Juniper EX2200, EX4500, EX6210, EX8208, EX8216 Hardware Manual

...

Download

Page 1

Junos®OS for EX Series Ethernet Switches

Network Interfaces for EX4300 Switches

Release

13.2X51

Published: 2015-02-24

Page 2

Juniper Networks, Inc. 1133 Innovation Way Sunnyvale, California 94089 USA 408-745-2000 www.juniper.net

Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. The Juniper Networks Logo, the Junos logo, and JunosE are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.

Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

Junos®OS for EX Series Ethernet Switches Network Interfaces for EX4300 Switches

The information in this document is current as of the date on the title page.

YEAR 2000 NOTICE

Juniper Networks hardware and software products are Year 2000 compliant. Junos OS has no known time-related limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036.

END USER LICENSE AGREEMENT

The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with) Juniper Networks software. Use of such software is subject to the terms and conditions of the End User License Agreement (“EULA”) posted at

http://www.juniper.net/support/eula.html. By downloading, installing or using such software, you agree to the terms and conditions of

that EULA.

Page 3

Table of Contents

About the Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv

Documentation and Release Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv

Supported Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv

Using the Examples in This Manual . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv

Merging a Full Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvi

Merging a Snippet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvi

Documentation Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii

Documentation Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix

Requesting Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix

Self-Help Online Tools and Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . xix

Opening a Case with JTAC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx

Part 1 Overview

Chapter 1 Interfaces Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

EX Series Switches Interfaces Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Network Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Special Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Understanding Interface Naming Conventions on EX Series Switches . . . . . . . . . . 6

Physical Part of an Interface Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6

Logical Part of an Interface Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Wildcard Characters in Interface Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Understanding Aggregated Ethernet Interfaces and LACP . . . . . . . . . . . . . . . . . . . 8

Link Aggregation Group (LAG) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

Link Aggregation Control Protocol (LACP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

Understanding the Algorithm Used to Hash LAG Bundle and Egress Next-Hop

ECMP Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

Understanding the Hashing Algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

IP (IPv4 and IPv6) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

MAC-in-MAC Packet Hashing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Layer 2 Header Hashing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Understanding How Energy Efficient Ethernet Reduces Power Consumption on

Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Understanding Local Link Bias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Understanding Layer 3 Subinterfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Understanding Unicast RPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Unicast RPF for Switches Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Unicast RPF Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Unicast RPF Packet Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Bootstrap Protocol (BOOTP) and DHCP Requests . . . . . . . . . . . . . . . . . 20

Page 4

Network Interfaces for EX4300 Switches

Understanding IP Directed Broadcast for EX Series Switches . . . . . . . . . . . . . . . . 23

Understanding Interface Ranges on EX Series Switches . . . . . . . . . . . . . . . . . . . . 24

802.1Q VLANs Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Part 2 Configuration

Chapter 2 Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Configuring Gigabit Ethernet Interfaces (CLI Procedure) . . . . . . . . . . . . . . . . . . . . 32

Configuring Gigabit Ethernet Interfaces (J-Web Procedure) . . . . . . . . . . . . . . . . . 35

Port Role Configuration with the J-Web Interface (with CLI References) . . . . . . . . 41

Adding a Logical Unit Description to the Configuration . . . . . . . . . . . . . . . . . . . . . 45

Disabling a Physical Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

Disabling a Logical Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Configuring Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Configuring the Interface Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

Configuring the Interface Bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

Configuring the Media MTU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

Default Route Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

When to Enable Unicast RPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

When Not to Enable Unicast RPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Limitations of the Unicast RPF Implementation on EX3200, EX4200, and

EX4300 Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

IP Directed Broadcast for EX Series Switches Overview . . . . . . . . . . . . . . . . . 23

IP Directed Broadcast Implementation for EX Series Switches . . . . . . . . . . . 23

When to Enable IP Directed Broadcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

When Not to Enable IP Directed Broadcast . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Configuring VLAN Options and Interface Mode . . . . . . . . . . . . . . . . . . . . . . . . 32

Configuring the Link Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Configuring the IP Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Example: Disabling a Physical Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Configuring Interface IPv4 Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

Operational Behavior of Interfaces when the Same IPv4 Address is

Assigned to Them . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50

Configuring Interface IPv6 Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51

Media MTU Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

How to Configure the Media MTU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55

Encapsulation Overhead by Encapsulation Type . . . . . . . . . . . . . . . . . . . . . . 56

Media MTU Sizes by Interface Type for M5 and M7i Routers with CFEB, M10

and M10i Routers with CFEB, and M20 and M40 Routers . . . . . . . . . . . . 57

Media MTU Sizes by Interface Type for M40e Routers . . . . . . . . . . . . . . . . . . 57

Media MTU Sizes by Interface Type for M160 Routers . . . . . . . . . . . . . . . . . . 59

Media MTU Sizes by Interface Type for M7i Routers with CFEB-E, M10i

Routers with CFEB-E, and M320 and M120 Routers . . . . . . . . . . . . . . . . 59

Media MTU Sizes by Interface Type for MX Series Routers . . . . . . . . . . . . . . . 60

Media MTU Sizes by Interface Type for T320 Routers . . . . . . . . . . . . . . . . . . . 61

Media MTU Sizes by Interface Type for T640 Platforms . . . . . . . . . . . . . . . . . 61

Media MTU Sizes by Interface Type for J2300 Platforms . . . . . . . . . . . . . . . . 62

Media MTU Sizes by Interface Type for J4300 and J6300 Platforms . . . . . . . 62

Media MTU Sizes by Interface Type for J4350 and J6350 Platforms . . . . . . . 63

Page 5

Table of Contents

Media MTU Sizes by Interface Type for EX Series Switches and ACX Series

Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

Media MTU Sizes by Interface Type for PTX Series Packet Transport

Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

Setting the Protocol MTU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

Interface Ranges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

Configuring Interface Ranges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67

Expanding Interface Range Member and Member Range Statements . . . . . 69

Configuration Inheritance for Member Interfaces . . . . . . . . . . . . . . . . . . . . . . 70

Member Interfaces Inheriting Configuration from Configuration Groups . . . . . 71

Interfaces Inheriting Common Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 73

Configuring Inheritance Range Priorities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

Configuration Expansion Where Interface Range Is Used . . . . . . . . . . . . . . . . 73

Configuring Accounting for the Physical Interface . . . . . . . . . . . . . . . . . . . . . . . . . 74

Applying an Accounting Profile to the Physical Interface . . . . . . . . . . . . . . . . 75

Example: Applying an Accounting Profile to the Physical Interface . . . . . 75

Configuring Accounting for the Logical Interface . . . . . . . . . . . . . . . . . . . . . . . . . . 76

Applying an Accounting Profile to the Logical Interface . . . . . . . . . . . . . . . . . 76

Example: Applying an Accounting Profile to the Logical Interface . . . . . 76

Configuring Ethernet Loopback Capability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Configuring Gratuitous ARP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78

Configuring Static ARP Table Entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79

Example: Configuring Static ARP Table Entries . . . . . . . . . . . . . . . . . . . . . . . . 79

Disabling the Transmission of Redirect Messages on an Interface . . . . . . . . . . . . 80

Configuring Restricted and Unrestricted Proxy ARP . . . . . . . . . . . . . . . . . . . . . . . 80

Enabling or Disabling SNMP Notifications on Logical Interfaces . . . . . . . . . . . . . . 81

Configuring Aggregated Ethernet Links (CLI Procedure) . . . . . . . . . . . . . . . . . . . . 82

Configuring Aggregated Ethernet Interfaces (J-Web Procedure) . . . . . . . . . . . . . 83

Configuring Aggregated Ethernet LACP (CLI Procedure) . . . . . . . . . . . . . . . . . . . . 86

Configuring LACP Link Protection of Aggregated Ethernet Interfaces (CLI

Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

Configuring LACP Link Protection at the Global Level . . . . . . . . . . . . . . . . . . 88

Configuring LACP Link Protection at the Aggregated Interface Level . . . . . . . 88

Configuring Aggregated Ethernet Link Protection . . . . . . . . . . . . . . . . . . . . . . . . . 89

Configuring Link Protection for Aggregated Ethernet Interfaces . . . . . . . . . . 89

Configuring Primary and Backup Links for Link Aggregated Ethernet

Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89

RevertingTrafficto a Primary Link WhenTraffic is Passing Through aBackup

Link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Disabling Link Protection for Aggregated Ethernet Interfaces . . . . . . . . . . . . 90

Configuring Aggregated Ethernet Link Speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90

Configuring Aggregated Ethernet Minimum Links . . . . . . . . . . . . . . . . . . . . . . . . . 92

Configuring Energy Efficient Ethernet on Interfaces (CLI Procedure) . . . . . . . . . . 93

Enabling EEE on an EEE-Capable Base-T Copper Ethernet Port . . . . . . . . . . 93

Disabling EEE on a Base-T Copper Ethernet Port . . . . . . . . . . . . . . . . . . . . . . 93

Configuring Local Link Bias (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

Page 6

Network Interfaces for EX4300 Switches

Configuring the Fields in the Algorithm Used To Hash LAG Bundle and ECMP

Configuring Tagged Aggregated Ethernet Interfaces . . . . . . . . . . . . . . . . . . . . . . . 96

Configuring a Layer 3 Subinterface (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . 97

Configuring Unicast RPF (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

Disabling Unicast RPF (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99

Configuring IP Directed Broadcast (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . 100

Tracing Operations of an Individual Router or Switch Interface . . . . . . . . . . . . . . 101

Tracing Operations of the Interface Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101

Chapter 3 Configuration Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

[edit chassis] Configuration Statement Hierarchy on EX Series Switches . . . . . 105

[edit forwarding-options] Configuration Statement Hierarchy on EX Series

[edit interfaces] Configuration Statement Hierarchy on EX Series Switches . . . 108 [edit interfaces ae] Configuration Statement Hierarchy on EX Series

[edit interfaces et] Configuration Statement Hierarchy on EX Series

[edit interfaces ge] Configuration Statement Hierarchy on EX Series

[edit interfaces interface-range] ConfigurationStatementHierarchyon EX Series

[edit interfaces irb] Configuration Statement Hierarchy on EX Series

Traffic (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

Configuring the Hashing Algorithm to Use Fields in the Layer 2 Header for

Hashing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

Configuring the Hashing Algorithm to Use Fields in the IP Payload for

Hashing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

Configuring the Hashing Algorithm to Use Fields in the IPv6 Payload for

Hashing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

Supported Statements in the [edit chassis] Hierarchy Level . . . . . . . . . . . . 105

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

Supported Subhierarchies in the [edit forwarding-options] Hierarchy

Level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

Unsupported Subhierarchies in the [edit forwarding-options] Hierarchy

Level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Supported Statements in the [edit interfaces ae] Hierarchy Level . . . . . . . . 109

Unsupported Statements in the [edit interfaces ae] Hierarchy Level . . . . . . 113

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

Supported Statements in the [edit interfaces et] Hierarchy Level . . . . . . . . . 114

Unsupported Statements in the [edit interfaces et] Hierarchy Level . . . . . . . 118

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119

Supported Statements in the [edit interfaces ge] Hierarchy Level . . . . . . . . 120

Unsupported Statements in the [edit interfaces ge] Hierarchy Level . . . . . . 124

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

Supported Statements in the [edit interfaces interface-range] Hierarchy

Level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126

Unsupported Statements in the [edit interfaces interface-range] Hierarchy

Level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134

Supported Statements in the [edit interfaces irb] Hierarchy Level . . . . . . . . 134

Unsupported Statements in the [edit interfaces irb] Hierarchy Level . . . . . . 137

Page 7

Table of Contents

[edit interfaces lo] Configuration Statement Hierarchy on EX Series

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

Supported Statements in the [edit interfaces lo] Hierarchy Level . . . . . . . . 138

Unsupported Statements in the [edit interfaces lo] Hierarchy Level . . . . . . 140

[edit interfaces me] Configuration Statement Hierarchy on EX Series

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140

Supported Statements in the [edit interfaces me] Hierarchy Level . . . . . . . . 141

Unsupported Statements in the [edit interfaces me] Hierarchy Level . . . . . 143

[edit interfaces vme] Configuration Statement Hierarchy on EX Series

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144

Supported Statements in the [edit interfaces vme] Hierarchy Level . . . . . . 144

Unsupported Statements in the [edit interfaces vme] Hierarchy Level . . . . 147

[edit interfaces xe] Configuration Statement Hierarchy on EX Series

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147

Supported Statements in the [edit interfaces xe] Hierarchy Level . . . . . . . . 147

Unsupported Statements in the [edit interfaces xe] Hierarchy Level . . . . . . 151

[edit protocols lacp] Configuration Statement Hierarchy on EX Series

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153

Supported Statements in the [edit protocols lacp] Hierarchy Level . . . . . . . 153

Unsupported Statements in the [edit protocols lacp] Hierarchy Level . . . . . 153

802.3ad . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

accounting-profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156

aggregated-devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158

aggregated-ether-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

arp (Interfaces) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160

auto-negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161

bandwidth (Interfaces) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163

broadcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164

chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165

description (Interfaces) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166

device-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167

disable (Interface) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

enhanced-hash-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170

ether-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172

ethernet (Aggregated Devices) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173

eui-64 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173

family . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174

filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180

flow-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181

force-up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182

gratuitous-arp-reply . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182

hash-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183

hold-time (Physical Interface) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

ieee-802-3az-eee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186

inet (enhanced-hash-key) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187

inet6 (enhanced-hash-key) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189

interface (Multichassis Protection) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190

interface-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191

Page 8

Network Interfaces for EX4300 Switches

interface-range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193

lacp (Aggregated Ethernet) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195

lacp (802.3ad) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197

layer2 (enhanced-hash-key) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198

link-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200

link-protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202

link-speed (Aggregated Ethernet) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203

local-bias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204

loopback (Aggregated Ethernet, Fast Ethernet, and Gigabit Ethernet) . . . . . . . 205

member (Interface Ranges) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206

member-range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207

members . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208

mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210

native-vlan-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213

no-gratuitous-arp-request . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214

no-redirects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214

periodic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

preferred . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216

primary (Address on Interface) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217

proxy-arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218

rpf-check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219

speed (Ethernet) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220

traceoptions (Individual Interfaces) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221

traceoptions (Interface Process) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223

transmit-interval (Liveness Detection) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224

traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225

unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226

vlan (802.1Q Tagging) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227

vlan-id (VLAN Tagging and Layer 3 Subinterfaces) . . . . . . . . . . . . . . . . . . . . . . . 228

vlan-tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

Part 3 Administration

Chapter 4 Routine Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233

Monitoring Interface Status and Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233

Verifying the Status of a LAG Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234

Verifying That EEE Is Saving Energy on Configured Ports . . . . . . . . . . . . . . . . . . . 235

VerifyingThat LACP IsConfiguredCorrectlyand Bundle Members Are Exchanging

Verifying That Layer 3 Subinterfaces Are Working . . . . . . . . . . . . . . . . . . . . . . . . 238

Verifying Unicast RPF Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239

Verifying IP Directed Broadcast Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241

Chapter 5 Operational Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243

monitor interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244

request diagnostics tdr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252

show diagnostics tdr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254

show forwarding-options enhanced-hash-key . . . . . . . . . . . . . . . . . . . . . . . . . . 259

LACP Protocol Packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237

Verifying the LACP Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237

Verifying That LACP Packets Are Being Exchanged . . . . . . . . . . . . . . . . . . . . 237

Page 9

Table of Contents

show interfaces diagnostics optics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262

show interfaces ge- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276

show interfaces irb . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288

show interfaces me0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294

show interfaces queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301

show interfaces xe- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307

show lacp interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321

test interface restart-auto-negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326

Part 4 Troubleshooting

Chapter 6 Troubleshooting Procedures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329

Troubleshooting an Aggregated Ethernet Interface . . . . . . . . . . . . . . . . . . . . . . . 329

Show Interfaces Command Shows the LAG is Down . . . . . . . . . . . . . . . . . . 329

Logical Interface Statistics Do Not Reflect All Traffic . . . . . . . . . . . . . . . . . . 329

IPv6 Interface Traffic Statistics Are Not Supported . . . . . . . . . . . . . . . . . . . 330

SNMP Counters ifHCInBroadcastPkts and ifInBroadcastPkts Are Always

0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330

Troubleshooting Interface Configuration and Cable Faults . . . . . . . . . . . . . . . . . 330

Interface Configuration or Connectivity Is Not Working . . . . . . . . . . . . . . . . 330

Troubleshooting Unicast RPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331

Legitimate Packets Are Discarded . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331

Diagnosing a Faulty Twisted-Pair Cable (CLI Procedure) . . . . . . . . . . . . . . . . . . . 332

Page 10

Network Interfaces for EX4300 Switches

Page 11

List of Figures

Part 1 Overview

Chapter 1 Interfaces Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Figure 1: Egress Traffic Flow with Local Link Bias . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Figure 2: Egress Traffic Flow without Local Link Bias . . . . . . . . . . . . . . . . . . . . . . . . 17

Figure 3: Symmetrically Routed Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

Figure 4: Asymmetrically Routed Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

Page 12

Network Interfaces for EX4300 Switches

Page 13

List of Tables

About the Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv

Table 1: Notice Icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii

Table 2: Text and Syntax Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii

Part 1 Overview

Chapter 1 Interfaces Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Table 3: Network Interface Types and Purposes . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Table 4: Special Interface Types and Purposes . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Table 5: Maximum Interfaces per LAG and Maximum LAGs per Switch . . . . . . . . . 9

Table 6: IPv4 and IPv6 Hashing Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Table 7: MPLS Hashing Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Table 8: MAC-in-MAC Hashing Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Table 9: Layer 2 Header Hashing Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Part 2 Configuration

Chapter 2 Configuration Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Table 10: Factory Default Configuration Link Settings for EX Series Switches . . . . 33

Table 11: Port Edit Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Table 12: Recommended CoS Settings for Port Roles . . . . . . . . . . . . . . . . . . . . . . 40

Table 13: Port Role Configuration Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Table 14: Recommended CoS Settings for Port Roles . . . . . . . . . . . . . . . . . . . . . . 44

Table 15: Encapsulation Overhead by Encapsulation Type . . . . . . . . . . . . . . . . . . 56

Table 16: Media MTU Sizes by Interface Type for M5 and M7i Routers with CFEB,

Table 17: Media MTU Sizes by Interface Type for M40e Routers . . . . . . . . . . . . . . . 57

Table 18: Media MTU Sizes by Interface Type for M160 Routers . . . . . . . . . . . . . . 59

Table 19: Media MTU Sizes by Interface Type for M7i Routers with CFEB-E, M10i

Table 20: Media MTU Sizes by Interface Type for MX Series Routers . . . . . . . . . . 60

Table 21: Media MTU Sizes by Interface Type for T320 Routers . . . . . . . . . . . . . . . 61

Table 22: Media MTU Sizes by Interface Type for T640 Platforms . . . . . . . . . . . . . 61

Table 23: Media MTU Sizes by Interface Type for J2300 Platforms . . . . . . . . . . . . 62

Table 24: Media MTU Sizes by Interface Type for J4300 and J6300

Table 25: Media MTU Sizes by Interface Type for J4350 and J6350

Table 26: Media MTU Sizes by Interface Type for EX Series Switches and ACX

M10 and M10i Routers with CFEB, and M20 and M40 Routers . . . . . . . . . . . . 57

Routers with CFEB-E, and M320 and M120 Routers . . . . . . . . . . . . . . . . . . . . 59

Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62

Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Series Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

Page 14

Network Interfaces for EX4300 Switches

Table 27: Media MTU Sizes by Interface Type for PTX Series Packet Transport

Table 28: Aggregated Ethernet Interface Options . . . . . . . . . . . . . . . . . . . . . . . . . 84

Table 29: VLAN Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

Table 30: IP Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

Chapter 3 Configuration Statements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

Table 31: Unsupported [edit forwarding-options] Subhierarchies on EX Series

Table 32: Unsupported [edit interfaces ae] Configuration Statements for EX

Table 33: Unsupported [edit interfaces et] Configuration Statements for EX

Table 34: Unsupported [edit interfaces ge] Configuration Statements for EX

Table 35: Unsupported [edit interfaces interface-range] Configuration

Table 36: Unsupported [edit interfaces irb] Configuration Statements for EX

Table 37: Unsupported [edit interfaces lo] Configuration Statements for EX

Table 38: Unsupported [edit interfaces me] Configuration Statements for EX

Table 39: Unsupported [edit interfaces xe] Configuration Statements for EX

Table 40: Protocol Families and Supported Interface Types . . . . . . . . . . . . . . . . 178

Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107

Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113

Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124

Statements for EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129

Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140

Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143

Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

Part 3 Administration

Chapter 5 Operational Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243

Table 41: Output Control Keys for the monitor interface Command . . . . . . . . . . 244

Table 42: Output Control Keys for the monitor interface traffic Command . . . . 245

Table 43: monitor interface Output Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246

Table 44: request diagnostics tdr Output Fields . . . . . . . . . . . . . . . . . . . . . . . . . . 253

Table 45: show diagnostics tdr Output Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255

Table 46: show forwarding-options enhanced-hash-key Output Fields . . . . . . . 259

Table 47: show interfaces diagnostics optics Output Fields . . . . . . . . . . . . . . . . 262

Table 48: show interfaces ge- Output Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277

Table 49: show interfaces irb Output Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288

Table 50: show interfaces me0 Output Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . 294

Table 51: show interfaces queue Output Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . 301

Table 52: show interfaces xe- Output Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308

Table 53: show lacp interfaces Output Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322

Page 15

About the Documentation

•

Documentation and Release Notes on page xv

•

Supported Platforms on page xv

•

Using the Examples in This Manual on page xv

•

Documentation Conventions on page xvii

•

Documentation Feedback on page xix

•

Requesting Technical Support on page xix

Documentation and Release Notes

To obtain the most current version of all Juniper Networks®technical documentation, see the product documentation page on the Juniper Networks website at

http://www.juniper.net/techpubs/.

