[ietf86-tech] Juniper Hotel VLAN solution...

Warren Kumari warren at kumari.net
Fri Feb 22 09:26:48 PST 2013 

Hi there all,

So, I got a chance to test this last night, and all seems to work perfectly…

I did have the standard issue connecting a Cisco trunk to a non-Cisco device -- I *always* have issues with "inconsistent peer vlan" issues with ciscos, so I just turned off STP on the cisco. Obviously we'll need to fix this properly on the day…

Anyway, hooked up a Cisco switch (g0/1) trunked to the Juniper (ge-1/1/1). I configured ports g0/2-0/4 as access ports each in their own VLAN. I then plugged a machine into the access vlans and pinged the router, the VLAN interface on the switch and from devices to the other devices.

All worked.


The MAC Table:
wkumari> show bridge mac-table    

MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
           SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)

Routing instance : default-switch
 Bridging domain : BD_NONE, VLAN : none
   MAC MAC Logical NH RTR
   address flags interface Index ID
   04:7d:7b:61:3d:3e D ge-1/1/1.100    
   40:6c:8f:38:d4:59 D ge-1/1/1.300    
   64:d8:14:52:b6:c1 D ge-1/1/1.100    

wkumari> show bridge mac-table    

MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
           SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)

Routing instance : default-switch
 Bridging domain : BD_NONE, VLAN : none
   MAC MAC Logical NH RTR
   address flags interface Index ID
   04:7d:7b:61:3d:3e D ge-1/1/1.100    
   40:6c:8f:38:d4:59 D ge-1/1/1.300    
   64:d8:14:52:b6:c1 D ge-1/1/1.100    

wkumari> show bridge mac-table    

MAC flags (S -static MAC, D -dynamic MAC, L -locally learned, C -Control MAC
           SE -Statistics enabled, NM -Non configured MAC, R -Remote PE MAC)

Routing instance : default-switch
 Bridging domain : BD_NONE, VLAN : none
   MAC MAC Logical NH RTR
   address flags interface Index ID
   04:7d:7b:61:3d:3e D ge-1/1/1.200    
   40:6c:8f:38:d4:59 D ge-1/1/1.300    
   64:d8:14:52:b6:c1 D ge-1/1/1.100 





Juniper config:

wkumari> show configuration 
## Last commit: 2010-01-01 02:08:05 UTC by wkumari
version 12.3R1.7;
system {
    backup-router 192.168.1.1;
    root-authentication {
        encrypted-password "$1$kSJUcMnX$uBKPiOwN6kB5vCW6zqF7F1"; ## SECRET-DATA
    }
    login {
        user wkumari {
            uid 2000;
            class super-user;
            authentication {
                encrypted-password "$1$UAje3tp4$069khtbnClgYSLYVSEnp11"; ## SECRET-DATA
            }
        }
    }
    services {
        ssh;
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {                 
            any notice;
            authorization info;
        }
    }
}
interfaces {
    ge-1/1/0 {
        unit 0 {
            family inet {
                address 192.168.1.180/24;
            }
        }
    }
    ge-1/1/1 {
        vlan-tagging;
        encapsulation flexible-ethernet-services;
        unit 1 {
            encapsulation vlan-bridge;
            vlan-id 1;
        }
        unit 100 {
            encapsulation vlan-bridge;
            vlan-id 100;
        }                               
        unit 200 {
            encapsulation vlan-bridge;
            vlan-id 200;
        }
        unit 300 {
            encapsulation vlan-bridge;
            vlan-id 300;
        }
    }
    irb {
        unit 0 {
            family inet {
                address 10.10.10.1/24;
            }
        }
    }
    lo0 {
        unit 0 {
            family inet {
                address 127.0.0.1/32;
            }
        }
    }
}                                       
routing-options {
    static {
        route 0.0.0.0/0 next-hop 192.168.1.1;
    }
}
bridge-domains {
    BD_NONE {
        vlan-id none;
        interface ge-1/1/1.100;
        interface ge-1/1/1.200;
        interface ge-1/1/1.300;
        interface ge-1/1/1.1;
        routing-interface irb.0;
    }
}








Cisco config:

Switch#sho run
Building configuration…

Current configuration : 1573 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
!
!
!
no aaa new-model
!
!
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
!
interface FastEthernet0
 no ip address
!
interface GigabitEthernet0/1
 switchport mode trunk
 spanning-tree bpdufilter enable
!
interface GigabitEthernet0/2
 switchport access vlan 100
 switchport mode access
!
interface GigabitEthernet0/3
 switchport access vlan 200
 switchport mode access
!
interface GigabitEthernet0/4
 switchport access vlan 300
 switchport mode access
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface Vlan1
 no ip address
!
interface Vlan100
 ip address 10.10.10.50 255.255.255.0
!
ip http server
ip http secure-server
!
line con 0
line vty 5 15
!
end

Switch#



W



--
Some people are like Slinkies......Not really good for anything but they still bring a smile to your face when you push them down the stairs.

More information about the ietf86-tech mailing list