This one relies on the MX router which can do layer 2.
The MX routers are hard to come by for labs and expensive.
LAN is an office
MAN is the city
WAN is the internet
there is no real differentiation it is mainly LAN and WAN today but some people still term MAN.
You gain access through a local loop
the local loop is the link from the office to the Service provider.
In my case Cable.
They mention how Ethernet is now king and Frame Relay and ATM are dying out.
I guess I wasted years working on frame relay :).
You want the MAN/WAN
to be scalable
provide SLAs for different billing
and provide OAM operation administration and maintenance.
an example of OAM is to see if the link physically is alive.
Organizations that control ethernet are.
Metro Ethernet Forum
IEEE
ITU
MEF 21 talks about OAM for links.
MX,M and T series support this.
MEF 14 is metrics on performance
MEF9 is the delivery and VLAN preservation.
UNI type 1 is manually MEF 13 configurable
UNI type 2 supports OAM
UNI type 3 dynamically sets up the Virtual circuit EVC
E-NNI is the External Network to Network interface between one ISP and another.
I-NNI is an internal inerface between the ISPs devices.
EVC virtual Circuit connects two client sites.
Similar to IPSEC in the internet.
Except this one is set up by the provider.
Point to Point
Point to Multipoint hub and spoke
Multipoint to multipoint.
Point to Point EVC
the first type is ETHERNET private line. That means you get your own port from
one site to another.
An Ethernet private line means you actually get your own port.
A virtual private line means many clients share the same port.
E-Line = point to point
E-Lan
Ethernet private LAN (port based)
Virtual private LAN (Vlan based)
In general the ISP provides you with a broadcast network so all points can reach all points.
Using a broadcast.
Again the difference in the E-LAN
is if you are sharing or not.
Rooted Multipoint EVC
is a hub and spoke.
All units will talk to the ROOT
The LEAF can only talk to the ROOT
E-TREE because you have a Root and leaves.
again port based
or vlan based
They simplified the Layers here.
You have
IEEE
802.3 was the physical layer and datalink
802.1D/802.1Q is for VLANS
802.1ag is for fault management.
ITU uses
G series
Y series for OAM
MX series
MX80 = 80 gbps
MX240 =240 Gbps
MX480 = 480 Gbps
MX960 = 960 Gbps
MX5-MX80 can be upgraded using a license.
MX5 =20Gbps
MX10 = 40Gbps
MX20= 60Gbps
each MX number increase opens up either a MIC slot or 2 ports of 10GigE.
Bridging
the physical broadcast domain can be divided by 802.1D bridging.
Each bridge will have its own forwarding domain.
MACs are learned by the bridge using.
Learning
Forwarding
Flooding when you don't know where to go yet because it is not in the forwarding table
Filtering limits the traffic to the interfaces it chooses
Aging after X seconds it will remove it from the table.
global-mac-table-aging sets the timer on aging
Source MAC is the way it learns.
When it gets a packet it writes down where it came from (interface) and the MAC that sent it.
MAC TABLE
GE-0/0/1 0140.5505.2222
Once the above is on the table it will forward to it when needed.
If the destination is from the same port it came from then it drops it.
Because it assumes somebody else will send it.
Flooding is when you don't know where to go.
So you flood to all the interfaces except the one you got it from.
>show bridge mac-table
will show you the MACs
if they are static it will have an S you can manually add mac to the table ie STATIC
Each Bridging domain will have its own MAC table.
>clear bridge mac-table
drops all the dynamic addresses in the table and will flood again until it learns the MACs.
Switch ports operate either as access or trunk
Access connects to the VLAN
Trunk usually connects to another switch or the customer.
A trunk will have many VLANs.
native-vlan-id will take untagged traffic and trunk it to the other side which will reomve the native-vlan-id and send it untagged.
A TAG is 16 bits 802.1Q
Priority 802.1p is 3 bits
format is 1 bit by default 0
Unique Vlan is 12 bits.