If the information in the latest release notes differs from the information in the documentation, follow the product Release Notes.

Juniper Networks Books publishes books by Juniper Networks engineers and subject matter experts. These books go beyond the technical documentation to explore the nuances of network architecture, deployment, and administration. The current list can be viewed at http://www.juniper.net/books.

Supported Platforms

For the features described in this document, the following platforms are supported:

•

EX Series

Using the Examples in This Manual

If you want to use the examples in this manual, you can use the load merge or the load

merge relative command. These commands cause the software to merge the incoming

configuration into the current candidate configuration. The example does not become active until you commit the candidate configuration.

If the example configuration contains the top level of the hierarchy (or multiple hierarchies), the example is a full example. In this case, use the load merge command.

Page 16

Network Interfaces for EX4300 Switches

If the example configuration does not start at the top level of the hierarchy, the example is a snippet. In this case, use the load merge relative command. These procedures are described in the following sections.

Merging a Full Example

To merge a full example, follow these steps:

1. From the HTML or PDF version of the manual, copy a configuration example into a

text file, save the file with a name, and copy the file to a directory on your routing platform.

For example, copythe following configuration to a fileand namethe fileex-script.conf. Copy the ex-script.conf file to the /var/tmp directory on your routing platform.

system {

scripts {

commit {

file ex-script.xsl;

}

} interfaces {

fxp0 {

disable; unit 0 {

family inet {

address 10.0.0.1/24;

}

Merging a Snippet

2. Merge the contents of the file into your routing platform configuration by issuing the

load merge configuration mode command:

[edit] user@host# load merge /var/tmp/ex-script.conf load complete

To merge a snippet, follow these steps:

1. From the HTML or PDF version of the manual, copy a configuration snippet into a text

file, save the file with a name, and copy the file to a directory on your routing platform.

For example, copy the following snippet to a file and name the file

ex-script-snippet.conf. Copy the ex-script-snippet.conf file to the /var/tmp directory

on your routing platform.

commit {

file ex-script-snippet.xsl; }

2. Move to the hierarchy level that is relevant for this snippet by issuing the following

configuration mode command:

Page 17

[edit] user@host# edit system scripts [edit system scripts]

3. Merge the contents of the file into your routing platform configuration by issuing the

load merge relative configuration mode command:

[edit system scripts] user@host# load merge relative /var/tmp/ex-script-snippet.conf load complete

For more information about the load command, see the CLI User Guide.

Documentation Conventions

Table 1 on page xvii defines notice icons used in this guide.

Table 1: Notice Icons

About the Documentation

DescriptionMeaningIcon

Table 2 on page xvii defines the text and syntax conventions used in this guide.

Table 2: Text and Syntax Conventions

Indicates important features or instructions.Informational note

Indicates a situation that might result in loss of data or hardware damage.Caution

Alerts you to the risk of personal injury or death.Warning

Alerts you to the risk of personal injury from a laser.Laser warning

Indicates helpful information.Tip

Alerts you to a recommended use or implementation.Best practice

ExamplesDescriptionConvention

Represents text that you type.Bold text like this

To enter configuration mode, type the configure command:

user@host> configure

Page 18

Network Interfaces for EX4300 Switches

Table 2: Text and Syntax Conventions (continued)

ExamplesDescriptionConvention

Fixed-width text like this

Italic text like this

Text like this

| (pipe symbol)

Represents output that appears on the terminal screen.

•

Introduces or emphasizes important new terms.

•

Identifies guide names.

•

Identifies RFC and Internet draft titles.

Represents variables (options for which you substitute a value) in commands or configuration statements.

Represents names of configuration statements, commands, files, and directories;configurationhierarchylevels; or labels on routing platform components.

Indicates a choice between the mutually exclusivekeywords or variables on either side of the symbol. The set of choices is often enclosed in parentheses for clarity.

user@host> show chassis alarms

No alarms currently active

•

A policy term is a named structure that defines match conditions and actions.

•

Junos OS CLI User Guide

•

RFC 1997, BGP Communities Attribute

Configure the machine’s domain name:

[edit] root@# set system domain-name

domain-name

•

To configure a stub area, include the

stub statement at the [edit protocols ospf area area-id] hierarchy level.

•

The console port islabeled CONSOLE.

stub <default-metric metric>;Encloses optional keywords or variables.< > (angle brackets)

broadcast | multicast

(string1 | string2 | string3)

# (pound sign)

[ ] (square brackets)

Indention and braces ( { } )

; (semicolon)

GUI Conventions

Bold text like this

same lineas the configuration statement to which it applies.

Encloses a variable for which you can substitute one or more values.

Identifies a level in the configuration hierarchy.

Identifies a leaf statement at a configuration hierarchy level.

Representsgraphicaluser interface (GUI) items you click or select.

rsvp { # Required for dynamic MPLS onlyIndicates a comment specified on the

community name members [ community-ids ]

[edit] routing-options {

static {

route default {

nexthop address; retain;

}

•

In the Logical Interfaces box, select

All Interfaces.

•

To cancel the configuration, click

Cancel.

Page 19

Table 2: Text and Syntax Conventions (continued)

About the Documentation

ExamplesDescriptionConvention

> (bold right angle bracket)

Documentation Feedback

We encourage you to provide feedback, comments, and suggestions so that we can improve the documentation. You can provide feedback by using either of the following methods:

•

Online feedback rating system—On any page at the Juniper Networks Technical Documentation site at http://www.juniper.net/techpubs/index.html, simply click the stars to rate the content, and use the pop-upform to provideus withinformation about your experience. Alternately, you can use the online feedback form at

https://www.juniper.net/cgi-bin/docbugreport/.

•

E-mail—Sendyour comments to techpubs-comments@juniper.net. Include the document or topic name, URL or page number, and software version (if applicable).

Requesting Technical Support

Technical product supportis available throughthe JuniperNetworks Technical Assistance Center (JTAC). If you are a customer with an active J-Care or JNASC support contract, or are covered under warranty, and need post-sales technical support, you can access our tools and resources online or open a case with JTAC.

Separates levels in a hierarchy of menu selections.

In the configuration editor hierarchy, select Protocols>Ospf.

•

JTAC policies—For a complete understanding of our JTAC procedures and policies, review the JTAC User Guide located at

http://www.juniper.net/us/en/local/pdf/resource-guides/7100059-en.pdf.

•

Product warranties—For product warranty information, visit

http://www.juniper.net/support/warranty/.

•

JTAC hours of operation—The JTAC centers have resources available 24 hours a day, 7 days a week, 365 days a year.

Self-Help Online Tools and Resources

For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features:

•

Find CSC offerings: http://www.juniper.net/customers/support/

•

Search for known bugs: http://www2.juniper.net/kb/

•

Find product documentation: http://www.juniper.net/techpubs/

•

Find solutions and answer questions using our Knowledge Base: http://kb.juniper.net/

Page 20

Network Interfaces for EX4300 Switches

•

Download the latest versions of software and review release notes:

http://www.juniper.net/customers/csc/software/

•

Search technical bulletins for relevant hardware and software notifications:

http://kb.juniper.net/InfoCenter/

•

Join and participate in the Juniper Networks Community Forum:

http://www.juniper.net/company/communities/

•

Open a case online in the CSC Case Management tool: http://www.juniper.net/cm/

To verifyservice entitlement by product serial number, use our SerialNumber Entitlement (SNE) Tool: https://tools.juniper.net/SerialNumberEntitlementSearch/

Opening a Case with JTAC

You can open a case with JTAC on the Web or by telephone.

•

Use the Case Management tool in the CSC at http://www.juniper.net/cm/.

•

Call 1-888-314-JTAC (1-888-314-5822 toll-free in the USA, Canada, and Mexico).

For international or direct-dial options in countries without toll-free numbers, see

http://www.juniper.net/support/requesting-support.html.

Page 21

PART 1

Overview

•

Interfaces Overview on page 3

Page 22

Network Interfaces for EX4300 Switches

Page 23

CHAPTER 1

Interfaces Overview

•

EX Series Switches Interfaces Overview on page 3

•

Understanding Interface Naming Conventions on EX Series Switches on page 6

•

Understanding Aggregated Ethernet Interfaces and LACP on page 8

•

Understanding the Algorithm Used to Hash LAG Bundle and Egress Next-Hop ECMP Traffic on page 11

•

Understanding How Energy Efficient Ethernet Reduces Power Consumption on Interfaces on page 16

•

Understanding Local Link Bias on page 16

•

Understanding Layer 3 Subinterfaces on page 18

•

Understanding Unicast RPF on page 19

•

Understanding IP Directed Broadcast for EX Series Switches on page 23

•

Understanding Interface Ranges on EX Series Switches on page 24

•

802.1Q VLANs Overview on page 26

EX Series Switches Interfaces Overview

Juniper Networks EX Series Ethernet Switches have two types of interfaces: network interfaces and special interfaces. This topic provides brief information about these interfaces. For additional information, see the Junos OS Interfaces Fundamentals

Configuration Guide.

For information about interface-naming conventions on EX Series switches, see

“Understanding Interface Naming Conventions on EX Series Switches” on page 6.

This topic describes:

•

Network Interfaces on page 3

•

Special Interfaces on page 4

Network Interfaces

Network interfaces connect to the network and carry network traffic. Table 3 on page 4 lists the types of network interfaces supported on EX Series switches.

Page 24

Network Interfaces for EX4300 Switches

Table 3: Network Interface Types and Purposes

PurposeType

Aggregated Ethernet interfaces

All EX Series switches allow you to group Ethernet interfaces at the physical layer to form a single link layer interface, also known as a link aggregation group (LAG) or bundle. These aggregated Ethernet interfaces help to balance traffic and increase the uplink bandwidth.

LAN access interfaces

Power over Ethernet (PoE) interfaces

Trunk interfaces

Use these EX Series switch interfaces to connect a personal computer, laptop, file server, or printer to the network. When you power on an EX Series switch and use the factory-default configuration, the software automatically configures interfaces in access mode for each of the network ports. The default configuration also enables autonegotiation for both speed and link mode.

EX Series switches provide PoE network ports with various switch models. These ports can be used to connect voice over IP (VoIP) telephones, wireless access points, video cameras, and point-of-sale devices to safely receive power from the same access ports that are used to connect personal computers to thenetwork.PoE interfaces areenabled by default in thefactory configuration.

EX Series access switches can be connected to a distribution switch or customer-edge (CE) switches or routers. To use a port for this type of connection, you must explicitly configure the network interface for trunk mode. The interfaces from the distribution switch or CE switch to the access switches must also be configured for trunk mode.

Special Interfaces

Table 4 on page 4 lists the types of special interfaces supported on EX Series switches.

Table 4: Special Interface Types and Purposes

PurposeType

Console port

Each EX Series switch has a serial port, labeled CON or CONSOLE, for connecting tty-type terminals to the switch using standard PC-type tty cables. The console port does not have a physical address or IP address associated with it. However, it is an interface in the sense that it provides access to the switch. On an EX3300 Virtual Chassis, an EX4200 Virtual Chassis, or an EX4500Virtual Chassis, you canaccessthe master and configure all members of the Virtual Chassis through any member's console port. For more information about the console port in a Virtual Chassis, see Understanding Global Management of a Virtual Chassis.

Loopback

Management interface

All EX Series switches have this software-only virtual interface that is always up. The loopback interface provides a stable and consistent interface and IP address on the switch.

The Juniper Networks Junos operatingsystem (Junos OS) for EX Series switches automatically createsthe switch's management Ethernet interface, me0. The management Ethernet interface provides an out-of-band method for connecting to the switch. To use me0 as a management port, you must configure its logical port, me0.0, with a valid IP address. You can connect to the management interface over the network using utilities such as SSH or Telnet. SNMP can use the management interface to gather statistics from the switch. (The management interface

me0 is analogous to the fxp0 interfaces on routers running Junos OS.)

Page 25

Table 4: Special Interface Types and Purposes (continued)

PurposeType

Integrated Routing and Bridging (IRB) Interface or Routed VLAN Interface (RVI)

EX Series switches use an integrated routing and bridging (IRB) interface or Routed VLAN Interface (RVI) to route traffic from one broadcast domain to another and to perform other Layer 3 functionssuch astrafficengineering. These functions aretypicallyperformed by a router interface in a traditional network.

The IRB interface or RVI functions as a logical router, eliminating the need for having both a switch and a router. These interfaces must be configured as part of a broadcast domain or virtual private LAN service (VPLS) routing instance for Layer 3 traffic to be routed from.

Chapter 1: Interfaces Overview

Virtual Chassis port (VCP) interfaces

Virtual Chassis ports (VCPs) are used to interconnect switches in a Virtual Chassis:

•

EX3300 switches—Port 2 and port 3 of the SFP+ uplink portsare preconfigured as VCPs and can be used to interconnect up to six EX3300 switches in an EX3300 Virtual Chassis. See Setting an Uplink Port on an EX Series Switch as a Virtual Chassis Port (CLI Procedure).

•

EX4200 and EX4500 switches—Each EX4200 switch or each EX4500 switch with a Virtual Chassis module installed has two dedicated VCPs onits rear panel. These ports can be used to interconnect up to ten EX4200 switches in an EX4200 Virtual Chassis, up to ten EX4500 switches in an EX4500 Virtual Chassis, and up to ten switches in a mixed EX4200 and EX4500 Virtual Chassis. When you power on switches that are interconnected in thismanner, the software automatically configures the VCP interfaces for the dedicated ports that have been interconnected. These VCP interfaces are not configurable or modifiable. See

Understanding the High-Speed Interconnection of the Dedicated Virtual Chassis Ports Connecting EX4200, EX4500, and EX4550 Member Switches.

You can also interconnect EX4200 and EX4500 switches by using uplink module ports. Using uplink ports allows you to connect switches over longer distances than you can by using the dedicated VCPs. To use the uplink ports as VCPs, you must explicitly configure the uplink module ports on the members you want to connect as VCPs. See Setting an Uplink

Port on an EX Series Switch as a Virtual Chassis Port (CLI Procedure) or Setting an Uplink Port as a Virtual Chassis Port on an EX4500 or EX4550 Switch (CLI Procedure).

•

EX4300 switches—All QSFP+ ports are configured as VCPs, by default. See Understanding EX4300 Virtual Chassis

You can also interconnect EX4300 switches into a Virtual Chassis by using SFP+ uplink module ports asVCPs.Using uplinkports as VCPs allowsyou to connect switches over longer distances than you can by using the QSFP+ ports as VCPs. To use the uplink ports as VCPs, you must explicitly configure the uplink module ports on the members you want to connect as VCPs. See Setting an Uplink Port on an EX Series Switch as a Virtual Chassis Port (CLI Procedure).

•

EX8200 switches—EX8200 switches can be connected to an XRE200 External Routing Engine to create an EX8200 Virtual Chassis. The XRE200 External Routing Engine has dedicatedVCPsthat connect to ports onthe internalRouting Engines ofthe EX8200switches and can connect to another XRE200 External Routing Engine for redundancy. These ports require no configuration.

You can also connect twomembers of an EX8200 Virtual Chassis so that they can exchange Virtual Chassis Control Protocol (VCCP) traffic. To do so, you explicitly configure network ports onthe EX8200 switches as VCPs. SeeUnderstanding Virtual Chassis Ports in an EX8200 Virtual Chassis.

Virtual management Ethernet (VME) interface

EX3300, EX4200, EX4300, andEX4500 switches have aVME interface.This is a logical interface that is used for Virtual Chassis configurations and allows you to manage all the members of the Virtual Chassis through the master. For more information about the VME interface, see Understanding Global Management of a Virtual Chassis.

EX8200 switches do not use a VME interface. An EX8200 Virtual Chassis is managed through the management Ethernet (me0) interface on the XRE200 External Routing Engine.

Page 26

Network Interfaces for EX4300 Switches

Documentation

EX2200 Switches Hardware Overview•

• EX3200 Switches Hardware Overview

• EX3300 Switches Hardware Overview

• EX4200 Switches Hardware Overview

• EX4300 Switches Hardware Overview

• EX4500 Switches Hardware Overview

• EX6210 Switch Hardware Overview

• EX8208 Switch Hardware Overview

• EX8216 Switch Hardware Overview

• XRE200 External Routing Engine Hardware Overview

• Understanding PoE on EX Series Switches

• Understanding Aggregated Ethernet Interfaces and LACP on page 8

• Understanding Layer 3 Subinterfaces on page 18

Understanding Interface Naming Conventions on EX Series Switches

Juniper Networks EX Series Ethernet Switches use a naming convention for defining the interfaces that is similar to that of other platforms running under Juniper Networks Junos operating system (Junos OS). This topic provides brief information about the naming conventions used for interfaces on EX Series switches. For additional information, see the Junos OS Network Interfaces Configuration Guide.

