dot1q tunneling on EX4300

2. RE: dot1q tunneling on EX4300

Recommend

Olivier Benghozi

Posted 08-19-2025 01:05

The doc is valid, but not for EX4300:

KB86903: EX4300 does not support flexible-ethernet-services statement in flexible-vlan-tagging

In case of SP style config, you can use encapsulation extended-vlan-bridge only for Q-in-Q scenario.

------------------------------
Olivier Benghozi
------------------------------

Original Message

Original Message:
Sent: 08-18-2025 14:04
From: JDooley
Subject: dot1q tunneling on EX4300

I'm encountering an error when configuring Q-in-Q on an EX4300. I'd like to accept a trunk tagged with S-vlans from a vendor, and a list of tagged C-vlans from a customer, encapsulate the customer vlans, and push them inside the vendor S-vlan for transit. The following statement commits:

set interfaces ge-0/0/15 description customer-handoffset interfaces ge-0/0/15 flexible-vlan-taggingset interfaces ge-0/0/15 encapsulation extended-vlan-bridgeset interfaces ge-0/0/15 unit 1200 vlan-id-list 20-40set interfaces ge-0/0/15 native-vlan-id 1set interfaces ge-0/0/15 unit 1200 input-vlan-map pushset interfaces ge-0/0/15 unit 1200 output-vlan-map popset interfaces ge-0/0/15 mtu 9000set interfaces xe-0/2/1 description vendor-trunkset interfaces xe-0/2/1 flexible-vlan-taggingset interfaces xe-0/2/1 encapsulation extended-vlan-bridgeset interfaces xe-0/2/1 unit 1200 vlan-id 1200set interfaces xe-0/2/1 mtu 9000set vlans siteA interface ge-0/0/15.1200set vlans siteA interface xe-0/2/1.1200

However, the documentation provides the following style of config, which doesn't commit and throws an error:

set interfaces ge-0/0/15 description customer-handoffset interfaces ge-0/0/15 flexible-vlan-taggingset interfaces ge-0/0/15 encapsulation extended-vlan-bridgeset interfaces ge-0/0/15 unit 1200 vlan-id-list 20-40set interfaces ge-0/0/15 native-vlan-id 1set interfaces ge-0/0/15 unit 1200 input-vlan-map pushset interfaces ge-0/0/15 unit 1200 output-vlan-map popset interfaces ge-0/0/15 mtu 9000set interfaces xe-0/2/1 description vendor-trunkset interfaces xe-0/2/1 flexible-vlan-taggingset interfaces xe-0/2/1 encapsulation flexible-ethernet-servicesset interfaces xe-0/2/1 unit 1200 encapsulation vlan-bridgeset interfaces xe-0/2/1 unit 1200 vlan-id 1200set interfaces xe-0/2/1 mtu 9000set vlans siteA interface ge-0/0/15.1200set vlans siteA interface xe-0/2/1.1200[edit interfaces xe-0/2/1]  'unit 1200'     Link encapsulation type is not valid for device typeerror: configuration check-out failed

Is there a better documentation source I should follow?

Can anyone provide feedback about the best config to achieve this scenario?

Thanks for the feedback!

------------------------------
J D
------------------------------

3. RE: dot1q tunneling on EX4300

Recommend

Simon Bingham (technical debt collector)

Posted 08-19-2025 08:33

Model: ex4300-24t

Junos: 18.4R1.8

Testing working on real hardware 9th October 2022
Followed this guide:

https://supportportal.juniper.net/s/article/EX-QFX-How-to-configure-QinQ-using-ELS-on-Junos-OS?language=en_US

Customer Port

set interfaces ge-0/0/9 description "Customer Port"

set interfaces ge-0/0/9 flexible-vlan-tagging

set interfaces ge-0/0/9 native-vlan-id 1

set interfaces ge-0/0/9 encapsulation extended-vlan-bridge

set interfaces ge-0/0/9 unit 2000 vlan-id-list 1-4094

set interfaces ge-0/0/9 unit 2000 input-vlan-map push

set interfaces ge-0/0/9 unit 2000 output-vlan-map pop

Service port

set interfaces ge-0/0/1 description "Service port ( trunk to other switch)"

set interfaces ge-0/0/1 flexible-vlan-tagging

set interfaces ge-0/0/1 encapsulation extended-vlan-bridge

set interfaces ge-0/0/1 unit 2000 vlan-id 2000

VLAN, or I think more correctly Bridge Domain

set vlans V2000 interface ge-0/0/1.2000

set vlans V2000 interface ge-0/0/9.2000

I also referred to

https://saidvandeklundert.net/2016-01-14-q-in-q-on-qfx-and-ex/

------------------------------
JNCIE-ENT 907
------------------------------

Original Message

Original Message:
Sent: 08-18-2025 14:04
From: JDooley
Subject: dot1q tunneling on EX4300

