Re: Overlapping subnet is configured under irb ERROR

I was running into this same (or very similar) problem with an ex3300 runing Junos 15.1R6-S2.1. It is a l2 switch with a management vlan (the only interface with family inet is vlan.100). vlan.100 is configured with address 10.0.100.10/28, and I wanted that to change to /24.

Example showing the interfaces and the vlans stanzas in my lab switch

interfaces {
    vlan {
        unit 100 {
            description "management vlan";
            family inet {
                address 10.0.100.10/28;
            }
        }
    }
}
vlans {
    vlan-mgmt {
        description "management vlan";
        vlan-id 100;
        l3-interface vlan.100;
    }
}

I should be able to delete the address, and add it back with the new netmask:

root@sw-lab-ex3300# show | compare
[edit interfaces vlan unit 100 family inet]
+       address 10.0.100.10/24;
-       address 10.0.100.10/28;

root@sw-lab-ex3300# commit check
error: Overlapping subnet is configred under vlan
[edit interfaces vlan unit 100 family inet]
  'address 10.0.100.10/24'
     Overlapping subnet is configured
error: DCD Configuration check FAILED.
error: configuration check-out failed

{master:0}[edit]
root@sw-lab-ex3300# rollback
load complete

{master:0}[edit]
root@sw-lab-ex3300#

Uh-oh, that's not good. I rolled back to the running configuration and decided to research more. I followed some of the examples in this thread, and began testing in my lab. Testing in lab confirmed that I can change the netmask if I delete the l3-interface's inet address, reboot, then add the address with new netmask. This isn't a great solution, so how do I do this without a reboot? I have done it before without issue. What was different then!?

I decided to do some more lab testing with some other ex3300's that I was using. These already had other vlans and multiple l3-interfaces. I added vlan-mgmt, and the l3-interface configured with a /28 netmask, etc. Committed - no errors.

I then hen tried changing the netmask to /24 as above, and it committed with no errors this time!?

Why? It looks like this problem only appears if you only have one irb/vlan l3-interface configured on the switch. So I go back to my problem switch and I added a temporary vlan with a temporary l3-interface (this is all temporary, so doesn't matter too much what values you use - make sure it doesn't conflict with anything else, or maybe you can put it in a separate routing-instance). I do not attempt to change the management vlan netmask yet!

root@sw-lab-ex3300# show | compare
[edit interfaces vlan]
+    unit 3000 {
+        description "temporary vlan";
+        family inet {
+            address 10.255.255.254/32;
+        }
+    }
[edit vlans]
+   vlan-temp {
+       description "temporary vlan";
+       vlan-id 3000;
+       l3-interface vlan.3000;
+   }

{master:0}[edit]
root@sw-lab-ex3300# commit check
configuration check succeeds

{master:0}[edit]
root@sw-lab-ex3300# commit
configuration check succeeds
commit complete

{master:0}[edit]

So far so good!

Now I can attempt to update the management vlan's netmask:

root@sw-lab-ex3300# show | compare
[edit interfaces vlan unit 100 family inet]
+ address 10.0.100.10/24;
- address 10.0.100.10/28;

{master:0}[edit]
root@sw-lab-ex3300# commit check
configuration check succeeds

{master:0}[edit]
root@sw-lab-ex3300# commit
configuration check succeeds
commit complete

{master:0}[edit]
root@sw-lab-ex3300#

Weird quirk! I know this tread is several months old now, but I figured I would add another documented workaround for the next person that runs into this (and doesn't want to reboot their device).