#set bridge-domains vlan_name_100 vlan-id 100
the vlan number is 100 the name is arbitrary
The above just created the Vlans as you can see they are not attached yet to the any interface.
You set the VLAN on an interface.
set interface ge-0/0/1.0 family bridge interface-mode access
set interface ge-0/0/1.0 family bridge vlan-id 100
So in theory now server 1 can ping server 2 as they are on the same VLAN of 100
To configure a trunk
set interface xe-0/0/0 native-vlan-id 100
set interface xe-0/0/0 vlan-tagging
set interface xe-0/0/0 unit 0 family bridge interface-mode trunk
set interface xe-0/0/0 unit 0 family bridge vlan-id-list [100 200]
So let's say we have a packet in the CPU. The device looks at the VLAN and based on the VLAN + Mac table it will send it out of the correct interfaces. For example if we have a Vlan_100 tagged packet.
The device will send it out of GE-0/0/1 and Ge-0/0/0 as the packet is leaving the MX it will be stripped of the VLAN marking because this is an ACCESS port.
In the case of a TRUNK port which connects two switches, we want to keep that TAG of the VLAN.
So for example.
SRV01 will send a packet to SRV03.
The MX because it says that inteface ge-0/0/0 is Vlan_100 will use that TAG to decide where to flood it.
When the packet is flooded out a TRUNK.
The command vlan-tagging. Tells the router to ADD the TAG to the outgoing packet.
The second MX will receive the packet with the TAG vlan_100.
It will then send it to the interfaces that are Vlan_100.
So as the packet leaves for SRV03 the TAG is again stripped.
SRV01 and SRV03 are unaware of any vlan tags.
The vlan-id-list is optional
in this case it limits the trunk to the two vlans vlan_100 + vlan_200.
The last one is the mode trunk which tells the device this is a trunk interface and therefore
add the VLAN tag to outgoing packets.
If you have to make a list of VLANs for sepcific customers you can set up a list.
set bridge-domains sales vlan-id-list [10-12 20-22]
this adds a prefix to the Vlan so it will look like sales-vlan-xxxxxx #xx being the number of the vlan
>show bridge-domain
will show you the VLANs and their IDs along with the interfaces that can run them
>show bridge domain vlan_100 detail
will show you the MAC count of each VLAN
>show interfaces xe-0/0/0.0
will show you the link is up and if it has trunk-mode
If two VLANs have the same interface under them
that means that interface is trunking from VLAN to VLAN.
(not routing, just trunking)
>show bridge statistics
will show you number of MACs again.
Trunks forward broadcast.
So if you have Switches that do not have a specific VLAN
you can remove that VLAN from the trunk.
So you can for example.
Manually remove VLAN 10 from the trunk.
set interface xe-0/0/0 unit 0 family bridge vlan-id-list [100 200 10]
can be changed to
set interface xe-0/0/0 unit 0 family bridge vlan-id-list [100 200 ]
now the switch with red won't get VLAN 10 broadcasts.
MVRP can dynamically do this for you
instead of you manually having to do this.
802.1ak like ak47 because it shoots down unwanted broadcast.
Cisco has VTP and VTP version 2.
GVRP is now EOL end of life.
MVRP is the new version.
Cisco also support MVRP on some devices. Most IT guys know VTP courtesy of Cisco.
MVRP will send PDUs
The PDU will have an MRP message telling you which VLANS I have interfaces in.
MVRP has timers you can set.
mvrp {
join-timer milliseconds; #this will be how long to wait before broadcasting the vlans you have
leave-timer milliseconds; # this will be how long to wait before removing the vlan
if you get another vlan message then the vlan stays (keeaplive)
leaveall-timer milliseconds; I guess means leave all
MVRP timers (ms) Interface Join Leave LeaveAll ge-11/2/8 200 800 10000 ge-11/0/9 200 800 10000 ge-11/3/0 200 800 10000
set protocols mvrp no-dynamic-vlan this means that VTP or creation of VLANs on other switches
will not be done.
