[Contents] [Prev] [Next] [Index] [Report an Error]

Configuring a Layer 2 Virtual Switch

A Layer 2 virtual switch, which consists of one or more bridge domains, filters and forwards traffic only at the data link layer. Layer 3 routing is not performed. Each bridge domain consists of a set of logical ports that participate in Layer 2 learning and forwarding. A virtual switch represents a Layer 2 network.

Two main types of interfaces are used in virtual switch hierarchies:

Layer 2 logical interface—This type of interface uses the VLAN-ID as a virtual circuit identifier and the scope of the VLAN-ID is local to the interface port. This type of interface is often used in service-provider-centric applications.

Access or trunk interface—This type of interface uses a VLAN-ID with global significance. The access or trunk interface is implicitly associated with bridge domains based on VLAN membership. Access or trunk interfaces are typically used in enterprise-centric applications.

Note: The difference between access interfaces and trunk interfaces is that access interfaces can be part of one VLAN only and the interface is normally attached to an end-user device (packets are implicitly associated with the configured VLAN). In contrast, trunk interfaces multiplex traffic from multiple VLANs and usually interconnect switches.

To configure a Layer 2 virtual switch, include the following statements:


virtual-switch statementusage guidelines[edit]
routing-instances {



routing-instance-name (
instance-type virtual-switch;



bridge-domains {



bridge-domain-name {

domain-type bridge;

vlan-id (all | none | number); # Cannot be used with ’vlan-tags’
statement

vlan-tags outer number inner number; # Cannot be
used with ’vlan-id’ statement

interface interface-name;
}


}




protocols {
mstp ...
}


}


}

To enable a virtual switch, you must specify virtual-switch as the instance-type.

For each bridge domain that you configure for the virtual switch, specify a bridge-domain-name. You must also specify bridge as the domain-type.

For the vlan-id statement, you can specify either a valid VLAN identifier or the none or all options. If you specify a valid VLAN identifier, you cannot also use the none option. These statements are mutually exclusive. For more information about configuring VLAN identifiers and VLAN tags for a bridge domain, see Configuring VLAN Identifiers for a Bridge Domain or a VPLS Routing Instance.

The all option is not supported with IRB. For more information about how to configure IRB, see Configuring Integrated Routing and Bridging for a Bridge Domain Within a Layer 2 Virtual Switch.

Note: You do not have to specify a VLAN identifier for a bridge domain. However, you cannot specify the same VLAN identifier for more than one bridge domain within a virtual switch. Each bridge domain within a virtual switch must have a unique VLAN identifier.

Note: For a single bridge domain, you can configure either the vlan-id statement or the vlan-tags statement, but not both.

To specify one or more logical interfaces to include in the bridge domain, specify an interface-name for an Ethernet interface you configured at the [edit interfaces] hierarchy level. For more information, see the JUNOS Network Interfaces Configuration Guide.

For information about how to configure spanning tree protocols, see the JUNOS Feature Guide.

[Contents] [Prev] [Next] [Index] [Report an Error]