Configuring VLAN’s and Layer 3 VLAN Interfaces

It is hard to find a switch in any network that does not have VLAN’s defined on them. This lab will discuss and demonstrate the process of creating VLAN’s and their L3 VLAN interfaces to segregate broadcast domains.

 



  • Core Knowledge

  • Lab Topology

  • Lab Objectives

  • Lab Instruction




Core Knowledge


When it comes to building out a scalable switch network infrastructure you must have a firm understanding of VLAN’s and L3 VLAN Interfaces. If you have worked with vendors other than Juniper such as Cisco than VLAN’s from a theory and technology perspective is the same concept across all vendors.

However when it comes to configuring the VLAN’s, there is a significant difference between Cisco and Juniper.

For those who are new to networking, VLAN’ing is a technology that is implemented on switches to break up broadcast domains. To explain it in simple terms, a VLAN is an isolated domain/zone in a switch that has no direct layer 2 access to other VLAN’s unless traffic is routed through a router (Layer 3 device). Commonly engineers with assign a single subnet to a given VLAN such as VLAN 10 is 192.168.10.0/24 and VLAN 11 is 192.168.11.0/24

This may not always be the case but most engineers try to keep VLAN numbers, names and subnets related for simplicities sake.

When it comes to creating a VLAN on juniper, you use the set vlans {vlan-name} vlan-id {vlan-id-number} command in config mode whereas vlan-name is the name of the vlan, for example Sales and the vlan-id-number is the 802.1q tag assigned to the vlan, for example 5. Each VLAN is required to have a unique ID.

Once you have created a VLAN you can then assign different interfaces on the switch to that VLAN using the set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members Sales command. You can also specify the tag number instead of the name if you like.

All interfaces on a Juniper EX Series switch are configured as access ports by default. There are two types of ports on a Juniper switch, Access and Trunk. You will learn how to configure interface trunking in a later lab.

Because Juniper EX Series switches are Layer 3 Switches they support Layer 3 routing through the use of L3 VLAN interfaces. These are known as RVI’s (Routed VLAN Interfaces). On a Cisco device, this is known as an SVI (Switched Virtual Interface). The same concept applies which allows the switch to have a routed interface placed into the L2 vlan for the purpose of routing between VLAN’s.

Network architecture has changed significantly over the past few decades and most modern networks use L3 VLAN interfaces as the default gateway whereas back in the early 90’s you would actually need to have a router interface connected to a switchport in the configured vlan to route between VLAN’s.

In order to configure the switch to perform L3 switching, you must first create the L3 VLAN Interface using the set interfaces vlan unit 10 family inet address 192.168.10.1/24 command in config mode whereas the unit number is the 802.1q VLAN tag.

Once the VLAN interface is created you must assign that VLAN interface to the VLAN using the set vlans SALES l3-interface vlan.10

To verify the configuration of the VLAN Names and RVI’s you can use the show vlans brief in user mode. Also another command that you should be familiar with is show interfaces vlan terse which will display administrative and operational status of the L3 VLAN interfaces.




Physical Lab Topology


The following physical topology is used in all labs found throughout section 4 of the Junos JNCIA Workbook.

JNCIA Workbook Physical Switching Topology

Logical Lab Topology


None Provided




Lab Prerequisites


This lab must be completed on an EX Series Juniper Switch or a hardware based SRX Platform. The vSRX does NOT support ethernet-switching.

You need to establish a console session to SW1 and log into the device using the root account or a user account with super-user privileges.


Lab Objectives


To complete this lab you will perform the following objectives;


  • Create a VLAN named Sales with the Tag of 10 and the L3 VLAN Interface IP Address of 192.168.10.1/24

  • Create a VLAN named Marketing with the Tag of 11 and the L3 VLAN Interface IP Address of 192.168.11.1/24

  • Assign Interface Ge-0/0/0 to the Sales vlan and Interface Ge-0/0/1 to Marketing

  • Verify your VLAN configuration.


Before you Continue


It is recommended that you attempt to complete these lab objectives the first time without looking at the Lab Instruction section.

If you are a student preparing for the Juniper JNCIA Certification Exam than you are more likely to remember how to complete these objectives if you attempt to complete them the first time on your own with the use of the core knowledge section found in this lab. You should only resort to the Lab Instruction section to verify your work.




Lab Instruction


The following Lab Instruction was performed on a Juniper EX3200 Series Switch.

  • Create a VLAN named Sales with the Tag of 10 and the L3 VLAN Interface IP Address of 192.168.10.1/24

root@SW1> configure
Entering configuration mode

[edit]
root@SW1# set vlans Sales vlan-id 10

[edit]
root@SW1# set interfaces vlan unit 10 family inet address 192.168.10.1/24

[edit]
root@SW1# set vlans Sales l3-interface vlan.10

[edit]
root@SW1#

  • Create a VLAN named Marketing with the Tag of 11 and the L3 VLAN Interface IP Address of 192.168.11.1/24

root@SW1# set vlans Marketing vlan-id 11

[edit]
root@SW1# set interfaces vlan unit 11 family inet address 192.168.11.1/24

[edit]
root@SW1# set vlans Marketing l3-interface vlan.11

[edit]
root@SW1#

  • Assign Interface Ge-0/0/0 to the Sales vlan and Interface Ge-0/0/1 to Marketing

[edit]
root@SW1# set interfaces ge-0/0/0.0 family ethernet-switching vlan members Sales

[edit]
root@SW1# set interfaces ge-0/0/1.0 family ethernet-switching vlan members Marketing

[edit]
root@SW1# commit and-quit
commit complete
Exiting configuration mode

root@SW1>

  • Verify your VLAN configuration.

root@SW1> show vlans brief
                                                        Ports            
Name           Tag       Primary Address             Active/Total
Marketing      11        192.168.11.1/24                0/1
Sales          10        192.168.10.1/24                0/1
default                                                 6/22

root@SW1> show interfaces vlan terse 
Interface               Admin Link Proto    Local                 Remote
vlan                    up    up
vlan.0                  up    up   inet    
vlan.10                 up    down inet     192.168.10.1/24 
vlan.11                 up    down inet     192.168.11.1/24 

root@SW1> show vlans detail      
VLAN: Marketing, 802.1Q Tag: 11, Admin State: Enabled
  Primary IP: 192.168.11.1/24 
Number of interfaces: 1 (Active = 0)
  Untagged interfaces: ge-0/0/1.0

VLAN: Sales, 802.1Q Tag: 10, Admin State: Enabled
  Primary IP: 192.168.10.1/24 
Number of interfaces: 1 (Active = 0)
  Untagged interfaces: ge-0/0/0.0

VLAN: default, 802.1Q Tag: Untagged, Admin State: Enabled
Number of interfaces: 22 (Active = 6)
  Untagged interfaces: ge-0/0/2.0, ge-0/0/3.0, ge-0/0/4.0, ge-0/0/5.0,
  ge-0/0/6.0, ge-0/0/7.0, ge-0/0/8.0, ge-0/0/9.0, ge-0/0/10.0, ge-0/0/11.0,
  ge-0/0/12.0, ge-0/0/13.0, ge-0/0/14.0, ge-0/0/15.0, ge-0/0/16.0, ge-0/0/17.0,
  ge-0/0/18.0*, ge-0/0/19.0*, ge-0/0/20.0*, ge-0/0/21.0*, ge-0/0/22.0*,
  ge-0/0/23.0*

root@SW1>



◄ Previous Lab
Next Lab ►