Vlan – Adding a simple VLAN on a Juniper MX

brocadejuniperjuniper-junosjuniper-mxvlan

after years away from JunOS, working with Foundry (now Brocade) routers, I find myself with a new Juniper MX10. All I want to do is create a simple VLAN such that two ports share one routing interface, which has one IP address. On a Brocade, this is quite simple:

vlan 200 name layer3
 untagged ethe 1/3 to 1/4 
 router-interface ve 200
interface ve 200
 ip address 192.168.1.1/24

On JunOS, I've been googling and reading documentation for days. There are very intricate VLAN options, but, I haven't found anything that drills down to the simple stuff.

Thanks for any help; I'd rather not start any routing loops.

Best Answer

The MX platform does not have the general concept of a "VLAN" that is present on the whole platform. The MX only "sees" VLAN tags on incoming packets and can then act on these tags. What you want is to bridge packets from two ports that have the same VLAN-ID in the L2 header and then add a L3 interface to that bridge.

On the MX platform you have two ways of configuring bridges. Service Provider Style and Enterprise Style. As I'm more familiar with the SP style I'll answer your question that way:

Juniper MX SP Style Bridging

First you configure your interfaces to accept packets with the right VLAN tags:

interfaces {
    ge-0/0/0 {
        vlan-tagging;
        encapsulation extended-vlan-bridge;
        unit 200 {
            vlan-id 200;
        }
    }
    ge-0/0/1 {
        vlan-tagging;
        encapsulation extended-vlan-bridge;
        unit 200 {
            vlan-id 200;
        }
    }
}

Then configure a bridge domain that bridges these two:

bridge-domains {
    vlan-200 {
        vlan-id 200;
        interface ge-0/0/0.200;
        interface ge-0/0/1.200;
    }
}

Now you have a bridged VLAN 200 on these two ports.

Untagged / Access Interfaces

If you have an untagged "access" port that you want to bridge, you can do that too by using this syntax:

interfaces {
    ge-0/0/0 {
        encapsulation ethernet-bridge;
        unit 0 {
            family bridge;
        }
    }
}

Then use ge-0/0/0.0 in your bridge configuration.

L3 Interface / Routing Interface

To add a L3 interface to the mix, first define an Integrated Routing and Bridging Interface (IRB) with your IP:

irb {
    unit 200 {
        family inet {
            address 192.168.1.1/24;
        }
    }
}

And then add this interface to your bridge:

bridge-domains {
    vlan-200 {
        vlan-id 200;
        routing-interface irb.200;
        interface ge-0/0/0.200;
        interface ge-0/0/1.200;
    }
}

That should complete your setup.

It's a bit more complex than the "normal" VLAN concept found on other switches/devices but it's also way more flexible. For example you could have another two ports that also have VLAN-ID 200 configured and they could have their own bridge, completely separated from the first bridge you just configured.

For a lot more information about the MX platform, including great examples, I recommend the MX Series book from O'Reilly/Douglas Hanks: http://shop.oreilly.com/product/0636920023760.do

Related Topic