Switching

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
  • 1.  I please need assistance for basic EX2200 routing with an existing telecom router and VLANs on EX2200

    Posted 10-18-2020 08:25

    Hi

    Im familar with switching topics, but I don't get forward in a simple "home configuration" topic with an existing telecom router.
    I don't want to change the existing telecom router but I want to use some vlans for example for guests and the EX2200-C should route the VLANs independend from the router.
    I checked already different other forum posts and juniper documentation, but I don't know what is wrong in my configuration. Is such a config possible? Does somebody have a similar configuration and can post it here?

    1. Juniper EX2300-C with latest firmware 20.2R1.10

    2. ADSL Telecom Router 10.0.0.0/24 Gateway 10.0.0.138

    3. 3 VLANs (probably 20 for management port)

    VLAN 10 192.168.10.0/24

    Router 192.168.10.1

     

    VLAN 10 192.168.20.0/24

    Router 192.168.20.1

     

    VLAN 105 192.168.105.0/24

    Router 192.168.105.1

     

    So i configured for example:

    set interfaces irb unit 10 family inet address 192.168.10.1/24

    set vlans vl-10 vlan-id 10
    set vlans vl-10 l3-interface irb.10

    set interfaces ge-0/0/1 unit 0 description VLAN10
    set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members vl-10

    5. My issue is now that a connected device on ge-0/0/1 with (192.168.10.11 255.255.255.0 GW 192.168.0.1) can ping only the gateway 192.168.0.1, but no other gateways and not to gateway of ADSL router.

     

    I created here a short overview
    Picture for forum.png

     

    Here is my full config (without password and user) and some printouts:

