VLANs and Interfaces

Interface Types

There’s no point having a network device without interfaces in this article, we’re going to take a look at both physical and virtual interfaces firstly if we want to see a list of our interfaces use show interfaces terse the output we’re looking at here is from a switch, so we’ve got 12 or so some interfaces have an eth switch label next to them these are regular layer 2 ports others have an inet next to them these are interfaces with IP addresses as you can see just like any other vendor, we can see if an interface is admin up or down, and line up or down admin down would mean the interface has been manually disabled lying down usually means there’s nothing plugged in most of the interfaces that we can see here are physical also called ifds we will also see logical interfaces or ifls, and we’ll talk about IFF and IFF later for our physical interfaces the first few letters are the interface type, for example ge is gigabit ethernet and xe is 10 gigs these dont always make a lot of sense unfortunately vlan and irb are some logical interfaces that we’ll come across both of these types map a vlan to an ip address the interface name has three, numbers the first is called the fpc or flexible pick concentrator this is a fancy name for a line card some devices allow you to add more fpcs to get more ports next is the module or slot if you have a fixed format switch you might have some rj45 ports and some sfp ports these will both use different module numbers and finally the third number is the port number interface names get a little tricky when sfps are involved sfps can have different speeds as you know, one may be 10 gigs while another maybe one gig so on this switch this interface could begin with a ge if it’s a one gig sfp or xe if it’s a 10 gig sfp however, on some routers sfps will always use xe does that sound confusing it is thanks juniper in this example, we a 10 gig sfp in fpc 0 module 1 port 1. Therefore, the name is xe0111 each device has an out-of-band management interface unfortunately the names arent the same for all devices routers will generally have fxp 0 as their out-of-band management port while switches will often have me 0 but if you connect several physical switches into a virtual chassis you will now have a virtual management port called vme0 if you’re wondering a virtual chassis is what Cisco would call a switch stack each switch in the virtual chassis is a separate FPC or line card in addition to these ports, there are several internal ports we’ll have a look at some of these in article 12. You will also find that juniper has virtual interfaces for special purposes these are called permanent interfaces these usually map to a special feature like pim for multicast these interfaces will exist whether you’re using that interface or not some interfaces can be unnumbered this might be a point-to-point interface that has no IP address assigned to conserve ipspace in this case the switch or router will try to use an IP from a loopback interface or the ip of a primary interface which we can configure there’s quite a few quiz questions in this article, so I’m breaking it into a few sections remember to pause the article, or come back later to work these out.

Interface Configuration

let’s look at interface configuration everything is hierarchical in junos and interfaces are no exception first we have the interface itself if the interface we are configuring is physical then this is where we can figure out physical parameters this includes duplex settings link speed mtu and so on this is also where a description goes most configuration goes within a container called a unit is a logical interface the ifl that we spoke about Earlier, all logical configuration goes here and all interfaces must have them some devices like regular switch ports will only have one unit some interfaces like ppp and hdlc require that the unit number is always zero in other cases we can have multiple units per interface in fact this is how do we create sub-interfaces based on vlans under the unit goes a family the family is the type of addressing that’s used like ipv4 ipv6 or ethernet every unit must have at least one family, so an inet family means an ipv4 address will be applied to the interface ethernet switching family will contain vlan information let’s try this out on a loopback interface this is a virtual interface but unlike ios we can only have one loopback we set the lo-0 interface with unit number 100 and the inet family then an ipv4 address using cider notation we never use subnet masks in junos which is correct, and for completeness we set a description on the interface this doesnt have to be inside the unit now here’s a quick shortcut for you can simply put a dot followed by the unit number after the interface, you may be comfortable with this type of notation if you’ve used IOS sub interfaces before and while we’re talking about tips i have another one for you let’s say the loopback interface was supposed to be unit 0 not unit 100 rather than remove the config and start again we can just use the rename command if we want multiple ips on the same interface that’s fine too junos is different to ios in this case in ios you have to make additional ip addresses secondary juniper has the concept of primary and preferred addresses any ip that’s not configured as primary or preferred is automatically a secondary address if you have more than one ip one of them will be primary the primary ip is used for traffic that is sent to a remote network the preferred ip is used for traffic being sent to the local network if we dont choose the primary and preferred ips ourselves the lowest ip on the interface will be selected let’s just add a primary and secondary ipe to our lab router now of course we need to remember to commit our changes when we’re done here I’m using commit and quit which leaves configuration mode if the commit is successful to troubleshoot an interface the simple option is to run show interface we can see if the interface is up we can see the mtu speed and duplex, and we can see the input and output rates in bits per second and packets per second if that’s not enough information for you add the extensive keyword to the end this shows us any mac errors interface alarms, and so on if that’s still not enough you can use a special loopback adapter to test for packet loss and when I say loopback in this case, I mean a physical device that you can plug into the interface with this connected we add the gig ether options loopback setting to the interface that we want to test, there’s a link in the description if you want to learn more if you need to disable an interface just set the disable keyword on the interface itself this is the same thing as using a shutdown on a Cisco router when we’re ready to bring it back up we simply delete the disable setting here’s another trick for you, we can also use the deactivate command to disable an interface the interesting part though is that we can apply this to any part of config not just to interfaces this way we can still see the config but junos will ignore it and now a few more questions to get you thinking if you’re having a hard time remembering some of these concepts you might want to consider using flashcards you can create your own or you can get some pre-made cards from the members section of the website.

