Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EX] Native VLAN ID and tagged behavior in EX-series switches

0

1
Article ID: KB17419 KB Last Updated: 24 Mar 2020Version: 6.0 Summary:

This article provides information about tagged behavior on an EX Series switch, when a native VLAN ID is configured.

Note: The native-vlan configuration on EX Series switches that is being referred to in this article applies to switches running non-ELS Junos OS versions. ​For equivalent ELS configuration, refer to Layer 2 Networking.

To find out which versions are ELS, refer to ​(these and any later versions are ELS for the respective product): Enhanced Layer 2 Software (ELS).

 

Solution:

When a native VLAN ID is configured and the same VLAN is configured under the port mode trunk, the switch receives untagged frames, as well as tagged frames for the configured native VLAN ID and forwards it to the VLAN that is configured as native.

For the same configuration, when packets are sent out on the native VLAN, the frames are sent as tagged frames, as it is added under the port mode trunk.

 

For example:

In the following configuration, native-vlan-id 1 equals the MGMT VLAN (ID 1) and the MGMT VLAN is also configured as a member of the trunk VLAN:

ge-0/0/23 {
    unit 0 {
        family ethernet-switching {
            port-mode trunk;
            vlan {
                members [ MGMT Cust_150 Cust_151 ]; < Reason why MGMT packets are tagged
            }
            native-vlan-id 1;
        }
    }
}

The EX switch will tag and transmit the MGMT packets. To send untagged packets on the native VLAN, the MGMT VLAN has to be removed as a member of the trunk; but left in the native VLAN that is set to the MGMT.

 

Here is how it works:

MGMT is NOT a member of trunk, but it is a member of native VLAN:

Transmit = untagged (pass)
Receive = untagged (pass)
Receive = tagged to MGMT (drop)

MGMT IS a member of the trunk and native VLANs:

Transmit = tagged (pass)
Receive = untagged (pass - mapped to MGMT)
Receive = tagged (pass)

So, if a tagged VLAN needs to be sent as untagged traffic, it should be configured only with the native VLAN ID and the VLAN should not be added under the port mode trunk configuration.

ge-0/0/23 {
    unit 0 {
        family ethernet-switching {
            port-mode trunk;
            vlan {
                members [ Cust_150 Cust_151 ];
            }
            native-vlan-id 1;   << will be sent as untagged.
        }
    }
}

Another way to achieve this is by using the hidden command, 'except'. This is helpful when the VLAN count is higher and it is difficult to mention all the VLANs individually.

root@jtac-EX4200-8POE-r2028# show interfaces ge-0/0/23
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members all;
            except MGMT;
        }
        native-vlan-id 1;
    }
}

 

Modification History:

2020-03-24: Added a note that syntax used here is "non-ELS" and shared links for equivalent "ELS" config.

​2019-02-11: Corrected native-vlan-id syntax

2017-08-00: In the solution section, added another method using the 'except' command.

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search