    root@bedo-a-235> show configuration | display set
    set version 20200609.165031.6_builder.r1115480
    set system host-name bedo-a-235
    set system login class admin idle-timeout 60
    set system services ssh root-login allow
    set system services ssh protocol-version v2
    set system services web-management http
    set system services dhcp pool 192.168.10.0/24 address-range low 192.168.10.10
    set system services dhcp pool 192.168.10.0/24 address-range high 192.168.10.99
    set system services dhcp pool 192.168.10.0/24 router 192.168.10.1
    set system auto-snapshot
    set system time-zone Europe/Berlin
    set system ports console log-out-on-disconnect
    set system name-server 8.8.8.8
    set system syslog user * any emergency
    set system syslog file messages any notice
    set system syslog file messages authorization info
    set system syslog file interactive-commands interactive-commands any
    set system syslog file config-changes change-log info
    set system syslog file default-log-messages structured-data
    set system max-configurations-on-flash 49
    set system processes dhcp-service traceoptions file dhcp_logfile
    set system processes dhcp-service traceoptions file size 10m
    set system processes dhcp-service traceoptions level all
    set system processes dhcp-service traceoptions flag all
    set system ntp boot-server 10.0.0.211
    set system ntp server 83.175.111.149
    set system ntp server 10.0.0.211
    set interfaces ge-0/0/0 description SPS-ABM-Systems
    set interfaces ge-0/0/0 unit 0 family ethernet-switching storm-control default
    set interfaces ge-0/0/1 unit 0 description VLAN10
    set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members vl-10
    set interfaces ge-0/0/1 unit 0 family ethernet-switching storm-control default
    set interfaces ge-0/0/2 description NAS-QNAP
    set interfaces ge-0/0/2 unit 0 family ethernet-switching storm-control default
    set interfaces ge-0/0/3 description webcam-strasse
    set interfaces ge-0/0/3 unit 0 family ethernet-switching storm-control default
    set interfaces ge-0/0/4 unit 0 family ethernet-switching storm-control default
    set interfaces ge-0/0/5 unit 0 family ethernet-switching storm-control default
    set interfaces ge-0/0/6 unit 0 family ethernet-switching storm-control default
    set interfaces ge-0/0/7 unit 0 family ethernet-switching storm-control default
    set interfaces ge-0/0/8 description WLAN-AP-EG_und_Dolby_Surround
    set interfaces ge-0/0/8 unit 0 family ethernet-switching storm-control default
    set interfaces ge-0/0/9 description WLAN-AP-OG
    set interfaces ge-0/0/9 unit 0 family ethernet-switching storm-control default
    set interfaces ge-0/0/10 description Richtfunk-Dach-Nanonstation-M5
    set interfaces ge-0/0/10 unit 0 family ethernet-switching storm-control default
    set interfaces ge-0/0/11 description uplink-to-adsl-router
    set interfaces ge-0/0/11 unit 0 family ethernet-switching interface-mode access
    set interfaces ge-0/0/11 unit 0 family ethernet-switching vlan members default
    set interfaces ge-0/0/11 unit 0 family ethernet-switching storm-control default
    set interfaces ge-0/1/0 unit 0 family ethernet-switching storm-control default
    set interfaces xe-0/1/0 unit 0 family ethernet-switching storm-control default
    set interfaces ge-0/1/1 unit 0 family ethernet-switching storm-control default
    set interfaces xe-0/1/1 unit 0 family ethernet-switching storm-control default
    set interfaces irb unit 0 family inet address 10.0.0.1/32
    set interfaces irb unit 10 family inet address 192.168.10.1/24
    set interfaces irb unit 20 family inet address 192.168.20.1/24
    set interfaces irb unit 105 family inet address 192.168.105.1/24
    set interfaces me0 unit 0 family inet address 192.168.20.235/24
    set interfaces vme unit 0 family inet dhcp vendor-id Juniper-ex2300-c-12p
    set snmp location bedo-KG
    set snmp contact bedo
    set snmp community public authorization read-only
    set forwarding-options storm-control-profiles default all
    set routing-options static route 0.0.0.0/0 next-hop 10.0.0.138
    set protocols lldp interface all
    set protocols lldp-med interface all
    set protocols rstp interface ge-0/0/0
    set protocols rstp interface ge-0/0/1
    set protocols rstp interface ge-0/0/2
    set protocols rstp interface ge-0/0/3
    set protocols rstp interface ge-0/0/4
    set protocols rstp interface ge-0/0/5
    set protocols rstp interface ge-0/0/6
    set protocols rstp interface ge-0/0/7
    set protocols rstp interface ge-0/0/8
    set protocols rstp interface ge-0/0/9
    set protocols rstp interface ge-0/0/10
    set protocols rstp interface ge-0/0/11
    set protocols rstp interface ge-0/1/0
    set protocols rstp interface xe-0/1/0
    set protocols rstp interface ge-0/1/1
    set protocols rstp interface xe-0/1/1
    set poe interface all
    set vlans default vlan-id 1
    set vlans default l3-interface irb.0
    set vlans vl-10 vlan-id 10
    set vlans vl-10 l3-interface irb.10
    set vlans vl-105 vlan-id 105
    set vlans vl-105 l3-interface irb.105
    set vlans vl-20-mgmt vlan-id 20
    set vlans vl-20-mgmt l3-interface irb.20

    {master:0}
    root@bedo-a-235>

    root@bedo-a-235> show route

    inet.0: 6 destinations, 7 routes (6 active, 0 holddown, 0 hidden)
    Limit/Threshold: 32768/32768 destinations
    + = Active Route, - = Last Active, * = Both

