Junos OS

Expand all | Collapse all

Best practice VLAN interface unit number match VLAN ID?

Jump to Best Answer
  • 1.  Best practice VLAN interface unit number match VLAN ID?

    Posted 05-27-2017 14:34

    Hi - in the Cisco world when you create a subinterface for a VLAN you typically make the dotted portion match the VLAN (eg: FastEthernet0/0.10 would be used for VLAN 10).

     

    Is it customary to set the unit number to the same in JunOS? Eg, for a VLAN 10 interface:

     

    interfaces {
        vlan {
            unit 10 {
                family inet {
                    address 192.168.1.1/24;
                }
            }
        }
    }

    Many thanks in advance!



  • 2.  RE: Best practice VLAN interface unit number match VLAN ID?
    Best Answer

    Posted 05-27-2017 21:19

    Yes. That is a recommended best practice! We have seen often when this format is not followed, it leads to more problematic troubleshooting and isolating of problems.

    The following illustrates this:

    ge-0/0/9

    vlan-tagging

    unit 10

    Network - 192.168.10/24

    Vlan - Guest vlan-id 10

    RVI - vlan.10

    Aso- don't use vlan id 1. It eliminates potential problems especially if possibility exist to integrate Cisco and is even more significant in mixed vendor since Cisco use it for their untagged vlan.

    Just an example of keeping it standard in whichever scenario you are configuring.



  • 3.  RE: Best practice VLAN interface unit number match VLAN ID?

    Posted 05-28-2017 12:15

    Thank you - that was very helpful. Unfortunately I cannot totally avoid VLAN 1 as the Native VLAN and partial "management" VLAN because of some of my network equipment being half-baked (including unfortunately Cisco autonomous APs, which expect management to be on VLAN 1).

     

    As it is my own home/lab network it's not the end of the world.

     

    Thank you again.



  • 4.  RE: Best practice VLAN interface unit number match VLAN ID?

    Posted 05-28-2017 14:37

    You are welcome. And that is exactly why we recommend not using vlan 1 because you need it for Cisco management. If you were running only Juiniper and used vlan 1 and then the olicital strong winds decided to integrate Cisco, then you would have to change it. Unless you had thought of it before and used it as the native-vlan for your untagged packets. 



  • 5.  RE: Best practice VLAN interface unit number match VLAN ID?

    Posted 05-28-2017 15:03

    Makes 100% sense and is good advice even outside of Cisco. The managed Netgear switch I bought (forgive me, it was eBay and it was cheap way to get 16 gig ports until I ponied up for the Juniper) pretty much forced me to drop management on VLAN 1 (you can get it off, but then you enter a different sort of native VLAN hell).

     

    Regardless, I have to say while I love IOS, I think Juniper got it right here.

     

    Thanks again!