SRX Services Gateway
Highlighted
SRX Services Gateway

configure 802.1q trunk in SRX345

[ Edited ]
‎10-23-2019 03:12 AM

Hi, Guys,

 

A Layer3 device "A" is connecting another Layer3 device "B".

 

For A = Cisco Switch  C3750 IP-base service, with the following configuration ( interface fa1/0/5 trunk port, and all IP addresses are configured in device B - just configure device B for inter-VLAN routing 😞

      Interface fa1/0/5

            switchport enc dot1q

           switchport mode trunk

 

 

Test:

-----------

SW>sh int fa1/0/5 switchport
Name: Fa1/0/5
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk Native VLAN tagging: enabled
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk associations: none
Administrative private-vlan trunk mappings: none
Operational private-vlan: none
Trunking VLANs Enabled: ALL
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL

 

SW#ping 10.10.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/8 ms
SW#ping 10.83.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.83.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/9 ms

SW#ping 10.83.5.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.83.5.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
SW#

 

 

But for A = SRX345 ( JUNOS 151x49-D110.4), switch interfaces (ge-0/0/0 to ge-0/0/13) can not be configured in dot1q trunk:

1. SRX345 ( l2-learning global-mode switch or transparent-brigde ) does not support l3-interface inet, just support l3-interface irb ?

2. SRX345 just supports bridge mode ?

3. SRX345 does not support stacked-vlan-tag ?

4. when show intefaces in SRX345, interface ge-0/0/0.0 is "encapsulation: switch mode"

 

Any sample configuration for supporting dot1q trunk in SRX345, like the Cisco configuration above,

or How I can configure SRX345 interface as the same above Cisco switch meaning ?

 

Thanks a lot

 

 

 

1 REPLY 1
Highlighted
SRX Services Gateway

Re: configure 802.1q trunk in SRX345

[ Edited ]
‎10-23-2019 11:16 PM

Hey Ben,

 

Please run this command and confirm the global mode is switching:

 

> show ethernet-switching global-information

 

If so, then you have two options on the SRX assuming this topology:

 

          3750-(fa1/0/5)---------------(ge-0/0/0)-SRX345


Router-on-a-Stick

 

set interfaces ge-0/0/0 vlan-tagging

set interfaces ge-0/0/0 unit 20 vlan-id 20
set interfaces ge-0/0/0 unit 20 family inet address 20.20.20.1/24    (include this interface under a security-zone)

set interfaces ge-0/0/0 unit 30 vlan-id 30
set interfaces ge-0/0/0 unit 30 family inet address 30.30.30.1/24;   (include this interface under a security-zone)

 

Trunk interface with IRB interfaces

 

set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode trunk vlan members [ VLAN-20 VLAN-30 ]

set vlans VLAN-20 vlan-id 20 l3-interface irb.20
set vlans VLAN-30 vlan-id 30 l3-interface irb.30

set interfaces irb.20 family inet address 20.20.20.1/24 (include this interface under a security-zone)
set interfaces irb.30 family inet address 30.30.30.1/24 (include this interface under a security-zone)

 

I used two vlans (20 and 30) and subnets just for example purposes but you have to use yours. Let me know if you have any questions or if you run in to any problems.

 

Feedback