MVRP can copy vlan creation from one switch to another. Here we disabled this.
set protocols mvrp interface ge-0/0/4
this will turn on MVRP on the trunk interface ge-0/0/4
You can also set different timers per interface
>show mvrp
will show the status
will show if the dynamic-vlan creation is enabled
>show mvrp dynamic-vlan-membership
will show which ones were created dynamically assuming the dynamic-vlan is not set to no-dynamic-vlan
>show mvrp statistics
see stats on data movement.
IRB
an IRB integrated routing and bridging.
This means a L3 interface for the VLAN so the VLAN can get out and cross the wall
to reach another VLAN or IP.
This is the same as the Cisco SVI switches virtual interface.
This will be your gateway for the L2 hosts.
set interface ge-0/0/0.0 family bridge interface-mode access
set interface ge-0/0/0.0 family bridge vlan-id 300
ok the above is an access port .
set interface IRB unit 100 family inet address 172.16.0.1/24
the above is an interface IRB we give it a random unit and an IP.
We will now place this interface as the interface for the VLAN-id 300
set bridge-domains vlan_300 vlan-id 300
set bridge-domains vlan_300 routing-interface irb.300
to keep it nice and tidy try naming the irb unit with the same number as the vlan
in this case 300. (optional)
>show interfaces terse irb*
will show you the interface is up and the IP.
>show route
will show you the route to that pool
172.16.0.0/24 [direct] via irb.100
172.16.0.1/24 [local] via irb.100
Learning the MACs can be changed.
Per the device.
Per virtual switch which is a device in a device
Per the VLAN or Bridge-Domain
Per the interface.
timeout for aging is 300 seconds
MAC limit to learn
393215 per device
5120 per virtual switch
5120 per Vlan Bridge-domain
1024 per interface.
Up to a million MACs in Juniper MX.
You can also turn off mac learning.
Device set protocols l2-learning
per switch (virtual) set switch-options
per vlan/bridge-domain set bridge-domain Vlan_100 bridge-options
per interface set bridge-domain Vlan_100 bridge-options interface ge-0/0/0.0
You can change the MAC learning number
then if the table is full you can drop new items till the table empties.
set bridge domain vlan_100_bd bridge-options mac-table-size 4000
set bridge domain vlan_100_bd bridge-options mac-table-size packet-action drop
>show l2-learning global-information
will give you the details of what you have set up
>show l2-learning interface
will give you the details on an interface.
Filtering.
You might want to filter the port for whatever reason.
set firewall family bridge filter filter_name term term_001 from conditions
set firewall family bridge filter filter_name term term_001 then accept/discard
set firewall family bridge filter filter_name term term_001 then police/count
the last one is optional.
There is also an implicit discard at the end of the terms.
So if there was no match then they get dropped.
Application.
Apply to an interface
or to the whole bridge-domain/vlan
#set interface ge-0/0/0.0 family bridge filter input example_filter
#set bridge-domain vlan_300 forwarding-options filter input example_filter
Term Evaluation.
Single term - if there is a match it does the action . If not it hits the discard implicit
Multiple terms - if it matches a term it takes the action If not discard.
You can create a list of many filters . Up to 16.
then apply the filter-list
Virtual Switches.
Useful for splitting things.
One guy gets one and the other another. Then they don't see each others traffic.
routing-instance
virtual-router has a separate forwarding and a separate routing table.
default one is called default.
virtual-switch has a separate forwarding table MAC table VLAN ID space and spanning-tree domains
default-switch is the default one
default is inet.0 Layer 3
default-switch layer 2
show route will show you inet.0 and the Layer 3 and IRB interfaces.
show route forwarding-table will show you the PFE forwarding tables. L2
#set routing-instances VR1 instance-type virtual-router
for example on the router you can set up a NEW OSPF area 0
>show route table vr1.inet.0
Virtual Switch.
