SRX

last person joined: 14 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  SRX1400 vlan and trunking

    Posted 10-25-2016 19:49

    HI,

     

    We have a srx1400 and an ex2200 connected together with a single cable.  We planned to create 3 vlans and make a single interface on the srx1400 (ge-0/0/1) a member of those 3 vlans and then make it a trunk which will connect to the EX2200 interface (ge-0/0/6) which is apart of 3 different vlans and is also in trunk mode.  We tested this setup on lab srx100 and an ex2200 it worked fine; however, when we tried set it up on our srx1400 we could not create vlans on it.  Is there way to get this setup to work on the srx1400?

     

    Thanks!



  • 2.  RE: SRX1400 vlan and trunking

    Posted 10-26-2016 02:57

    It sounds like you are using a version of Junos on the SRX1400 that now has ELS (enhanced layer 2 services).  You can run your original configruation through the translator

     

    https://www.juniper.net/customers/support/configtools/elstranslator/index.jsp

     

    This is a description of VLAN configruations on ELS.

     

    https://www.juniper.net/techpubs/en_US/junos15.1/topics/task/configuration/getting-started-els.html#jd0e140



  • 3.  RE: SRX1400 vlan and trunking
    Best Answer

    Posted 10-26-2016 04:00

    In this situation, I would not use VLANs at all on the SRX end.  It sounds from your description that the goal is to use a single port on the SRX and "virtualize" that into a handful of distinct virtual ports.  For this I would recommend using VLAN-tagged sub-interfaces.  The distinction is that VLANs are a layer-2 construct that would allow you to both identify traffic traversing a shared-port, but also to share that same broadcast-domain across multiple ports.  In contrast, a VLAN-tagged port with multiple sub-interfaces is a layer-3 construct, only using the VLAN-tags for the identification of distinct traffic-flows

     

    Creating a vlan-tagged sub-interface is particularly simple:

     

    set interfaces ge-0/0/1 vlan-tagging

    set interfaces ge-0/0/1 unit 100 vlan-id 100

    set interfaces ge-0/0/1 unit 100 family inet address x.x.x.x/24

    set interfaces ge-0/0/1 unit 200 vlan-id 200

    set interfaces ge-0/0/1 unit 200 family inet address y.y.y.y/24

     

    The EX side can remain as a trunk port with multiple VLANs (as is most common), although it is interesting to note that EX switches can support vlan-tagged sub-interfaces as well.

     

    Ron



  • 4.  RE: SRX1400 vlan and trunking

    Posted 11-01-2016 13:52

    Thank you Ron, y



  • 5.  RE: SRX1400 vlan and trunking

    Posted 11-04-2016 07:18

    Glad to help.