View Only
last person joined: 3 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  irb needed for zone/switch group?

    Posted 09-07-2022 15:03
    I have an SRX-300, I want to make ge-0/0/1-7 into a simple switch that's in a zone with a policy.

    I'm modifying a default config which places ge-0/0/1-6 into an irb.0 zone and sets them to ethernet-switching and vlan 3.

    Do I really need an irb, or what is best practices here? I want all members of the "switch" to be able to talk to each other to mimic an unmanaged switch.

  • 2.  RE: irb needed for zone/switch group?

    Posted 09-10-2022 09:41
    The irb interface is there to provide a gateway layer 3 address for the subnet to egress from that vlan.  And is the interface added to the zone on behalf of the whole vlan.

    The interfaces at layer 2 are not put into the zone configuration but just added to the vlan itself along with the chosen layer 3 irb interface.

    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP - Retired)