[j-nsp] SNMP NMS support of Junos VLAN MIBs

[Chuck Anderson]

Has anyone tried to use or implement polling of the Q-BRIDGE-MIB on
any Juniper products, using either commercial or open source NMS
software or custom in-house software?  What has been your experience
of the Juniper support of those SNMP products to correctly report
Port/VLAN memberships and VLAN/MAC FDB information?

Juniper EX-series (at least EX2200,3200,4200) 12.x and earlier has a
working Q-BRIDGE-MIB (dot1qVlanStaticEgressPorts) and JUNIPER-VLAN-MIB
(jnxExVlan).  Because Q-BRIDGE-MIB refers only to internal VLAN
indexes, you need to use both MIBs to get Port/VLAN mappings including
the 802.1Q VLAN tag ID (jnxExVlanTag).  This means custom software, or
an NMS vendor willing to implement the Juniper Enterprise MIBs.

All other Juniper Junos platforms only have Q-BRIDGE-MIB, but it is
broken (doesn't follow RFC 4363 standard PortList definition, instead
storing port indexes as ASCII-encoded, comma separated values),
apparently for a very long time.  So again, you need custom software
or an NMS vendor willing to implement the broken Juniper version of
Q-BRIDGE-MIB (along with detecting which implementation is needed on
any particular device).  This hasn't been a problem for us and in fact
went unnoticed, because we never cared to poll VLAN information from
our MX routers, only EX switches.

But now EX-series (and QFX-series) 13.x and newer with ELS have
dropped the Enterprise JUNIPER-VLAN-MIB (a good thing to not require
Enterprise MIBs to get the VLAN tag ID) and have adopted the broken
Q-BRIDGE-MIB that all the other Junos platforms have been using (a
very bad thing).  I'm pushing to have Juniper fix this, but their
concern is that it may break SNMP software that has been assuming the
broken Q-BRIDGE-MIB implementation for all these years.