Switching

 View Only
last person joined: 2 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.

Correct way to use interface-mac-limit on QFX10k

  • 1.  Correct way to use interface-mac-limit on QFX10k

    Posted 05-11-2023 15:34
    Edited by Ashm 05-11-2023 15:41

    Hello!

    I have QFX10k8 box running JunOS 22.4R1 with one vlan configured in SP-style:

    minotaur@core-sw1-sp.ki# show vlans PUBLIC
    vlan-id 777;
    interface ae111.777;
    interface xe-1/0/25:0.1002;
    no-arp-suppression;

    I need to limit number of MAC addresses learned on xe-1/0/25:0.1002. I've tried configuration I previously used on JunOS 17.x:

    [edit]
    minotaur@core-sw1-sp.ki# set vlans PUBLIC switch-options interface xe-1/0/25:0.1002 interface-mac-limit 1 packet-action drop-and-log    

    [edit]
    minotaur@core-sw1-sp.ki# commit check 
    re0: 
    [edit vlans PUBLIC interface]
      'xe-1/0/25:0.1002'
        Interface mac limit should not be configured at VLAN level for sub interfaces
    error: configuration check-out failed: (statements constraint check failed)

    I tried to move interface-mac-limit to global swtch-options:

    [edit]
    minotaur@core-sw1-sp.ki# set switch-options interface xe-1/0/25:0.1002 interface-mac-limit 1 packet-action drop-and-log 

    [edit]
    minotaur@core-sw1-sp.ki# commit check 
    re0: 
    [edit switch-options interface]
      'xe-1/0/25:0.1002'
        Only interface with 'interface-mode' are allowed in a default routing-instance
    error: configuration check-out failed: (statements constraint check failed)

    Now I'm stuck. 

    Can anybody suggest a proper way to use this feature with sp-style configuration? Thank you!