This topic describes:

•

Physical Part of an Interface Name on page 6

•

Logical Part of an Interface Name on page 8

•

Wildcard Characters in Interface Names on page 8

Physical Part of an Interface Name

Network interfaces in Junos OS are specified as follows:

type-fpc / pic / port

EX Series switches apply this convention as follows:

•

type—EX Series interfaces use the following media types:

•

ge—Gigabit Ethernet interface

•

xe—10 Gigabit Ethernet interface

Page 27

Chapter 1: Interfaces Overview

•

et—40 Gigabit Ethernet interface

•

fpc—Flexible PIC Concentrator. EX Series interfaces use the following convention for the FPC number in interface names:

•

On anEX2200 switch, an EX3200switch, a standaloneEX3300 switch, a standalone EX4200 switch, a standalone EX4300 switch, a standalone EX4500, and a standalone EX4550 switch, FPC refers to the switch itself. The FPC number is 0 by default on these switches.

•

On anEX3300 Virtual Chassis, an EX4200Virtual Chassis, an EX4300Virtual Chassis, an EX4500 Virtual Chassis, an EX4550 Virtual Chassis, or a mixed Virtual Chassis, the FPC number indicates the member ID of the switch in the Virtual Chassis.

•

On an EX6200 switch and a standalone EX8200 switch, the FPC number indicates the slot number of the line card that contains the physical interface. On an EX6200 switch, the FPC number also indicates the slot number of the Switch Fabric and Routing Engine (SRE) module that contains the uplink port.

•

On an EX8200Virtual Chassis, the FPC number indicates the slot number of the line card on the Virtual Chassis. The line card slots on Virtual Chassis member 0 are numbered 0 through 15; on member 1, they are numbered 16 through 31, and so on.

•

pic—EX Series interfaces use the following convention for the PIC (Physical Interface Card) number in interface names:

•

On EX2200, EX3200, EX3300, EX4200, EX4500 switch, and EX4550 switches, the PIC number is 0 for all built-in interfaces (interfaces that are not uplink ports).

•

On EX2200, EX3200, EX3300, and EX4200 switches, the PIC number is 1 for uplink ports.

•

On EX4300 switches, the PIC number is 0 for built-in network ports, 1 for built-in QSFP+ ports (located onthe rearpanel ofthe switch),and 2for uplinkmodule ports.

•

On EX4500 switches, the PIC number is 1 for ports on the left-hand uplink module and 2 for ports on the right-hand uplink module.

•

On EX4550switches, the PIC number is 1for ports in theexpansion module or Virtual Chassis module installed in the module slot on the front panel of the switch and 2 for those in the expansion module or Virtual Chassis module installed in the module slot on the rear panel of the switch.

•

On EX6200 and EX8200 switches, the PIC number is always 0.

•

port—EX Series interfaces use the following convention for port numbers:

•

On EX2200, EX3200, EX3300, EX4200, EX4300, EX4500, and EX4550 switches, built-in network portsare numbered from left to right. On modelsthat have two rows of ports, the ports on the top row start with 0 followed by the remaining even-numbered ports, and the ports on the bottom row start with 1 followed by the remaining odd-numbered ports.

•

Uplink ports in EX2200, EX3200, EX3300, EX4200, EX4300, EX4500, and EX4550 switches are labeled from left to right, starting with 0.

Page 28

Network Interfaces for EX4300 Switches

•

On EX6200and EX8200switches, the networkports are numbered from leftto right on each line card. On line cards that have two rows of ports, the ports on the top row start with 0 followed by the remaining even-numbered ports, and the ports on the bottom row start with 1 followed by the remaining odd-numbered ports.

•

Uplink ports on an SRE module in an EX6200 switch are labeled from left to right, starting with 0.

Logical Part of an Interface Name

The logical unit part of the interface name corresponds to the logical unit number, which can be a number from 0 through 16384. In the virtual part of the name, a period (.) separates the port and logical unit numbers: type-fpc/pic/port.logical-unit-number. For example, if you issue the showethernet-switching interfaces command on a system with a default VLAN, the resulting display shows the logical interfaces associated with the VLAN:

Interface State VLAN members Blocking ge-0/0/0.0 down remote-analyzer unblocked ge-0/0/1.0 down default unblocked ge-0/0/10.0 down default unblocked

Wildcard Characters in Interface Names

In the show interfaces and clear interfaces commands, you can use wildcard characters in the interface-name option to specify groups of interface names without having to type each name individually. You must enclose all wildcard characters except the asterisk (*) in quotation marks (" ").

Documentation

EX Series Switches Interfaces Overview on page 3•

• Configuring Gigabit Ethernet Interfaces (CLI Procedure)

• Configuring Gigabit Ethernet Interfaces (CLI Procedure) on page 32

Understanding Aggregated Ethernet Interfaces and LACP

IEEE 802.3ad link aggregation enables you to group Ethernet interfaces to form a single link layer interface, also known as a link aggregation group (LAG) or bundle.

Aggregating multiple links between physical interfaces creates a single logical point-to-point trunk link or a LAG. The LAG balances traffic across the member links within an aggregated Ethernet bundle and effectively increases the uplink bandwidth. Another advantage of link aggregation is increased availability, because the LAG is composed of multiple member links. If one member link fails, the LAG continues to carry traffic over the remaining links.

Link Aggregation Control Protocol (LACP), a component of IEEE 802.3ad, provides additional functionality for LAGs.

Page 29

This topic describes:

•

Link Aggregation Group (LAG) on page 9

•

Link Aggregation Control Protocol (LACP) on page 10

Link Aggregation Group (LAG)

You configure a LAG by specifying the link number as a physical device and then associating a set of interfaces (ports) with the link. Allthe interfaces must have the same speed and be in full-duplex mode. Juniper Networks Junos operating system (Junos OS) for EX Series Ethernet Switches assigns a unique ID and port priority to each interface. The ID and priority are not configurable.

The number of interfaces that can be grouped into a LAG and the total number of LAGs supported on a switch varies according to switch model. Table 5 on page 9 lists the EX Series switches and the maximum number of interfaces per LAG and the maximum number of LAGs they support. MX Series devices can support up to 64 LAGs.

Table 5: Maximum Interfaces per LAG and Maximum LAGs per Switch

Chapter 1: Interfaces Overview

Chassis

Chassis, EX4550, andEX4550 Virtual Chassis

Maximum Interfaces per LAGSwitch

Maximum LAGs

328EX2200

328EX3200

1118EX3300 and EX3300 Virtual

1118EX4200 and EX4200 Virtual

11216EX4300 and EX4300 Virtual

1118EX4500, EX4500 Virtual

1118EX6200

25512EX8200

23912EX8200 Virtual Chassis

When configuring LAGs, consider the following guidelines:

•

You must configure the LAG on both sides of the link.

•

You must set the interfaces on either side of the link to the same speed.

•

You can configure and apply firewall filters on a LAG.

Page 30

Network Interfaces for EX4300 Switches

•

You can optionally configure LACP for link negotiation.

•

You can optionally configure LACP for link protection.

You can combine physical Ethernet ports belonging to different member switches of a Virtual Chassis configuration to form a LAG. See Understanding EX Series Virtual Chassis Port Link Aggregation and Understanding Link Aggregation in an EX8200 Virtual Chassis.

A LAG hashing algorithm determineshow traffic entering a LAGis placed onto the bundle’s member links. The LAG hashing algorithm tries to manage bandwidth by evenly load-balancing all incoming traffic across the member links in the bundle. You can configure the fields used by the LAG hashing algorithm on some EX series switches. See

“Configuring the Fields in the Algorithm Used To Hash LAG Bundle and ECMP Traffic (CLI Procedure)” on page 94.

NOTE: The interfaces that are included within a LAG are sometimes referred

to as member interfaces. Do not confuse this term with member switches, which refers to switches that are interconnected as a Virtual Chassis. It is possible to create a LAG that is composed of member interfaces that are located in different member switches of a Virtual Chassis.

A LAG creates a single logical point-to-point connection. A typical deployment for a LAG would be to aggregate trunk links between an access switch and a distribution switch or customer edge (CE) router.

Link Aggregation Control Protocol (LACP)

When LACP is configured, it detects misconfigurations on the local end or the remote end of the link. Thus, LACP can help prevent communication failure:

•

When LACP is not enabled, a local LAG might attempt to transmit packets to a remote single interface, which causes the communication to fail.

•

When LACP is enabled, a local LAG cannot transmit packets unless a LAG with LACP is also configured on the remote end of the link.

By default, Ethernet links do not exchange LACP protocol data units (PDUs), which contain information aboutthe state of thelink. You canconfigure Ethernet linksto actively transmit LACP PDUs, or you can configure the links to passively transmit them, sending out LACP PDUs only when the Ethernet link receives them from the remote end. The transmitting link is known as the actor and the receiving link is known as the partner.

In a scenario where a dual-homed server is deployed with a switch, the network interface cards form a LAG with the switch. During a server upgrade, the server might not be able to exchange LACP PDUs. In such a situation, you can configure an interface to be in the

up state even if no PDUs are exchanged. Use the force-up statement to configure an

interfacewhen the peer has limited LACP capability. The interface selects the associated LAG by default, whether the switch and peer are both in active or passive mode. When PDUs are not received, the partner is considered to be working in the passive mode. Therefore, LACP PDU transmissions are controlled by the transmitting link.

Page 31

Chapter 1: Interfaces Overview

If the remote end of the LAG link is a security device, LACP might not be supported because security devices require a deterministic configuration. In such a scenario, do not configure LACP. All linksin theLAG are permanently operational unless the switch detects a link failure within the Ethernet physical layer or data link layers.

Documentation

Understanding EX Series Virtual Chassis Port Link Aggregation•

• Understanding Link Aggregation in an EX8200 Virtual Chassis

• Understanding Redundant Trunk Links

• Configuring Aggregated Ethernet Links (CLI Procedure) on page 82

• Configuring Aggregated Ethernet LACP (CLI Procedure) on page 86

• Configuring LACP Link Protection of Aggregated Ethernet Interfaces (CLI Procedure)

on page 87

• Junos OS Network Interfaces Configuration Guide

Understanding the Algorithm Used to Hash LAG Bundle and Egress Next-Hop ECMP Traffic

Juniper Networks EX Series and QFX Series use a hashing algorithm to determine how to forward traffic over a link aggregation group (LAG) bundle or to the next-hop device when equal-cost multipath (ECMP) is enabled.

The hashing algorithm makes hashing decisions based on values in various packet fields, as well as on some internal values like source port ID and source device ID. You can configure some of the fields that are used by the hashing algorithm.

This topic contains the following sections:

•

Understanding the Hashing Algorithm on page 11

•

IP (IPv4 and IPv6) on page 12

•

MPLS on page 14

•

MAC-in-MAC Packet Hashing on page 15

•

Layer 2 Header Hashing on page 15

Understanding the Hashing Algorithm

The hashing algorithm is used to make traffic-forwarding decisions for traffic entering a LAG bundle or for traffic exiting a switch when ECMP is enabled.

For LAG bundles, the hashing algorithm determines how traffic entering a LAG bundle is placedonto thebundle’smember links. The hashing algorithm tries tomanage bandwidth by evenly load-balancing all incoming traffic across the member links in the bundle.

For ECMP, the hashing algorithm determines how incoming traffic is forwarded to the next-hop device.

Page 32

Network Interfaces for EX4300 Switches

The hashing algorithm makes hashing decisions based on values in various packet fields, as well as on some internal values like source port ID and source device ID. The packet fields used by the hashing algorithm varies by the packet’s EtherType and, in some instances, by the configuration on the switch. The hashing algorithm recognizes the following EtherTypes:

•

IP (IPv4 and IPv6)

•

MPLS

•

MAC-in-MAC

Traffic that is not recognized as belonging to any of these EtherTypes is hashed based on the Layer 2 header. IP and MPLS traffic are also hashed based on the Layer 2 header when a user configures the hash mode as Layer 2 header.

You can configure some fields that are used by the hashing algorithm to make traffic forwarding decisions. You cannot, however, configure how certain values within a header are used by the hashing algorithm.

Note the following points regarding the hashing algorithm:

IP (IPv4 and IPv6)

•

The fields selected for hashing are based on the packet type only. The fields are not based on any other parameters, including forwarding decision (bridged or routed) or egress LAG bundle configuration (Layer 2 or Layer 3).

•

The same fields are used for hashing unicast and multicast packets. Unicast and multicast packets are, however, hashed differently.

•

The same fields are used by the hashing algorithm to hash ECMP and LAG traffic, but the hashing algorithm hashes ECMP and LAG traffic differently. The different hashing ensures that traffic is not polarized when a LAG bundle is part of the ECMP next-hop path.

•

The same fields are used for hashing regardless of whether the switch is or is not participating in a mixed or non-mixed Virtual Chassis or Virtual Chassis Fabric (VCF).

The fields used for hashing by each EtherType as well as the fields used by the Layer 2 header are discussed in the following sections.

Payload fields in IPv4 and IPv6 packets are used by the hashing algorithm when IPv4 or IPv6 packets need to be placed onto a member link in a LAG bundle or sent to the next-hop device when ECMP is enabled.

The hash mode is set to Layer 2 payload field, by default. IPv4 and IPv6 payload fields are used for hashing when the hash mode is set to Layer 2 payload.

If the hashmode isconfiguredto Layer 2 header, IPv4,IPv6,and MPLSpackets arehashed using theLayer 2 header fields. Ifyou want incoming IPv4, IPv6, andMPLS packets hashed by the source MAC address, destination MAC address, or EtherType fields, you must set the hash mode to Layer 2 header.

Page 33

Chapter 1: Interfaces Overview

Table 6 on page 13 displays the IPv4 and IPv6 payload fields that are used by the hashing

algorithm, by default.

•

✓—Field is used by the hashing algorithm, by default.

•

Χ—Field is not used by the hashing algorithm, by default.

•

(configurable)—Field canbe configured to beused ornot usedby the hashing algorithm.

Table 6: IPv4 and IPv6 Hashing Fields

QFX5100EX4300Fields

ECMPLAGECMPLAG

ΧΧΧΧSource MAC

ΧΧΧΧDestination MAC

ΧΧΧΧEtherType

VLAN ID

Source IP or IPv6

Destination IP or IPv6

Protocol (IPv4 only)

Next header (IPv6 only)

Layer 4 Source Port

Layer 4 Destination Port

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

✓

(configurable)

ΧΧΧΧIPv6 Flow label (IPv6 only)

Page 34

Network Interfaces for EX4300 Switches

MPLS

The hashing algorithm hashes MPLS packets using the source IP, destination IP, MPLS label 0, MPLS label 1, and MPLS label 2 fields. See Table 7 on page 14.

The fields used by the hashing algorithm for MPLS packet hashing are not user-configurable.

•

✓—Field is used by the hashing algorithm, by default.

•

Χ—Field is not used by the hashing algorithm, by default.

The source IPand destinationIP fields are notalways used for hashing. Fornon-terminated MPLS packets, the payload is checked if the packet has asingle MPLS label. If the payload is IPv4 or IPv6, then the IP source address and IP destination address fields are used for hashing along with the MPLS labels. If the packet has more than one MPLS label, only the MPLS labels are used for hashing.

Table 7: MPLS Hashing Fields

packets)

QFX5100EX4300Field

ΧΧSource MAC

ΧΧDestination MAC

ΧΧEtherType

ΧΧVLAN ID

✓✓Source IP

✓✓Destination IP

ΧΧProtocol (for IPv4 packets)

ΧΧNext header (for IPv6

ΧΧLayer 4 Source Port

ΧΧLayer 4 Destination Port

ΧΧIPv6 Flow lab

✓✓MPLS label 0

✓✓MPLS label 1

✓✓MPLS label 2

Page 35

MAC-in-MAC Packet Hashing

Packets using the MAC-in-MAC EtherType are hashed by the hashing algorithm using the Layer 2 payload source MAC, Layer 2 payload destination MAC, and Layer 2 payload EtherType fields. See Table 8 on page 15.

Hashing using the fields in the MAC-in-MAC EtherType packet is first supported on EX4300 switches in Release 13.2X51-D20. Hashing using the fields in the MAC-in-MAC EtherType is not supported on earlier releases.

The fields used by the hashing algorithm for MAC-in-MAC hashing are not user-configurable.

•

✓—Field is used by the hashing algorithm, by default.

•

Χ—Field is not used by the hashing algorithm, by default.

Table 8: MAC-in-MAC Hashing Fields

Chapter 1: Interfaces Overview

QFX5100EX4300Field

Layer 2 Header Hashing

Layer 2 header fields are used by the hashing algorithm when a packet’s EtherType is not recognized as IP (IPv4 or IPv6), MPLS, or MAC-in-MAC. The Layer 2 header fields are also used for hashing IPv4, IPv6, and MPLS traffic instead of the payload fields when the hash mode is set to Layer 2 header.

•

Table 9: Layer 2 Header Hashing Fields

✓✓Layer 2 Payload Source MAC

✓✓Layer2 Payload DestinationMAC

✓✓Layer 2 Payload EtherType

ΧΧLayer 2 Payload Outer VLAN

✓—Field is used by the hashing algorithm, by default.

Χ—Field is not used by the hashing algorithm, by default.

(configurable)—Field canbe configured to beused ornot usedby the hashing algorithm.

QFX5100EX4300Field

Source MAC

✓

Destination MAC

(configurable)

✓

(configurable)

✓

(configurable)

Page 36

Network Interfaces for EX4300 Switches

Table 9: Layer 2 Header Hashing Fields (continued)

QFX5100EX4300Field

✓

(configurable)

Documentation

EtherType

VLAN ID

Configuring the Fields in the Algorithm Used To Hash LAG Bundle and ECMP Traffic

•

✓

(configurable)

(CLI Procedure) on page 94

Understanding How Energy Efficient Ethernet Reduces Power Consumption on Interfaces

Energy Efficient Ethernet (EEE), an Institute of Electrical and Electronics Engineers(IEEE)

802.3az standard, reduces the power consumption of physical layer devices (PHYs) during periods of low link utilization. EEE saves energy by putting part ofthe transmission circuit into low power mode when the link is idle.

An Ethernetlink consumes power even when a ink is idle. EEE provides a method to utilize power in such a way that Ethernet links use power only during data transmission. EEE specifies a signaling protocol, Low Power Idle (LPI) for achieving the power saving during the idle time of Ethernet links. EEE allows PHYs to exchange LPI indications to signal the transition to low power mode when there is no traffic. LPI indicates when a link can go idle and when the link needs to resume after a predefined delay without impacting data transmission.

The following copper PHYs are standardized by IEEE 802.3az:

•

100BASE-T

•

1000BASE-T

•

10GBASE-T

Configuring Energy Efficient Ethernet on Interfaces (CLI Procedure) on page 93•

Documentation

Understanding Local Link Bias

Local link bias conserves bandwidth on Virtual Chassis ports (VCPs) by using local links to forward unicast traffic exiting a Virtual Chassis or Virtual Chassis Fabric (VCF) that has a Link Aggregation group (LAG) bundle composed of member links on different member switches in the same Virtual Chassis or VCF. A local link is a member link in the LAG bundle that is on the member switch that received the traffic. Because traffic is received and forwarded on the same member switch when local link bias is enabled, no VCP bandwidth is consumed by traffic traversing the VCPs to exit the Virtual Chassis or

Page 37

Chapter 1: Interfaces Overview

VCF using a different member link in the LAG bundle. The traffic flow of traffic exiting a Virtual Chassis or VCF over a LAG bundle when local link bias is enabled is illustrated in

Figure 1 on page 17.

Figure 1: Egress Traffic Flow with Local Link Bias

When local link bias is disabled, egress traffic exiting a Virtual Chassis or VCF on a LAG bundle can be forwarded out of any member link in the LAG bundle. Traffic forwarding decisions are made byan internal algorithm that attempts to load-balancetraffic between the member links in the bundle. VCP bandwidth is frequently consumed by egress traffic when local link bias is disabled because the egress traffic traverses the VCPs to reach the destination egress member link in the LAG bundle. The traffic flow of traffic exiting a Virtual Chassis or VCF over a LAG bundle when local link bias is disabled is illustrated in Figure 2 on page 17.

