Why are the VPN routes learned from a peer by an S series switch are incorrect

6

Question: Why the VPN routes learned from a peer are incorrect?

Answer: Perform the following operations on the S series switch to solve the problem.
Ensure that the vpn-instance-capability simple command has not been executed on the local and peer PEs.
Ensure that the PEs on both ends are configured with field identifiers, of which at least one identifier (Level 2 identifier or Level 1 identifier) matches the identifier on the other PE.
Check whether the BGP adjacency reaches the Establish state.
Check whether the BGP route is correct.

Other related questions:
Why are the VPN routes learnt from the peer incorrect
Perform the following steps to solve this problem: Ensure that the vpn-instance-capability simple command is not run on the Provider Edge (PE) router at either end. Check that domain identifiers are configured on both PEs and that at least one domain identifier (level-2 identifier or level-1 identifier) matches the identifier of the other router. Check whether the Border Gateway Protocol (BGP) neighbor relationship is established. Check whether the BGP route is correct.

Reason why S series switch cannot learn ARP entries
When an S series switch, except S1700, works at Layer 2, the switch does not have ARP entries and cannot learn ARP entries. When an S series switch, except S1700, works at Layer 3 and cannot learn ARP entries, rectify the fault as follows: (1) Possible cause: The link between the switch and connected device fails. Solution: Perform ping operations to check whether the link fails. If so, rectify the link failure. (2) Possible cause: ARP strict learning is enabled on the switch. (After this function is enabled, the switch learns only the ARP reply packets in response to the ARP request packets sent by itself.) Solution: Run the undo arp learning strict command in the system or interface view to disable ARP strict learning. (3) Possible cause: The switch has too many ARP entries and may suffer an ARP attack. Solution: Configure static ARP entries for key servers or users and enable attack defense policies. Note: (1) By default, ARP strict learning is enabled on some models among fixed switches and disabled on modular switches. When a fixed switch connected to a modular switch receives a gratuitous ARP packet, the fixed switch does not learn ARP entries. Therefore, some fixed switches cannot learn ARP entries. (2) After ARP strict learning is enabled on a switch, the switch actively sends ARP request packets to hosts. Some PCs with wireless network adapters installed do not respond to ARP requests, so the switch cannot learn the ARP entries of the connected PCs. The PCs respond only after the network adapters are restarted. In this situation, disable ARP strict learning.

Why is the default OSPF cost of an interface on an S series switch incorrect
Question: Why is default OSPF cost value incorrect? For example, after OSPF is enabled on a device, the default OSPF cost value of an Ethernet interface is 7. Generally, the default OSPF cost value of an interface is 1. Answer: The default OSPF cost value of an interface on an S series switch supporting OSPF depends on the values of bandwidth and bandwidth-reference. The value of bandwidth-reference is configured in an OSPF process. Generally, the default bandwidth-reference value is used. In this case, if the default bandwidth value is 100 Mbit/s, the OSPF cost value is 1.

Why are routes in the OSPF routing table on an S series switch in the inactive state
A policy that filters all OSPF routes may be configured in an OSPF process. As a result, all routes in the OSPF routing table are in the inactive state.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top