This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Can't Reach Interface After Changing VRF

Can't Reach Interface After Changing VRF

Anonymous
Not applicable

‎03-16-2019 06:03 PM

Hi,

There is probably a very simple answer to this question, but can't think what it is?

Very high level I have the following configuration:

code:
interface vlan 1999
description "Server Switch Management"
exit

config t
rbridge 11
interface ve 1999
ip address 172.24.110.11/24
ip route 0.0.0.0/0 172.24.110.254

vcs virtual ip address 172.24.110.10/24 inband interface ve 1999

configure
interface port-channel 10
switchport
switchport mode trunk
switchport trunk allowed vlan add 1999
switchport trunk tag native-vlan
no shutdown

int te 11/0/1
channel-group 10 mode active type standard
lacp default-up
int te 12/0/1
channel-group 10 mode active type standard
lacp default-up


This worked find and I could reach both the virtual IP address (172.24.110.10) and the Vlan 1999 interface (172.24.110.10).

The logical chassis has no other L3 addresses as is primarily just being used at L2.

The switch was on a version 6 code, and had been trying to upgrade it to version 7 but just kept erroring that it couldn't reach the SCP / FTP server even though I could ping it.

It seems in version 6 your unable to select the VRF to use when doing the firmware download, so it is defaulting I believe to mgmt-vrf.

So what I did is add the following command to ve 1999

code:
vrf forwarding mgmt-vrf


Since I did that I lost contact to switch. I did anticipate that could happen although I'm not sure why it did?

The other end of the portchannel has the IP address 172.24.110.254, and I would have expected to still been able to reach the switch from the local subnet?

Although the VRF has changed I would expect the VLAN to automatically just reside to the same VRF i.e. just moved from default to management.

Hence where I am stuck, perhaps I'm missing another command?

Many thanks in advance.
0 Kudos
10 REPLIES 10

Michael_Morey
Extreme Employee

‎03-18-2019 09:07 PM

Martin,

I believe the issue is that anytime you add or change a VRF all L3 configuration is removed from an interface.

Therefore if you were accessing the device using the IP for VE 1999 I would have expected your connection to be terminated as the IP address for this VE should no longer be configured. I would suggest to console into the device and reconfigure the IP address on the VE.

Example:

code:
VDX1# show run rb 1 int ve 1000
rbridge-id 1
 interface Ve 1000
  ip proxy-arp
  ip address 10.10.10.1/24
  no shutdown
 !
!
Static-Lab-SM08_VDX1# conf t
Entering configuration mode terminal
Static-Lab-SM08_VDX1(config)# rb 1
Static-Lab-SM08_VDX1(config-rbridge-id-1)# int ve 1000
Static-Lab-SM08_VDX1(config-rbridge-Ve-1000)# vrf forwarding mgmt-vrf
Static-Lab-SM08_VDX1(config-rbridge-Ve-1000)# end
Static-Lab-SM08_VDX1# show run rb 1 int ve 1000   
rbridge-id 1
 interface Ve 1000
  vrf forwarding mgmt-vrf
  no shutdown


Also, regarding your SCP/FTP issues. If you can login as your root account you can attempt to manually connect to the FTP server to verify connectivity, username/password, and file path using standard LInux/CLI FTP commands.

I hope this helps resolve your issue.

Mike Morey
Principal Technical Support Engineer
Michael Morey
Principal Technical Support Engineer
Extreme Networks
0 Kudos
GTM-P2G8KFN