[j-nsp] SRX100B L3 VLAN Interface Issue
Matt Freitag
mlfreita at mtu.edu
Tue Dec 20 13:43:22 EST 2016
All, I have an SRX100B on Junos 12.1X46-D40.2. It's configured as a remote
end of a site-to-site VPN. The site-to-site VPN works fine as verified by
show security ike security-associations.
I'm having trouble with a layer 3 VLAN interface in a separate routing
instance from the normal one. The interface is named vlan.224.
"show vlans" shows no physical interfaces in VLAN 224 even though
fe-0/0/0.0 is a configured member of the VLAN.
The layer 3 interface won't advertise its presence to the rest of the
network through OSPF because the logical interface is down because there
aren't any interfaces assigned to the VLAN.
Even though there are interfaces assigned to the VLAN why does it think
there are no interfaces assigned to the VLAN?
I already have a ticket with TAC and reached out to my SE but wondered if
the community has any insights or suggestions. I have a hunch that this is
happening because the sort of thing I'm trying is not allowed.
Thank you for your time.
Here is a brief config snippet illustrating how interfaces and VLANs should
be set up and the output of "show interfaces vlan terse" and "show vlans":
interfaces {
fe-0/0/0 {
unit 0 {
family ethernet-switching {
port-mode access;
vlan {
members vlan0224;
}
}
}
}
vlan {
unit 224 {
family inet {
address priv-network/22;
}
}
}
}
vlans {
vlan0224 {
vlan-id 224;
interface {
fe-0/0/0.0;
}
l3-interface vlan.224;
}
}
mlfreita at srx> show interfaces vlan terse
Interface Admin Link Proto Local Remote
vlan up up
vlan.224 up down inet priv-network/22
mlfreita at srx> show vlans
Name Tag Interfaces
default 1
None
vlan0224 224
None
Matt Freitag
Network Engineer I
Information Technology
Michigan Technological University
(906) 487-3696 <%28906%29%20487-3696>
https://www.mtu.edu/
https://www.it.mtu.edu/
More information about the juniper-nsp
mailing list