#set routing-instances Vswitch instance-type virtual-switch
#set routing-instances Vswitch bridge-domains vlan_100
notice how I have two VLAN 100 setup however each one is on a different Virtual Switch.
In order to configure interfaces and VLANs under it. specify the routing-instance always
#set routing-instances Vswitch interface ge-0/0/0.0
#set routing-instances Vswitch bridge-domains vlan_500 vlan-id 500
#set routing-instances Vswitch bridge-domains vlan_500 routing-interface irb.500
this will set up the Vlan under the correct Vswitch.
If you fail to mention the routing-instance the router assumes you want to add it
to default-switch.
show bridge-domain
will show you the "routing-instance' name the bridge-domains are under.
the IRB.500 we set up will show under the inet.0
to connect a Virtual Switch to a Virtual Switch you must use an external cable between ports
this is because the Spanning tree does not work as they both have the same MAC.
For connecting two routing-instances use a tunnel or a cable.
LT is a logical tunnel.
set chassis fpc1 pic0 tunnel-services bandwidth 1g
this turns on all tunneling and will create some
GR IP etc interface
We want the LT logical tunnel.
Provider bridging.
Vlans allow for 4096 12bits is the maximum.
Clients might have the SAME number Vlan .
So the ISP needs to provide for this scenario.
802.1ad
QinQ tunneling.
Allows you to have 4096 * 4096 options of routing items.
Also
The TPID will mark it as a S-VLAN
This is as best as I got it.
The book is terrible.
So my VLAN 100 C-VLAN goes on a Provider Edge Bridge.
The PEB Pushes a S-VLAN
The S-VLAN is used to reach my other site through many Provider bridges.
Then the PEB at site 2 pops out the S-VLAN and we are left with the C-Vlan which comes
out my customer edge port
OK
Push add an outer tag like the S-VLAN
pop remove the outer tag then we are left with the C-VLAN
swap swap the outer with another S-VLAN
pop-pop remove both so the packet wopuld be untagged
swap-swap
push-push add both
you get the idea. Pushing and Popping.
Ok,
So in QinQ the Mac table will get another field.
In this case push 200 will add the S-VLAN 200 to the packet.
During the travels
The action will be Pop the 200 so now we are back to the C-Vlan of 100
That way the simplistic view.
The configuration of a normal trunk is.
See how they differ,
The new way looks more intuitive and less typing.
So S-Vlan
Is for Shared Vlans
all of the VLANs will go with one OUTSIDE tag the 200
The new way looks more intuitive and less typing.
So S-Vlan
Is for Shared Vlans
all of the VLANs will go with one OUTSIDE tag the 200
The C-VLAN
If you have an NNI network to Network Interface.
meaning one MAN/ISP needs to traverse another MAN/ISP002
meaning one MAN/ISP needs to traverse another MAN/ISP002
you can use the vlan-rewrite .
For example the other company treats you as a customer.
So vlan-rewrite translate 200 300
so translate 200 to 300
So vlan-rewrite translate 200 300
so translate 200 to 300
At the end of the route the PEB before you reach the customer they will pop out the 300 and we
are back to the C-VLAN of 100 which is the client.
are back to the C-VLAN of 100 which is the client.
>show interface ge-0/0/0.4
will show you the encapsulation and the Tag Actions.
So on the interface towards the C-VLAN it should say
Flags VLAN-tag [100] IN (push 200)
When it leaves towards the PB provider bridge it should say on that interface.
flags vlan-tag {200 100]
Okay the last part is a bit foggy.
The book has many typos.
Just remember with 4096 unique Vlans there is a limitation here.
So if you need more you have VPLS.
The book has many typos.
Just remember with 4096 unique Vlans there is a limitation here.
So if you need more you have VPLS.
