Switching

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  Q-in-Q VLAN termination (not tunneling!!!) in i.e. EX4300 or QFX5100

    Posted 10-07-2021 09:31
    Hi!

    So it seems Juniper switches (and lots of vendors) are not designed to terminate double-tagged 802.1Q packets in the VLANs defined with "set vlan v100 vlan-id 100". Tunneling is sort of easy and flexible but that's not what I want. Is there really no way around a loop cable to get this to work?

    More detail on what I want:

    xe-0/0/0 receives frames with outer tag 1000 and inner tag 100
    xe-0/0/1 has a normal "famiily ethernet vlan member v100" definition
    "set vlan v100 vlan-id 100" is defined as usual
    Optionally I have this: set vlan v100 l3-interface irb.100 (with interface irb.100 fam inet address 10.0.100.1/24 for instance)

    Ideally, I'd like to have several CVLANs in the SVLAN, like this and be able to forward traffic to the respective three (or more) VLANs matching the CVLAN tags:
    SVLAN 1000, CVLAN 100
    SVLAN 1000, CVLAN 101
    SVLAN 1000, CVLAN 102
    ...
    I'm OK with defining every VLAN separately if needed, probably with some vlan range list or even separate interface units if needed.

    Does anyone have a definitive answer to if this is possible? Is tunneling the only thing we can do in EX/QFX (excluding QFX10k which is too big in most cases) and termination of double tags is impossible without loop cables?

    Yes, MX can do it, I know ;)

    Best regards,

    /Fredrik


  • 2.  RE: Q-in-Q VLAN termination (not tunneling!!!) in i.e. EX4300 or QFX5100

    Posted 10-08-2021 09:10
    bonjour, 
    what you are looking for reminds me of a recent discussion on the Junos forum titled

     Untaggad towards customer, Q-in-Q on uplink 

    managing double tagged frames on my EX2300s  works ok for me.
    clients connect to port 0  
    set interfaces ge-0/0/0 description "ge-0/0/0 QinQ CSLA 3904 ACTIF"
    set interfaces ge-0/0/0 flexible-vlan-tagging
    set interfaces ge-0/0/0 encapsulation extended-vlan-bridge
    set interfaces ge-0/0/0 unit 3904 vlan-id-list 1-4094
    set interfaces ge-0/0/0 unit 3904 input-vlan-map push
    set interfaces ge-0/0/0 unit 3904 output-vlan-map pop
    ...
    network connect to port 11
    set interfaces ge-0/0/11 vlan-tagging
    set interfaces ge-0/0/11 mtu 1538
    set interfaces ge-0/0/11 unit 3904 vlan-id 3904
    ... 
    and vlan is defined only for interfaces.
    set vlans QinQ-3904 interface ge-0/0/0.3904
    set vlans QinQ-3904 interface ge-0/0/11.3904
      
    Client has access to vlan 1-4094, and network carries packets tagged 3904+
    is that what your'e looking to accomplish ? 
    Michel



    ------------------------------
    Michel Lapointe
    ------------------------------



  • 3.  RE: Q-in-Q VLAN termination (not tunneling!!!) in i.e. EX4300 or QFX5100

    Posted 10-11-2021 05:45
    Hi!

    No, sorry. What you're doing is plain transparent tunneling. I would like to specify that three of the VLANs that the customer is feeding into port ge-0/0/0 that get encapsulated into SVLAN 3904 in your case, also are members of the respective VLANs in the switch. Say customer is feeding CVLAN 10 into port ge-0/0/0 (single tagged). I'd like those frames to be switched to an ordinary VLAN named v10 with ID 10 and to be usable on other switchports in the same switch AND be able to tunnel them in SVLAN 3904 if the MAC destination is is reachable there.

    ge-0/0/0 - tagged member of VLANS 10-12, just plain old family ethernet switching vlan members [ 10-12 ]
    ge-0/0/1 - tagged member of VLANS 10-12
    ge-0/0/2 - tagged member of VLANS 10-12
    ge-0/0/3 - tagged member of VLANS 10-12
    ge-0/0/11 - double tagged member of VLANS 10-12, just add SVLAN outer tag 3904, otherwise similar to the other ports.

    I think this is not possible with ordinary config in EX and QFX but is doable in MX. The only way around seems to be filters that MAY be able to solve my problem.

    Thanks for the reply, though!

    /Fredrik