Quantcast
Channel: All Ethernet Switching posts
Viewing all 10307 articles
Browse latest View live

how to allow ex2200 to pass any vlan that customer might push

May 12, 2020, 4:59 am
$
0
0

Hello All,

 

We deploying simple erp ring made of 4 EX2200 switches for certain customer. 

The customer expects to pass random vlans accross the switches and doesnt want to be limited specific vlans, more like qinq set only that we dont have license for that at the moment. is there a work around to allow the ex2200 to pass any vlan both tagged/untaged that the customer might push. is it possible to pre-define all allowed vlan-ange 1-4096, trunk all ports and have native vlan-ID 1 for untagged traffic. is this scalable ?

 

Regards, 

Lish. 

Search

Re: how to allow ex2200 to pass any vlan that customer might push

May 12, 2020, 5:38 am
$
0
0

Hi ahmed-lish,

 

The number of VLANs supported per switch varies for each model. Use the configuration-mode command "set vlans id vlan-id ?" to determine the maximum number of VLANs allowed on a switch. You cannot exceed this VLAN limit because each VLAN is assigned an ID number when it is created. You can, however, exceed the recommended VLAN member maximum.

On an EX Series switch that runs Junos OS that does not support the Enhanced Layer 2 Software (ELS) configuration style, the maximum number of VLAN members allowed on the switch is 8 times the maximum number of VLANs the switch supports (vmember limit = vlan max * 8). If the switch configuration exceeds the recommended VLAN member maximum, you see a warning message when you commit the configuration. If you ignore the warning and commit such a configuration, the configuration succeeds but you run the risk of crashing the Ethernet switching process (eswd) due to memory allocation failure.

On an EX Series switch that runs Junos OS that supports ELS, the maximum number of VLAN members allowed on the switch is 24 times the maximum number of VLANs the switch supports (vmember limit = vlan max * 24). If the configuration of one of these switches exceeds the recommended VLAN member maximum, a warning message appears in the system log (syslog).

https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/members-interfaces.html

 

When an Ethernet LAN is divided into VLANs, each VLAN is identified by a unique 802.1Q ID. The number of available VLANs and VLAN IDs are listed below:

  • On a switch running ELS software, you can configure 4093 VLANs using VLAN IDs 1 through 4094, while VLAN IDs 0 and 4095 are reserved by Junos OS and cannot be assigned.

  • On a switch running non-ELS software, you can configure 4091 VLANs using VLAN IDs 1-4094.                                                                                                                                         https://www.juniper.net/documentation/en_US/junos/topics/topic-map/bridging-and-vlans.html#jd0e128

 

VLAN Configuration on EX switches:

https://www.juniper.net/documentation/en_US/junos/topics/topic-map/bridging-and-vlans.html#id-configuring-vlans-for-ex-series-switches

 

Hope this helps. Smiley Happy

 

Please mark this "Accepted Solution" if this helps you solve your query.

Kudos are much appreciated too Smiley Happy

Re: how to allow ex2200 to pass any vlan that customer might push

May 12, 2020, 11:35 am
$
0
0

 

Hi ahmed-lish,

 

Howdy,  Based on what you just explained the way to go is a Q in Q tunnel as the ex2200's do not support MPLS-VPNs.

 

Regarding the license part  Q in Q is within the EFL - Enhanced Feature License category, these licenses are honor-based, which means that the feature can be configured and work without a license installed until you are ready to purchase it, on the flip side you will see warning messages about it in the logs or whenever you commit a change and as a general using a feature without a license can be considered as SW pirating hence you will need to get it as soon as you can but as I mentioned before the feature should work, furthermore if you have JTAC support they can give a free license for 30 to 90 days I believe ( take that with a grain of salt) 

 

 

If this solves your problem, please mark this post as "Accepted Solution" so we can help others too \Smiley Happy/

Regards,

 

Lil Dexx
JNCIE-ENT#863, 3X JNCIP-[SP-ENT-DC], 4X JNCIA [cloud-DevOps-Junos-Design], Champions Ingenius, SSYB

Re: how to allow ex2200 to pass any vlan that customer might push

May 12, 2020, 11:59 am
$
0
0

@ahmed-lish - there are often multiple solutions to any situation/requirement.  If "all" you desire is L2 passage off all VLANs (some tagged, one untagged), from 1 ingress interface, to 1 egress interface (I assume this is what is desired) and you want to keep the same tag on egress as received on ingress with no changes, then I think @

 

 

Can I uplink a non-VCF switch to an existing QFX5100 Virtual Chassis Fabric

May 14, 2020, 2:31 am
$
0
0

Hi 

 

Please can anyone provide any advice?

