Screen OS

last person joined: 8 months ago 

This is a legacy community with limited Juniper monitoring.

  • 1.  SRX210 bridge groups

    Posted 08-17-2009 01:07
    I was very surprised today when I found that srx210 don't support bridge groups and don't have any equivalent (or maybe I'm so dumb that I can't find it) . In other words, when ports are set to switching mode (family ethernet-switching) they cannot communicate with other ports which are in routing mode (the only way to do it is to connect one end of Ethernet cable to a port in the switching mode and another end to a port in routing mode on the same SRX210 device). It is absurdity, because 210 is designed for SOHO environments and this feature is very useful in SOHO and is used in 80% our SOHO deployments.
    #groups
    #bridge


  • 2.  RE: SRX210 bridge groups
    Best Answer

    Posted 08-17-2009 03:49

    what your looking for in JUNOS land is called an RVI (Routed VLAN Interface) -- basically applies an IP address to a VLAN --

     

    first create the vlan IP:  set interfaces vlan unit XYZ family inet address x.x.x.x/y

     

    then associate that interface to your vlan:  set vlans ABC l3-interface vlan.XYZ

     

    there is no requirement for the vlan unit to be the same as the vlan-id, but it is best practice to help make troubleshooting and understanding the config easier.

     

    and then since this is an SRX you need to associate that RVI to a security zone, make sure policies allow the proper traffic, etc etc

     

    good luck



  • 3.  RE: SRX210 bridge groups

    Posted 08-17-2009 06:01
    Thanks for help. The problem is that there was no topic about this feature in whole SRX documentation and I'm switching from ScreenOS to JUNOS and it is very hard with such poor documentation. ScreenOS has prefect documentation, however SRX devices don't.


  • 4.  RE: SRX210 bridge groups

    Posted 08-19-2009 06:23

    You will find the free switching and enterprise routing training manuals helpful for the transition.  Juniper has the "Fast Track" portal where they have posted  the student and lab manuals for both switching and enterprise routing for JUNOS.  The switching class covers these features and reviews the concepts and commands.

     

    Fast Track Web Site

     

    There is also a converter application if you know the current sceenos configuration you want to use in JUNOS.  You just past the known configuration commands into the window and it gives you the JUNOS equivalent.  This is a link off of the main support page and requires a software agreement on the way in.

     

    ScreenOS to JUNOS translator: https://i2j.juniper.net/s2jes/index.jsp