Juniper SRX refuses to add new ip addresses to ARP (unless)

I have a juniper SRX340 running as default gateway, I have a linux server (virtual machine actually) running debian 8.

juniper ip: 192.168.1.1 Debian ip: 192.168.1.101 (eth0)

I would like to add more ip addresses on my Debian box, so I create a new sub-interface and give it an ip

debian ip2: 192.168.1.102 (eth0:1)

when I do this, I can not ping the juniper box from the new ip address.. and juniper can not ping the new ip address.

I CAN ping other hosts on the same network from the new ip address and they can ping it… all is well.

so.. the new ip address can not see juiper box, and the juniper box can not see the other ip… so then I try something.

I change the ip address of eth0 to be 192.168.1.102 and now I can ping the juniper box, and the juniper box can ping me back.

then I change it back so that eth0: 192.168.1.101 and eth0:1: 192.168.1.101 and now juniper can ping both ip addresses, and both ip addresses can ping juniper.

so.. then I take the test further and add a 3rd interface eth0:2 and give it the ip 192.168.1.103 and I have the same problem… I can not see juniper, and juniper can not see new ip…

again, if I change the original eth0 to use 103 as ip first, then go back, it works again.. this is very confusing.

any suggestions what is going on here?

junos version 15.1X49-D100.6

PS: this was originally posted in the Network Engineering site, but they refused to look at it, I hope that this community can help me more.

edit: more info on request:

interfaces {
        fxp0 {
            unit 0 {
                family inet {
                    address 10.208.20.17/24;
                }
            }
        }
    }
}
node0 {
    system {
        host-name WON-OSLO-FWA;
    }
    interfaces {
        fxp0 {
            unit 0 {
                family inet {
                    address 10.208.20.16/24;
                }
            }
        }
    }
}

reth2 {
    redundant-ether-options {
        redundancy-group 1;
    }
    unit 0 {
        description ORANGE;
        family inet {
            address 192.168.1.1/24;
        }
    }
}

Best Answer

I got some help on a juniper forum, and there is a solution (it is not perfect, but it works so I will use it for now).

the solution is to add a static ARP on the juniper.

# set interfaces reth2 unit 0 family inet address 192.168.1.1/24 arp 192.168.1.104 mac 01:12:35:03:7a:93

this worked right away.

I am stil interested to know why juniper does not add these automagically like you would think, but I have a deadline and this will work for me today.

Best Answer

Related Solutions

ATT DSL and Juniper SRX w/Integrated Modems

Why is the JunOS firewall filter cutting off management access

Related Topic