 

My company runs a VCF with 6 QFX5100s with 2 Spine and 4 Leaf switches.

Please can someone tell me if it possible to 'uplink' another switch platform with a 'traditional' configuration to the spines? What I mean by traditional is running LACP, 802.1q tagged uplink ports, STP and to not have the new switches participate in the VCF. The switches I would like to uplink to the VCF Spines are two QFX5100s. Oh, also I forgot to say ( Please don't ask why )

 

New Switches (Non-VCF)

Model: qfx5100-48s-6q
Junos: 14.1X53-D35.3

 

Exsisting VCF

Model: qfx5100-48s-6q

Junos: 14.1X53-D35.3

 

fabric.png

Re: Can I uplink a non-VCF switch to an existing QFX5100 Virtual Chassis Fabric

May 14, 2020, 3:24 am
$
0
0
Hi

I don't think there should be any problems in connecting a separate switch with traditional config. It would be like connecting a standalone device to a VCF setup. By default even if it is qfx5100 the device will not participate in the VCF unless specifically configured.

Re: Can I uplink a non-VCF switch to an existing QFX5100 Virtual Chassis Fabric

May 14, 2020, 3:49 am
$
0
0

VCF is an advancement to Juniper's VC technology. When we say VCF, it is an Ethernet fabric, and whole fabric acts as a single switch - one IP to manage the entire fabric.

Now, consider your VCF as one chassis, and you can connect other devices as if you are connecting those to a single device.

All good as long as you are not going to make new switch(es) part of the fabric, in that case, you have the restrictions, i.e. what specific models can join the fabric. 

Re: vQFX and trunk, unable to ping irb interfaces

May 14, 2020, 4:51 am
$
0
0

I tried it with the latest PFE and RE images, and everything is working as expected.

 

{master:0}[edit]
root@SW1# run show version
fpc0:
--------------------------------------------------------------------------
Hostname: SW1
Model: vqfx-10000
Junos: 19.4R1.10 limited
JUNOS Base OS boot [19.4R1.10]
JUNOS Online Documentation [19.4R1.10]
JUNOS Crypto Software Suite [19.4R1.10]
JUNOS Base OS Software Suite [19.4R1.10]
JUNOS Packet Forwarding Engine Support (qfx-10-f) [19.4R1.10]
JUNOS Kernel Software Suite [19.4R1.10]
JUNOS Routing Software Suite [19.4R1.10]
JUNOS Enterprise Software Suite [19.4R1.10]
JUNOS SDN Software Suite [19.4R1.10]
JUNOS jsd [i386-19.4R1.10-jet-1]
JUNOS Web Management [19.4R1.10]
JUNOS py-base-i386 [19.4R1.10]
JUNOS py-base2-i386 [19.4R1.10]
JUNOS py-extensions-i386 [19.4R1.10]
JUNOS py-extensions2-i386 [19.4R1.10]

 

{master:0}[edit]
root@SW1# show interfaces xe-0/0/1 | display set
set interfaces xe-0/0/1 mac 50:00:00:03:00:04
set interfaces xe-0/0/1 unit 0 family ethernet-switching interface-mode trunk
set interfaces xe-0/0/1 unit 0 family ethernet-switching vlan members vlan100

 

{master:0}[edit]
root@SW1# show interfaces irb.100 | display set
set interfaces irb unit 100 family inet address 10.0.0.1/24

 

{master:0}[edit]
root@SW1# show vlans | display set
set vlans default vlan-id 1
set vlans vlan100 vlan-id 100
set vlans vlan100 l3-interface irb.100

 

{master:0}[edit]
root@SW1# run ping 10.0.0.2 rapid
PING 10.0.0.2 (10.0.0.2): 56 data bytes
!!!!!
--- 10.0.0.2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 138.563/220.678/244.412/41.138 ms

 

