I'm trying to configure a Juniper EX4200 switch. Usually packets are statically forwarded to me, but this time they are VLAN tagged. Here is my configuration :
interfaces {
ge-0/0/0 {
unit 0 {
family ethernet-switching;
}
}
// ...
ge-0/0/46 {
unit 0 {
family ethernet-switching;
}
}
vlan {
unit 0 {
family inet {
address // The /29 configured on the next switch.
}
}
unit 100 {
family inet {
address // End user's IPs.
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop // Gateway of the /29 on the next switch.;
}
}
vlans {
TEST_VLAN {
vlan-id 100;
interface {
ge-0/0/46.0;
}
l3-interface vlan.100;
}
default {
l3-interface vlan.0;
}
}
The uplink is connected to switch port 0 and the end user (downlink) connected to switch port 46. I can SSH into the switch, but cannot get end user's IP addresses to respond to ping. I feel like the fact that incoming packets are VLAN tagged is messing things up, but I'm not sure how to deal with this?
Best Answer
Might be quicker to start over here - the below configuration should clean out what you have and give you a good place to start (don't commit this until the end though):
Firstly, create the L3 interface that we'll bind to VLAN_TEST later:
Next, create VLAN_TEST, assign it a
vlan-idand bind the abovel3-interfaceto it:Then you'll need to set
ge-0/0/0to be intrunkmode in order to accept and send tagged frames and then addVLAN_TEST(100) to it:Finally, you'll need to allow VLAN_TEST to send/receive untagged frames (the default) on
ge-0/0/46:I remember having a conversation years ago with some of the product team when they were designing the EX about how they should do port and VLAN assignment - whether they would allow you to assign ports to VLANs from the VLAN/Bridge-Domain stanza (which is how they did it on their existing products at the time), or from under the interface configuration, so that people familiar with IOS would find it familiar.
They decided to support both methods simultaneously, which has been the cause of much confusion ever since.