Forwarding vlan'ov through Juniper

I am writing the first post on this resource, therefore I ask you not to drop the bricks very much.

As a preface. I work for an Internet provider of regional scale. Not so long ago, they acquired a wonderful piece of hardware called the Juniper MX80 as a root router. And accordingly, there was a need to forward a certain list of vlans through the router to other managed glands.

As it turned out in JunOS, you can do this in several ways. Because I didn’t come across juniper equipment before, of course, I had to try out the method that the official documentation advises.
www.juniper.net/techpubs/software/junos/junos91/mx-solutions-guide/configuring-basic-mx-series-layer-2-features.html We register

vlana on the interfaces we need.

#set interface ge1 / 1/9 unit 50 encapsulation vlan-bridge vlan-id
202 #set interface ge1 / 1/9 unit 50 encapsulation vlan-bridge vlan-id 202

We do the same thing on the other.
#set interface ae0 unit 50 encapsulation vlan-bridge vlan-id 50
#set interface ae0 unit 50 encapsulation vlan-bridge vlan-id 202

As a result, we get.
ge-1/1/9 {
vlan-tagging;
encapsulation flexible-ethernet-services;
unit 50 {
encapsulation vlan-bridge;
vlan-id 50;
unit 202 {
encapsulation vlan-bridge;
vlan-id 202;
}
}
}
ae0 {
vlan-tagging;
encapsulation flexible-ethernet-services;
aggregated-ether-options {
lacp {
active;
}
}
unit 50 {
encapsulation vlan-bridge;
vlan-id 50;
unit 202 {
encapsulation vlan-bridge;
vlan-id 202;
}
}
}


After the vlans are registered on the interfaces we need, it is necessary to register the so-called bridge-domain, in which you need to specify which vlan is present on which interface.
#set bridge-domain vlan50 domain-type bridge interface interface ge-1/1 / 9.50
#set bridge-domain vlan50 domain-type bridge interface interface ae0.50

Well, on the other.
#set bridge-domain vlan202 domain-type bridge interface interface ge-1/1 / 9.202
#set bridge-domain vlan202 domain-type bridge interface interface ae0.202

Well, what do we get.
bridge-domains {
vlan50 {
domain-type bridge;
interface ge-1/1 / 9.50;
interface ae0.50;
}
vlan202 {
domain-type bridge;
interface ge-1/1 / 9.202;
interface ae0.202;
}
}


The first method is over. To apply these settings, we perform “commit” and enjoy the result.
The method, in principle, is not bad, but I honestly did not like it ... And to a greater extent due to the fact that it was necessary to create a separate vlan in a separate unit. Yes, of course it was possible to register vlan-id-list on one unit and list a few, but in this case the scheme generally stopped working if the ae0 LACP interface was used in it. Yes, and I wanted a more tsiskovsky method or something.

Accordingly, as they say "laziness is the engine of progress", I began to look for an easier and more convenient way and of course I found.

As in the first case, we prescribe the necessary vlans on each interface, but now we can list them in one unit.

#set interface ae0 unit 0 family bridge interface-mode trunk vlan-id-list [50 202]
#set interface ae0 unit 0 family bridge interface-mode trunk vlan-id-list [50 202]

ge-1/1/9 {
vlan-tagging;
unit 0 {
description FORWARD_VLANS;
family bridge {
interface-mode trunk;
vlan-id-list [50 202];
}
}
}

ae0 {
vlan-tagging;
aggregated-ether-options {
lacp {
active;
}
}
unit 0 {
description FORWARD_VLANS;
family bridge {
interface-mode trunk;
vlan-id-list [50 202];
}
}
}


I want to pay special attention. In the interface settings in this case there is no “encapsulation flexible-ethernet-services” parameter.

Well, we prescribe bridge-domain. Now you do not need to specify interfaces, only vlan numbers will be sufficient.
#set bridge-domain vlan202 vlan-id 202
#set bridge-domain vlan20 vlan-id 50

And what happened.
bridge-domains {
vlan202 {
vlan-id 202;
}
vlan50 {
vlan-id 50;
}
}

We make "commit".
If you want to see the mac addresses in a specific vlan, you need to enter the command “show bridge mac-table vlan-id” and the vlan number. Here's what we get.
> show bridge mac-table vlan-id 50

MAC flags (S -static MAC, D -dynamic MAC, L -locally learned
SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)

Routing instance: default-switch
Bridging domain: stks.local, VLAN: 50
MAC MAC Logical
address flags interface
00: 07: e9: 0a: 50: 16 D ae0.0
00: 18: f4: 2b: ba: fb D ge-1/1 / 9.0


That's all. I would be very happy if at least a small part of my achievements will be useful to someone.

Also popular now: