[j-nsp] vlan-tagging issue
Paul Stewart
paul at paulstewart.org
Mon Jul 29 19:27:47 EDT 2013
Do you get a MAC address at all from the other box?
On 2013-07-29 6:17 PM, "Luca Salvatore" <Luca at ninefold.com> wrote:
>I have an MX5 and SRX240 directly connected to each other. I need to
>setup multuple VLANs between them. My config looks like this:
>
>MX - Ge-1/0/2
>
>
>show configuration interfaces ge-1/0/2
>vlan-tagging;
>unit 10 {
> vlan-id 10;
> family inet {
> address 198.xxx.xxx.21/30;
>
>
>
>SRX - Ge-0/0/0
>run show configuration interfaces ge-0/0/0
>unit 0 {
> family ethernet-switching {
> port-mode trunk;
> vlan {
> members BGP-Routing-10;
>}
>
>
># run show configuration interfaces vlan unit 10
>family inet {
> address 198.xxx.xxx.22/30;
>
>
># run show configuration vlans BGP-Routing-10
>vlan-id 10;
> l3-interface vlan.10;
> I have the vlan.10 interface in the untrust zone with ping and BGP
>enabled:
># ...security zones security-zone untrust interfaces
>vlan.10 {
> host-inbound-traffic {
> system-services {
> ping;
> ssh;
> }
> protocols {
> bgp;
>With this config I have no communication between the MX and SRX. If I
>change them both to a normal 'family inet' config it works fine.
>Any idea what's going on here? This should work, or am I missing
>something simple here
>
>_______________________________________________
>juniper-nsp mailing list juniper-nsp at puck.nether.net
>https://puck.nether.net/mailman/listinfo/juniper-nsp
More information about the juniper-nsp
mailing list