Spanning-tree
STP 802.1D
Bridge ID = MAC + a Priority.
Root = the device with the lowest Priority
Root port = the port that leads to the Root
Desginated ports = the ports from the root to the Devices.
Desginated ports = the port from a device to the next one.
Desginated ports = the port from a device to the next one.
Root Path Cost = the cost to get to the root bridge.
Port cost = configurable 20000=GigE
On any device the port with the lowest Port Cost + Root path cost becomes the ROOT port.
BPDU will send the configuration.
TCN will notify there is a change it will go all the way to the Root and then the root
It does this by sending a TCN every 2 seconds.
will send back BPDUs once the device that sent TCN gets a BPDU it stops sending TCN
It does this by sending a TCN every 2 seconds.
will send back BPDUs once the device that sent TCN gets a BPDU it stops sending TCN
Port States
Block
Listen
learning MACs
forward DATA
If the ROOT ID and the Bridge ID in a bpdu match then you are the Root switch.
Port priority is 128
Hello is the time between BPDUIs
RSTP
provides faster convergence by marking ports as.
Edge ports- they are always in forwarding and do not change.
RSTP BPDU is sent every 2 seconds
3 failures and then it will consider it a failure.
Switches do not flush MACs from edge ports.
Only non-edge port changes create a TCN.
So more stable.
RSTP that gets an STP will use STP on that link
STP that gets RSTP drops them.
STP that gets RSTP drops them.
MSTP supports 64 spanning tree instances
VSTP supports up to 4094 Per Vlan Spanning Tree
Configuration
#set protocols rstp
#set protocols rstp bridge-priority 32k
#set protocols rstp max-age 20
#set protocols rstp hello-time 2
#set protocols rstp forward-delay 15
#set protocols rstp interface ge-0/0/0
#set protocols rstp force-version STP
the last one made this STP yes it is a stupid way of CLI-ing
#set protocols rstp
#set protocols rstp bridge-priority 32k
#set protocols rstp max-age 20
#set protocols rstp hello-time 2
#set protocols rstp forward-delay 15
#set protocols rstp interface ge-0/0/1
#set protocols rstp interface ge-0/0/1 priority 128 (default)
#set protocols rstp interface ge-0/0/1 mode point-to-point default for full duplex.
#set protocols rstp interface ge-0/0/1 mode shared # for half-duplex
#set protocols rstp interface ge-0/0/5 edge # access.
Now why they could make it go mode edge and keep it consistent I don't know.
>show spanning-tree bridge
>show spanning-tree interface
>show spanning-tree statistics interface
MSTP
MSTP allows you to configure regions.
So you can split the data traffic flow. This enables you to have the forwarding port block
So you can split the data traffic flow. This enables you to have the forwarding port block
and in the next msti the blocking port will forward.
This way you can use both ports.
Since you are paying for all the uplinks this load balances the spanning tree traffic.
This way you can use both ports.
Since you are paying for all the uplinks this load balances the spanning tree traffic.
The above is configuration-name region 1
revision level 1
You can have more Regions and each Region can have up to 16 MSTIs which are the colors.
show spanning-tree mstp configuration
MSTI 0 is also called the CST and is for compatibility with STP/RSTP.
This is how to use the CST to talk to STP/RSTP/VSTP
VSTP
allows you to configure a Spanning-tree for each VLAN you have.
Which if you have many Vlans becomes a pain in the ass and a drag on your CPU.
Port Priority default 128
Bridge Priority default 32
hell-time 2
forward-delay 15
max-age 20
point-to-point full duplex
mode shared ahalf-duplex
edge
cost 20000 default for 1 Gbps.
BPDU-protection
If you get a BPDU on an interface that is not supposed to have a switch.
You can tell the switch to disable the port
set protocols rstp bpdu-block-on-edge
this means that every port that is an edge port and gets a bpdu will block the port.
if you have a non-rstp switch . ie an STP one.
set protocols layer2-control bpdu-block interface ge-0/0/3 ge-0/3/4
this will set the same thing on those ports.
