Technical Documentation

Example: Setting Up Basic Bridging and a VLAN for an EX Series Switch

EX Series switches use bridging and virtual LANs (VLANs) to connect network devices in a LAN—desktop computers, IP telephones, printers, file servers, wireless access points, and others—and to segment the LAN into smaller bridging domains. The switch's default configuration provides a quick setup of bridging and a single VLAN.

This example describes how to configure basic bridging and VLANs for an EX Series switch:

Requirements

This example uses the following software and hardware components:

  • JUNOS Release 9.0 or later for EX Series switches
  • One EX4200 Virtual Chassis switch

Before you set up bridging and a VLAN, be sure you have:

Overview and Topology

EX Series switches connect network devices in an office LAN or a data center LAN to provide sharing of common resources such as printers and file servers and to enable wireless devices to connect to the LAN through wireless access points. Without bridging and VLANs, all devices on the Ethernet LAN are in a single broadcast domain, and all the devices detect all the packets on the LAN. Bridging creates separate broadcast domains on the LAN, creating VLANs, which are independent logical networks that group together related devices into separate network segments. The grouping of devices on a VLAN is independent of where the devices are physically located in the LAN.

To use an EX Series switch to connect network devices on a LAN, you must, at a minimum, configure bridging and VLANs. If you simply power on the switch and perform the initial switch configuration using the factory-default settings, bridging is enabled on all the switch's interfaces, all interfaces are in access mode, and all interfaces belong to a VLAN called default, which is automatically configured. When you plug access devices—such as desktop computers, Avaya IP telephones, file servers, printers, and wireless access points—into the switch, they are joined immediately into the default VLAN and the LAN is up and running.

The topology used in this example consists of one EX4200-24T switch, which has a total of 24 ports. Eight of the ports support Power over Ethernet (PoE), which means they provide both network connectivity and electric power for the device connecting to the port. To these ports, you can plug in devices requiring PoE, such as Avaya VoIP telephones, wireless access points, and some IP cameras. (Avaya phones have a built-in hub that allows you to connect a desktop PC to the phone, so the desktop and phone in a single office require only one port on the switch.) The remaining 16 ports provide only network connectivity. You use them to connect devices that have their own power sources, such as desktop and laptop computers, printers, and servers. Table 1 details the topology used in this configuration example.

Table 1: Components of the Basic Bridging Configuration Topology

Property Settings

Switch hardware

EX4200-24T switch, with 24 Gigabit Ethernet ports: 8 PoE ports (ge-0/0/0 through ge-0/0/7) and 16 non-PoE ports (ge-0/0/8 through ge-0/0/23)

VLAN name

default

Connection to wireless access point (requires PoE)

ge-0/0/0

Connections to Avaya IP telephone—with integrated hub, to connect phone and desktop PC to a single port (requires PoE)

ge-0/0/1 through ge-0/0/7

Direct connections to desktop PCs (no PoE required)

ge-0/0/8 through ge-0/0/12

Connections to file servers (no PoE required)

ge-0/0/17 and ge-0/0/18

Connections to integrated printer/fax/copier machines (no PoE required)

ge-0/0/19 through ge-0/0/20

Unused ports (for future expansion)

ge-0/0/13 through ge-0/0/16, and ge-0/0/21 through ge-0/0/23

Configuration

CLI Quick Configuration

By default, after you perform the initial configuration on the EX4200 switch, switching is enabled on all interfaces, a VLAN named default is created, and all interfaces are placed into this VLAN. You do not need to perform any other configuration on the switch to set up bridging and VLANs. To use the switch, simply plug the Avaya IP phones into the PoE-enabled ports ge-0/0/1 through ge-0/0/7, and plug in the PCs, file servers, and printers to the non-PoE ports, ge-0/0/8 through ge-0/0/12 and ge-0/0/17 through ge-0/0/20.

Step-by-Step Procedure

To configure bridging and VLANs:

  1. Make sure the switch is powered on.
  2. Connect the wireless access point to switch port ge-0/0/0.
  3. Connect the seven Avaya phones to switch ports ge-0/0/1 through ge-0/0/7.
  4. Connect the five PCs to ports ge-0/0/8 through ge-0/0/12.
  5. Connect the two file servers to ports ge-0/0/17 and ge-0/0/18.
  6. Connect the two printers to ports ge-0/0/19 and ge-0/0/20.

