[j-nsp] Layer 2 feature on srx

Tom Storey tom at snnap.net
Mon Apr 9 07:56:31 EDT 2012 

What software are you running on your SRX's?

The only reason I ask is that I am running 10.4R4.5 on an SRX100, and
this is how I do my VLANs (SRX is in flow mode, but does that really
matter to L2??):

interfaces {
    fe-0/0/1 {
        description "** Trunk to esxi1";
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members all;
                }
                native-vlan-id 1;
            }
        }
    }
    fe-0/0/4 {
        description "** Console server";
        unit 0 {
            family ethernet-switching {
                vlan {
                    members VLAN11-MGMT;
                }
            }
        }
    }
    vlan {
        unit 10 {
            family inet {
                address 172.25.144.65/26;
            }
            family inet6 {
                address 2001:xxxx:yyyy:1::/64 {
                    eui-64;
                }
            }
        }
        unit 11 {
            family inet {
                address 172.25.144.17/28;
            }
        }
    }
}
vlans {
    VLAN10-LAN {
        vlan-id 10;
        l3-interface vlan.10;
    }
    VLAN11-MGMT {
        vlan-id 11;
        l3-interface vlan.11;
    }
}

The primary difference seems to be that I use "vlans" instead of
"bridge-domains" at the bottom, and the "vlan" interface instead of
"irb".

Ive also successfully trunked VLANs to/from a HP switch using this
configuration.

Tom


On 9 April 2012 10:05, bruno <bruno.juniper at gmail.com> wrote:
> hello expert,
> i use two srx210h to test some Layer 2 networking features on MX Series routers. the topo is very simple
> PC1---SRX1----SRX2----PC2.  the link in srx1---srx2 is set to trunk mode. PC1 and PC2 is belong to vlan 100.  PC1 can't ping PC2.
>
>
> interfaces {
>    ge-0/0/1 {
>        description TO-SRX2;
>        vlan-tagging;
>        unit 0 {
>            family bridge {
>                interface-mode trunk;
>                vlan-id-list [ 100 200 ];
>            }
>        }
>    }
>    fe-0/0/4 {
>        unit 0 {
>            family bridge {
>                interface-mode access;
>                vlan-id 100;
>            }
>        }
>    }
>    irb {
>        unit 100 {
>            description "GW For VLAN 100";
>            family inet {
>                address 100.1.1.254/24;
>            }
>        }
>        unit 200 {
>            description "GW For VLAN 200";
>            family inet {
>                address 200.1.1.254/24;
>            }
>        }
>    }
> }
> security {
>    forwarding-options {
>        family {
>            mpls {
>                mode packet-based;
>            }
>        }
>    }
> }
> bridge-domains {
>    vlan_100 {
>        vlan-id 100;
>        routing-interface irb.100;
>    }
>    vlan_200 {
>        vlan-id 200;
>        routing-interface irb.200;
>    }
> }
>
>
>
> ------------------
> Best Regards,
> Bruno
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list