So when a bpdu comes the port will get blocked.
>clear error bpdu interface
will release the port.
Loop protection or Root protection.
Loop protection means the port is waiting for BPDUs if non arrive, even if they are crappy ones
then the port goes to inconsistent.
Root protection. If I know that on interface so and so the switches there should not become
a root, because they are low level switches or I set up a topology so the root is at the core.
I can set up the interface to never allow a BPDU coming from that interface to advertise
the switches as Root switches.
set protocols rstp interface ge-0/0/0 no-root-port
so now even if a switch on that interface says his priority is better I don't care and I block the port
The port will switch back to normal once I no longer get those BPDUs
OAM
Operations administration management
OAM should measure the following on a physical link.
Availability up or down
Frame Delay time to reach it in ms
Frame Delay Variation jitter
Frame loss dropping of packets
So F for Forward
B for Backward.
LoopBack - You start looping from the closest device to the next one
Once a loop fails you have reached the faulty item.
Linktrace is traceroute but for links.
LFM
Link Failure management
LFM client must be on the switch."
If the client is active, the client will look for a another client to bond with.
Only an Active client can send a LOOPback.
Loopback (intrusive)
Dying gasp before power down.
Critical event can be configured then the link will send a Critical alarm.
Link fault - is a simple signal loss
one OAM PDU every second.
It will be empty if you have nothing to say.
Possible actions.
Syslog the fact
Link down
Begin sending OAM PDU with the critical bit set.
Maintenance points
CFM message will linktrace
Ring
sub 50ms
RPL is a protocol for rings.
Basically once the ring is fine.
One port on A will be blocked.
It will send a keep alive on A to B to C to D to A
When there is a failure somewhere it won't get the keepalive
It will detect it as a failure.
Then it will re-enable the port so traffic can keep flowing from one device to the other.
The only difference is that now B has to go to A to D to C
where as before it went B to C
The failure take 50ms to detect.
The keepalive is called Ring Automatic Protection Switching message.
R-APS
A single VLAN will be dedicated for the R-APS message to travel along.
The RPL message says
no request
do not flush
RPL is blocked to signify all is fine.
In reality the process is more complicated but the explanations suck.
So use the above.
A#set protection-group ethernet-ring ring_name ring-protection-link-owner
will signify that A is the RPL master.
On the interface that you want blocked, ie A to D on A
A#set protection-group ethernet-ring ring_name east-interface ring-protection-link-end
this will tell the device that the East-interface is the one blocking.
now just add an interface.
A# set protection-group ethernet-ring ring_name east-interface control-channel ge-0/0/1.0
A# set protection-group ethernet-ring ring_name east-interface control-channel vlan 100
A#set protection-group ethernet-ring ring_name east-interface ring-protection-link-end
A# set protection-group ethernet-ring ring_name west-interface control-channel ge-0/0/5.0
A# set protection-group ethernet-ring ring_name west-interface control-channel vlan 100
in all the other devices just configure them as east and west. Again without the ring-protection-link-end
also without the ring-protection-link-owner
>show protection-group ethernet-ring aps
>show protection-group ethernet-ring aps detail
>show protection-group ethernet-ring interface ge-0/0/1.0
the output will tell you if it is forwarding or discarding.
>show protection-group ethernet-ring statistics
E voila.
You still have to BLock one iterface so it is costly however
you get sub 50ms conversion times. Which are great for a ring.
If you want to still have a quick path from A to D
you can set up another Ring similar to FDDI if you remember that piece of antique.
you get sub 50ms conversion times. Which are great for a ring.
If you want to still have a quick path from A to D
you can set up another Ring similar to FDDI if you remember that piece of antique.
Link Aggregation.
OK.
Your client is cheap and does not want to buy a 10 GigE switch.