Results

Check the results of the configuration:

[edit]
user@switch> show configuration
## Last commit: 2008-03-06 00:11:22 UTC by triumph
version 9.0;
system {
root-authentication {
encrypted-password "$1$urmA7AFM$x5SaGEUOdSI3u1K/iITGh1"; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
commit {
factory-settings {
reset-chassis-lcd-menu;
reset-virtual-chassis-configuration;
}
}
}
interfaces {
ge-0/0/0 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/1 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/2 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/3 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/4 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/5 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/6 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/7 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/8 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/9 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/10 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/11 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/12 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/13 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/14 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/15 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/16 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/17 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/18 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/19 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/20 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/21 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/22 {
unit 0 {
family ethernet-switching;
}
}
ge-0/0/23 {
unit 0 {
family ethernet-switching;
}
}
ge-0/1/0 {
unit 0 {
family ethernet-switching;
}
}
xe-0/1/0 {
unit 0 {
family ethernet-switching;
}
}
ge-0/1/1 {
unit 0 {
family ethernet-switching;
}
}
xe-0/1/1 {
unit 0 {
family ethernet-switching;
}
}
ge-0/1/2 {
unit 0 {
family ethernet-switching;
}
}
ge-0/1/3 {
unit 0 {
family ethernet-switching;
}
}
}
protocols {
lldp {
interface all;
}
rstp;
}
poe {
interface all;
}

Verification

To verify that switching is operational and that a VLAN has been created, perform these tasks:

Verifying That the VLAN Has Been Created

Purpose

Verify that the VLAN named default has been created on the switch.

Action

List all VLANs configured on the switch:


user@switch> show vlans
Name           Tag     Interfaces
default       
                       ge-0/0/0.0*, ge-0/0/1.0, ge-0/0/2.0, ge-0/0/3.0,
                       ge-0/0/4.0,  ge-0/0/5.0, ge-0/0/6.0, ge-0/0/7.0,
                       ge-0/0/8.0*, ge-0/0/9.0, ge-0/0/10.0, ge-0/0/11.0*,
                       ge-0/0/12.0, ge-0/0/13.0, ge-0/0/14.0, ge-0/0/15.0,
                       ge-0/0/16.0, ge-0/0/17.0, ge-0/0/18.0, ge-0/0/19.0*,
                       ge-0/0/20.0, ge-0/0/21.0, ge-0/0/22.0, ge-0/0/23.0,
                       ge-0/1/0.0*, ge-0/1/1.0*, ge-0/1/2.0*, ge-0/1/3.0*
mgmt          
                       me0.0*

Meaning

The show vlans command lists the VLANs configured on the switch. This output shows that the VLAN default has been created.

Verifying That Interfaces Are Associated with the Proper VLANs

Purpose

Verify that Ethernet switching is enabled on switch interfaces and that all interfaces are included in the VLAN.

Action

List all interfaces on which switching is enabled:


Interface   State    VLAN members           Blocking 
ge-0/0/0.0  up       default                unblocked
ge-0/0/1.0  down     default                blocked - blocked by STP/RTG
ge-0/0/2.0  down     default                blocked - blocked by STP/RTG
ge-0/0/3.0  down     default                blocked - blocked by STP/RTG
ge-0/0/4.0  down     default                blocked - blocked by STP/RTG
ge-0/0/5.0  down     default                blocked - blocked by STP/RTG
ge-0/0/6.0  down     default                blocked - blocked by STP/RTG
ge-0/0/7.0  down     default                blocked - blocked by STP/RTG
ge-0/0/8.0  up       default                unblocked
ge-0/0/9.0  down     default                blocked - blocked by STP/RTG
ge-0/0/10.0 down     default                blocked - blocked by STP/RTG
ge-0/0/11.0 up       default                unblocked
ge-0/0/12.0 down     default                blocked - blocked by STP/RTG
ge-0/0/13.0 down     default                blocked - blocked by STP/RTG
ge-0/0/14.0 down     default                blocked - blocked by STP/RTG
ge-0/0/15.0 down     default                blocked - blocked by STP/RTG
ge-0/0/16.0 down     default                blocked - blocked by STP/RTG
ge-0/0/17.0 down     default                blocked - blocked by STP/RTG
ge-0/0/18.0 down     default                blocked - blocked by STP/RTG
ge-0/0/19.0 up       default                unblocked
ge-0/0/20.0 down     default                blocked - blocked by STP/RTG
ge-0/0/21.0 down     default                blocked - blocked by STP/RTG
ge-0/0/22.0 down     default                blocked - blocked by STP/RTG
ge-0/0/23.0 down     default                blocked - blocked by STP/RTG
ge-0/1/0.0  up       default                unblocked
ge-0/1/1.0  up       default                unblocked
ge-0/1/2.0  up       default                unblocked
ge-0/1/3.0  up       default                unblocked
me0.0       up       mgmt                   unblocked

Meaning

The show ethernet-switching interfaces command lists all interfaces on which switching is enabled (in the Interfaces column), along with the VLANs that are active on the interfaces (in the VLAN members column). The output in this example shows all the connected interfaces, ge-0/0/0 through ge-0/0/12 and ge-0/0/17 through ge-0/0/20 and that they are all part of VLAN default. Notice that the interfaces listed are the logical interfaces, not the physical interfaces. For example, the output shows ge-0/0/0.0 instead of ge-0/0/0. This is because JUNOS Software creates VLANs on logical interfaces, not directly on physical interfaces.


Published: 2009-07-22