Switching

last person joined: 22 hours ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.

  • 1.  How do I assign IP addresses to each of my VLANs?

    Posted 06-25-2018 08:12

    Forgive me, I'm very new to JunOS.  On ArubaOS I was able to assign IP addresses to VLANs like this:

    #vlan 100

    (vlan100)#ip address 172.16.4.3 netmask 255.255.255.0

    (vlan100)#exit

    #vlan 200

    (vlan 200)#ip address 172.16.5.3 netmask 255.255.255.0

     

    And so on.  I'm trying to look for the equivalent way to configure this in JunOS.  I need to assign IP addresses to a couple different VLANs.  How can I accomplish this?  I believe the idea is that I need to assing inet to the unit #, but I'm not sure how a unit # differs from a VLAN on JunOS. 

     

    To be clear, I do not want the switch to do the routing, I want the routing to happen at my firewall on port 23.

     

    Here's my interface config:

    {master:0}[edit interfaces]
root# show
interface-range access-points {
    member-range ge-0/0/0 to ge-0/0/5;
    native-vlan-id 110;
    unit 0 {
        family ethernet-switching {
            interface-mode trunk;
            vlan {
                members [ guest-wifi student-wifi internal-wifi access-points ];
            }
        }
    }
}
interface-range wired {
    member-range ge-0/0/6 to ge-0/0/21;
    unit 0 {
        family ethernet-switching {
            vlan {
                members wired;
            }
        }
    }
}
ge-0/0/0 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/1 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/2 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/3 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/4 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/5 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/6 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/7 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/8 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/9 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/10 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/11 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/12 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/13 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/14 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/15 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/16 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/17 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/18 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/19 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/20 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/21 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/0/22 {
    unit 0 {
        family ethernet-switching {
            vlan {
                members management;
            }
            storm-control default;
        }
    }
}
ge-0/0/23 {
    unit 0 {
        family ethernet-switching {
            interface-mode trunk;
            vlan {
                members all;
            }
            storm-control default;
        }
    }
}
ge-0/2/0 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
xe-0/2/0 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/2/1 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
xe-0/2/1 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/2/2 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
xe-0/2/2 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
ge-0/2/3 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
xe-0/2/3 {
    unit 0 {
        family ethernet-switching {
            storm-control default;
        }
    }
}
irb {
    unit 0 {
        family inet {
            dhcp {
                vendor-id Juniper-ex3400-24p;
            }
        }
    }
}
vlan {
    unit 0 {
        family inet {
            address 172.16.4.3/24;
        }
    }
}
vme {
    unit 0 {
        family inet {
            dhcp {
                vendor-id Juniper-ex3400-24p;
            }
        }
    }
}

    {master:0}[edit interfaces]

     



  • 2.  RE: How do I assign IP addresses to each of my VLANs?
    Best Answer

     
    Posted 06-25-2018 11:08

    Hi Ninjai,

     

    A vlan on a juniper switch is its own boadcast domain. It groups all devices into a specific (vlan) group as per the vlan membership of the interface on the switch through which the devices are connected.

     

    Whenever there is a need to split a interface into multiple sub interfaces then the unit # is referenced. A unit number identifies the particular subinterface of the main interface. JunOS supports 4094 logical subinterfaces per main interface. As a general practise it is recomended to use vlan id as the unit number for better clarity and visibility of the configuration/network. 

     

    In your case you can use irb to configure ip address to the vlans on the switch. However the switch does routing for the packets which are have gateway/nexhop as the vlan ip address on the switch. You can still point to the Firewall ip address connected to switch port 23 as the gateway for the hosts in your network so that your routing is performed by the firewall.

     

    Following is an example vlan configuration.

     

    set vlans vlan100 vlan-id 100

    set vlans vlan100 l3-interface irb.100

    set interfaces irb unit 100 family inet address 172.16.4.3/24

    set interfaces ge-0/0/5 unit 0 family ethernet-switching vlan members vlan100

    set interfaces ge-0/0/23 unit 0 family ethernet-switching interface-mode trunk
    set interfaces ge-0/0/23 unit 0 family ethernet-switching vlan members vlan100

     

    In the above configuration the traffic from port  ge-0/0/5 will be switched to interface ge-0/0/23 as long as the default gateway for the device connected on port ge-0/0/5 is set to Firewall ip address connected to port ge-0/0/23.

     

    Please refer to the following documentation for further details.

    https://www.juniper.net/documentation/en_US/junos/topics/concept/interfaces-layer3-subinterfaces-ex-series.html

    https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/vlan-id-edit-interfaces-interfaces-ex-series.html

    https://www.juniper.net/documentation/en_US/junos/topics/example/interfaces-layer3-subinterfaces-ex-series.html

    https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/bridging-vlans-ex-series-cli.html