I'm encountering an error when configuring Q-in-Q on an EX4300. I'd like to accept a trunk tagged with S-vlans from a vendor, and a list of tagged C-vlans from a customer, encapsulate the customer vlans, and push them inside the vendor S-vlan for transit. The following statement commits:

set interfaces ge-0/0/15 description customer-handoffset interfaces ge-0/0/15 flexible-vlan-taggingset interfaces ge-0/0/15 encapsulation extended-vlan-bridgeset interfaces ge-0/0/15 unit 1200 vlan-id-list 20-40set interfaces ge-0/0/15 native-vlan-id 1set interfaces ge-0/0/15 unit 1200 input-vlan-map pushset interfaces ge-0/0/15 unit 1200 output-vlan-map popset interfaces ge-0/0/15 mtu 9000set interfaces xe-0/2/1 description vendor-trunkset interfaces xe-0/2/1 flexible-vlan-taggingset interfaces xe-0/2/1 encapsulation extended-vlan-bridgeset interfaces xe-0/2/1 unit 1200 vlan-id 1200set interfaces xe-0/2/1 mtu 9000set vlans siteA interface ge-0/0/15.1200set vlans siteA interface xe-0/2/1.1200

However, the documentation provides the following style of config, which doesn't commit and throws an error:

set interfaces ge-0/0/15 description customer-handoffset interfaces ge-0/0/15 flexible-vlan-taggingset interfaces ge-0/0/15 encapsulation extended-vlan-bridgeset interfaces ge-0/0/15 unit 1200 vlan-id-list 20-40set interfaces ge-0/0/15 native-vlan-id 1set interfaces ge-0/0/15 unit 1200 input-vlan-map pushset interfaces ge-0/0/15 unit 1200 output-vlan-map popset interfaces ge-0/0/15 mtu 9000set interfaces xe-0/2/1 description vendor-trunkset interfaces xe-0/2/1 flexible-vlan-taggingset interfaces xe-0/2/1 encapsulation flexible-ethernet-servicesset interfaces xe-0/2/1 unit 1200 encapsulation vlan-bridgeset interfaces xe-0/2/1 unit 1200 vlan-id 1200set interfaces xe-0/2/1 mtu 9000set vlans siteA interface ge-0/0/15.1200set vlans siteA interface xe-0/2/1.1200[edit interfaces xe-0/2/1]  'unit 1200'     Link encapsulation type is not valid for device typeerror: configuration check-out failed

Is there a better documentation source I should follow?

Can anyone provide feedback about the best config to achieve this scenario?

Thanks for the feedback!

------------------------------
J D
------------------------------

4. RE: dot1q tunneling on EX4300

Recommend

JDooley

Posted 08-20-2025 10:28

Oliver and Simon, thanks for those resources!

I tested this config in production for a site, and it's passing encapsulated traffic as expected.

------------------------------
J D
------------------------------

Original Message

Original Message:
Sent: 08-18-2025 14:04
From: JDooley
Subject: dot1q tunneling on EX4300

I'm encountering an error when configuring Q-in-Q on an EX4300. I'd like to accept a trunk tagged with S-vlans from a vendor, and a list of tagged C-vlans from a customer, encapsulate the customer vlans, and push them inside the vendor S-vlan for transit. The following statement commits:

set interfaces ge-0/0/15 description customer-handoffset interfaces ge-0/0/15 flexible-vlan-taggingset interfaces ge-0/0/15 encapsulation extended-vlan-bridgeset interfaces ge-0/0/15 unit 1200 vlan-id-list 20-40set interfaces ge-0/0/15 native-vlan-id 1set interfaces ge-0/0/15 unit 1200 input-vlan-map pushset interfaces ge-0/0/15 unit 1200 output-vlan-map popset interfaces ge-0/0/15 mtu 9000set interfaces xe-0/2/1 description vendor-trunkset interfaces xe-0/2/1 flexible-vlan-taggingset interfaces xe-0/2/1 encapsulation extended-vlan-bridgeset interfaces xe-0/2/1 unit 1200 vlan-id 1200set interfaces xe-0/2/1 mtu 9000set vlans siteA interface ge-0/0/15.1200set vlans siteA interface xe-0/2/1.1200

However, the documentation provides the following style of config, which doesn't commit and throws an error:

set interfaces ge-0/0/15 description customer-handoffset interfaces ge-0/0/15 flexible-vlan-taggingset interfaces ge-0/0/15 encapsulation extended-vlan-bridgeset interfaces ge-0/0/15 unit 1200 vlan-id-list 20-40set interfaces ge-0/0/15 native-vlan-id 1set interfaces ge-0/0/15 unit 1200 input-vlan-map pushset interfaces ge-0/0/15 unit 1200 output-vlan-map popset interfaces ge-0/0/15 mtu 9000set interfaces xe-0/2/1 description vendor-trunkset interfaces xe-0/2/1 flexible-vlan-taggingset interfaces xe-0/2/1 encapsulation flexible-ethernet-servicesset interfaces xe-0/2/1 unit 1200 encapsulation vlan-bridgeset interfaces xe-0/2/1 unit 1200 vlan-id 1200set interfaces xe-0/2/1 mtu 9000set vlans siteA interface ge-0/0/15.1200set vlans siteA interface xe-0/2/1.1200[edit interfaces xe-0/2/1]  'unit 1200'     Link encapsulation type is not valid for device typeerror: configuration check-out failed

Is there a better documentation source I should follow?

Can anyone provide feedback about the best config to achieve this scenario?

Thanks for the feedback!

------------------------------
J D
------------------------------

Switching