Re: QFX5100-48T best deployment option
Apologies to all for hi-jacking this thread. I hope to do exactly this, to configure 2 x QFX5100-48T in a Virtaul Chassis (not VCF) mode only, using multiple QSFP+ to QSFP+ Ethernet Direct Attach...
View ArticleFirewall filters: "Internet-only" for a VLAN
Hi there, I like to take my first steps into the world of firewall filtering on EX3300 switches, but the more I read the more I'm getting confused! :-)My first project is: From vlan123 everything...
View ArticleRe: QFX5100-48T best deployment option
On the right-hand side of the link you provide is a section called: Configuring a QFX Series Virtual Chassis (CLI Procedure)This will take you here -...
View ArticleRe: QFX5100-48T best deployment option
Thank for the response rccpgm. Any simple sample configs for a Virtual Chassis that you know of in Juniper doc or otherwise?
View ArticleRe: Firewall filters: "Internet-only" for a VLAN
Ok.. I don't have a lab box to test it but I guess, you should configure "from destination-port" in the term allow-internet, and should apply the filter under family inet hierarchy. i.e. "set...
View ArticleEX3300 Number of LAG limit
Hello,I have a set of 4 EX3300 devices setup as a Virtual-Chassis.I need to configure 40 LAG on it but I read in the documentation that EX3300 only support a maximum of 32 LAG.However, the cli allows...
View ArticleRe: Firewall filters: "Internet-only" for a VLAN
Hey Kingsman, thanks for your fast reply! wrote:you should configure "from destination-port" in the term allow-internet ok, I will try. wrote:and should apply the filter under family inet...
View ArticleRe: Firewall filters: "Internet-only" for a VLAN
Hi Stephan, Yes it is.. You can refer to any example from Juniper tech pubs: Example: Configuring Interface-Specific Firewall Filter Counters Guidelines for Configuring Firewall Filters [KUDOS PLEASE!...
View ArticleRe: Ex3300 Virtual Chassis preprovisioning issue.
Hi,Please check this KB, if it helps you to troubleshoot the issue. Resolution Guide - EX - Troubleshoot Virtual Chassis (VC) //ReagrdsAD
View ArticleRe: Extend Existing Network Without Adding Switches to Virtual Chassis
In this case you would simply add a trunk port for the fiber connection between the switches and assign the vlans to this as needed for the extension. You will need to add a loopback address to manage...
View ArticleRe: Firewall filters: "Internet-only" for a VLAN
Hi again, now I spent a few hours trying a lot of things, also inspired by this thread:https://forums.juniper.net/t5/Ethernet-Switching/Guest-Internet-Access-Firewall-Filter/m-p/45607#M2347But...
View ArticleRe: Firewall filters: "Internet-only" for a VLAN
But unfortunately, I didn't get the expected results.can you explain what did you try ? (scenario & config) 1. I don't understand "inet" vs. "ethernet-switching" when it comes to filters and...
View ArticleEX Switch: VLAN creation and Trunk interface
Hello Experts, Please excuse me if this is a silly question! Is there any shortcut in EX switches to create muliple VLANs and also to permit all those VLANs in trunk. 1. Create VLANs from 100-5002. If...
View ArticleHow to verify MAC-Move or Enable MAC-Move logs
Hi ; we have recently deployed qfx5100 switches , in old enviroment we use to have alot of MAC moves happening .How can we make sure if its not happening in new topology , also do we need to enable any...
View ArticleRe: dhcp snooping in MX
try adding the IRB.1002 as a "TRUSTED" interface, this was an issue for me.i'm using MX104,your cards may allso be an issue. btw, Option82 didnt work for me on dhcp-security, only on dhcp-relay.
View ArticleRe: EX Switch: VLAN creation and Trunk interface
use vlan-range to create multiple vlans:# set vlans test vlan-range 100-500...
View ArticleRe: EX Switch: VLAN creation and Trunk interface
and assign vlan test to trunk one of two ways: set interfaces ge-0/0/1.0 family ethernet-switching vlan members test or set interfaces ge-0/0/1.0 family ethernet-switching vlan members 100-500...
View ArticleRe: EX Switch: VLAN creation and Trunk interface
If literally all of the vlans configured on the switch should be the member of a trunk port you can use the members all keyword. set interfaces ge-0/0/2 unit 0 family ethernet-switching port-mode trunk...
View ArticleRe: dhcp snooping in MX
On the MX when doing dhcp relay via a bridge domain and irb interface you need to have broadcast flood enabled so that all hte bridged interfaces can communicate for the relay sessions. Enable...
View ArticleRe: How to verify MAC-Move or Enable MAC-Move logs
Are you looking then to see all the the "changed" status lines here sent to syslog?...
View Article