Figure 2: Egress Traffic Flow without Local Link Bias

Local link bias is configured in a LAG bundle. A Virtual Chassis or VCF that has multiple LAG bundles can contain bundles that have and have not enabled local link bias. Local link bias only impacts the forwarding of unicast traffic exiting a Virtual Chassis or VCF; ingress traffic handling is not impacted by the local link bias setting. Egress multicast, unknown unicast, andbroadcasttraffic exiting a Virtual Chassis or VCF over a LAGbundle is not impacted by the local link bias setting and is always load-balanced among the member links. Local link bias is disabled, by default.

You should enable local link bias if you want to conserve VCP bandwidth by always forwarding egress unicast traffic on a LAG bundle out of a local link. You should not

Page 38

Network Interfaces for EX4300 Switches

enable local link bias if you want egress traffic load-balanced across the member links in the LAG bundle as it exits the Virtual Chassis or VCF.

Configuring Local Link Bias (CLI Procedure) on page 94•

Documentation

Understanding Layer 3 Subinterfaces

A Layer 3 subinterface is a logical division of a physical interface that operates at the network level and therefore can receive and forward 802.1Q VLAN tags. You can use Layer 3 subinterfaces to route traffic among multipleVLANs along a single trunk line that connects a Juniper Networks EX Series Ethernet Switch to a Layer 2 switch. Only one physical connection is required between the switches. This topology is often called a router on a stick or a one-armed router when the Layer 3 device is a router.

To create Layer3 subinterfaces on an EX Series switch, you enableVLAN tagging, partition the physical interface into logical partitions, and bindthe VLAN IDto the logical interface.

You can partition one physical interface into up to 4094 different subinterfaces, one for each VLAN. We recommend that you use the VLAN ID as the subinterface number when you configure the subinterface. Juniper Networks Junos operating system (Junos OS) reserves VLAN IDs 0 and 4095.

VLAN tagging places the VLAN ID in the frame header, allowing each physical interface to handle multiple VLANs.When you configure multiple VLANs on an interface, you must also enable tagging on that interface. Junos OS on EX Series switches supports a subset of the 802.1Q standard for receiving and forwarding routed or bridged Ethernet frames with single VLAN tags and running Virtual Router Redundancy Protocol (VRRP) over

802.1Q-tagged interfaces. Double-tagging is not supported.

Documentation

EX Series Switches Interfaces Overview on page 3•

• Example: Configuring Layer 3 Subinterfaces for a Distribution Switch and an Access

Switch

• Junos OS Ethernet Interfaces Configuration Guide

Page 39

Understanding Unicast RPF

Unicast reverse-pathforwarding(RPF) helps protect the switchagainst denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks by verifying the unicast source address of each packetthat arrives on an ingress interface where unicast RPF is enabled. It alsohelps ensurethat traffic arrivingon ingressinterfacescomes from a network source that the receiving interface can reach.

When youenable unicast RPF, the switch forwards a packet only if the receiving interface is the best return path to the packet's unicast source address. This is known as strict mode unicast RPF.

Chapter 1: Interfaces Overview

NOTE: On Juniper Networks EX3200, EX4200, and EX4300 Ethernet

Switches, the switch applies unicast RPF globally to all interfaces when unicast RPF is configured on any interface. For additional information, see

“Limitations of the Unicast RPF Implementation on EX3200, EX4200, and EX4300 Switches” on page 22.

This topic covers:

•

Unicast RPF for Switches Overview on page 19

•

Unicast RPF Implementation on page 20

•

When to Enable Unicast RPF on page 20

•

When Not to Enable Unicast RPF on page 21

•

Limitations of the Unicast RPF Implementation on EX3200, EX4200, and EX4300 Switches on page 22

Unicast RPF for Switches Overview

Unicast RPF functions as an ingress filter that reduces the forwarding of IP packets that might bespoofing an address. Bydefault,unicast RPF is disabled on the switch interfaces.

The type of unicast RPF provided on the switches—that is, strict mode unicast RPF is especially useful on untrusted interfaces. An untrusted interface is an interface where untrusted users or processes can place packets on the network segment.

The switch supports only the active paths method of determining the best return path back to a unicast source address. The active paths method looks up the best reverse path entry in the forwarding table. It does not consider alternate routes specified using routing-protocol-specific methods when determining the best return path.

If the forwarding table lists the receiving interface as the interface to use to forward the packet back to its unicast source, it is the best return path interface.

Use strict mode unicast RPF only on symmetrically routed interfaces. (For information about symmetrically routed interfaces, see “When to Enable Unicast RPF” on page 20.)

Page 40

Network Interfaces for EX4300 Switches

For more information about strict unicast RPF, see RFC 3704, Ingress Filtering for Multihomed Networks at http://www.ietf.org/rfc/rfc3704.txt.

Unicast RPF Implementation

This section includes:

•

Unicast RPF Packet Filtering on page 20

•

Bootstrap Protocol (BOOTP) and DHCP Requests on page 20

•

Default Route Handling on page 20

Unicast RPF Packet Filtering

When you enable unicast RPF on the switch, the switch handles traffic in the following manner:

•

If theswitch receives a packeton theinterface that is the best return path to the unicast source address of that packet, the switch forwards the packet.

•

If the best return path from the switch to the packet's unicast source address is not the receiving interface, the switch discards the packet.

•

If theswitch receives a packet that has asource IP address that doesnot have a routing entry in the forwarding table, the switch discards the packet.

Bootstrap Protocol (BOOTP) and DHCP Requests

Bootstrap protocol (BOOTP) and DHCP request packets are sent with a broadcast MAC address and therefore the switch does not perform unicast RPF checks on them. The switch forwards all BOOTP packets and DHCP request packets without performing unicast RPF checks.

Default Route Handling

If the best return path to the source is the default route (0.0.0.0) and the default route points to reject, the switch discards the packets. If the default route points to a valid network interface, the switch performs a normal unicast RPF check on the packets.

When to Enable Unicast RPF

Enable unicast RPF when you want to ensure that traffic arriving on a network interface comes from a source that resides on a network that that interface can reach. You can enable unicast RPF on untrusted interfaces to filter spoofed packets. For example, a common application for unicast RPF is to help defend an enterprise network from DoS/DDoS attacks coming from the Internet.

Enable unicast RPF only on symmetrically routed interfaces. A symmetrically routed interfaceuses the same route in both directions between the source and the destination, as shown in Figure 3 on page 21. Symmetrical routing means that if an interface receives a packet, the switch uses the same interface to send a reply to the packet source (the receiving interface matches the forwarding-table entry for the best return path to the source).

Page 41

Chapter 1: Interfaces Overview

Figure 3: Symmetrically Routed Interfaces

Enabling unicast RPF on asymmetrically routed interfaces (where different interfaces receive a packet and reply to its source) results in packets from legitimate sources being filtered (discarded) because the best return path is not the same interface that received the packet.

The following switch interfaces are most likely to be symmetrically routed and thus are candidates for unicast RPF enabling:

•

The service provider edge to a customer

•

The customer edge to a service provider

•

A single access point out of the network (usually on the network perimeter)

•

A terminal network that has only one link

NOTE: Because unicast RPF is enabled globally on EX3200, EX4200, and

EX4300 switches, ensure that all interfaces are symmetrically routed before you enable unicast RPF on these switches. Enabling unicast RPF on asymmetrically routed interfaces results in packets from legitimate sources being filtered.

TIP: Enabling unicast RPF as close as possible to the traffic source stops

spoofed traffic before it can proliferate or reach interfaces that do not have unicast RPF enabled.

When Not to Enable Unicast RPF

Typically, you will not enable unicast RPF if:

•

Switch interfaces are multihomed.

•

Switch interfaces are trusted interfaces.

•

BGP is carrying prefixes and some of those prefixes are not advertised or are not accepted by the ISP under its policy. (The effect in this case is the same as filtering an interface by using an incomplete access list.)

•

Switch interfaces face the network core. Core-facing interfaces are usually asymmetrically routed.

An asymmetrically routed interface uses different paths to send and receive packets between the source and the destination, as shown in Figure 4 on page 22. This means

Page 42

Network Interfaces for EX4300 Switches

that if an interface receives a packet, that interface does not match the forwarding table entry as the best return path back to the source. If the receiving interface is not the best return path tothe source of a packet, unicast RPF causes theswitch to discardthe packet even though it comes from a valid source.

Figure 4: Asymmetrically Routed Interfaces

NOTE: Do not enable unicast RPF on EX3200, EX4200, and EX4300 switches

if any switch interfaces are asymmetrically routed, because unicast RPF is enabled globally on all interfaces of these switches. All switch interfaces must be symmetrically routed for you to enable unicast RPF without the risk of the switch discarding traffic that you want to forward.

Limitations of the Unicast RPF Implementation on EX3200, EX4200, and EX4300 Switches

On EX3200, EX4200, and EX4300 switches, the switch implements unicast RPF on a global basis. You cannot enable unicast RPF on a per-interface basis. Unicast RPF is globally disabled by default.

•

When you enable unicast RPF on any interface,it is automaticallyenabled on all switch interfaces, including link aggregation groups (LAGs), integrated routing and bridging (IRB) interfaces, and routed VLAN interfaces (RVIs).

•

When you disable unicast RPF on the interface (or interfaces) on which you enabled unicast RPF, it is automatically disabled on all switch interfaces.

NOTE: You must explicitly disable unicast RPF on every interface on which

it was explicitly enabled or unicast RPF remains enabled on all switch interfaces.

QFX switches and EX3200 and EX4200 switches do not perform unicast RPF filtering on equal-cost multipath (ECMP) traffic. The unicast RPF check examines only one best return path to the packet source, but ECMP traffic employs an address block consisting of multiple paths. Using unicast RPF to filter ECMP traffic on these switches can result in the switch discarding packets that you want to forward because the unicast RPF filter does not examine the entire ECMP address block.

Documentation

Example: Configuring Unicast RPF on an EX Series Switch•

• Configuring Unicast RPF (CLI Procedure) on page 97

Page 43

• Disabling Unicast RPF (CLI Procedure) on page 99

Understanding IP Directed Broadcast for EX Series Switches

IP directed broadcast helps you implement remote administrationtasks such asbackups and wake-on-LAN (WOL) application tasks by sending broadcast packets targeted at the hosts in a specified destination subnet. IP directed broadcast packets traverse the network in the same way as unicast IP packets until they reach the destination subnet. When they reach the destination subnet and IP directed broadcast is enabled on the receiving switch, the switch translates (explodes) the IP directed broadcast packet into a broadcast that floods the packet on the target subnet. All hosts on the target subnet receive the IP directed broadcast packet.

This topic covers:

•

IP Directed Broadcast for EX Series Switches Overview on page 23

•

IP Directed Broadcast Implementation for EX Series Switches on page 23

•

When to Enable IP Directed Broadcast on page 24

•

When Not to Enable IP Directed Broadcast on page 24

Chapter 1: Interfaces Overview

IP Directed Broadcast for EX Series Switches Overview

IP directed broadcast packets have a destination IP address that is a valid broadcast address for the subnet that is the target of the directed broadcast (the target subnet). The intent of an IP directed broadcast is to flood the target subnet with the broadcast packetswithout broadcasting to the entire network. IPdirectedbroadcastpacketscannot originate from the target subnet.

When you send an IP directed broadcast packet, as it travels to the target subnet, the network forwards it in the same way as it forwards a unicast packet. When the packet reaches a switch that is directly connected to the target subnet, the switch checks to see whether IP directed broadcast is enabled on the interface that is directly connected to the target subnet:

•

If IP directed broadcast is enabled on that interface, the switch broadcasts the packet on that subnet by rewriting the destination IP address as the configured broadcast IP address for the subnet. Theswitch converts thepacket to alink-layer broadcast packet that every host on the network processes.

•

If IP directed broadcast is disabled on the interface that is directly connected to the target subnet, the switch drops the packet.

IP Directed Broadcast Implementation for EX Series Switches

You configure IP directed broadcast on a per-subnet basis by enabling IP directed broadcast on the Layer 3 interface of the subnet’s VLAN. When the switch that is connected to that subnet receives a packet that has the subnet’s broadcast IP address as the destination address, the switch broadcasts the packet to all hosts on the subnet.

Page 44

Network Interfaces for EX4300 Switches

By default, IP directed broadcast is disabled.

When to Enable IP Directed Broadcast

IP directed broadcastis disabled by default. Enable IP directedbroadcast when you want to perform remote management or administration services such as backups or WOL tasks on hosts in a subnet that does not have a direct connection to the Internet.

Enabling IP directed broadcast on a subnet affects only the hosts within that subnet. Only packets received on the subnet’s Layer 3 interface that have the subnet’s broadcast IP address as the destination address are flooded on the subnet.

When Not to Enable IP Directed Broadcast

Typically, you do not enableIP directed broadcast onsubnets that have direct connections to the Internet. Disabling IP directed broadcast on a subnet’s Layer 3 interface affects only that subnet. If you disable IP directed broadcast on a subnet and a packet that has the broadcast IP address of that subnet arrives at the switch, the switch drops the broadcast packet.

If a subnet has a direct connection to the Internet, enabling IP directed broadcast on it increases the network’s susceptibility to denial-of-service (DoS) attacks.

For example, a maliciousattackercan spoof a sourceIP address(use a source IP address that is not the actual source of the transmission to deceive a network into identifying the attacker as a legitimate source) and send IP directed broadcasts containing Internet Control Message Protocol (ICMP) echo (ping) packets. When the hosts on the network with IP directed broadcast enabled receive the ICMP echo packets, they all send replies to the victim that has the spoofed source IP address. This creates a flood of ping replies in a DoS attack that can overwhelm the spoofed source address; this is known as a smurf attack. Another common DoS attack on exposed networks with IP directed broadcast enabled is a fraggle attack, which is similar to a smurf attack except that the malicious packet is a User Datagram Protocol (UDP) echo packet instead of an ICMP echo packet.

Documentation

Example: Configuring IP Directed Broadcast on an EX Series Switch•

• Configuring IP Directed Broadcast (CLI Procedure)

• Configuring IP Directed Broadcast (CLI Procedure) on page 100

Understanding Interface Ranges on EX Series Switches

NOTE: This concept uses Junos OS for EX Series switches with support for

the Enhanced Layer 2 Software (ELS) configuration style. If your switch runs software that does not support ELS, see Understanding Interface Ranges on

EX Series Switches. For ELS details, see Getting Started with Enhanced Layer 2 Software.

You can use the interface ranges to group interfaces of the same type that share a common configuration profile. This helps reduce the time and effort in configuring

Page 45

Chapter 1: Interfaces Overview

interfaces on JuniperNetworksEX Series Ethernet Switches.The configurations common to all the interfaces can be included in the interface range definition.

The interface range definition contains the name of the interface range defined, the names of the individual member interfaces that do not fall in a series of interfaces, a range of interfaces defined in the member range, and the configuration statements common to all the interfaces. An interface range defined with member ranges and individual members but without any common configurations, is also a valid definition.

NOTE: The interface range definition is supported only for Gigabit, 10-Gigabit,

40-Gigabit, and Fast Ethernet interfaces.

The common configurations defined in the interface range will be overridden by the local configuration.

The defined interface ranges can be used at places where the interface node is used in the following configuration hierarchies:

•

forwarding-options analyzer name input egress interface

•

forwarding-options analyzer name input ingress interface

•

poe interface

•

protocols dot1x authenticator interface

•

protocols igmp interface

•

protocols isis interface

•

protocols layer2-control bpdu-block interface

•

protocols link-management peer name lmp-control-channel

•

protocols link-management te-link name interface

•

protocols lldp interface

•

protocols lldp-med interface

•

protocols mstp interface

•

protocols oam ethernet link-fault-management interface

•

protocols ospf area area-id interface

•

protocols pim interface

•

protocols router-advertisement interface

•

protocols router-discovery interface

•

protocols rsvp interface

•

protocols sflow interfaces

•

protocols vstp vlan vlan-id interface

Page 46

Network Interfaces for EX4300 Switches

•

switch-options redundant-trunk-group group-name interface

•

switch-options voip interface

Documentation

Interface Ranges on page 66•

• EX Series Switches Interfaces Overview on page 3

• Configuring Gigabit Ethernet Interfaces (CLI Procedure) on page 32

• Configuring Aggregated Ethernet Links (CLI Procedure) on page 82

• Configuring a Layer 3 Subinterface (CLI Procedure) on page 97

• interface-range on page 193

802.1Q VLANs Overview

For Ethernet, Fast Ethernet, Tri-Rate Ethernet copper, Gigabit Ethernet, 10-Gigabit Ethernet, and aggregated Ethernet interfaces supporting VPLS, the Junos OS supports a subset of the IEEE 802.1Q standard for channelizing an Ethernet interface into multiple logical interfaces, allowing many hosts to be connected to the same Gigabit Ethernet switch, but preventing them from being in the same routing or bridging domain.

Documentation

• Configuring Dynamic 802.1Q VLANs

• 802.1Q VLAN IDs and Ethernet Interface Types

• Enabling VLAN Tagging

• Binding VLAN IDs to Logical Interfaces

• Configuring VLAN Encapsulation

• Configuring Extended VLAN Encapsulation

• Guidelines for Configuring VLAN ID List-Bundled Logical Interfaces That Connect CCCs

• Configuring a Layer 2 VPN Routing Instance on a VLAN-Bundled Logical Interface

• Configuring a VLAN-Bundled Logical Interfaceto Support a Layer 2 VPN Routing Instance

• Specifying the Interface Over Which VPN Traffic Travels to the CE Router

• Specifying the Interface to Handle Traffic for a CCC

• Configuring a Layer 2 Circuit on a VLAN-Bundled Logical Interface

• Configuring a VLAN-Bundled Logical Interfaceto Support a Layer 2 VPN Routing Instance

• Specifying the Interface to Handle Traffic for a CCC Connected to the Layer 2 Circuit

• Example:Configuring a Layer 2 VPN Routing Instance on a VLAN-Bundled Logical Interface

• Example: Configuring a Layer 2 Circuit on a VLAN-Bundled Logical Interface

• Configuring a Logical Interface for Access Mode

• Configuring a Logical Interface for Trunk Mode

• Configuring the VLAN ID List for a Trunk Interface

Page 47

• Configuring a Trunk Interface on a Bridge Network

• Ethernet Interfaces

Chapter 1: Interfaces Overview

Page 48

Network Interfaces for EX4300 Switches

Page 49

PART 2

Configuration

•

Configuration Tasks on page 31

•

Configuration Statements on page 103

Page 50

Network Interfaces for EX4300 Switches

Page 51

CHAPTER 2

Configuration Tasks

•

Configuring Gigabit Ethernet Interfaces (CLI Procedure) on page 32

•

Configuring Gigabit Ethernet Interfaces (J-Web Procedure) on page 35

•

Port Role Configuration with the J-Web Interface (with CLI References) on page 41

•

Adding a Logical Unit Description to the Configuration on page 45

•

Disabling a Physical Interface on page 45

•

Disabling a Logical Interface on page 47

•

Configuring Flow Control on page 47

•

Configuring the Interface Address on page 48

•

Configuring the Interface Bandwidth on page 52

•

Configuring the Media MTU on page 53

•

Setting the Protocol MTU on page 65

•

Interface Ranges on page 66

•

Configuring Accounting for the Physical Interface on page 74

•

Configuring Accounting for the Logical Interface on page 76

•

Configuring Ethernet Loopback Capability on page 77

•

Configuring Gratuitous ARP on page 78

•

Configuring Static ARP Table Entries on page 79

•

Disabling the Transmission of Redirect Messages on an Interface on page 80

•

Configuring Restricted and Unrestricted Proxy ARP on page 80

•

Enabling or Disabling SNMP Notifications on Logical Interfaces on page 81

•

Configuring Aggregated Ethernet Links (CLI Procedure) on page 82

•

Configuring Aggregated Ethernet Interfaces (J-Web Procedure) on page 83

•

Configuring Aggregated Ethernet LACP (CLI Procedure) on page 86

•

Configuring LACP Link Protection of Aggregated Ethernet Interfaces (CLI Procedure) on page 87

•

Configuring Aggregated Ethernet Link Protection on page 89

•

Configuring Aggregated Ethernet Link Speed on page 90

•

Configuring Aggregated Ethernet Minimum Links on page 92

Page 52

Network Interfaces for EX4300 Switches

•

Configuring Energy Efficient Ethernet on Interfaces (CLI Procedure) on page 93

•

Configuring Local Link Bias (CLI Procedure) on page 94

•

Configuring the Fields in the Algorithm Used To Hash LAG Bundle and ECMP Traffic (CLI Procedure) on page 94

•

Configuring Tagged Aggregated Ethernet Interfaces on page 96

•

Configuring a Layer 3 Subinterface (CLI Procedure) on page 97

•

Configuring Unicast RPF (CLI Procedure) on page 97

•

Disabling Unicast RPF (CLI Procedure) on page 99

•

Configuring IP Directed Broadcast (CLI Procedure) on page 100

•

Tracing Operations of an Individual Router or Switch Interface on page 101

•

Tracing Operations of the Interface Process on page 101

Configuring Gigabit Ethernet Interfaces (CLI Procedure)

NOTE: This task uses Junos OS for EX Series switches with support for the

Enhanced Layer 2 Software (ELS) configuration style. If your switch runs softwarethat does not support ELS, see Configuring Gigabit Ethernet Interfaces

(CLI Procedure). For ELS details, see Getting Started with Enhanced Layer 2 Software.

