Routed VLAN Interfaces
Configuring a Routed VLAN Interface in a Private VLAN on an EX Series Switch
Starting with Junos OS Release 14.1X53-D10, you can configure a routed VLAN interface (RVI) for a private VLAN (PVLAN) on an EX8200 switch or EX8200 Virtual Chassis. Instead of a router connected to a promiscuous port routing Layer 3 traffic between isolated and community members, you can alternatively use an RVI.
To set up routing within a PVLAN, one RVI must be configured for the primary VLAN on one EX8200 switch or EX8200 Virtual Chassis in the PVLAN domain. This RVI serves the entire PVLAN domain regardless of whether the domain consists of one or more switches. After you configure the RVI, Layer 3 packets received by the secondary VLAN interfaces are mapped to and routed by the RVI.
When setting up the RVI, you must also enable proxy Address Resolution Protocol (ARP) so that the RVI can handle ARP requests received by the secondary VLAN interfaces.
This topic describes how to configure an RVI for a PVLAN.
Before you begin, configure the PVLAN as described in Creating a Private VLAN on a Single EX Series Switch (CLI Procedure) or Creating a Private VLAN Spanning Multiple EX Series Switches (CLI Procedure).
To configure an RVI for a PVLAN:
- Create a logical Layer 3 RVI on a subnet for the primary
VLAN’s broadcast domain:
user@switch# set vlan unit logical-unit-number family inet address inet-address
- Enable unrestricted proxy ARP on the RVI:
user@switch# set vlan unit logical-unit-number proxy-arp unrestricted
- Disable sending protocol redirect messages on the RVI:
user@switch# set vlan unit logical-unit-number family inet no-redirects
- Link the primary VLAN to the RVI:
user@switch# set vlan-name l3-interface vlan.logical-unit-number
The value of logical-unit-number is the same value that you supplied for logical-unit-number in the previous steps.
Verifying Routed VLAN Interface Status and Statistics on EX Series Switches
Determine status information and traffic statistics for routed VLAN interfaces (RVIs) by using the following commands:
Display RVI interfaces and their current states:
user@switch> show interfaces vlan terse
Interface Admin Link Proto Local Remote vlan up up vlan.111 up up inet 22.214.171.124/24
Display Layer 2 VLANs, including any tags assigned to the VLANs and the interfaces associated with the VLANs:
user@switch> show vlans
Name Tag Interfaces default None employee-vlan 20 ge-1/0/0.0, ge-1/0/1.0, ge-1/0/2.0 marketing 40 ge-1/0/10.0, ge-1/0/20.0, ge-1/0/30.0 support 111 ge-0/0/18.0 mgmt bme0.32769, bme0.32771*
Display Ethernet switching table entries for the VLAN that is attached to the RVI:
user@switch> show ethernet-switching table
Ethernet-switching table: 1 entries, 0 learned VLAN MAC address Type Age Interfaces support 00:19:e2:50:95:a0 Static - Router
Display an RVI’s ingress-counting statistics with either the show interfaces vlan detail command or the show interfaces vlan extensive command. Ingress counting is displayed as Input bytes and Input packets under Transit Statistics.
user@switch> show interfaces vlan.100 detail
Logical interface vlan.100 (Index 65) (SNMP ifIndex 503) (HW Token 100) (Generation 131) Flags: SNMP-Traps 0x4000 Encapsulation: ENET2 Traffic statistics: Input bytes: 17516756 Output bytes: 411764 Input packets: 271745 Output packets: 8256 Local statistics: Input bytes: 3240 Output bytes: 411764 Input packets: 54 Output packets: 8256 Transit statistics: Input bytes: 17513516 0 bps Output bytes: 0 0 bps Input packets: 271745 0 pps Output packets: 0 0 pps Protocol inet, Generation: 148, Route table: 0 Flags: None Addresses, Flags: iS-Preferred Is-Primary Destination: 50.1.1/24, Local: 126.96.36.199, Broadcast: 188.8.131.52, Generation: 136
show interfaces vlan displays a list of interfaces, including RVI interfaces, and their current states (up, down).
show vlans displays a list of VLANs, including any tags assigned to the VLANs and the interfaces associated with the VLANs.
show ethernet-switching table displays the Ethernet switching table entries, including VLANs attached to the RVI.
show interfaces vlan detail displays RVI ingress counting as Input Bytes and Input Packets under Transit Statistics.