[j-nsp] QinQ on MX bridge-ing

Adam Vitkovsky Adam.Vitkovsky at gamma.co.uk
Fri Apr 17 04:08:34 EDT 2015


I see,
And what if there’s a L3 interface within the bridge domain can it accept frames with VLAN tags or it’s like in Cisco that the frame has to be clear of all tags to be accepted by the L3 interface in the BD.

Personally I prefer all the pus/pop/translate operations done on the ports themselves rather than having BD in the equation pushing additional tag.

Thank you,

adam

From: Chris Kawchuk [mailto:juniperdude at gmail.com]
Sent: 16 April 2015 12:53
To: Adam Vitkovsky
Cc: Robert Hass; juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] QinQ on MX bridge-ing

Close.

By declaring a vlan-Id in the BD definition -- the MX does vlan "normalisation" as JNPR calls it. (And does all the correct push/pop magic for you)

If you omit the vlan-id statement in the BD definition, then your statement is correct.

Quick verify: show interfaces ge-2/1/5 will show input: push 0x8100.100 and output: pop. When the vlan-id is declared In the BD stanza.

Works well.!

-CK.

On 16 Apr 2015, at 7:34 pm, Adam Vitkovsky <Adam.Vitkovsky at gamma.co.uk<mailto:Adam.Vitkovsky at gamma.co.uk>> wrote:
Hi Chris,

> 2/1/5 is the "access port" which pops the outer tag on egress, slaps it on on
> ingress; regardless if it's already tagged coming in.
>
Wouldn't the frame still remain untagged within the BD please?
And would only get the tag 100 applied as a top tag when sent out of either ge-2/1/2.100 or ge-2/1/3.100 please?


adam
> -----Original Message-----
> From: juniper-nsp [mailto:juniper-nsp-bounces at puck.nether.net] On Behalf
> Of Chris Kawchuk
> Sent: 16 April 2015 00:40
> To: Robert Hass
> Cc: juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>
> Subject: Re: [j-nsp] QinQ on MX bridge-ing
>
> Try this
>
> set interfaces ge-2/1/2 flexible-vlan-tagging
> set interfaces ge-2/1/2 mtu 9192
> set interfaces ge-2/1/2 encapsulation flexible-ethernet-services
> set interfaces ge-2/1/2 unit 100 encapsulation vlan-bridge
> set interfaces ge-2/1/2 unit 100 vlan-id 100
>
> set interfaces ge-2/1/3 flexible-vlan-tagging
> set interfaces ge-2/1/3 mtu 9192
> set interfaces ge-2/1/3 encapsulation flexible-ethernet-services
> set interfaces ge-2/1/3 unit 100 encapsulation vlan-bridge
> set interfaces ge-2/1/3 unit 100 vlan-id 100
>
> set interfaces ge-2/1/5 mtu 9192
> set interfaces ge-2/1/5 encapsulation ethernet-bridge
> set interfaces ge-2/1/5 unit 0 family bridge
>
> set protocols protection-group ethernet-ring erpsring1 data-channel vlan 100
> //* if you're using ERPS for failover on a ring of EX42's, which you should -- to
> avoid using dreaded spanning tree protocols ;)
>
> set bridge-domains QinQ vlan-id 100
> set bridge-domains QinQ interface ge-2/1/2.100
> set bridge-domains QinQ interface ge-2/1/3.100
> set bridge-domains QinQ interface ge-2/1/5.0;
>
> 2/1/2 and 2/1/3 are the "trunk" ports, you only care about the outer tag
> here. (its double tagged coming in from the EX42, but you dont care at this
> point)
> 2/1/5 is the "access port" which pops the outer tag on egress, slaps it on on
> ingress; regardless if it's already tagged coming in.
>
> - CK.
>
>
>
>
>
>
>
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net<mailto:juniper-nsp at puck.nether.net>
> https://puck.nether.net/mailman/listinfo/juniper-nsp

________________________________
This email has been scanned for email related threats and delivered safely by Mimecast.
For more information please visit http://www.mimecast.com
________________________________
---------------------------------------------------------------------------------------
 This email has been scanned for email related threats and delivered safely by Mimecast.
 For more information please visit http://www.mimecast.com
---------------------------------------------------------------------------------------


More information about the juniper-nsp mailing list