>>>>>>>
>>>>>>>>>> Is there a way to stop this? I would have my "route-only" ports
>>>>>>>> Layer2
>>>>>>>>>> free and not disturb other Layer2 systems behind.
>>>>>>>>> Old old notes I found said basically 1) “bpdus are sent even with
>>>>>>>> route-only”, and 2) "you should reboot after applying route-only".
>>>>>>>>> Both of which may not helpful to you.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> foundry-nsp mailing list
>>>>>>>> foundry-nsp@puck.nether.net
>>>>>>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>> _______________________________________________
>> foundry-nsp mailing list
>> foundry-nsp@puck.nether.net
>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>
>
> _______________________________________________
> foundry-nsp mailing list
> foundry-nsp@puck.nether.net
> http://puck.nether.net/mailman/listinfo/foundry-nsp

_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp

Thx a lot guys so far!!! You had put me in the right direction. I'am
going to check the various approaches against my setup to decide the
best for me.

Gerald

Am 25.06.2016 um 00:19 schrieb Ryan Harden:
> You can look into this as well.
>
> 'no dual-mode-default-vlan’
>
> As I understand, it turns off the ‘all ports are part of VLAN1’ (or whatever your default VLAN is) ‘feature’.
>
> /Ryan
>
> Ryan Harden
> Research and Advanced Networking Architect
> University of Chicago - ASN160
> P: 773.834.5441
>
>
>
>
>> On Jun 24, 2016, at 5:08 PM, i3D.net - Martijn Schmidt <martijnschmidt@i3d.net> wrote:
>>
>> Hi Gerald,
>>
>> There are more BPDU types than just spanning-tree.. :-) You should apply
>> "no fdp enable" and "no spanning-tree" on the physical interface ethe
>> 1/2, as well as "no ip redirect" and "ipv6 nd suppress-ra" on the VE's
>> which are facing that interface. This should be enough to make the MLXe
>> shut up if "route-only" is also enabled on a global level (though it
>> should be ok with an interface-level "route-only" setting too).
>>
>> Best regards,
>> Martijn Schmidt
>>
>> On 06/24/2016 11:59 PM, Gerald wrote:
>>> Oh, maybe the trick is disabling STP an the port too:
>>>
>>> !
>>> vlan 666 name dummy-layer3-vlan
>>> untag eth 1/2
>>> spanning-tree ethernet 1/2 disable
>>> !
>>>
>>> Am 24.06.2016 um 23:54 schrieb Gerald:
>>>> All right, I've tested this and now the MLX seems to generate VLAN666
>>>> BPDUs by itself on this port. At least I can see that the "BPDU Config
>>>> tx" counter is still rising.
>>>>
>>>> So I can stop flooding VLAN1 BPDUs from other ports but now we have new
>>>> VLAN666 BPDUs on that port transmitted.
>>>>
>>>> From one hell to the other... which one is better :-/
>>>>
>>>>
>>>> Gerald
>>>>
>>>> Am 24.06.2016 um 23:35 schrieb Clement Cavadore:
>>>>> Yes thats it ;)
>>>>>
>>>>> Le 24 juin 2016 23:30:02 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>>>>>> Oops, need sleep ;-)
>>>>>>
>>>>>> !
>>>>>> int eth 1/2
>>>>>> enable
>>>>>> route-only
>>>>>> ip addres 10.0.0.1/24
>>>>>> !
>>>>>> vlan 666 name dummy-layer3-vlan
>>>>>> untag eth 1/2
>>>>>> !
>>>>>>
>>>>>> Am 24.06.2016 um 23:27 schrieb Gerald:
>>>>>>> Thx Clement for this advice, did you mean something like this:
>>>>>>>
>>>>>>> !
>>>>>>> int eth 1/2
>>>>>>> enable
>>>>>>> route-only
>>>>>>> ip addres 10.0.0.1/14
>>>>>>> !
>>>>>>> vlan 666 name dummy-layer3-vlan
>>>>>>> untag eth 2/12
>>>>>>> !
>>>>>>>
>>>>>>>
>>>>>>> Gerald
>>>>>>>
>>>>>>> Am 24.06.2016 um 21:59 schrieb Clement Cavadore:
>>>>>>>> You should create some "dummy" vlans on route-only ports, to avoid
>>>>>> that.
>>>>>>>> No problem having untagged vlan on any port with IP/routing
>>>>>> configuration. You even ca do this without any disturbance.
>>>>>>>> Le 24 juin 2016 21:53:08 GMT+02:00, Gerald <gerald@ax.tc> a écrit :
>>>>>>>>> The MLX got a reboot some weeks ago, this seems not to help. I'am
>>>>>>>>> afraid
>>>>>>>>> of your (1) note... :-(.
>>>>>>>>>
>>>>>>>>> Gerald
>>>>>>>>>
>>>>>>>>> Am 24.06.2016 um 21:27 schrieb Steven Raymond:
>>>>>>>>>>> On Jun 24, 2016, at 1:19 PM, Gerald <gerald@ax.tc> wrote:
>>>>>>>>>>>
>>>>>>>>>>> Is there a way to stop this? I would have my "route-only" ports
>>>>>>>>> Layer2
>>>>>>>>>>> free and not disturb other Layer2 systems behind.
>>>>>>>>>> Old old notes I found said basically 1) “bpdus are sent even with
>>>>>>>>> route-only”, and 2) "you should reboot after applying route-only".
>>>>>>>>>> Both of which may not helpful to you.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> foundry-nsp mailing list
>>>>>>>>> foundry-nsp@puck.nether.net
>>>>>>>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>>> _______________________________________________
>>> foundry-nsp mailing list
>>> foundry-nsp@puck.nether.net
>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>>
>>
>> _______________________________________________
>> foundry-nsp mailing list
>> foundry-nsp@puck.nether.net
>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>
_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp