Your core 425-16 appears to be connected to each MX250 using ports 15 & 16. The allowed VLAN list of those 2 ports don't exactly match. Maybe missing one of the new VLANs? I can't entirely tell from the change log what VLANs you added and where (on the MX or MS). Also, it's against best practice to connect the MXs directly to each other. The concept of the heartbeat VLAN is basically not legit as VRRP is sent on all VLANs. So, you're sending it on VLAN 1111 between each MX, but it's also going over every other VLAN trunked to the downstream switch. Using a direct MX to MX link both provides no value and raises the potential of misconfigurations, loops, or dual master situations. Also, with a network of this size (honestly any network) I would absolutely being using spanning tree. One more question. Are you migrating the L3 interfaces from the MX to the MS? I'm not sure why you have all the same L3 VLANs on both the MX and MS vs using a transit network between MX and MS.
... View more