An Ethernet interface must be configured for optimal performance in a high-traffic network. EX Series switches include a factory default configuration that:

•

Enables all the network interfaces on the switch

•

Sets a default interface mode (access)

•

Sets default link settings

•

Specifies a logical unit (unit 0) and assigns it to family ethernet-switching (except on EX8200 switches and Virtual Chassis)

•

Specifies Rapid Spanning Tree Protocol (RSTP) and Link Layer Discovery Protocol (LLDP)

This topic describes:

•

Configuring VLAN Options and Interface Mode on page 32

•

Configuring the Link Settings on page 33

•

Configuring the IP Options on page 34

Configuring VLAN Options and Interface Mode

By default, when you boot a switch and use the factory default configuration, or when you boot the switch and do not explicitly configure a port mode, all interfaces on the switch are in access mode and accept only untagged packets from the VLAN named

default. You can optionally configure another VLAN and use that instead of default. You

Page 53

Chapter 2: Configuration Tasks

can also configure a port to accept untagged packets from the user-configured VLAN. For details on this concept (native VLAN), see Understanding Bridging and VLANs on EX

Series Switches

If you are connecting either a desktop phone, wireless access point or a security camera to a Power over Ethernet (PoE) port, you can configure some parameters for the PoE interface. PoE interfaces are enabled by default. For detailed information about PoE settings, see Configuring PoE (CLI Procedure).

If you are connecting a device to other switches and to routers on the LAN, you need to assign the interface to a logical port and configure the logical port as a trunk port. See

“Port Role Configuration with the J-Web Interface (with CLI References)” on page 41 for

more information about port configuration.

If you are connecting to a server that contains virtual machines and a VEPA for packet aggregation from those virtual machines, configure the port as a tagged-access port. See Understanding Bridging and VLANs on EX Series Switches for more information about tagged access.

To configurea 1-Gigabit, 10-Gigabit, or 40-Gigabit Ethernet interface for trunk portmode:

[edit] user@switch# set interfaces interface-name unit logical-unit-number family ethernet-switching

interface-mode trunk

Configuring the Link Settings

EX Series switches include a factory default configuration that enables interfaces with the link settings provided in Table 10 on page 33.

Table 10: Factory Default Configuration Link Settings for EX Series Switches

EnabledEnabled1 gigabit

(using a DAC cable)

(using a fiber-optic cable)

(using a DAC cable)

Autonegotiation (full duplex or half duplex)

Link SpeedLink ModeFlow ControlAutonegotiationEthernet Interface

Autonegotiation (10 Mbps, 100 Mbps, or 1 Gbps)

10 GbpsFull duplexEnabledEnabled10 gigabit

10 GbpsFull duplexEnabledDisabled10 gigabit

40 GbpsFull duplexEnabledEnabled40 gigabit

(using a fiber-optic cable)

40 GbpsFull duplexEnabledDisabled40 gigabit

Page 54

Network Interfaces for EX4300 Switches

To configure the link mode and speed settings for a 1-Gigabit, 10-Gigabit, or 40-Gigabit Ethernet interface:

[edit] user@switch# set interfaces interface-name

To configure additional link settings for a 1-Gigabit, 10-Gigabit, or 40-Gigabit Ethernet interface:

[edit] user@switch# set interfaces interface-name ether-options

For detailed information about the FPC, PIC,and portnumbers used for EXSeries switches, see “Understanding Interface Naming Conventions on EX Series Switches” on page 6.

Configurable link settings include:

•

802.3ad—Specify an aggregated Ethernetbundle. See “Configuring Aggregated Ethernet

Links (CLI Procedure)” on page 82.

NOTE: On EX4300 switches, the interfaces operate in full duplex mode only.

•

auto-negotiation—Enable or disable autonegotation of flow control, link mode, and

speed.

•

flow-control—Enable or disable flow control.

•

link-mode—Specify full duplex, half duplex, or autonegotiation. On EX4300 switches,

the interfaces operate in full duplex mode only.

•

loopback—Enable or disable loopback mode.

•

speed—Specify 10 Mbps, 100 Mbps, 1 Gbps, or autonegotiation.

Configuring the IP Options

To specify an IP address for the logical unit using IPv4:

[edit] user@switch# set interfaces interface-name unit logical-unit-number family inet address ip-address

To specify an IP address for the logical unit using IPv6:

[edit] user@switch# set interfaces interface-name unit logical-unit-number family inet6 address

ip-address

NOTE: Access interfaces on EX4300 switches are set to family

ethernet-switching by default. You might have to delete this or any other

user-configured family setting before changing the setting to family inet or

family inet6.

Documentation

Configuring Gigabit Ethernet Interfaces (J-Web Procedure) on page 35•

• Monitoring Interface Status and Traffic on page 233

Page 55

• show interfaces ge- on page 276

• show interfaces xe- on page 307

• Understanding Interface Naming Conventions on EX Series Switches on page 6

Configuring Gigabit Ethernet Interfaces (J-Web Procedure)

You can configure specific properties on your Ethernet interface to ensure optimal performance of your network in a high-traffic environment.

To configure properties on a Gigabit Ethernet interface, a 10-Gigabit Ethernet interface, and a 40-Gigabit Ethernet interface on an EX Series switch:

1. Select Interfaces > Ports.

The page that is displayed lists Gigabit Ethernet, 10-Gigabit Ethernet interfaces, and 40-Gigabit Ethernet interfaces, and their link statuses.

Chapter 2: Configuration Tasks

NOTE: After you make changes to the configuration on this page, you

must commit the changes immediately for them to take effect. To commit all changes to the active configuration, select Commit Options > Commit. See Using the Commit Options to Commit Configuration Changes (J-Web Procedure) for details about all commit options.

2. Selectthe interface youwant toconfigure.For anEX8200 VirtualChassis configuration,

select the member and the FPC slot if the interface you want to configure is not listed under Ports in the top table on the page.

Details for the selected interface, such as administrative status, link status, speed, duplex, and flow control, are displayed in the Details of port table on the page.

NOTE: You can select multiple interfaces and modify their settings at the

same time. However, while doing this, you cannot modify the IP address or enable or disable the administrative status of the selected interfaces.

NOTE: In the J-Web interface, you cannot configure interface ranges and

interface groups.

3. Click Edit and select the set of options you want to configure first:

Page 56

Network Interfaces for EX4300 Switches

•

Port Role—Enables you to assign a profile for the selected interface.

NOTE: When you select a particular port role,preconfiguredport security

parameters are set for the VLAN that the interface belongs to. For example, if you select the port role Desktop, the port security options

examine-dhcp and arp-inspection are enabled on the VLAN that the

interface belongs to. If there are interfaces in the VLAN that have static IP addresses, those interfaces might lose connectivity because those static IP addresses might not be present in the DHCP pool. Therefore, when you select a port role, ensure that the corresponding port security settings for the VLAN are applicable to the interface.

For basic information about port security features such as DHCP snooping (CLI option examine-dhcp) or dynamic ARP inspection (DAI) (CLI option arp-inspection), see Configuring Port Security (J-Web Procedure). For detailed descriptions of port security features, see the Port Security topics in the EX Series documentation at

http://www.juniper.net/techpubs/.

Click Details to view the configuration parameters for the selected port role.

•

VLAN—Enables you to configure VLAN options for the selected interface.

•

Link—Enables you to modify the following link options for the selected interface:

•

Speed

•

MTU

•

Autonegotiation

•

Flow Control

•

Duplex

•

Media Type

•

IP—Enables you to configure an IP address for the interface.

4. Configure the interface by configuring options in the selected option set. See

Table 11 on page 37 for details of the options.

5. Repeat Steps 3 and 4 for the remaining option sets that you want to configure for the

interface.

NOTE: To enable or disable the administrative status of a selected

interface, click Enable Port or Disable Port.

Page 57

Table 11: Port Edit Options

Port Role Options

Chapter 2: Configuration Tasks

Your ActionFunctionField

Port Role

Default

Desktop

Specifies a profile (role) to assign to the interface.

NOTE: After a port role is configured on the

interface, you cannot specify VLAN options or IP options.

NOTE: Port roles are not supported by the et

interfaces (40-Gigabit Ethernet interfaces) on EX4300 switches.

NOTE: Only the following port roles can beapplied

on EX8200 switch interfaces:

•

Default

•

Layer 2 uplink

•

Routed uplink

Applies the default role.

The interface family is set to ethernet-switching, port mode is set to access, and RSTP is enabled.

Applies the desktop role.

The interface family is set to ethernet-switching, port mode is set to access, RSTP is enabled with the edge and point-to-point options, and port security parameters (MAC limit =1; dynamic ARP inspection and DHCP snooping enabled) are set.

1. Click Details to view CLI commands for this role.

2. Click OK.

1. Select an existing VLAN configuration or type the name of a new VLAN configuration to be associated with the interface.

2. Click Details to view CLI commands for this role.

3. Click OK.

Desktop and Phone

Wireless Access Point

Applies the desktop and phone role.

The interface family is set to ethernet-switching, port mode is set to access, port security parameters(MAClimit =1;dynamic ARP Inspection and DHCP snooping enabled) are set, and recommendedclass-of-service(CoS)parameters are specified for forwarding classes, schedulers, and classifiers. See Table 12 on page 40 for more CoS information.

Applies the wireless access point role.

The interface family is set to ethernet-switching, port mode is set to access, and RSTP is enabled with the edge and point-to-point options.

1. Select an existing VLAN configuration or type the name of a new VLAN configuration to be associated with the interface.

You can also select an existing VoIP VLAN configuration or a new VoIP VLAN configuration to be associated with the interface.

NOTE: VoIP is not supported on EX8200 switches.

2. Click Details to view CLI commands for this role.

3. Click OK.

1. Select an existing VLAN configuration or type the name of a new VLAN configuration to be associated with the interface. Type the VLAN ID for a new VLAN.

2. Click Details to view CLI commands for this role.

3. Click OK.

Page 58

Network Interfaces for EX4300 Switches

Table 11: Port Edit Options (continued)

Your ActionFunctionField

Routed Uplink

Layer 2 Uplink

Applies the routed uplink role.

The interface family is set to inet, and recommended CoS parameters are set for schedulersand classifiers. See Table 12 on page 40 for more CoS information.

Applies the Layer 2 uplink role.

The interface family is set to ethernet-switching, port modeis setto trunk,RSTP is enabled withthe

point-to-point option, and trusted DHCP is

configured for port security.

To specify an IPv4 address:

1. Select the IPv4 address check box.

2. Type an IP address—for example: 10.10.10.10.

3. Enter the subnetmask oraddress prefix. For example, 24 bits represents 255.255.255.0.

4. Click OK.

To specify an IPv6 address:

1. Select the IPv6 address check box.

2. Type an IP address—for example: 2001:ab8:85a3::8a2e:370:7334.

3. Enter the subnet mask or address prefix.

4. Click OK.

NOTE: IPv6 is notsupported on EX2200VC switches.

1. For this port role,you can select a VLAN member and associate a native VLAN with the interface.

2. Click Details to view CLI commands for this role.

3. Click OK.

None

NOTE: For an EX8200 switch, dynamic ARP inspection and DHCP snooping parameters are not configured.

VLAN Options

Specifies that no port role is configured for the selected interface.

Page 59

Table 11: Port Edit Options (continued)

Chapter 2: Configuration Tasks

Your ActionFunctionField

Port Mode

Link Options

MTU (bytes)

Specifies the mode of operation for the interface: trunk or access.

Specifies the maximum transmission unit size (MTU) for the interface.

Specifies the speed for the mode.Speed

If you select Trunk, you can:

1. Click Add to add a VLAN member.

2. Select the VLAN and click OK.

3. (Optional) Associatea native VLAN with the interface.

4. Click OK.

If you select Access, you can:

1. Select the VLAN member to be associated with the interface.

2. (Optional) Associate a VoIP VLAN with the interface. Only a VLAN with a VLAN ID can be associated as a VoIP VLAN.

NOTE: VoIP is not supported on EX8200 switches.

3. Click OK.

Type a value from 256 through 9216. The default MTU size for Gigabit Ethernet interfaces is 1514.

Select one of the following values: 10 Mbps, 100 Mbps,

1000 Mbps, or Auto-Negotiation.

Description

Negotiation

Control

Specifies the link mode.Duplex

NOTE: If the interface is part of a link aggregation

group (LAG), only the Description option isenabled. Other Port Edit options are unavailable.

Enables or disables autonegotiation.Enable Auto

Enables or disables flow control.Enable Flow

Specifies the media type selected.Media Type

NOTE: EX4300 switches supports Auto-Negotiation

10M-100M apart from the values mentioned above.

Select one: automatic, half, or full.

NOTE: Link mode half is not supported on EX4300

switches.

Enter a brief description for the link.Describes the link.

Select the check box to enable autonegotiation, or clear the check box to disable it. By default, autonegotiation is enabled.

Select the check box to enable flow control to regulate the amount of traffic sent out of the interface, or clear the check box to disable flow control and permit unrestricted traffic. Flow control is enabled by default.

Select the check box to enable the media type. Then select Copper or Fiber.

Page 60

Network Interfaces for EX4300 Switches

Table 11: Port Edit Options (continued)

IP Options

Your ActionFunctionField

IPv4 Address

Specifies an IPv4 address for the interface.

NOTE: If the IPv4 Address check box is cleared,

the interface still belongs to the inet family.

IPv6 Address

Specifies an IPv6 address for the interface.

NOTE: If the IPv6 Address check box is cleared,

the interface still belongs to the inet family.

Table 12: Recommended CoS Settings for Port Roles

Recommended SettingsCoS Parameter

Forwarding Classes

There are four forwarding classes:

•

voice—Queue number is set to 7.

•

expedited-forwarding—Queue number is set to 5.

•

assured-forwarding—Queue number is set to 1.

•

best-effort—Queue number is set to 0.

1. Select the IPv4 address check box to specify an IPv4 address.

2. Type an IP address—for example: 10.10.10.10.

3. Enter the subnetmask oraddress prefix. For example, 24 bits represents 255.255.255.0.

4. Click OK.

1. Select the IPv6 address check box to specify an IPv6 address.

2. Type an IP address—for example: 2001:ab8:85a3::8a2e:370:7334.

3. Enter the subnet mask or address prefix.

4. Click OK.

NOTE: IPv6 address isnot supported onEX2200 and

EX4500 switches.

Schedulers

Scheduler maps

The schedulers and their settings are:

•

When a desktop and phone, routed uplink, or Layer 2 uplink role is applied on an interface, the forwarding classes and schedulers are mapped using the scheduler map.

ieee-802.1 classifier

Imports the default ieee-802.1 classifier configuration and sets the loss priority to low for the code point 101 for the voice forwarding class.

dscp classifier

Imports the default dscp classifier configuration and sets the loss priority to low for the code point 101110 for the voice forwarding class.

Strict-priority—Transmission rate is set to 10 percent and buffer size to 5 percent.

Expedited-scheduler—Transmission rate is set to 30 percent, buffer size to 30 percent, and priority to low.

Assured-scheduler—Transmission rate is set to 25 percent, buffer size to 25 percent, and priority to low.

Best-effort scheduler—Transmission rate is set to 35 percent, buffer size to 40 percent, and priority to low.

Page 61

Chapter 2: Configuration Tasks

Documentation

Configuring Gigabit Ethernet Interfaces (CLI Procedure)•

• Configuring Gigabit Ethernet Interfaces (CLI Procedure) on page 32

• Monitoring Interface Status and Traffic on page 233

• EX Series Switches Interfaces Overview on page 3

• Junos OS CoS for EX Series Switches Overview

• Understanding Interface Naming Conventions on EX Series Switches on page 6

Port Role Configuration with the J-Web Interface (with CLI References)

When you configure Gigabit Ethernet interface properties with the J-Web interface (Configure > Interfaces) you can optionally select pre-configured port roles for those interfaces. When youselect a rolefrom thePort Role field and apply it to aport, the J-Web interface modifies the switch configuration using CLI commands. Table 13 on page 41 lists the CLI commands applied for each port role.

NOTE: If there is an existing port role configuration, it is cleared before the

new port role configuration is applied.

Table 13: Port Role Configuration Summary

Default Port Role

Set the port role to Default.

Set port family to ethernet-switching.

Set port mode to access.

Enable RSTP if redundant trunk groups are not configured.

Disable RSTP if redundant trunk groups are configured.

Desktop Port Role

Set the port role to desktop.

Set port family to ethernet-switching.

Set Port Mode to Access.

CLI CommandsConfiguration Description

set interfaces interfaceapply-macro juniper-port-profile Default

set interfaces interface unit 0 family ethernet-switching port-mode access

delete protocols rstp interface interface disable

set protocols rstp interface interface disable

set interfaces interface apply-macro juniper-port-profile Desktop

set vlans <vlan name> vlan-id <vlan-id>Set VLAN if new VLAN is specified.

set interfaces interface unit 0 family ethernet-switching port-mode access

Page 62

Network Interfaces for EX4300 Switches

Table 13: Port Role Configuration Summary (continued)

CLI CommandsConfiguration Description

Set VLAN if new VLAN is specified.

Set port security parameters.

Set RSTP protocol with edge option.

RSTP protocol is disabled if redundant trunk groups are configured.

Desktop and Phone Port Role

Set the port role to desktop and phone.

Set data VLAN if new VLAN is specified.