{master:0}[edit]
root@SW1# run show arp
MAC Address Address Name Interface Flags
02:05:86:71:71:00 10.0.0.2 10.0.0.2 irb.100 [xe-0/0/1.0] none
50:00:00:08:00:01 169.254.0.1 169.254.0.1 em1.0 none
Total entries: 2

 

 

{master:0}[edit]
root@SW2# show interfaces xe-0/0/1 | display set
set interfaces xe-0/0/1 mac 50:00:00:04:00:04
set interfaces xe-0/0/1 unit 0 family ethernet-switching interface-mode trunk
set interfaces xe-0/0/1 unit 0 family ethernet-switching vlan members vlan100

 

{master:0}[edit]
root@SW2# show interfaces irb.100 | display set
set interfaces irb unit 100 family inet address 10.0.0.2/24

 

{master:0}[edit]
root@SW2# show vlans | display set
set vlans default vlan-id 1
set vlans vlan100 vlan-id 100
set vlans vlan100 l3-interface irb.100

 

{master:0}[edit]
root@SW2# run show arp
MAC Address Address Name Interface Flags
02:05:86:71:2d:00 10.0.0.1 10.0.0.1 irb.100 [xe-0/0/1.0] none
50:00:00:09:00:01 169.254.0.1 169.254.0.1 em1.0 none
Total entries: 2

Search

Re: Can I uplink a non-VCF switch to an existing QFX5100 Virtual Chassis Fabric

May 14, 2020, 5:28 am

Re: Can I uplink a non-VCF switch to an existing QFX5100 Virtual Chassis Fabric

May 14, 2020, 6:32 am
$
0
0

Thanks to all, and thanks @rccpgm that's all good advice. I will make sure to accept the solution I still have a job after the deployment. Smiley Wink

Re: Can I uplink a non-VCF switch to an existing QFX5100 Virtual Chassis Fabric

May 14, 2020, 6:42 am
$
0
0

future-netops - I think you meant to write "if I have a job" Smiley Very Happy Don't worry, I've taken down more networks that I really wish to admit to.

 

Good luck, and don't worry!!!

Re: vQFX and trunk, unable to ping irb interfaces

May 14, 2020, 11:33 am
$
0
0

Hi , 

 

Did you tried to add static ARP? I guess trying the latest version will help.

 

 

RSTP between EX3400 and QFX5110 in VC

May 15, 2020, 4:39 am
$
0
0

image.png

 

Hello,

 

I would like to know if it is best practice to implement RSTP in a VC switches. in My design, i have ex3400 switches in a VC and they have uplinks connected towards QFX5110 switches that are also in VC. I would like to prevent loops in my network design. Also i have been investigating through forums/documentation how to implement RSTP in a VC. but i couldnt find the right answer. So I would apreciate some ideas how to aproach this.

 

1.If i understand correctly Junos does automatic detection of edge ports, when no BPDUs are received. Then this ports are automatically configured as edge ports?

2.Or are all ports non-edge by default unlles you configure them as edge ports. What if u dont want some ports(uplinks) to be edge ports do u leave it as default?

3. so back to my scenario, do i need to add all interfaces manually in ex3400 and QFX as edge port(RSTP) and enabling bdpu-block-on-edge, which will shut down an edge port that receives BPDUs ?. except the uplinks or ae intefaces towards srx?.

EX:

set protocols rstp interface ae2 edge

set protocols rstp interface ae3 edge
set protocols rstp bpdu-block-on-edge

QFX:

set protocols rstp interface xe-1/0/3 edge

set protocols rstp interface xe-2/0/3 edge
set protocols rstp bpdu-block-on-edge

 

4. what about the uplinks between the EX an QFX?, they should be participating in RSTP cause they will be advertising BPDUs towards each other (non-edge ports). what kind a configuration do i need to include them in the RSTP?, If i use the "mode point-to-point", will it make the uplinks ports as a non-edge ports?, are the ports link not already point-to-point by default?, if so, why do u still need to classify them as point-to-point in the configuration?.

EX:

set protocols rstp interface xe-1/0/0 mode point-to-point
set protocols rstp interface xe-2/0/0 mode point-to-point

QFX:

set protocols rstp interface et-1/0/4 mode point-to-point
set protocols rstp interface et-2/0/4 mode point-to-point

 

thanks.

