[j-nsp] Juniper EX/QFX vlan-id-list limitation

Thu Aug 13 17:04:41 EDT 2020

Hi Olivier,

Thanks for the reply - it does seem rather odd that I can't do on a new high end EX or QFX switch, what I used to be able to do on a bottom end EX2200 with the dot1q-tunnelling stanza.

Regarding your workaround - were you running this config on the same physical interface?  As that won't commit in this scenario (as it presumably doesn't know which vlans to push into which outer..)

flexible-vlan-tagging;
encapsulation extended-vlan-bridge;
unit 3104 {
    vlan-id-list 1-4094;
    input-vlan-map push;
    output-vlan-map pop;
}
unit 3107 {
    vlan-id-list 1-4094;
    input-vlan-map push;
    output-vlan-map pop;
}

{master:0}[edit interfaces ge-0/0/1]
# commit check
[edit interfaces ge-0/0/1]
  'unit 3107'
    duplicate VLAN-ID on interface
error: configuration check-out failed

Cheers,
Rob

-----Original Message-----
From: juniper-nsp <juniper-nsp-bounces at puck.nether.net> On Behalf Of Olivier Benghozi
Sent: 12 August 2020 19:12
To: juniper-nsp at puck.nether.net
Subject: Re: [j-nsp] Juniper EX/QFX vlan-id-list limitation

Hi,

We miraculously found this doc before implementing such QinQ conf on EX4600 (that are low end QFX5100).
So we didn't try to test the switch with this case, and we directly used such config: instead of vlan-id-list [some ids], we (nearly) always use the same one everywhere: vlan-id-list 2-4094. Problem fixed before it appeared.

Sometimes we use vlan-id-list 1-4094 and native-vlan 1, when some untagged traffic must be carried too – in this case the untagged traffic is double-tagged on the NNI port with dot1q tag 1 as cvlan – there's a thread about that in this mailing-list by the way.

> Le 12 août 2020 à 18:18, Robin Williams via juniper-nsp <juniper-nsp at puck.nether.net> a écrit :
>
> Has anyone come across PR1395312 before?
>
> “On ACX/EX/QFX platforms, if VLAN ID lists are configured under a single physical interface, Q-in-Q might stop working for certain VLAN ID lists”.
>
> [...]
>
> interfaces {
>    xe-0/1/0 {
>        flexible-vlan-tagging;
>        encapsulation extended-vlan-bridge;
>        unit 3104 {
>            vlan-id-list [ 1102 1128 1150 1172 4000 4001 4002 4003];
>            input-vlan-map push;
>            output-vlan-map pop;
>        }
>
> The docs page for ‘vlan-id-lists’ does mention:
> https://www.juniper.net/documentation/en_US/junos/topics/reference/con
> figuration-statement/vlan-id-list-edit-bridge-domains.html
>
> “WARNING On some EX and QFX Series switches, if VLAN identifier list (vlan-id-list) is used for Q-in-Q tunnelling, you can apply no more than eight VLAN identifier lists to a physical interface.”

_______________________________________________
juniper-nsp mailing list juniper-nsp at puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
________________________________

The Networking People (TNP) Limited. Registered office: Network House, Caton Rd, Lancaster, LA1 3PE. Registered in England & Wales with company number: 07667393

This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.