[j-nsp] Layer 2 feature on srx

Michael Still stillwaxin at gmail.com
Tue Apr 10 12:13:04 EDT 2012 

On Tue, Apr 10, 2012 at 4:17 AM, Pavel Lunin <plunin at senetsy.ru> wrote:
> 4/10/2012 Doug Hanks wrote:
>
>>
>> I suggest that the OP use "set vlan <name>" instead of "set bridge-domain
>> <name>"  Also use "set interfaces vlan" instead of "set interfaces irb"
>>
>> I'm not even sure why the SRX accepted this configuration.
>>
>>
> The MX-style L2 commands are supported on SRX (branch as well and yes) and
> looks like this is for transparent flow mode. With some limitations though.
> Say you can't enable flexible-ethernet-services on FE interfaces, only on
> GE. Enabling flexible-vlan-taggin gives you the following warning: "Only
> compatible with vpls vlan encapsulations" (I haven't ever seen anything
> like this on MX), etc.
>
> So as far as I understand
>
> MX-style L2 config:
>
> — for transparent flow mode,
> — IRB interfaces are for management traffic only,
> — switching performed in software for branch and I wonder where on Hi-End,
> — have no idea what happens to it in packet-mode.
>
> EX-style L2 config:
>
> — for general switching,
> — performed by broadcom chips,
> — have consequent limitation applied to ports, between which traffic can be
> switched (same PIM),
> — RVI interfaces can really route traffic (software based both in packet
> and flow modes).
>
> More details:
> http://www.juniper.net/techpubs/en_US/junos11.4/information-products/topic-collections/security/software-all/layer-2/index.html
>
> Would be pleasant If someone can sort out points I marked with "I'm not
> sure/have no idea". Or, if I'm totally wrong somewhere, please tell me.
>

OP wanted to use the IRB ints as next hop for their respective
networks. This is apparently not supported on the SRX platform in
transparent mode:
"In this release, the IRB interface on the SRX Series device does not
support traffic forwarding or routing. In transparent mode, packets
arriving on a Layer 2 interface that are destined for the device’s MAC
address are classified as Layer 3 traffic while packets that are not
destined for the device’s MAC address are classified as Layer 2
traffic. Packets destined for the device’s MAC address are sent to the
IRB interface. Packets from the device’s routing engine are sent out
the IRB interface."

So in transparent / IRB mode the IRB int can only be used as a
management interface.

OP needs to do is MX testing using an MX device.

> --
> Regards,
> Pavel
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp



-- 
[stillwaxin at gmail.com ~]$ cat .signature
cat: .signature: No such file or directory
[stillwaxin at gmail.com ~]$

More information about the juniper-nsp mailing list