This article is written based on a customer requirement where the inter-vlan traffic from the EX Switch is directed to SRX .
REQUIREMENT:
- To forward the Intervlan traffic on EX
- The traffic from VLAN 10 and VLAN 20 will be directed to SRX and SRX will decide based on rules (NOTE: This KB article is for EX Switch configuration and operation only.)
Switch Configuration:
STEP 1: Configuration of Vlans and assigning the ports
set vlans vlan10 vlan-id 10
set vlans vlan10 interface ge-0/0/1.0
set vlans vlan10 interface ge-0/0/2.0
set vlans vlan10 interface ge-0/0/3.0
set vlans vlan20 vlan-id 20
set vlans vlan20 interface ge-0/0/4.0
set vlans vlan20 interface ge-0/0/5.0
set vlans vlan20 interface ge-0/0/6.0
STEP 2: Configuration of IP address
set interfaces vlan unit 10 family inet address 10.0.0.1/8
set vlans vlan10 l3-interface vlan.10
set interfaces vlan unit 20 family inet address 20.0.0.1/8
set vlans vlan20 l3-interface vlan.20
set interfaces ge-0/0/0 unit 0 family inet address 192.168.42.1/24
STEP 3: Filter based forwarding and RIB group
set routing-instances VRFx instance-type forwarding
set routing-instances VRFx routing-options static route 0.0.0.0/0 next-hop 192.168.42.2
set routing-options interface-routes rib-group inet master
set routing-options rib-groups master import-rib inet.0
set routing-options rib-groups master import-rib VRFx.inet.0
STEP 4. Filter configuration
set firewall family inet filter RVI term 1 then routing-instance VRFx
STEP 5. Apply Filter to RVI
set interfaces vlan unit 10 family inet filter input RVI
set interfaces vlan unit 20 family inet filter input RVI
2020-05-19: Article reviewed for accuracy. Minor formatting edits.
