Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[MX] How to classify bridged and routed traffic from 'family bridge' interfaces

0

0

Article ID: KB21581 KB Last Updated: 19 Sep 2011Version: 1.0
Summary:
This article describes the differences in classification of traffic arriving on a 'family bridge' interface versus other interface family types.
Symptoms:
Unlike other interface family types, applying classification actions to interfaces configured with 'family bridge' will only classify traffic that is bridged and not routed. In order to classify traffic that is to be routed out of the VLAN, an additional classifier needs to be applied to the IRB interface for that VLAN. 
Cause:

Solution:
There are two options to classify traffic ingress to a bridged interface - either with a fixed classifier or through firewall filters. For simplicity, only the fixed classifier is used in this example. The following example shows how to configure a fixed classifier on a bridged interface:
interfaces {
    ge-0/0/0 {
        unit 0 {
            family bridge {
                interface-mode access;
                vlan-id 284;
            }
        }
    }
}
class-of-service {
    interfaces {
        ge-0/0/0 {
            unit 0 {
                forwarding-class silver-nrt-1;
            }
        }
    }
}

The above configuration will classify only bridged traffic. To ensure that the routed traffic is also classified, apply a fixed classifier to the IRB interface like this:

interfaces {
    irb {
        unit 284 {
            family inet {
                address 10.245.14.2/28;
            }
        }
    }
}
class-of-service {
    interfaces {
        irb {
            unit 284 {
                forwarding-class silver-nrt-1;
            }
        }
    }
}


To verify whether the classifier has had the desired effect, use the show interfaces queue command on the egress interface.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search