With Cisco IOS, when it comes to setting up a VLAN and VLAN Membership, the process is in fact very straight forward. JunOS give us two ways of setting up a VLAN’s membership – regardless the method you use, the result will be exactly the same.

Q: Isn’t this already explained on Juniper’s website?

A: Yes, it is!

Q: So why would you carry on reading?

A: I reckon that, on Juniper’s website some things are not clear. Secondly, I will be showing you a few  gotchas which Juniper doesn’t mention either – this will mostly relate to the implementation logic.

As usually, let’s see a diagram:

vlans-01

So we will setup two VLANs – there is one way only for creating a VLAN; we will use the following set commands:

root# run show configuration vlans
VLAN-10;
vlan-20 {
    vlan-id 20;
}

{master:0}[edit]
root# run show configuration vlans | display set
set vlans VLAN-10
set vlans vlan-20 vlan-id 20

Few things already to observe here:

  1. When creating a VLAN, we give it a name, a vlan-id, or both! Should a vlan-id not be specified, that vlan will handle untagged frames. On Juniper’s website it is mentioned that the vlan-id is automatically generated – I could not verify this, as shown below. You can see that tagging is only enabled for VLAN-20.
  2. Another thing we notice is that by default, there is already a VLAN setup on the switch – this is called the default vlan and it carries untagged frames. Unlike Cisco switches, it *does not* have the vlan-id 1. Here is something very cool: even though both vlans (default & vlan-10) carry untagged frames, the broadcast domain is still separate!

{master:0}[edit]
root# run show vlans detail
VLAN: VLAN-10, 802.1Q Tag: Untagged, Admin State: Enabled

VLAN: default, 802.1Q Tag: Untagged, Admin State: Enabled

VLAN: vlan-20, 802.1Q Tag: 20, Admin State: Enabled

{master:0}[edit]
root# run show vlans extensive
VLAN: VLAN-10, Created at: Fri Sep 13 07:32:47 2013
Internal index: 4, Admin State: Enabled, Origin: Static
Protocol: Port Mode, Mac aging time: 300 seconds
Number of interfaces: Tagged 0 (Active = 0), Untagged 0 (Active = 0)

VLAN: default, Created at: Fri Sep 13 06:41:28 2013
Internal index: 3, Admin State: Enabled, Origin: Static
Protocol: Port Mode, Mac aging time: 300 seconds
Number of interfaces: Tagged 0 (Active = 0), Untagged 0 (Active = 0)

VLAN: vlan-20, Created at: Fri Sep 13 07:32:47 2013
802.1Q Tag: 20, Internal index: 5, Admin State: Enabled, Origin: Static
Protocol: Port Mode, Mac aging time: 300 seconds
Number of interfaces: Tagged 0 (Active = 0), Untagged 0 (Active = 0)

Let’s now move onto the two methods of creating the VLAN membership – i.e., which ports belong to which vlan.

METHOD I
METHOD II

 


Thank you,
Signature
View Rafael A Couto Cabral's profile on LinkedIn



Comments are closed.