Junos OS

Hi everyone,

Objective: Use ge-0/0/23 as management port and also a switch port and allow SSH to the mgmt IP: 192.168.1.250/24

I dont want to use me0. Can anyone help me set this up - I would be happy!

My current simple configuraiton:

set version 12.3R12.4

set system host-name cpetest-sw1

set system root-authentication encrypted-password <stripped>

set system services ftp

set system services ssh protocol-version v2

set system services ssh connection-limit 5

set system services ssh rate-limit 10

set system syslog user * any emergency

set system syslog file messages any notice

set system syslog file messages authorization info

set system syslog file interactive-commands interactive-commands any

set interfaces ge-0/0/0 unit 0 family ethernet-switching

set interfaces ge-0/0/1 unit 0 family ethernet-switching

set interfaces ge-0/0/2 unit 0 family ethernet-switching

set interfaces ge-0/0/3 unit 0 family ethernet-switching

set interfaces ge-0/0/4 unit 0 family ethernet-switching

set interfaces ge-0/0/5 unit 0 family ethernet-switching

set interfaces ge-0/0/6 unit 0 family ethernet-switching

set interfaces ge-0/0/7 unit 0 family ethernet-switching

set interfaces ge-0/0/8 unit 0 family ethernet-switching

set interfaces ge-0/0/9 unit 0 family ethernet-switching

set interfaces ge-0/0/10 unit 0 family ethernet-switching

set interfaces ge-0/0/11 unit 0 family ethernet-switching

set interfaces ge-0/0/12 unit 0 family ethernet-switching

set interfaces ge-0/0/13 unit 0 family ethernet-switching

set interfaces ge-0/0/14 unit 0 family ethernet-switching

set interfaces ge-0/0/15 unit 0 family ethernet-switching

set interfaces ge-0/0/16 unit 0 family ethernet-switching

set interfaces ge-0/0/17 unit 0 family ethernet-switching

set interfaces ge-0/0/18 unit 0 family ethernet-switching

set interfaces ge-0/0/19 unit 0 family ethernet-switching

set interfaces ge-0/0/20 unit 0 family ethernet-switching

set interfaces ge-0/0/21 unit 0 family ethernet-switching

set interfaces ge-0/0/22 unit 0 family ethernet-switching

set interfaces ge-0/0/23 unit 0 family ethernet-switching port-mode trunk

set interfaces ge-0/0/23 unit 0 family ethernet-switching vlan members 10

set interfaces ge-0/1/0 unit 0 family ethernet-switching

set interfaces xe-0/1/0 unit 0 family ethernet-switching

set interfaces ge-0/1/1 unit 0 family ethernet-switching

set interfaces xe-0/1/1 unit 0 family ethernet-switching

set interfaces ge-0/1/2 unit 0 family ethernet-switching

set interfaces xe-0/1/2 unit 0 family ethernet-switching

set interfaces ge-0/1/3 unit 0 family ethernet-switching

set interfaces vlan unit 10 family inet address 192.168.1.250/24

set routing-options static route 0.0.0.0/0 next-hop 192.168.1.249

set protocols igmp-snooping vlan all

set protocols rstp

set protocols lldp interface all

set protocols lldp-med interface all

set ethernet-switching-options storm-control interface all

set vlans vlan-10 vlan-id 10

set vlans vlan-10 l3-interface vlan.10

set poe interface all

Hello,

As per the configuration you have following things:

1) vlan-10 with vlan-id 10 configured and vlan.10 specified as l3 interface.

2) ge-0/0/23 is a trunk port which is also a member of vlan 10.

3) system services sshv2 set up and

4) default route configured with next hop as 192.168.1.249.

So I believe it should work.

Are you not able to access the switch on 192.168.1.250?

If so, what output do you get for command 'show arp | match vlan.10'?

Regards,

Rushi

.From server:

cpetest:~$ ifconfig eth1

eth1      Link encap:Ethernet  HWaddr 00:1e:0b:ec:f4:9a 

          inet addr:192.168.1.249  Bcast:192.168.1.255  Mask:255.255.255.0

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:405 errors:0 dropped:0 overruns:0 frame:0

          TX packets:45 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:1000

          RX bytes:25960 (25.9 KB)  TX bytes:2880 (2.8 KB)

cpetest:~$ arp -an -i eth1

? (192.168.1.250) at <incomplete> on eth1

cpetest:~$

From EX3200:

root@cpetest-sw1> show arp | match vlan.10

root@cpetest-sw1>


eth1 on the server is connected directly to ge-0/0/23.

Ohhh im wondering if I forgot to setup vlan10 on the server NIC. Thats maybe the problem - I will test and report back.

 I still have no connectivity between the server and the EX3200. 

- Physical link is up

- nothing in ARP tables on EX3200 

I have tried connecting my laptop direcly to port ge-0/0/23 and setup my laptop with static IP in same subnet (/24), but EX3200 dont respond to SSH or ping.

Any clue?

Hi Junos15,

You have to configure port ge-0/0/23 as an access port if you are going to connect to it with your laptop. I think the same applies to your server, from the configuration you've shared as I don't see you've configured it as a trunk port.

Do this  :

set interfaces ge-0/0/23 unit 0 family ethernet-switching port-mode access

Thanks,

But I need the port to have two functions:

1. It need to function as a management port

and

2. It need to function as a trunk port because the server, that is connected to ge-0/0/23 should also have access to all the other ports on the switch trough VLAN switching.

Access port mode only allow one single VLAN to be used right.

I got things working with the first posted configuration. The problem was only ARP related. The server sent packets out the wrong interface because there was an old ARP entry.

So the configuration in the first post i now working. Thanks both of you.

Hello,

Great. That is what I though the configuration you have is correct but ARP not being learnt on vlan.10 was the problem.

Regards,

Rushi