Set voice VLAN if new voice VLAN is specified.

Set port family to ethernet-switching.

Set Port Mode to access.

Set data VLAN on port stanza.

Set port security parameters.

Set VOIP VLAN.

Set class of service parameters

SCHEDULER_MAP=juniper-port-profile-map

IEEE_CLASSIFIER=juniper-ieee-classifier

DSCP_CLASSIFIER=juniper-dscp-classifier

set interfaces interface unit 0 family ethernet-switching vlan members vlan-members

set ethernet-switching-options secure-access-port vlan MacTest arp-inspection

set protocols rstp interface interface edge

set protocols rstp interface interface disable

set interfaces interfaceapply-macro juniper-port-profile Desktop and Phone

set vlans vlan-namevlan-id vlan id

set interfaces interfaceunit 0 family ethernet-switching port-mode access

set interfaces interface unit 0 family ethernet-switching vlan members vlan-members

set ethernet-switching-options secure-access-port vlan MacTest arp-inspection

set ethernet-switching-options voip interface interface.0 vlan vlan vlan name

set class-of-service interfaces interfacescheduler-map juniper-port-profile-map set class-of-service interfaces interface unit 0 classifiers ieee-802.1 juniper_ieee_classifier set class-of-service interfaces interfaceunit 0 classifiers dscp juniper-dscp-classifier

Wireless Access Point Port Role

Set the port role to wireless access point.

Set VLAN on VLANs stanza.

Set port family to ethernet-ewitching

Set port mode to Access.

Set VLAN on port stanza.

Refer Table 14 on page 44 for details.Set CoS Configuration

set interfaces interface apply-macro juniper-port-profile Wireless Access Point

set vlans vlan namevlan-id vlan-id

set interfaces interface unit 0 family ethernet-switching port-mode access

set interfaces interface unit 0 family ethernet-switching vlan members vlan-members

Page 63

Table 13: Port Role Configuration Summary (continued)

CLI CommandsConfiguration Description

Chapter 2: Configuration Tasks

Set RSTP protocol with edge option.

RSTP protocol is disabled if redundant trunk groups are configured.

Routed Uplink Port Role

Set the port role to Routed Uplink.

Set port family to inet.

Set IP address on the port.

Set class-of-service parameters

SCHEDULER_MAP=juniper-port-profile-map

IEEE_CLASSIFIER=juniper-ieee-classifier

DSCP_CLASSIFIER=juniper-dscp-classifier

Layer 2 Uplink Port Role

Set the port role to Layer 2 Uplink.

Set port family to ethernet-switching

Set port mode to trunk.

set protocols rstp interface interface edge

set protocols rstp interface interface disable

set interfaces interface apply-macro juniper-port-profile Routed Uplink

set interfaces interfaceunit 0 family inet address

ipaddress

Refer Table 14 on page 44 for details.Set CoS configuration

set interfaces interface apply-macro juniper-port-profile Layer2 Uplink

set interfaces interface unit 0 family ethernet-switching port-mode trunk

Set Native VLAN name.

Set the port as part of all valid VLANs; ”valid" refers to all VLANs except native VLAN and voice VLANs.

Set port security parameter.

Set RSTP protocol with point-to-point option.

Disable RSTP if redundant trunk groups are configured.

Set class-of-service parameters.

SCHEDULER_MAP=juniper-port-profile-map

IEEE_CLASSIFIER=juniper_ieee_classifier

DSCP_CLASSIFIER=juniper_dscp_classifier

set interfaces interface unit 0 family ethernet-switching native-vlan-id vlan-name

set interfaces interface unit 0 family ethernet-switching vlan members vlan-members

set ethernet-switching-options secure-access-port dhcp-trusted

set protocols rstp interface interface mode point-to-point

set protocols rstp interface interface disable

Page 64

Network Interfaces for EX4300 Switches

Table 13: Port Role Configuration Summary (continued)

CLI CommandsConfiguration Description

Refer to Table 14 on page 44 for details.Set CoS configuration

Table 14 on page 44 lists the CLI commands for the recommended CoS settings that are

committed when the CoS configuration is set.

Table 14: Recommended CoS Settings for Port Roles

CLI CommandCoS Parameter

Forwarding Classes

voice

expedited-forwarding

assured-forwarding

best-effort

Schedulers

strict-priority-scheduler

expedited-scheduler

assured-scheduler

set class-of-service forwarding-classes class voice queue-num 7

set class-of-service forwarding-classes class expedited-forwarding queue-num 5

set class-of-service forwarding-classes class assured-forwarding queue-num 1

set class-of-service forwarding-classes class best-effort queue-num 0

The CLI commands are:

•

set class-of-service schedulers strict-priority-scheduler transmit-rate percent 10 set class-of-service schedulers strict-priority-scheduler buffer-size percent 5 set class-of-service schedulers strict-priority-scheduler priority strict-high

The CLI commands are:

•

set class-of-service schedulers expedited-scheduler transmit-rate percent 30 set class-of-service schedulers expedited-scheduler buffer-size percent 30 set class-of-service schedulers expedited-scheduler priority low

The CLI commands are:

set class-of-service schedulers assured-scheduler transmit-rate percent 25 set class-of-service schedulers strict-priority-scheduler buffer-size percent 25 set class-of-service schedulers strict-priority-scheduler priority low

best-effort-scheduler

The CLI commands are:

set class-of-service schedulers best-effort-scheduler transmit-rate percent 35 set class-of-service schedulers best-effort-scheduler buffer-size percent 40 set class-of-service schedulers best-effort-scheduler priority low

Page 65

Table 14: Recommended CoS Settings for Port Roles (continued)

CLI CommandCoS Parameter

Chapter 2: Configuration Tasks

Classifiers

Documentation

The classifiers are:

set class-of-service classifiers ieee-802.1 juniper_ieee_classifier import default forwarding-class voice loss-priority low code-points 101 set class-of-service classifiers dscp juniper_dscp_classifier import default forwarding-class voice loss-priority low code-points 101110

Configuring Gigabit Ethernet Interfaces (J-Web Procedure) on page 35•

• Configuring Gigabit Ethernet Interfaces (CLI Procedure)

• Configuring Gigabit Ethernet Interfaces (CLI Procedure) on page 32

Adding a Logical Unit Description to the Configuration

You can include a text description of each logical unit in the configuration file. Any descriptive text you include is displayed in the output of the show interfaces commands, and is also exposed in the ifAlias Management Information Base (MIB) object. It has no impact on the interface’s configuration. To add a text description, include the description statement:

description text;

You can include this statement at the following hierarchy levels:

•

[edit interfaces interface-name unit logical-unit-number]

•

[edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number]

The description can be a single line of text. If the text contains spaces, enclose it in quotation marks.

NOTE: You can configure the extended DHCP relay to include the interface

description in the option 82 Agent Circuit ID suboption. See “Enabling and Disabling Insertion of Option 82 Information” in the Junos OS Subscriber Management and Services Library.

For information about describingphysical interfaces,see Configuring Interface Description.

Disabling a Physical Interface

You can disable a physical interface, marking it as being down, without removing the interface configuration statements from the configuration. To do this, include the disable statement at the [edit interfaces interface-name] hierarchy level:

[edit interfaces interface-name]

disable;

Page 66

Network Interfaces for EX4300 Switches

CAUTION: Dynamic subscribers and logicalinterfacesuse physical interfaces

for connection to the network. The Junos OS allows you to set the interface to disable and commit the change while dynamic subscribers and logical interfaces are still active. This action results in the loss of all subscriber connections on the interface. Use care when disabling interfaces.

NOTE: On the router,when you use the disable statement at the edit interfaces

hierarchy level, depending on the PIC type, the interface might or might not turn off the laser. Older PIC transceivers do not support turning off the laser, but newer Gigabit Ethernet PICs with SFP and XFP transceivers do support it and the laser will be turned off when the interface is disabled.

WARNING: Do not stare into the laser beam or view it directly with optical

instruments even if the interface has been disabled.

Example: Disabling a Physical Interface

Sample interface configuration:

[edit interfaces] user@host# show ge-0/3/2 {

unit 0 {

description CE2-to-PE1; family inet {

address 20.1.1.6/24;

}

Disabling the interface:

[edit interfaces] user@host# set ge-0/3/2 disable

Verifying the interface configuration:

[edit interfaces] user@host# show ge-0/3/2 {

disable; # Interface is marked as disabled. unit 0 {

description CE2-to-PE1; family inet {

address 20.1.1.6/24;

}

Page 67

Disabling a Logical Interface

You can unconfigure a logical interface, effectively disabling that interface, without removing the logical interface configuration statements from the configuration. To do this, include the disable statement:

disable;

You can include this statement at the following hierarchy levels:

•

[edit interfaces interface-name unit logical-unit-number]

•

[edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number]

When an interface is disabled, a route (pointing to the reserved target “REJECT”) with the IP address of the interface and a 32–bit subnet mask is installed in the routing table. See Routing Protocols.

Configuring Flow Control

Chapter 2: Configuration Tasks

By default, the router or switch imposes flow control to regulate the amount of traffic sent out on a Fast Ethernet, Tri-Rate Ethernet copper, Gigabit Ethernet, and 10-Gigabit Ethernet interface. Flow control is not supported on the 4-port Fast Ethernet PIC. This is useful if the remote side of the connection is a Fast Ethernet or Gigabit Ethernet switch.

You can disable flow control if you want the router or switch to permit unrestricted traffic. To disable flow control, include the no-flow-control statement:

no-flow-control;

To explicitly reinstate flow control, include the flow-control statement:

flow-control;

You can include these statements at the following hierarchy levels:

•

[edit interfaces interface-name aggregated-ether-options]

•

[edit interfaces interface-name ether-options]

•

[edit interfaces interface-name fastether-options]

•

[edit interfaces interface-name gigether-options]

NOTE: On the Type 5 FPC, to prioritize control packets in case of ingress

oversubscription, you must ensure that the neighboring peers support MAC flow control. If the peers do not support MAC flow control, then you must disable flow control.

flow-control on page 181•

Documentation

Page 68

Network Interfaces for EX4300 Switches

• Ethernet Interfaces Overview

• EX Series Switches Interfaces Overview on page 3

• Ethernet Interfaces

Configuring the Interface Address

You assign an address to an interface by specifying the address when configuring the protocol family. For the inet or inet6 family, configure the interface IP address. For the

iso family, configure one or more addresses for the loopback interface. For the ccc, ethernet-switching, tcc, mpls, tnp, and vpls families, you never configure an address.

NOTE: The point-to-point (PPP) address is taken from the loopback interface

address that has the primary attribute. When the loopback interface is configured as an unnumbered interface, it takes the primary address from the donor interface.

To assign an address to an interface, include the address statement:

address address {

broadcast address;

destination address; destination-profile name;

eui-64; preferred; primary;

}

You can include these statements at the following hierarchy levels:

•

[edit interfaces interface-name unit logical-unit-number family family]

•

[edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number family family]

In the address statement, specify the network address of the interface.

For each address, you can optionally configure one or more of the following:

•

Broadcast address for the interface subnet—Specify this in the broadcast statement; this applies only to Ethernet interfaces, such as the management interface fxp0, em0, or me0 the Fast Ethernet interface, and the Gigabit Ethernet interface.

•

Address of the remote side of the connection (for point-to-point interfaces only)—Specify this in the destination statement.

•

PPP properties to the remote end—Specify this in the destination-profile statement. You define the profile at the [edit access group-profile name ppp] hierarchy level (for point-to-point interfaces only).

Page 69

Chapter 2: Configuration Tasks

•

Whether the router or switch automatically generates the host number portion of interface addresses—The eui-64 statement applies only to interfaces that carry IPv6 traffic, in which the prefix length of the address is 64 bits or less, and the low-order 64 bits of the address are zero. This option does not apply to the loopback interface (lo0) because IPv6 addresses configured on the loopback interface must have a 128-bit prefix length.

•

Whether this address is the preferred address—Each subnet on an interface has a preferred local address. If you configure more than one address on the same subnet, the preferred local address is chosen by default as the source address when you originate packets to destinations on the subnet.

By default, the preferred address is the lowest-numbered address on the subnet. To override the default and explicitly configure thepreferredaddress, include thepreferred statement when configuring the address.

•

Whether this addressis the primary address—Each interfacehas a primary local address. If an interface has more than one address, the primary local address is used by default as the source address when you send packets from an interface where the destination provides no information about the subnet (for example, some ping commands).

By default, theprimary address on an interface is the lowest-numbered non-127 (in other words, non-loopback) preferred address on the interface. To override the default and explicitly configure the preferred address, include theprimary statement whenconfiguring the address.

•

Configuring Interface IPv4 Addresses on page 49

•

Configuring Interface IPv6 Addresses on page 51

Configuring Interface IPv4 Addresses

You can configure router or switch interfaces with a 32-bit IP version 4 (IPv4) address and optionally with adestination prefix, sometimes called asubnet mask. An IPv4 address utilizes a 4-octetdotteddecimal address syntax (for example,192.16.1.1). AnIPv4 address with destination prefix utilizes a 4-octet dotted decimal addresssyntax with a destination prefix appended (for example, 192.16.1.1/30).

To configure an IPv4 address on routers and switches running Junos OS, use the edit

interface interface-name unit number family inet address a.b.c.d/nn statement at the [edit interfaces] hierarchy level.

NOTE: Juniper Networks routers and switches support /31 destination prefixes

when used in point-to-point Ethernet configurations; however, they are not supported by many other devices, such as hosts, hubs, routers, or switches. You must determine if the peer system also supports /31 destination prefixes before configuration.

Page 70

Network Interfaces for EX4300 Switches

Operational Behavior of Interfaces when the Same IPv4 Address is Assigned to Them

You can configure the same IPv4 address on multiple physical interfaces. When you assign the same IPv4 address to multiple physical interfaces, the operational behavior of those interfaces differs, depending on whether they are implicitly or explicitly point-to-point .

The following examples show the sample configuration of assigning the same IPv4 address to implicitly and explicilty point-to-point interfaces, and their corresponding

show interfaces terse command outputs to see their operational status.

NOTE: By default, all interfaces are assumed to be point-to-point (PPP)

interfaces. For all interfaces except aggregated Ethernet, Fast Ethernet, and Gigabit Ethernet, you can explicitly configure an interface to be a point-to-point connection.

Configuring same IPv4 address on implicitly PPP interfaces:

[edit] user@host# show ge-0/1/0 {

unit 0 {

family inet {

address 200.1.1.1/24;

}

ge-3/0/1 {

unit 0 {

family inet {

address 200.1.1.1/24;

}

The sample output shown below for the above configuration reveals that only

ge-0/1/0.0 was assigned the same IPv4 address 200.1.1.1/24 and its link state was up,

while ge-3/0/ 1.0 was not assigned the IPv4 address, though its link state was up, which means that it will be operational only when it gets a unique IPv4 address other than 200.1.1.1/24.

user@host> show interfaces terse ge* Interface Admin Link Proto Local Remote ge-0/1/0 up up ge-0/1/0.0 up up inet 200.1.1.1/24 multiservice ge-0/1/1 up down ge-3/0/0 up down ge-3/0/1 up up ge-3/0/1.0 up up inet multiservice

Page 71

Chapter 2: Configuration Tasks

Configuring same IPv4 address on explicitly PPP interfaces:

[edit] user@host# show so-0/0/0 {

unit 0 {

family inet {

address 200.1.1.1/24;

}

} } so-0/0/3 {

unit 0 {

family inet {

address 200.1.1.1/24;

}

} }

The sample output shown below for the above configuration reveals that both

so-0/0/0.0 and so-0/0/3.0 were assigned the same IPv4 address 200.1.1.1/24 and

that their link states were down, which means that to make them operational atleast one ofthem will havebe configured with a unique IPv4address other than200.1.1.1/24.

user@host> show interfaces terse so* Interface Admin Link Proto Local Remote so-0/0/0 up up so-0/0/0.0 up down inet 200.1.1.1/24 so-0/0/1 up up so-0/0/2 up down so-0/0/3 up up so-0/0/3.0 up down inet 200.1.1.1/24 so-1/1/0 up down so-1/1/1 up down so-1/1/2 up up so-1/1/3 up up so-2/0/0 up up so-2/0/1 up up so-2/0/2 up up so-2/0/3 up down

Configuring Interface IPv6 Addresses

NOTE: IPv6 is not currently supported for the QFX Series.

You represent IP version 6 (IPv6) addresses in hexadecimal notation using a colon-separated list of 16-bit values.

You assign a 128-bit IPv6 address to an interface by including the address statement:

address aaaa:bbbb:...:zzzz/nn;

Page 72

Network Interfaces for EX4300 Switches

You can include this statement at the following hierarchy levels:

•

[edit interfaces interface-name unit logical-unit-number family inet6]

•

[edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number family inet6]

The double colon (::) represents all bits set to 0, as shown in the following example:

interfaces fe-0/0/1 {

unit 0 {

}

NOTE: You cannot configure a subnet zero IPv6 address because RFC 2461

reserves the subnet-zero address for anycast addresses, and Junos OS complies with the RFC.

family inet6 {

address fec0:1:1:1::2/64;

}

NOTE: You must manually configure the router or switch advertisement and

advertise the default prefix for autoconfiguration to work on a specific interface.

Documentation

Configuring IPCP Options•

• Configuring Default, Primary, and Preferred Addresses and Interfaces

Configuring the Interface Bandwidth

By default, the JunosOS usesthe physical interface’s speed for the MIB-II object, ifSpeed. You can configure the logical unit to populate the ifSpeed variable by configuring a bandwidth value for the logical interface. The bandwidth statement sets an informational-only parameter; you cannot adjust the actual bandwidth of an interface with this statement.

Page 73

Chapter 2: Configuration Tasks

NOTE: We recommend that you be careful when setting this value. Any

interfacebandwidth value that you configure using the bandwidth statement affects how the interface cost is calculated for a dynamic routing protocol, such as OSPF. By default, the interface cost for a dynamic routing protocol is calculated using the following formula:

cost = reference-bandwidth/bandwidth,

where bandwidth is the physical interface speed. However, if you specify a value for bandwidth using the bandwidth statement, that value is used to calculate the interface cost, rather than the actual physical interface bandwidth.

To configurethe bandwidthvalue for a logical interface, include the bandwidth statement:

bandwidth rate;

You can include this statement at the following hierarchy levels:

•

[edit interfaces interface-name unit logical-unit-number]

•

[edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number]

rate is the peak rate, in bps or cps. You can specify a value in bits per second either as a

complete decimal number or asa decimalnumber followedby the abbreviation k (1000),

m (1,000,000), or g (1,000,000,000). You can also specify a value in cells per second

by entering a decimal number followed by the abbreviation c; values expressed in cells per second are converted to bits per second using the formula 1 cps = 384 bps. The value can be any positive integer. The bandwidth statement is valid for all logical interfaces, except multilink interfaces.

Configuring the Media MTU

The media maximum transmission unit (MTU) is the largest data unit that can be forwarded without fragmentation.

