Junos OS

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  SRX320 multiple VLANs on same physical interface (1 untagged, 2 tagged)

    Posted 11-09-2016 01:25
    Hello all.
    I've been fighting against a SRX320 for a couple of days, and hope someone can help me out.
    I need to configure three VLANs on a single physical interface. Ok, that's not so difficult. But one of this VLANs need to be untagged, and the other two will be tagged.
    In SRX210 I configure the physical interface as trunk, and put the native VLAN as 1. In members, I put the other two vlans. On my switch, I configure the interface as untagged 1, and tagged 2 and 3.
    I just can't reproduce this configuration on SX320. Man, I really hate this box big time.
    #tagged
    #native-vlan
    #vlan
    #untagged
    #SRX320


  • 2.  RE: SRX320 multiple VLANs on same physical interface (1 untagged, 2 tagged)

     
    Posted 11-09-2016 01:42

     Hi Antonio,

     

    Have you tried using irb interface instead?

    Checkout the below discussion which might be of help;

    http://forums.juniper.net/t5/SRX-Services-Gateway/SRX300-series-VLAN-interface/m-p/292932/highlight/true#M41207



  • 3.  RE: SRX320 multiple VLANs on same physical interface (1 untagged, 2 tagged)
    Best Answer

    Posted 11-09-2016 07:57

    Hi, Shailesh.

     

    Thank you for your response. I had already read the article you send me, but it does not helped me.

     

    This is how I managed to got this working properly on SRX320:

     

    interfaces {
        ge-0/0/0 {
            unit 0 {
                family ethernet-switching {
                    interface-mode trunk;
                    vlan {
                        members [ tef guest default ];
                    }
                }
            }
        }
        irb {
            unit 1 {
                family inet {
                    address 192.168.0.126/25;
                }
            }
            unit 2 {
                family inet {
                    address 192.168.0.190/26;
                }
            }
            unit 3 {
                family inet {
                    address 172.16.0.254/24;
                }
            }
    }
    vlans {
        default {
            vlan-id none;
            l3-interface irb.1;
        }
        guest {
            vlan-id 3;
            l3-interface irb.3;
        }
        tef {
            vlan-id 2;
            l3-interface irb.2;
        }
    }

    The vlan default is configured with vlan-id none, that means vlan-id 1. If you try to configure vlan-id 1, the Junos replace it to none automaticaly. Using the comand show vlans, you see the following:

     

    Routing instance        VLAN name             Tag          Interfaces
    default-switch          default               1
                                                               ge-0/0/0.0*
    default-switch          guest                 3
                                                               ge-0/0/0.0*
    default-switch          tef                   2
                                                               ge-0/0/0.0*

    On Junos version 15.1X49-D50 and 15.1X49-D45, you cannot change the name of defaul vlan. For some reason the associated irb interfece remaisn in down state. In version 15.1X49-D60 you can use any name you want to this vlan, since it uses vlan-id 1 (none).

     

    On my L2 switch, I configured the trunk interface tagged on VLANs 2 and 3, and untagged on VLAN 1.

     

    Everything is working fione now!