VLAN SVIs on older JunOS



Define the VLANs and SVIs

set vlans vlan-10 vlan-id 10
set vlans vlan-10 l3-interface vlan.10
set interfaces vlan unit 10 description "prod-1"
set interfaces vlan unit 10 family inet address 10.33.64.1/24

set vlans vlan-11 vlan-id 11
set vlans vlan-11 l3-interface vlan.11
set interfaces vlan unit 11 description "prod-2"
set interfaces vlan unit 11 family inet address 10.33.65.1/24
where: 
  • vlan-10 is the layer2 vlan name
  • 10 is the vlan id
  • vlan.10 is the layer3 vlan name


Group the Interfaces, and then link VLANs to the groups

set interfaces interface-range prodSwitch member ge-0/0/4
set interfaces interface-range prodSwitch unit 0 family ethernet-switching vlan members vlan-10

set interfaces interface-range prodSwitch member ge-0/0/5
set interfaces interface-range prodSwitch unit 0 family ethernet-switching vlan members vlan-11
where: 
  • ge-0/0/4 is the physical interface
  • prodSwitch is the group name for the collection of physical interfaces
  • vlan-10 is the layer2 vlan name


Define the Zones

set security zones security-zone prod1 interfaces vlan.10
set security zones security-zone prod2 interfaces vlan.11
where 
  • vlan.10 is the layer3 vlan name


Add VLAN tagging on the Interfaces

set interfaces ge-0/0/4 unit 0 family ethernet-switching port-mode trunk
set interfaces ge-0/0/4 unit 0 family ethernet-switching vlan members vlan-10
set interfaces ge-0/0/4 unit 0 family ethernet-switching vlan members vlan-11

set interfaces ge-0/0/5 unit 0 family ethernet-switching port-mode trunk
set interfaces ge-0/0/5 unit 0 family ethernet-switching vlan members vlan-10
set interfaces ge-0/0/5 unit 0 family ethernet-switching vlan members vlan-11
where: 
  • ge-0/0/4 is the physical interface
  • vlan-10 is the layer2 vlan name

Save

show | compare | no-more
commit check
commit and-quit


References




Comments