I have a Juniper EX3300 switch in a data center. And I have connected one of the uplink ports (ge-0/1/0) to my ISP's router. I want to configure it so that all the devices connected to ports in the same VLAN as ge-0/1/0 can access the Internet. I have done some research, and I haven't gotten anywhere really.
I have configured the interface as follows:
ge-0/1/0 {
ether-options {
no-auto-negotiation;
link-mode full-duplex;
speed {
1g;
}
}
unit 0 {
family inet {
address xx.xx.xx.xx/32;
}
}
}
where xx.xx.xx.xx is the "Customer Router Port IP" assigned by my ISP.
When I try to commit, I get the following error:
Interface ge-0/1/0.0 not enabled for switching
Can some one tell me what is the right way to configure it?
Best Answer
It is unclear whether you want topology A or B below (I think you need B, but your question seems to ask for A)
A)
This is a flat layer2 vlan, and all your computers must be addressed on a subnet from the ISP. Vlan-10 is used for all your machines and they set their default-gateway to x.x.x.x.
I'm not sure why you're using a /32 mask in your question. It's unlikely that you want to do this, since it means you proxy-arp for all destinations. Work with your provider to understand what your actual netmask should be (I'm assuming zz, below)
B)
This involves two different vlans: 10 and 11. Vlan-10 is used for all your servers and they set their default-gateway to y.y.y.y.
Add as many ports as you need for servers in Vlan-11. Solution B must use some form of NAT if you don't have enough public address space from your provider to include both subnets for Vlan10 and Vlan11