    10.0.0.1/32 *[Direct/0] 01:27:21
    > via irb.0
    [Local/0] 01:27:21
    Local via irb.0
    192.168.10.0/24 *[Direct/0] 00:25:36
    > via irb.10
    192.168.10.1/32 *[Local/0] 00:25:36
    Local via irb.10
    192.168.20.1/32 *[Local/0] 00:38:13
    Reject
    192.168.20.235/32 *[Local/0] 00:38:13
    Reject
    192.168.105.1/32 *[Local/0] 01:28:06
    Reject

    inet6.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
    Limit/Threshold: 20480/20480 destinations
    + = Active Route, - = Last Active, * = Both

    ff02::2/128 *[INET6/0] 01:28:07
    MultiRecv

    {master:0}
    root@bedo-a-235>

     

    root@bedo-a-235> show vlans

    Routing instance VLAN name Tag Interfaces
    default-switch default 1
    ge-0/0/0.0*
    ge-0/0/10.0*
    ge-0/0/11.0*
    ge-0/0/2.0*
    ge-0/0/3.0*
    ge-0/0/4.0*
    ge-0/0/5.0*
    ge-0/0/6.0*
    ge-0/0/7.0*
    ge-0/0/8.0*
    ge-0/0/9.0*
    default-switch vl-10 10
    ge-0/0/1.0*
    default-switch vl-105 105

    default-switch vl-20-mgmt 20


    {master:0}
    root@bedo-a-235>

     

    root@bedo-a-235> show interfaces irb terse
    Interface Admin Link Proto Local Remote
    irb up up
    irb.0 up up inet 10.0.0.1 --> 0/0
    irb.10 up up inet 192.168.10.1/24
    irb.20 up down inet 192.168.20.1/24
    irb.105 up down inet 192.168.105.1/24

    {master:0}
    root@bedo-a-235>


    Thanks
    BeDo



  • 2.  Re: I please need assistance for basic EX2200 routing with an existing telecom router and VLANs on EX2200

    Posted 10-19-2020 05:03

    Hello,

     

    Your configuration is correct and the reason is very clear.

     

    1. Why you can not ping your ADSL router (10.0.0.138)

    The reason is:

    Your ADSL router has no information about  how to reach your 192.168.x.x networks 

    So you need a static route on your ADSL this should point that the network 192.168.x.x/YY is reachable via 10.0.0.1

     

    2. Why you can not ping your other GWs

    The reason is:

    The relevant ports are down

    irb.20 up down inet 192.168.20.1/24
    irb.105 up down inet 192.168.105.1/24

     

    You will need min. one access port to be active in those vlans to bring it up.

     

    PS:

    You can also try autostate-exclude. Check this https://www.juniper.net/documentation/en_US/junos/topics/topic-map/irb-and-bridging.html

     

    Hope it makes sense now

    BR,

    Andrei

    +++++++++++++++++++++++++++++++++++++++++++++

    Accept as Solution = cool !
    Accept as Solution+Kudo = You are a Star !



  • 3.  Re: I please need assistance for basic EX2200 routing with an existing telecom router and VLANs on EX2200

    Posted 10-19-2020 12:37

    Hi Andrei

    Thank you very mouch for your answer

     

    1) your answer make sense and I undsterstand this. But this ADSL router from A1 telecom (hybrid box only with GUI)  doesn't offer a possibility to configure routes. Do you know an other possibility how I can use VLANS with such a router or is this impossible from your point of view?

     

    2) thanks yes it works, if the port is up with a pluged in cable.



  • 4.  Re: I please need assistance for basic EX2200 routing with an existing telecom router and VLANs on EX2200
    Best Answer

    Posted 10-19-2020 13:23

    Hello,

     

    Unfortunately, it's only an L2 switch so you are a bit limited in features.

    You can think in the direction of

    - Proxy ARP https://www.juniper.net/documentation/en_US/junos/topics/topic-map/proxy-arp.html#id-understanding-proxy-arp

    - NAT (most probably not supported in your case) https://forums.juniper.net/t5/Ethernet-Switching/EX2200-c-Capabilities/td-p/210137

    - Private VLANs https://www.juniper.net/documentation/en_US/junos/topics/topic-map/private-vlans.html

     

    Depending on your final goal one of this may help.

     

    Otherwise, a simple another "L3 router device" in front of ADSL is needed.

     

    BR

    Andrei