SRX Services Gateway
Highlighted
SRX Services Gateway

Bridge tagged logical interfaces

‎04-11-2016 08:07 PM

Hi all,I am using SRX 220 as gateway to ISP. Two VLANs from ISP are terminated as a L3 logical interfaces as below:

ge-0/0/0 {
    per-unit-scheduler;
    vlan-tagging;
    encapsulation flexible-ethernet-services;
    unit 34 {
        vlan-id 34;
        }
    }
    unit 35 {
        vlan-id 35;
        family inet {
            dhcp {
                client-identifier ascii juniper;
                vendor-id juniper;
            }
        }
    }
}
ge-0/0/3 {
    flexible-vlan-tagging;
    unit 34 {
        vlan-id 34;
    }
}

I need to bridge ge-0/0/0.34 and ge-0/0/3.34.
I found a thread (http://forums.juniper.net/t5/SRX-Services-Gateway/Layer-2-and-Layer-3-logical-interfaces-on-same-phy... talked about a similiar problem with me, but in that thread, he is using MPLS which I didn't.

5 REPLIES 5
Highlighted
SRX Services Gateway

Re: Bridge tagged logical interfaces

[ Edited ]
‎04-12-2016 07:47 AM

Hello,

Use VPLS instance for that:

 

 

interfaces {
ge-0/0/0 {
    per-unit-scheduler;
    vlan-tagging;
    encapsulation flexible-ethernet-services;
    unit 34 {
	    encapsulation vlan-vpls;
        vlan-id 34;
		family vpls;
        }
    }
ge-0/0/3 {
    flexible-vlan-tagging;
  encapsulation flexible-ethernet-services; unit 34 { encapsulation vlan-vpls; vlan-id 34;
family vpls; } }} routing-instances { Bridge-2-IFLs { instance-type vpls; vlan-id 34; interface ge-0/0/0.34; interface ge-0/0/3.34; protocols { vpls { no-tunnel-services; } } } }

 You'd get as close to bridging as You can, except one cannot run STP inside VPLS instance on SRX kit.

HTH

thx

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Highlighted
SRX Services Gateway

Re: Bridge tagged logical interfaces

‎04-13-2016 10:43 PM

Thanks for your help. I followed your  configuration but it seems not working.

I plugged in a computer at ge-0/0/3, then run

 

root@SRX> monitor traffic layer2-headers no-resolve detail interface ge-0/0/3

The computer is configured to use DHCP for configuration, but nothing happened in packet capture. I also tried ge-0/0/0, ge-0/0/3.34 and ge-0/0/0.34, only silence.

Highlighted
SRX Services Gateway

Re: Bridge tagged logical interfaces

‎04-14-2016 09:24 AM

Hello,


@jilingshu wrote:

Thanks for your help. I followed your  configuration but it seems not working.

I plugged in a computer at ge-0/0/3,


 

My configuration assumes that the traffic entering this VPLS instance must be VLAN-tagged. The traffic leaving the instance is going to be VLAN tagged. I thought this is what what You asked for by giving a vlan-id 34 in Your OP? 

And Windows has a bad history regarding capturing packets with VLAN tags - it may or may not work depending on NIC card

https://wiki.wireshark.org/CaptureSetup/VLAN#Windows

 


@jilingshu wrote:

 then run

 

root@SRX> monitor traffic layer2-headers no-resolve detail interface ge-0/0/3

 


Not going to work for transit packets on SRX, only for SRX' self-originated and self-destined.

 


@jilingshu wrote:

The computer is configured to use DHCP for configuration, but nothing happened in packet capture. I also tried ge-0/0/0, ge-0/0/3.34 and ge-0/0/0.34, only silence.


Ditto, all traffic must be either VLAN-tagged with VLAN id 34 to pass this VPLS instance.

 

HTH

Thx

Alex

_____________________________________________________________________

Please ask Your Juniper account team about Juniper Professional Services offerings.
Juniper PS can design, test & build the network/part of the network as per Your requirements

+++++++++++++++++++++++++++++++++++++++++++++

Accept as Solution = cool !
Accept as Solution+Kudo = You are a Star !
Highlighted
SRX Services Gateway

Re: Bridge tagged logical interfaces

‎04-15-2016 07:46 AM

It must be tagged for both ge-0/0/0 and ge-0/0/3? I put an additional

 

native-vlan-id 34;

under interfaces/ge-0/0/3, can this eliminate tagging on ge-0/0/3?

 

Highlighted
SRX Services Gateway

Re: Bridge tagged logical interfaces

‎04-19-2016 11:26 AM

I confirmed It is working. I connected a computer running Wireshark to ge-0/0/0 and saw the fraffic flow from ge-0/0/3. Thanks.

Feedback