[j-nsp] VLAN tagging across multiple physical interfaces?
ILTCHEV Alain
Alain.ILTCHEV at ncnumericable.com
Wed Jan 16 14:10:06 EST 2008
Hello,
You could try to use an interface switch available in "protocols connections" to connect together an interface coming from your firewall to an interface going to your other M7i. I am not too sure about this as I might have not understood well your context.
You can have more info here :
http://www.juniper.net/techpubs/software/junos/junos84/swconfig84-network-interfaces/id-13050228.html
Alain
-----Message d'origine-----
De : juniper-nsp-bounces at puck.nether.net
[mailto:juniper-nsp-bounces at puck.nether.net]De la part de Jonathan
Brashear
Envoyé : mercredi 16 janvier 2008 17:59
À : juniper-nsp at puck.nether.net
Objet : [j-nsp] VLAN tagging across multiple physical interfaces?
The context: We have a pair of M7s that are the main connection to the
outside world for our data center. The DC is segmented into 2
spaces(one space being brand new), each space having a connection to a
1xgig-e PIC on the M7s. We have a shared firewall in the old space(I'll
call it PIC 1), but a customer in the new space(PIC 2) who wants to use
this shared firewall. As is stands now we set a default-route to the
shared FW in the old space and are done with it, but that won't get
traffic from the old space(PIC 1) to the new space(PIC 2). Here are the
two most likely solutions I've come up with, and would like some
feedback on the plausibility/scalability of the 2nd solution.
1) Run xconns from the 'core' switches in the old space to the core
switches in the new space and plumb the VLANs across the xconns. I'd
rather not do this as it defeats the purpose of segmenting the
spaces(disaster mitigation, to name one).
2) Setup the VLAN to run across the M7 PICs, possibly via a filter/hack
using the vlan-id. I'm not sure how to even get around the default
route having higher priority, but I thought I'd send this out to see if
anyone's dealt with this limitation and come up with a decent
workaround.
Network Engineer
> 214-981-1954 (office)
> 214-642-4075 (cell)
> jbrashear at hq.speakeasy.net
http://www.speakeasy.net
_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list