This topic contains the following sections:

•

Media MTU Overview on page 54

•

How to Configure the Media MTU on page 55

•

Encapsulation Overhead by Encapsulation Type on page 56

•

Media MTU Sizes by Interface Type for M5 and M7i Routers with CFEB, M10 and M10i Routers with CFEB, and M20 and M40 Routers on page 57

•

Media MTU Sizes by Interface Type for M40e Routers on page 57

•

Media MTU Sizes by Interface Type for M160 Routers on page 59

•

Media MTU Sizes by Interface Type for M7i Routers with CFEB-E, M10i Routers with CFEB-E, and M320 and M120 Routers on page 59

Page 74

Network Interfaces for EX4300 Switches

•

Media MTU Sizes by Interface Type for MX Series Routers on page 60

•

Media MTU Sizes by Interface Type for T320 Routers on page 61

•

Media MTU Sizes by Interface Type for T640 Platforms on page 61

•

Media MTU Sizes by Interface Type for J2300 Platforms on page 62

•

Media MTU Sizes by Interface Type for J4300 and J6300 Platforms on page 62

•

Media MTU Sizes by Interface Type for J4350 and J6350 Platforms on page 63

•

Media MTU Sizes by Interface Type for EX Series Switches and ACX Series Routers on page 65

•

Media MTU Sizesby Interface Type for PTX Series Packet Transport Routers on page 65

Media MTU Overview

The default media MTU size used on a physical interface depends on the encapsulation used on that interface. In some cases, the default IP Protocol MTU depends on whether the protocol used is IP version 4 (IPv4) or International Organization for Standardization (ISO).

The default media MTU is calculated as follows:

Default media MTU = Default IP MTU + encapsulation overhead

When youare configuring point-to-point connections, the MTU sizes onboth sides of the connections must be the same. Also, when you are configuring point-to-multipoint connections, all interfaces in the subnet must use the same MTU size. For details about encapsulationoverhead, see “EncapsulationOverhead by Encapsulation Type” on page 56.

Page 75

Chapter 2: Configuration Tasks

NOTE: The actual frames transmitted also contain cyclic redundancy check

(CRC) bits, which are not part of the media MTU. For example, the media MTU for a Gigabit Ethernet Version 2 interface is specified as 1514 bytes, but the largest possible frame size is actually 1518 bytes; you need to consider the extra bits in calculations of MTUs for interoperability.

The physical MTU for Ethernet interfaces does not include the 4-byte frame check sequence (FCS) field of the Ethernet frame.

A SONET/SDH interface operating in concatenated mode has a “c” added to the ratedescriptor. For example,a concatenatedOC48 interface is referred to as OC48c.

If you do not configure an MPLS MTU, the Junos OS derives the MPLS MTU from the physical interface MTU. From this value, the software subtracts the encapsulation-specific overhead and space for the maximum number of labels that might be pushed in the Packet Forwarding Engine. Currently, the software provides for three labels of four bytes each, for a total of 12 bytes.

In other words, the formulaused to determine the MPLS MTU is the following:

If you configure an MTU value by including the mtu statement at the [edit

interfaces interface-name unit logical-unit-number family mpls] hierarchy level,

the configured value is used.

How to Configure the Media MTU

To modify the default media MTU sizefor a physical interface, include the mtu statement at the [edit interfaces interface-name] hierarchy level:

[edit interfaces interface-name]

mtu bytes;

If you change the size of the media MTU, you must ensure that the size is equal to or greater than the sum of the protocol MTU and the encapsulation overhead.

NOTE: Changing the media MTU or protocol MTU causes an interface to be

deleted and added again.

You configurethe protocol MTU byincluding the mtu statement at thefollowinghierarchy levels:

MPLS MTU = physical interface MTU – encapsulation overhead – 12

•

[edit interfaces interface-name unit logical-unit-number family family]

•

[edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number family family]

Page 76

Network Interfaces for EX4300 Switches

Because tunnel services interfacesare considered logicalinterfaces,you cannot configure the MTU setting for the physical interface. This means you cannot include the mtu statementat the[edit interfaces interface-name] hierarchy level forthe following interface types: generic routing encapsulation (gr-), IP-IP (ip-), loopback (lo-), link services (ls-), multilink services (ml-), and multicast (pe-, pd-).You can, however, configure theprotocol MTU on tunnel interfaces, as described in “Setting the Protocol MTU” on page 65.

Encapsulation Overhead by Encapsulation Type

Table 15: Encapsulation Overhead by Encapsulation Type

Encapsulation Overhead (Bytes)Interface Encapsulation

21802.1Q/Ethernet 802.3

26802.1Q/Ethernet Subnetwork Access Protocol (SNAP)

18802.1Q/Ethernet version 2

4ATM Cell Relay

LAN service (VPLS)

VPLS

12ATM permanent virtual connection (PVC)

4Cisco HDLC

17Ethernet 802.3

4Ethernet circuit cross-connect (CCC) and virtual private

32Ethernet over ATM

22Ethernet SNAP

18Ethernet translational cross-connect (TCC)

14Ethernet version 2

4Extended virtual local area network (VLAN) CCC and

22Extended VLAN TCC

4Frame Relay

4PPP

4VLAN CCC

4VLAN VPLS

22VLAN TCC

Page 77

Chapter 2: Configuration Tasks

Media MTU Sizes by Interface Type for M5 and M7i Routers with CFEB, M10 and M10i Routers with CFEB, and M20 and M40 Routers

Table 16: Media MTU Sizes by Interface Type for M5 and M7i Routers with CFEB, M10 and M10i Routers with CFEB, and M20 and M40 Routers

(MTU size not configurable)

Default Media MTU (Bytes)Interface Type

1514Fast Ethernet

1514Gigabit Ethernet

Maximum MTU (Bytes)

1533 (4-port)

1532 (8-port)

1532 (12-port)

NOTE: The maximum

MTU for two 100Base-TX Fast Ethernet port FIC is 9192 bytes.

9192

NOTE: The maximum

MTU for one Gigabit Ethernet port FIC is 9192 bytes.

Default IP Protocol MTU (Bytes)

N/AN/A9192Adaptive Services

447091924482ATM

150091921504E1/T1

447091924474E3/T3

1500 (IPv4), 1497 (ISO)

Media MTU Sizes by Interface Type for M40e Routers

Table 17: Media MTU Sizes by Interface Type for M40e Routers

(MTU size not configurable)

Default Media MTU (Bytes)Interface Type

91921504Serial

1500 (IPv4), 1497 (ISO)

447091924474SONET/SDH

Default IP Protocol MTU (Bytes)Maximum MTU (Bytes)

N/AN/A9192Adaptive Services

447091924482ATM

Page 78

Network Interfaces for EX4300 Switches

Table 17: Media MTU Sizes by Interface Type for M40e Routers (continued)

Default Media MTU (Bytes)Interface Type

4474E3/T3

1514Gigabit Ethernet

4474SONET/SDH

9192 (4-port)

15331514Fast Ethernet

9192 (1- or 2-port)

9192 (4-port)

91921504Serial

nonconcatenated)

9192 (4-port OC3)

9192 (4-port OC3c)

Default IP Protocol MTU (Bytes)Maximum MTU (Bytes)

150045001504E1/T1

44704500

447091924474E3/DS3 IQ

1500 (IPv4), 1497 (ISO)

44704500 (1-port

4500 (1-port OC12)

4500 (4-port OC12)

4500 (4-port OC12c)

4500 (1-port OC48)

9192 (2-port OC3)

9192 (2-port OC3c)

9192 (1-port OC12c)

9192 (1-port OC48c)

4500 (1-port OC192)

9192 (1-port OC192c)

Page 79

Media MTU Sizes by Interface Type for M160 Routers

Table 18: Media MTU Sizes by Interface Type for M160 Routers

Chapter 2: Configuration Tasks

(MTU size not configurable)

Default Media MTU (Bytes)Interface Type

1514Gigabit Ethernet

4474SONET/SDH

15331514Fast Ethernet

9192 (1- or 2-port)

4500 (4-port)

91921504Serial

nonconcatenated)

Default IP Protocol MTU (Bytes)Maximum MTU (Bytes)

N/AN/A9192Adaptive Services

447091924482ATM

150045001504E1/T1

447045004474E3/T3

447091924474E3/DS3 IQ

1500 (IPv4), 1497 (ISO)

44704500 (1-port

9192 (1- or 2-port)

4500 (4-port)

Media MTU Sizes by Interface Type for M7i Routers with CFEB-E, M10i Routers with CFEB-E, and M320 and M120 Routers

Table 19: Media MTU Sizes by InterfaceType for M7i Routers with CFEB-E, M10i Routers with CFEB-E, and M320 and M120 Routers

Default Media MTU (Bytes)Interface Type

Maximum MTU (Bytes)

Default IP Protocol MTU (Bytes)

447091924482ATM2 IQ

447045004471Channelized DS3 IQ

150045001504Channelized E1 IQ

447091924474Channelized OC12 IQ

Page 80

Network Interfaces for EX4300 Switches

Table 19: Media MTU Sizes by InterfaceType for M7i Routers with CFEB-E, M10i Routers with CFEB-E, and M320 and M120 Routers (continued)

(excluding M120)

Default Media MTU (Bytes)Interface Type

1514Fast Ethernet

Maximum MTU (Bytes)

1533 (4-port)

1532 (8-, 12- and 48-port)

91921514Gigabit Ethernet

Default IP Protocol MTU (Bytes)

447091924474Channelized STM1 IQ

447045004471DS3

150045001504E1

447045004471E3 IQ

1500 (IPv4), 1497 (ISO)

447091924474SONET/SDH

150045001504T1

447091924474CT3 IQ

Media MTU Sizes by Interface Type for MX Series Routers

Table 20: Media MTU Sizes by Interface Type for MX Series Routers

Default Media MTU (Bytes)Interface Type

91921514Gigabit Ethernet

9192151410-Gigabit Ethernet

91921514Multi-Rate Ethernet

91921514Tri-Rate Ethernet

Default IP Protocol MTU (Bytes)Maximum MTU (Bytes)

1500 (IPv4), 1488 (MPLS), 1497 (ISO)

Page 81

Chapter 2: Configuration Tasks

Table 20: Media MTU Sizes by Interface Type for MX Series Routers (continued)

SONET/SDH OC3/STM1 (Multi-Rate)

Media MTU Sizes by Interface Type for T320 Routers

Table 21: Media MTU Sizes by Interface Type for T320 Routers

Default Media MTU (Bytes)Interface Type

91921514Channelized

91921514DS3/E3 (Multi-Rate)

Maximum MTU (Bytes)

1500 (IPv4), 1488 (MPLS), 1497 (ISO)

Default IP Protocol MTU (Bytes)

447091924482ATM

447091924482ATM2 IQ

447091924474Channelized OC12 IQ

447091924474Channelized STM1 IQ

447045004471DS3

1514Fast Ethernet

Media MTU Sizes by Interface Type for T640 Platforms

Table 22: Media MTU Sizes by Interface Type for T640 Platforms

Default Media MTU (Bytes)Interface Type

1533 (4-port)

1532 (12-and 48-port)

91921514Gigabit Ethernet

Maximum MTU (Bytes)

1532151448-port Fast Ethernet

1500 (IPv4), 1497 (ISO)

447091924474SONET/SDH

447091924474CT3 IQ

Default IP Protocol MTU (Bytes)

447091924482ATM2 IQ

1500 (IPv4), 1497 (ISO)

Page 82

Network Interfaces for EX4300 Switches

Table 22: Media MTU Sizes by Interface Type for T640 Platforms (continued)

Default Media MTU (Bytes)Interface Type

Media MTU Sizes by Interface Type for J2300 Platforms

Table 23: Media MTU Sizes by Interface Type for J2300 Platforms

Default Media MTU (Bytes)Interface Type

(10/100)

Maximum MTU (Bytes)

91921514Gigabit Ethernet

Maximum MTU (Bytes)

Default IP Protocol MTU (Bytes)

1500 (IPv4), 1497 (ISO)

447091924474SONET/SDH

447091924474CT3 IQ

Default IP Protocol MTU (Bytes)

150091921514Fast Ethernet

447091504482G.SHDSL

150040921504ISDN BRI

150091501504Serial

Media MTU Sizes by Interface Type for J4300 and J6300 Platforms

Table 24: Media MTU Sizes by Interface Type for J4300 and J6300 Platforms

Default Media MTU (Bytes)Interface Type

Ethernet (10/ 100) PIM

Channelized T1/E1PIM (channelized to DS0s)

Maximum MTU (Bytes)

150091501504T1 or E1

Default IP Protocol MTU (Bytes)

447091504482ADSL2+ PIM

150091921514Dual-port Fast

150091501504Dual-port Serial PIM

150091501504Dual-port T1 or E1 PIM

150045001504Dual-port

Page 83

Chapter 2: Configuration Tasks

Table 24: Media MTU Sizes by Interface Type for J4300 and J6300 Platforms (continued)

Default Media MTU (Bytes)Interface Type

Channelized T1/E1PIM (clear channel T1 or E1)

(10/100) built-in interface

Maximum MTU (Bytes)

Media MTU Sizes by Interface Type for J4350 and J6350 Platforms

Table 25: Media MTU Sizes by Interface Type for J4350 and J6350 Platforms

Default Media MTU (Bytes)Interface Type

Maximum MTU (Bytes)

Default IP Protocol MTU (Bytes)

150091501504Dual-port

150091921514Fast Ethernet

447091504482G.SHDSL PIM

1500409215044-port ISDN BRI PIM

447091924474T3 (DS3) or E3 PIM

Default IP Protocol MTU (Bytes)

Ethernet (10/ 100) PIM

Channelized T1/E1PIM (channelized to DS0s)

Channelized T1/E1PIM (clear channel T1 or E1)

(10/100) ePIM

1500409215044-port ISDN BRI PIM

447091504482ADSL2+ PIM

150091921514Dual-port Fast

150091501504Dual-port Serial PIM

150091501504Dual-port T1 or E1 PIM

150045001504Dual-port

150091501504Dual-port

1500151815184-port Fast Ethernet

Page 84

Network Interfaces for EX4300 Switches

Table 25: Media MTU Sizes by Interface Type for J4350 and J6350 Platforms (continued)

(10/100/1000) built-in interface

(10/100/1000) Enhanced Physical Interface Module (ePIM)

(10/100/1000) SFP ePIM

NOTE: On Gigabit Ethernet ePIMs in J4350 and J6350 Services Routers, you

can configure a maximum transmission unit (MTU) size of only 9018 bytes even though the CLI indicates that you can configure an MTU of up to 9192 bytes. If you configure an MTU greater than 9018 bytes, the router does not accept the configuration and generates a system log error message similar to the following:

Default Media MTU (Bytes)Interface Type

Maximum MTU (Bytes)

Default IP Protocol MTU (Bytes)

150090181514Gigabit Ethernet

447091504482G.SHDSL PIM

447091924474T3 (DS3) or E3 PIM

/kernel: ge-0/0/0: Illegal media change. MTU invalid: 9192. Max MTU supported on this PIC: 9018

On 4-port Fast Ethernet ePIMs in J4350 and J6350 Services Routers, you can configure a maximum transmission unit (MTU) size of only 1518 bytes even though the CLI indicates that you can configure an MTU of up to 9192 bytes. If you configure an MTU greater than 1518 bytes, the router does not accept the configuration and generates a system log error message similar to the following:

/kernel: fe-3/0/1: Illegal media change. MTU invalid: 9192. Max MTU supported on this PIC: 1518

Page 85

Chapter 2: Configuration Tasks

Media MTU Sizes by Interface Type for EX Series Switches and ACX Series Routers

Table 26: Media MTU Sizes by Interface Type for EX Series Switches and ACX Series Routers

Default Media MTU (Bytes)Interface Type

Maximum MTU (Bytes)

91921514Gigabit Ethernet

9192151410-Gigabit Ethernet

Media MTU Sizes by Interface Type for PTX Series Packet Transport Routers

Table 27: Media MTU Sizes by Interface Type for PTX Series Packet Transport Routers

Default Media MTU (Bytes)Interface Type

Maximum MTU (Bytes)

9500151410-Gigabit Ethernet

9500151440-Gigabit Ethernet

95001514100-Gigabit Ethernet

Default IP Protocol MTU (Bytes)

1500 (IPv4), 1497 (ISO)

Default IP Protocol MTU (Bytes)

1500 (IPv4), 1488 (MPLS), 1497 (ISO)

Documentation

Configuring Interface Encapsulation on Physical Interfaces•

• Setting the Protocol MTU on page 65

Setting the Protocol MTU

When you initiallyconfigurean interface, the protocol maximum transmission unit(MTU) is calculated automatically. If you subsequently change the media MTU, the protocol MTU on existing address families automatically changes.

For a list of default protocol MTU values, see “Configuring the Media MTU” on page 53.

To modify the MTU for a particular protocol family, include the mtu statement:

mtu bytes;

You can include this statement at the following hierarchy levels:

•

[edit interfaces interface-name unit logical-unit-number family family]

Page 86

Network Interfaces for EX4300 Switches

•

[edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number family family]

If you increase the size of the protocol MTU, you must ensure that the size of the media MTU is equal to or greater than the sum of the protocol MTU and the encapsulation overhead. For a list of encapsulation overhead values, see Table 15 on page 56. If you reducethe mediaMTU size, butthere are already one or moreaddressfamilies configured and active on the interface, you must also reduce the protocol MTU size. (You configure the media MTU by including the mtu statement at the [edit interfaces interface-name] hierarchy level, as discussed in “Configuring the Media MTU” on page 53.)

The maximum number of data-link connection identifiers (DLCIs) is determined by the MTU on the interface. If you have keepalives enabled, the maximum number of DLCIs is 1000, with the MTU set to 5012.

NOTE: Changing the media MTU or protocol MTU causes an interface to be

deleted and added again.

Interface Ranges

The actual frames transmitted also contain cyclic redundancy check (CRC) bits, which are not part of the MTU. For example, the default protocol MTU for a Gigabit Ethernet interface is 1500 bytes, but the largest possible frame size is actually 1504 bytes; you need to consider the extra bits in calculations of MTUs for interoperability.

NOTE: This task uses Junos OS for EX Series switches with support for the

Enhanced Layer 2 Software (ELS) configuration style. If your switch runs software that does not support ELS, see Interface Ranges. For ELS details, see Getting Started with Enhanced Layer 2 Software.

Junos OS allows you to group a range of identical interfaces into an interface range. You first specify the group of identical interfaces in the interface range. Then you can apply a common configuration to the specified interface range, reducing the number of configuration statements required and saving time while producing a compact configuration.

•

Configuring Interface Ranges on page 67

•

Expanding Interface Range Member and Member Range Statements on page 69

•

Configuration Inheritance for Member Interfaces on page 70

•

Member Interfaces Inheriting Configuration from Configuration Groups on page 71

•

Interfaces Inheriting Common Configuration on page 73

•

Configuring Inheritance Range Priorities on page 73

•

Configuration Expansion Where Interface Range Is Used on page 73

Page 87

Configuring Interface Ranges

To configure an interface range, include the interface-range statement at the [edit

interfaces] hierarchy level.

The interface-range statement accepts only physical networking interface names in its definition.

Interfaces can be grouped either as a range of interfaces or using a number range under the interface-range statement definition.

Interfaces in an interface-range definition can be added as part of a member range or as individual members or multiple members using a number range.

To specify a member range, use the member-range statement at the [edit interfaces

interface-range name] hierarchy level.

To specify interfaces in lexical order, use the member-range start-range to end-range statement.

Chapter 2: Configuration Tasks

Example:Specifying an

Interface Range

Member Range

A range for a member statement must contain the following:

•

*—All, specifies sequential interfaces from 0 through 47.

CAUTION: The wildcard * in a member statement does not take into

account the interface numbers supported by a specific interface type. Irrespective of the interface type, * includes interface numbers ranging from 0 through 47 to the interface group. Therefore, use * in a member statement with caution.

•

num—Number; specifies one specific interface by its number.

•

[low-high]—Numbers between low to high; specifies a range of sequential interfaces.