Sul

 

 

Re: RSTP between EX3400 and QFX5110 in VC

May 15, 2020, 5:23 am
$
0
0

In general with VC, RSTP is not required between VC pairs; defeats one of the purposes of VC.

 

Interfaces on Juniper EX switches are by default enabled for RSTP, but not Edge.  If you want Edge, then this must be explicity configured.  Using either Groups of interface-range, is easiest to implement.

 

#3 - correct.  Must be explicitly set on Edge (user) facing ports, and RSTP itself (never mind Edge all) should likely be disabled on inter-switch or uplink 'trunk-type' interfaces.

 

#4 - RTSP should very likely be disabled on these links.

 

HTH

inquiry about EX 4300 T 48

May 15, 2020, 6:12 am
$
0
0

Does this model support POE ? 

Appreciate your help ..

Search

Betreff: inquiry about EX 4300 T 48

May 15, 2020, 6:15 am

Re: inquiry about EX 4300 T 48

May 15, 2020, 6:19 am
$
0
0

Hi

Below is the list of poe support by EX

 

EX4300-24T 24-port 10/100/1000BASE-T 0 1 U 0 W 350 W AC AFO (Front-to-back airflow)
EX4300-24P 24-port 10/100/1000BASE-T 24 1 U 550 W 715 W AC AFO (Front-to-back airflow )
EX4300-48T 48-port 10/100/1000BASE-T 0 1 U 0 W 350 W AC AFO (Front-to-back airflow )
EX4300-48P 48-port 10/100/1000BASE-T 48 1 U 900 W 1100 W AC AFO (Front-to-back airflow )
EX4300-48T-AFI 48-port 10/100/1000BASE-T 0 1 U 0 W 350 W AC AFI (Back-to-front airflow)
EX4300-48T-DC 48-port 10/100/1000BASE-T 0 1 U 0 W 550 W DC AFO (Front-to-back airflow )
EX4300-48T-DC-AFI 48-port 10/100/1000BASE-T 0 1 U 0 W 550 W DC AFI (Back-to-front airflow)

 

 

 

Hope this helps

Re: RSTP between EX3400 and QFX5110 in VC

May 15, 2020, 6:23 am
$
0
0

Devices in VC do not need STP running between them.

 

All the ports connected to end hosts are to be configured as edge ports and enable bdpu-block-on-edge at the RSTP level to disable the ports configured as edge in case BPDU's are received on them. By default, Junos does automatic detection of edge ports but changes it to non-edge ports when BPDU's received on them. So manually configure and enable bdpu-block-on-edge would be good.

 

If both the EX-VC and QFX-VC are layer-2 bridges, then I think RSTP is necessary on the links connecting each other to avoid loops. Now the mode point-to-point is the default mode on full-duplex ports whereas on half-duplex it is shared mode.

 

Hope this helps.

 

Thanks and regards,

Pradeep Kumar M

Juniper CFTS.

 

Re: RSTP between EX3400 and QFX5110 in VC

May 15, 2020, 6:29 am
$
0
0

"If both the EX-VC and QFX-VC are layer-2 bridges, then I think RSTP is necessary on the links connecting each other to avoid loops."

 

This is only true if there are multiple AE or single links between the VCs.  If it is 1 x AE with multiple links, RSTP is not required - big advantage of VC.  In VC each group of multiple switches acts and looks like a single switch.  If you connect two switches via a single connection (be it a single link or multiple links within a single AE) there is no loop.

Re: inquiry about EX 4300 T 48

May 15, 2020, 6:28 am
$
0
0

Hello HDawood,

 

Greetings.

EX4300- 48T doesn't support POE functionalities as they have all copper ports. Instead, you can use an EX 4300 48P with a POE budget of 900 W and a Power supply rating of 1100 W AC.

 

To explore more about EX4300 and its variations refer to the complete datasheet of EX 4300 series switch:

 

Refer the 7th page of the PDF for seeing the EX4300 variations and their capabilties:

https://www.juniper.net/assets/us/en/local/pdf/datasheets/1000467-en.pdf

 

I hope this helps. Please mark this post "Accept as solution" if this answers your query.

 

Kudos are always appreciated! Smiley Happy

 

Best Regards,

Lingabasappa H

Viewing all 10307 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>