After reading Robert Juric’s blog post about JUNOS VLANs, I decided I’d write one about best practices for configuring VLANs on the EX series switches.

The Juniper recommended best practice (which I 100% agree with) for configuring VLANs is that you configure untagged (access) VLANs under the VLAN itself, and tagged (trunked) VLANs under the interface.

For example, to accomplish the following:

• create VLANs 10 and 20
• set ge-0/0/0 & ge-0/0/1 as untagged VLAN 10
• set ge-0/0/2 & ge-0/0/3 as untagged VLAN 20
• set ge-0/0/47 as tagged (trunked) with VLANs 10 and 20

you would do the following:

set interfaces ge-0/0/0 unit 0 family ethernet-switching
set interfaces ge-0/0/1 unit 0 family ethernet-switching
set interfaces ge-0/0/2 unit 0 family ethernet-switching
set interfaces ge-0/0/3 unit 0 family ethernet-switching
set interfaces ge-0/0/47 unit 0 family ethernet-switching port-mode trunk
set interfaces ge-0/0/47 unit 0 family ethernet-switching vlan members [ VLAN10 VLAN20 ]
set vlans VLAN10 vlan-id 10
set vlans VLAN20 vlan-id 20
set vlans VLAN10 interface ge-0/0/0.0
set vlans VLAN10 interface ge-0/0/1.0
set vlans VLAN20 interface ge-0/0/2.0
set vlans VLAN20 interface ge-0/0/3.0

Much easier (and cleaner) to configure the untagged VLANs under the VLAN itself.

Also, to create RVIs (the equivalent of SVIs in IOS), you’d simply do:

set interfaces vlan unit 10 family inet 10.10.10.0/24
set interfaces vlan unit 20 family inet 20.20.20.0/24
set vlans VLAN10 l3-interface vlan.10
set vlans VLAN20 l3-interface vlan.20

Hope that helps!

Filed under: Juniper, Network by Chris Jones on September 26, 2010
No Comments »