Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MS 120 won't even pass OSPF traffic unmolested?

Brons2
Building a reputation
‎Nov 2 2019 9:52 AM
‎Nov 2 2019 9:52 AM

MS 120 won't even pass OSPF traffic unmolested?

Ok, so I've had this pair of MS120s sitting between an HA firewall pair (not MX) and an HA router.  I've just been passing tagged VLAN traffic and it's been working fine for several months.  I had an emergency with another switch vendor's products going down, and since we have an ever expanding Meraki presence, I just threw those 120s in there in a pinch and it's been great until now.

 

Well today I tried to add another VLAN that has OSPF traffic on it.  I don't expect that the MS120 will perform any functions with the OSPF traffic, it's not capable of doing so.  But I would expect that it would pass any packet I sent to it to be sent on to the destination port, so long as it's on the same VLAN.  Does that not seem reasonable?

 

Well when my ospf neighbor was invisible I started doing packet captures.  I can see the OSPF traffic being sent out on from the firewall and from the router on the port that it is connected to.  But I never see it show up on the other port.  It literally will not pass the OSPF packets between the ports.  I mean I understand that this is not an L3 switch, that's fine.  But I would expect that it would pass any packet I sent to it to be sent on to the destination port, so long as it's on the same VLAN.

 

I grabbed a cruddy old HP 10/100 off the shelf that is definitely not L3 capable and plugged both into it.  Bang up came the OSPF traffic.

 

What gives, Meraki?  It seems to me that you are intentionally are stripping routing packets.  I don't expect you to perform any L3 functions, but I do expect you to pass on the traffic if it's on the same VLAN, regardless of what's in the packet.  If I set up two ports on the same L2 VLAN, I expect all traffic on the ports to be passed regardless of what switch series it's in.

 

Anyway, in the end, I created an isolated L2 VLAN on a MS250 in the adjacent rack and plugged the routers and firewalls together that way and it worked.  The 100Mbps limitation on the old cruddy HP was not an option, of course.

 

But thanks so much Meraki for turning what should have been a 30 minute task on my Saturday morning into 3 hours of troubleshooting.

Subscribe
1 Reply 1
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Nov 2 2019 11:33 AM
‎Nov 2 2019 11:33 AM

That sucks!

 

I bet it has something to do either with using IP protocol 89 (rather than being TCP or UDP based) or if it is OSPFv3 with it using IPv6 link local addressing.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.