So instead you can tell him for now to link aggregate several 1GigE
Your client is cheap and does not want to buy a 10 GigE switch.
So instead you can tell him for now to link aggregate several 1GigE
So he can build a 8* 1 GigE 8000 Mbps link.
The members of a link are called member interfaces.
If one fails, the other ones can still send data.
requirements
Member link speed and duplex must match
8 members is the maximum
an aggregated bundle is called an AE AE0 AE1 etc
Routing Engine traffic will use the lowest link
so GE-0/0/0 instead of GE-0/0/4
so GE-0/0/0 instead of GE-0/0/4
the load balancing algorithm uses L2 L3 or L4 data.
the load balancing for non-ip traffic uses L2 MAC SA and DA source and destination.
You can set up LACP
link aggregation control protocol.
This will monitor the links in the bundle.
One side must be ACTIVE lacp the other can be passive/active.
link aggregation control protocol.
This will monitor the links in the bundle.
One side must be ACTIVE lacp the other can be passive/active.
#set chassis aggregated-devices ethernet device-count 1
this sets up one AE
#set interface ge-0/0/3 gigether-options 802.3ad ae0
#set interface ge-0/0/4 gigether-options 802.3ad ae0
this adds both interfaces to the ae0
Now you can configure the ae0 like a normal interface.
#set ae0 unit 0 family bridge
#set ae0 aggregated-ether-options lacp active # this is optional if you want to turn on lacp
You can use the LAG also to make Layer 3 interfaces, in this case it was layer 2.
>show interfaces terse | match ae0
will show you the status of the interfaces up up
MC-LAG
Multi Chassis Lag.
Alright.
MX supports this.
MX supports this.
I didn't bother doing the LAG AE0
So the summary version is
This is what the configuration looks like
set chassis aggregated-devices ethernet device-count 1
set interfaces xe-0/0/44 ether-options 802.3ad ae1
set interfaces xe-0/0/12 unit 0 family ethernet-switching port-mode trunk
set interfaces xe-0/0/12 unit 0 family ethernet-switching vlan members v500
set interfaces ae1 aggregated-ether-options lacp active
set interfaces ae1 aggregated-ether-options lacp system-id 00:01:02:03:04:05
set interfaces ae1 aggregated-ether-options mc-ae mc-ae-id 3
set interfaces ae1 aggregated-ether-options mc-ae chassis-id 0
set interfaces ae1 aggregated-ether-options mc-ae mode active-active
set interfaces ae1 aggregated-ether-options mc-ae status-control active
set ae1 aggregated-ether-options mc-ae init-delay-time 240
set interfaces ae1 unit 0 family ethernet-switching port-mode trunk
set interfaces ae1 unit 0 family ethernet-switching vlan members v100
set interfaces vlan unit 500 family inet address 3.3.3.2/24
set vlans v100 vlan-id 100
set vlans v500 vlan-id 500
set vlans v500 l3-interface vlan.500
set protocols iccp local-ip-addr 3.3.3.2
set protocols iccp peer 3.3.3.1 session-establishment-hold-time 50
set protocols iccp peer 3.3.3.1 backup-liveness-detection backup-peer-ip 10.207.64.233
set protocols iccp peer 3.3.3.1 liveness-detection minimum-receive-interval 60
set protocols iccp peer 3.3.3.1 liveness-detection transmit-interval minimum-interval 60
set protocols rstp interface xe-0/0/12 disable
set multi-chassis multi-chassis-protection 3.3.3.1 interface ae0
http://www.juniper.net/techpubs/en_US/junos12.3/topics/example/multichassis-link-aggregation-qfx-series.html
the support depends on the platform.
In the appendix they describe the old syntax.
let's hope it's not on the test.
let's hope it's not on the test.
Alright.
On to MPLS.
My favorite subject
NOT!!!!
On to MPLS.
My favorite subject
NOT!!!!
Thanks a lot
ReplyDelete