VLAN Configuration

let’s turn our attention to vlans to create a vlan we choose a vlan name as well as a vlan id we can also put a description on the vlan if we want to after committing our changes we can see a full list of vlans with show vlans we can configure a layer to ethernet interface as an access port or as a trunk port under the ethernet switching family the exact command you will use will depend on how old your version of genos is now that’s configured we can add members to the port we can add one at a time, or we can use square brackets to define a list of vlans just remember to put spaces between each entry configuring an access port is just the same except we only have a single vlan i have another CLI trick for you now that we’ve got the ge000 port configured we can copy the configuration to other ports using the copy command this can be used anywhere in config though not just on interfaces before I show you the next trick I’m going to set up some descriptions on a few interfaces see here that ge000 and ge001 now have the description workstations so when we copy interfaces we might also want to consider using replace pattern this uses a pattern that we want to match and a pattern that we want to replace it within this example, we’re going to change the interface description this is a simple example, but we could have used regex to make it fancy if we want in the real world we might use replace pattern to change the ips on each interface which would avoid ip conflicts vlans also allow us to create sub-interfaces to do this we enable vlan tagging on the physical port notice that this part is not configured under a unit number if we already have a unit configured we can remove them or reconfigure them personally i like the unit number to match the vlan we’re using under the unit we can then apply the vlan id and assign an ip address as a normal well, it looks like i left the address keyword out but i’m sure you can follow what i’m trying to do earlier i mentioned vlan or irb interfaces which map an ip address to a vlan if you’re coming from a cisco background you may have heard of this being called a svi vlan interfaces and irb interfaces are the same thing vlan is just used on older versions of junos while irb is used on newer versions quite simply we configure the vlan or irb interface with one or more units and assign an ip to everyone then under the vlan configuration we map the vlan name to the virtual interface and unit number we’ll see this further in action in article 4 when we’re going to configure a dhcp server.

Voice Ports

what if we’re connecting a phone to a switch port there’re three parts to this we need a voice vlan we need power over ethernet, and we need lldp so step one is to define a vlan that we can use for voice this is the same as we did before step 2 is to assign this to one or more interfaces this is not configured on the interface itself instead it’s under switch options voip or ethernet switching options voip depending on whether you have a newer or an older switch what we’re really doing here is mapping a switch port to a vlan for voice usage we can still keep a data vlan on the interface itself next we try to power up any connected phones using power over ethernet this is so very simple to configure under the poe hierarchy we just list the ports we want poe enabled on sometimes it’s simpler just to enable it on all ports, and finally, phones need a way to configure themselves generally speaking this is done using cdp or lldp cdp is cisco specific, so we’re going to use the vendor neutral option lldp well technically we’re going to use lldp med which is lldp with some additional extensions just like poe this is quite simple under the protocols hierarchy we can enable lldpmed on whichever interface we choose or on all of them at once oh and if you’re wondering yes us can connect cisco phones to juniper switches as long as the phones support lrdp med they’re fine lldp configuration is one of the tasks in the associated lab if you want to check that out the link is in a description here’s another quick tip that might help you can use the annotate commands to add comments to any part of the configuration this makes it easier to see what’s going on later if you’re troubleshooting just a few more quiz questions for you’re doing really well now you know all about interface types and how they’re configured as well as vlan configuration click the article shown here to start article 4 where we’ll look at configuring a dhcp server juniper style.

Add Comment