Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EX] EX-series switch Layer 3 routed VLAN configuration

1

0

Article ID: KB10972 KB Last Updated: 14 May 2020Version: 4.0
Summary:

EX-series switches connect all devices in an office or data center into a single LAN to provide sharing of common resources such as printers and file servers and to enable wireless devices to connect to the LAN through wireless access points (WAPs).

The default configuration creates a single VLAN, and all traffic on the switch is part of that broadcast domain. Creating separate network segments reduces the span of the broadcast domain and allows you to group related users and network resources without being limited by physical cabling or by the location of a network device in the building or on the LAN.

This article provides more information about a Layer 3 routed VLAN configuration in EX Series switches.

 

Solution:

In a traditional network, broadcast domains consist of either physical ports connected to a single switch or logical ports connected to one or more switches through VLAN configurations. Switches send traffic to hosts that are part of the same broadcast domain, but routers are needed to route traffic from one broadcast domain to another and to perform other Layer 3 functions such as traffic engineering.

EX-series switches use a routed VLAN interface (RVI) to perform these routing functions, using it to route data to other Layer 3 interfaces.

To configure VLAN with L3 routing, follow the next steps:

This configuration example creates two IP subnets, one for v100 VLAN and the second for the v200 VLAN. The switch bridges traffic within a VLAN. For traffic passing between two VLANs, the switch routes the traffic using a Layer 3 routing interface on which you have configured the address of the IP subnet.

  1. Create the VLAN by assigning it a name and a VLAN ID:

[edit]
user@switch# set vlans v100 vlan-id 100
user@switch# set vlans v200 vlan-id 200
  1. Assign an interface to the VLAN by specifying the logical interface (with the unit statement) and specifying the VLAN name as the member:

[edit]
user@switch# set interfaces ge-0/0/16 unit 0 family ethernet-switching vlan members v100
user@switch# set interfaces ge-0/0/17 unit 0 family ethernet-switching vlan members v100
user@switch# set interfaces ge-0/0/18 unit 0 family ethernet-switching vlan members v200
user@switch# set interfaces ge-0/0/19 unit 0 family ethernet-switching vlan members v200
  1. Create the subnet for the VLAN’s broadcast domain:

[edit]
user@switch# set interfaces vlan unit 100 family inet address 192.0.0.1/24
user@switch# set interfaces vlan unit 200 family inet address 192.0.2.1/24
  1. Layer 3 interfaces on trunk ports allow the interface to transfer traffic between multiple VLANs. Within a VLAN, traffic is bridged, whereas across VLANs, traffic is routed. Bind a Layer 3 interface with the VLAN:

[edit]
user@switch# set vlans v100 l3-interface vlan.100
user@switch# set vlans v200 l3-interface vlan.200

Verification

  • Issue the "show interfaces vlan terse", "show vlan" or "show vlans brief" commands to display the configuration settings. A sample output is shown below.

user@switch> show interfaces vlan terse

Interface               Admin Link Proto    Local                 Remote
vlan                    up    up
vlan.100                up    up   inet     192.0.0.1/24
vlan.200                up    up   inet     192.0.2.1/24

[edit interfaces]
user@switch# show vlan

interfaces {
vlan {
       unit 100 {
            family inet {
                  address 192.0.0.1/24;
            }
       unit 200 {
            family inet {
                  address 192.0.2.1/24;
            }

user@switch> show vlans brief
-------------------------------------------------------
Name           Tag     Address             Ports
                                       Active/Total
-------------------------------------------------------
default        None    ---------           1/29
v100           100     192.0.0.1/24        2/2
v110           110     192.0.2.1/24        2/2 
  • Confirm that traffic is being switched between the VLANs. The "show ethernet-switching table" command lists all the VLANs and their corresponding interface associations in the switch's switching table:

user@switch> show ethernet-switching table

Ethernet-switching table: 8 entries, 4 learned

VLAN           MAC address        Type         Age Interfaces
default        *                  Flood        - All-members
v100           *                  Flood        - All-members
v100           00:19:e2:50:a4:a0  Static       - Router
v200           *                  Flood        - All-members
v200           00:19:e2:50:a4:a0  Static       - Router
  • List the Layer 3 routes in the switch's routing table to verify that the routed VLANs interfaces are distributed:

user@switch> show route        

inet.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0         *[Static/5] 03:33:45
                            > to 172.30.36.1 via me0.0
192.0.0.0/24      *[Direct/0] 03:35:42
                            > via vlan.100
192.0.0.1/32      *[Local/0] 03:35:58
                              Local via vlan.1
192.0.2.0/24      *[Direct/0] 03:35:45
                            > via vlan.200
192.0.2.1/32      *[Local/0] 03:35:58
                              Local via vlan.200
172.30.36.0/24    *[Direct/0] 03:33:45
                            > via me0.0
172.30.36.133/32  *[Local/0] 03:33:45
                              Local via me0.0

 

Modification History:

2020-05-14: Article reviewed for accuracy; no changes made; article valid and relevant

 

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search