•

[num1, num2, num3]—Numbers num1, num2, and num3 specify multiple specific

interfaces.

member-range ge-0/0/0 to ge-4/0/40;

To specify one or multiple members, use the member statement at the [edit interfaces

interface-range name] hierarchy level.

To specify the list of interface range members individually or for multiple interfaces using regex, use the member list of interface names statement.

Example:Specifying an

Interface Range

Member

member ge-0/0/0; member ge-0/*/* member ge-0/[1-10]/0; member ge-0/[1,2,3]/3;

Page 88

Network Interfaces for EX4300 Switches

Regex or wildcards are not supported for interface-type prefixes. For example, prefixes

ge, fe, and xe must be mentioned explicitly.

An interface-range definition can contain both member and member-range statements within it. There is no maximum limit on the number of member or member-range statements within an interface-range. However, at least one member or member-range statement must exist within an interface-range definition.

Example: Interface

Range Common

Configuration

Configurationcommon to an interface range can be addedas apart ofthe interface-range definition, as follows:

[edit] interfaces {

+ interface-range foo { + member-range ge-1/0/0 to ge-4/0/40; + member ge-0/1/1; + member ge-5/[1-10]/*;

/*Common configuration is added as part of interface-range definition*/ mtu 256; hold-time up 10; ether-options {

flow-control; speed {

100m;

}

802.3ad primary;

}

An interface-range definition having just member or member-range statements and no common configurations statements is valid.

These defined interface ranges can be used in other configuration hierarchies, in places where an interface node exists.

Example:

Interface-Range foo

Used Under the

protocols {

dot1x {

authenticator {

Protocols Hierarchy

}

foo should be an interface-range defined at the [interfaces] hierarchy level. In the above

example, the interface node can accept both individual interfaces and interface ranges.

interface foo{

retries 1;

}

TIP: To view an interface range in expanded configuration, use the (show |

display inheritance) command. For more information, see the CLI User Guide.

Page 89

Chapter 2: Configuration Tasks

The defined interface ranges can be used at places where the interface node is used in the following configuration hierarchies:

•

forwarding-options analyzer name input egress interface

•

forwarding-options analyzer name input ingress interface

•

poe interface

•

protocols dot1x authenticator interface

•

protocols igmp interface

•

protocols isis interface

•

protocols layer2-control bpdu-block interface

•

protocols link-management peer name lmp-control-channel

•

protocols link-management te-link name interface

•

protocols lldp interface

•

protocols lldp-med interface

•

protocols mstp interface

•

protocols oam ethernet link-fault-management interface

•

protocols ospf area area-id interface

•

protocols pim interface

•

protocols router-advertisement interface

•

protocols router-discovery interface

•

protocols rsvp interface

•

protocols sflow interfaces

•

protocols vstp vlan vlan-id interface

•

switch-options redundant-trunk-group group-name interface

•

switch-options voip interface

Expanding Interface Range Member and Member Range Statements

All member and member-range statements in an interface range definition are expanded to generate the final list of interface names for the specified interface range.

Example: Expanding

Interface Range

Member and Member

Range Statements

[edit]

interfaces { interface-range range-1 {

member-range ge-0/0/0 to ge-4/0/20; member ge-10/1/1; member ge-5/[0-5]/*; /*Common configuration is added part of the interface-range definition*/ mtu 256; hold-time up 10; ether-options {

Page 90

Network Interfaces for EX4300 Switches

}

For the member-range statement, all possible interfaces between start-range and

end-range are considered in expanding the members. For example, the following member-range statement:

member-range ge-0/0/0 to ge-4/0/20

expands to:

[ge-0/0/0, ge-0/0/1 ... ge-0/0/max_ports ge-0/1/0 ge-0/1/1 ... ge-0/1/max_ports ge-0/2/0 ge-0/2/1 ... ge-0/2/max_ports . . ge-0/MAX_PICS/0 ... ge-0/max_pics/max_ports ge-1/0/0 ge-1/0/1 ... ge-1/0/max_ports . ge-1/MAX_PICS/0 ... ge-1/max_pics/max_ports . . ge-4/0/0 ge-4/0/1 ... ge-4/0/max_ports]

flow-control; speed {

100m;

}

802.3ad primary;

}

The following member statement:

ge-5/[0-5]/*

expands to:

ge-5/0/0 ... ge-5/0/max_ports ge-5/1/0 ... ge-5/0/max_ports . . ge-5/5/0 ... ge-5/5/max_ports

The following member statement:

ge-5/1/[2,3,6,10]

expands to:

ge-5/1/2 ge-5/1/3 ge-5/1/6 ge-5/1/10

Configuration Inheritance for Member Interfaces

When Junos OS expands the member and member-range statements present in an

interface-range, it creates interface objects if they are not explicitly defined in the

configuration. The common configuration is copied to all its member interfaces in the

interface-range.

Page 91

Chapter 2: Configuration Tasks

Example:

ConfigurationPriorities

Foreground interface configuration takes priority over configuration inherited by the interface through the interface-range.

interfaces {

interface-range range-1 {

member-range ge-1/0/0/ to ge-10/0/47; mtu 256; } ge-1/0/1 {

mtu 1024;

}

In the preceding example, interface ge-1/0/1 will have an MTU value of 1024.

This can be verified with output of the show interfaces | display inheritance command, as follows:

user@host: # show interfaces | display inheritance ## 'ge-1/0/0' was expanded from interface-range 'range-1' ## ge-1/0/0 { ## ## '256' was expanded from interface-range 'range-1' ## mtu 256; } ge-1/0/1 { mtu 1024; } ## ## 'ge-1/0/2' was expanded from interface-range 'range-1' ## ge-1/0/2 { ## ## '256' was expanded from interface-range 'range-1' ## mtu 256; }

.........

## ## 'ge-10/0/47' was expanded from interface-range 'range-1' ## ge-10/0/47 { ## ## '256' was expanded from interface-range 'range-1' ## mtu 256; }

Member Interfaces Inheriting Configuration from Configuration Groups

Interface range member interfaces inherit the config-groups configuration like any other foreground configuration. interface-range is similar to any other foreground configuration statement. The only difference is that the interface-range goes through a member interfaces expansion before Junos OS reads this configuration.

groups {

Page 92

Network Interfaces for EX4300 Switches

global {

} apply-groups [global]; interfaces {

}

The hold-time configuration is applied to all members of interface-range range-1.

This can be verified with show interfaces | display inheritance as follows:

user@host# show interfaces | display inheritance ge-1/0/0 { ## ## '256' was expanded from interface-range 'range-1' ## mtu 256; ## ## 'hold-time' was inherited from group 'global' ## '10' was inherited from group 'global' ## hold-time up 10; } ge-1/0/1 { ## ## '256' was expanded from interface-range 'range-1' ## mtu 256; ## ## 'hold-time' was inherited from group 'global' ## '10' was inherited from group 'global' ## hold-time up 10; } ge-10/0/47 { ## ## '256' was expanded from interface-range 'range-1' ## mtu 256; ## ## 'hold-time' was inherited from group 'global' ## '10' was inherited from group 'global' ## hold-time up 10; }

interfaces {

<*> {

hold-time up 10;

}

interface-range range-1 {

member-range ge-1/0/0 to ge-10/0/47; mtu 256;

}

Page 93

Interfaces Inheriting Common Configuration

If an interface is a member of several interface ranges, that interface will inherit the common configuration from all of those interface ranges.

[edit] interfaces {

interface-range range-1 {

member-range ge-1/0/0 to ge-10/0/47;

mtu 256; } } interfaces {

interface-range range-1 {

member-range ge-10/0/0 to ge-10/0/47; hold-time up 10;

} }

In this example, interfaces ge-10/0/0 through ge-10/0/47 will have both hold-time and

mtu.

Chapter 2: Configuration Tasks

Configuring Inheritance Range Priorities

The interface ranges are defined in the orderof inheritancepriority, with the firstinterface range configuration data taking priority over subsequent interface ranges.

[edit] interfaces {

interface-range int-grp-one {

member-range ge-0/0/0 to ge-4/0/40;

member ge-1/1/1;

/*Common config is added part of the interface-range definition*/

mtu 256;

hold-time up 10; } } interfaces {

interface-range int-grp-two {

member-range ge-5/0/0 to ge-10/0/40; member ge-1/1/1; mtu 1024;

} }

Interfacege-1/1/1 exists inboth interface-range int-grp-one and interface-range int-grp-two. This interface inherits mtu 256 from interface-range int-grp-one because it was defined first.

Configuration Expansion Where Interface Range Is Used

In this example, interface-range range-1 is used under the protocols hierarchy:

[edit] interfaces {

interface-range range-1 {

Page 94

Network Interfaces for EX4300 Switches

} protocols {

}

member ge-10/1/1;

member ge-5/5/1;

mtu 256;

hold-time up 10;

ether-options {

flow-control; speed {

100m;

}

802.3ad primary;

}

dot1x {

authenticator {

interface range-1 {

retries 1;

}

The interface node present under authenticator is expanded into member interfaces of the interface-range range-1 as follows:

protocols {

dot1x {

authenticator {

interface ge-10/1/1 {

retries 1; } interface ge-5/5/1 {

retries 1; }

}

The interface range-1 statement is expanded into two interfaces, ge-10/1/1 and ge-5/5/1, and configuration retries 1 is copied under those two interfaces.

This configuration can be verified using the show protocols dot1x | display inheritance command.

Configuring Accounting for the Physical Interface

Juniper Networks routers and switches can collect various kinds of data about traffic passing through the router and switch. You can set up one or more accounting profiles that specify some common characteristics of this data, including the following:

•

The fields used in the accounting records

•

The number of files that the router or switch retains before discarding, and the number of bytes per file

Page 95

•

The polling period that the system uses to record the data

You configure the profiles and define a unique name for each profile using statements at the [editaccounting-options] hierarchy level. Thereare two types ofaccounting profiles: interface profiles and filter profiles. You configure interface profiles by including the

interface-profile statement at the [edit accounting-options] hierarchy level. Youconfigure

filter profiles by including the filter-profile statement at the [edit accounting-options] hierarchy level. For more information, see the Network Management Administration Guide for Routing Devices.

You apply filter profiles by including the accounting-profile statement at the [edit firewall

filter filter-name] and [edit firewall family family filter filter-name] hierarchy levels. For

more information, see the Routing Policy Feature Guide for Routing Devices.

Applying an Accounting Profile to the Physical Interface

To enable accounting on an interface, include the accounting-profile statement at the

[edit interfaces interface-name] hierarchy level:

[edit interfaces interface-name]

accounting-profile name;

Chapter 2: Configuration Tasks

You can also reference profiles by logical unit; for more information, see “Configuring

Accounting for the Logical Interface” on page 76.

Example: Applying an Accounting Profile to the Physical Interface

Configure an accounting profile for an interface and apply it to a physical interface:

[edit] accounting-options {

file if_stats {

size 4m files 10 transfer-interval 15; archive-sites {

"ftp://login:password@host/path";

} } interface-profile if_profile {

interval 15;

file if_stats {

fields {

input-bytes; output-bytes; input-packets; output-packets; input-errors; output-errors;

}

} }

} [edit interfaces ge-1/0/1] accounting-profile if_profile;

Page 96

Network Interfaces for EX4300 Switches

Configuring Accounting for the Logical Interface

Juniper Networks routersor switches can collect variouskinds of data abouttraffic passing through the router or switch . You can set up one or more accounting profiles that specify some common characteristics of this data, including the following:

•

The fields used in the accounting records

•

The number of files that the router or switch retains before discarding, and the number of bytes per file

•

The period that the system uses to record the data

interface-profile statement at the [edit accounting-options] hierarchy level. Youconfigure

filter profiles by including the filter-profile statement at the [edit accounting-options] hierarchy level. For more information, see the Network Management Administration Guide for Routing Devices.

You apply filter profiles by including the accounting-profile statement at the [edit firewall

filter filter-name] and [edit firewall family family filter filter-name] hierarchy levels. For

more information, see the Routing Policy Feature Guide for Routing Devices.

Applying an Accounting Profile to the Logical Interface

To enable accounting on a logical interface, include the accounting-profile statement:

accounting-profile name;

You can include this statement at the following hierarchy level:

•

[edit interfaces interface-name unit logical-unit-number]

You can also reference profiles for the physical interface; for more information, see

“Configuring Accounting for the Physical Interface” on page 74.

Example: Applying an Accounting Profile to the Logical Interface

Configure an accounting profile for an interface and apply it to a logical interface:

[edit] accounting-options {

file if_stats {

size 4m files 10 transfer-interval 15;

archive-sites {

"ftp://login:password@host/path";

} } interface-profile if_profile {

interval 15;

file if_stats {

fields {

Page 97

input-bytes; output-bytes; input-packets; output-packets; input-errors; output-errors;

}

} }

} [edit interfaces ge-1/0/1 unit 1] accounting-profile if_profile;

To reference profiles by physical interface, see “Applying an Accounting Profile to the

Physical Interface” on page 75. For information about configuring a firewall filter

accounting profile, see the Routing Policy Feature Guide for Routing Devices.

Configuring Ethernet Loopback Capability

By default, local aggregated Ethernet, Fast Ethernet, Tri-Rate Ethernet copper, Gigabit Ethernet, and 10-Gigabit Ethernet interfaces connect to a remote system. To place an interface in loopback mode, include the loopback statement:

Chapter 2: Configuration Tasks

loopback;

NOTE: If you configure a local loopback on a 1-port 10-Gigabit IQ2 and IQ2-E

PIC using the loopback statement at the [edit interfaces interface-name

gigether-options] hierarchy level, the transmit-path stops working, causing

the remote end to detect a link down.

To return to the default—that is, to disable loopback mode—delete the loopback statement from the configuration:

[edit] user@host# delete interfaces fe-fpc/pic/port fastether-options loopback

To explicitly disable loopback mode, include the no-loopback statement:

no-loopback;

You can include the loopback and no-loopback statements at the following hierarchy levels:

•

[edit interfaces interface-name aggregated-ether-options]

•

[edit interfaces interface-name ether-options]

•

[edit interfaces interface-name fastether-options]

•

[edit interfaces interface-name gigether-options]

Documentation

loopback on page 205•

• Ethernet Interfaces Overview

Page 98

Network Interfaces for EX4300 Switches

• EX Series Switches Interfaces Overview on page 3

• Ethernet Interfaces

Configuring Gratuitous ARP

Gratuitous Address Resolution Protocol (ARP) requests provide duplicate IP address detection. A gratuitous ARP request is a broadcast request for a router’s own IP address. If a router or switch sends an ARP request for its own IP address and no ARP replies are received, the router- or switch-assigned IP address is not being used by other nodes. If a router or switch sends an ARPrequest for its ownIP addressand an ARP reply is received, the router- or switch-assigned IP address is already being used by another node.

By default, the router or switch responds to gratuitous ARP requests. On Ethernet interfaces, you can disable responses to gratuitous ARP requests. To disable responses to gratuitous ARP requests, include the no-gratuitous-arp-request statement at the [edit

interfaces interface-name] hierarchy level:

[edit interfaces interface-name]

no-gratuitous-arp-request;

Documentation

To return to the default—that is, to respond to gratuitous ARP requests—delete the

no-gratuitous-arp-request statement from the configuration:

[edit] user@host# delete interfaces interface-name no-gratuitous-arp-request

Gratuitous ARP replies are reply packets sent to the broadcast MAC address with the targetIP address set to be the same asthe sender’sIP address. When therouter or switch receives a gratuitous ARP reply, the router or switch can insert an entry for that reply in the ARP cache.

By default, updating the ARP cache on gratuitous ARP replies is disabled on the router or switch. On Ethernet interfaces, you can enable handling of gratuitous ARP replies on a specific interface by including the gratuitous-arp-reply statement at the [edit interfaces

interface-name] hierarchy level:

[edit interfaces interface-name]

gratuitous-arp-reply;

To restore the default behavior, include the no-gratuitous-arp-reply statement at the

[edit interfaces interface-name] hierarchy level:

[edit interfaces interface-name] no-gratuitous-arp-reply;

gratuitous-arp-reply on page 182•

• no-gratuitous-arp-request on page 214

• Ethernet Interfaces Overview

• EX Series Switches Interfaces Overview on page 3

• Ethernet Interfaces

Page 99

Configuring Static ARP Table Entries

To configure static ARP table entries, include the arp statement:

arp ip-address (mac | multicast-mac) mac-address <publish>;

You can include this statement at the following hierarchy levels:

•

[edit interfaces interface-name unit logical-unit-number family inet address address]

•

[edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number family inet address address]

The IP address that you specify must be part of the subnet defined in the enclosing

address statement.

To associate a multicast MAC address with aunicast IP address,include themulticast-mac statement.

Specify the MAC address as six hexadecimal bytes in one of the following formats:

nnnn.nnnn.nnnn or nn:nn:nn:nn:nn:nn; for example, 0011.2233.4455 or 00:11:22:33:44:55.

Chapter 2: Configuration Tasks

For unicast MAC addresses only, if you include the publish option, the router or switch replies to proxy ARP requests.

NOTE: By default, an ARP policer is installed that is shared among all the

Ethernet interfaces on which you have configured the family inet statement. By including the arp statement at the [edit interfaces interface-name unit

logical-unit-numberfamilyinet policer] hierarchylevel, you can apply a specific

ARP-packet policer to an interface. This feature is not available on EX Series switches.

When you need to conserve IP addresses, you can configure an Ethernet interfaceto be unnumbered by including the unnumbered-address statement at the [edit interfaces interface-name unit logical-unit-number family inet] hierarchy level.

NOTE: The Junos OS supports the IPv6 static neighbor discovery cache

entries, similar to the static ARP entries in IPv4.

Example: Configuring Static ARP Table Entries

Configure two static ARP table entries on the router or switch’s management interface:

[edit interfaces] fxp0 {

unit 0 {

family inet {

address 10.10.0.11/24 {

Page 100

Network Interfaces for EX4300 Switches

}

arp 10.10.0.99 mac 0001.0002.0003; arp 10.10.0.101 mac 00:11:22:33:44:55 publish;

}

Documentation

Management Ethernet Interface Overview•

• EX Series Switches Interfaces Overview on page 3

• Applying Policers

• Configuring an Unnumbered Interface

• Ethernet Interfaces

Disabling the Transmission of Redirect Messages on an Interface

By default, the interface sends protocol redirect messages. To disable the sending of these messages on an interface, include the no-redirects statement:

no-redirects;

You can include this statement at the following hierarchy levels:

•

[edit interfaces interface-name unit logical-unit-number family family]

•

[edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number family family]

To disable the sending of protocol redirect messages for the entire router or switch, include the no-redirects statement at the [edit system] hierarchy level.

Configuring Restricted and Unrestricted Proxy ARP

To configure restricted or unrestricted proxy ARP, include the proxy-arp statement:

proxy-arp (restricted |unrestricted);

You can include this statement at the following hierarchy levels:

•

[edit interfaces interface-name unit logical-unit-number ]

•

[edit logical-systems logical-system-name interfaces interface-name unit logical-unit-number]

To return to the default—that is, to disable restricted or unrestricted proxy ARP—delete the proxy-arp statement from the configuration:

[edit] user@host# delete interfaces interface-name unit logical-unit-number proxy-arp

You can track the number of restricted or unrestricted proxy ARP requests processed by the router or switch by issuing the show system statistics arp operational mode command.

Juniper EX2200, EX4500, EX6210, EX8208, EX8216 Hardware Manual

Specifications and Main Features

Frequently Asked Questions

User Manual