Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Overview

Learn about various types of interfaces used in security devices and the interface properties.

Juniper Networks® SRX Series Firewalls support physical, logical, aggregated, service, and special interfaces for security, routing, switching, and WAN connectivity.

Physical Interfaces

A physical interface is a hardware-based connection between a device and a network, consisting of a software driver and a physical connector for network media.

Physical interfaces handle ingress and egress traffic. Network processing units (NPUs) perform sanity checks and screens, then forward the traffic to Services Processing Units (SPUs).

Table 1: Physical Interfaces
Interface Description
Ethernet (xe-, ge-, fe-) Copper or fiber ports for LAN and WAN connectivity, supporting speeds ranging from Fast Ethernet to 1 Gigabit Ethernet (GbE), 10GbE, 40GbE, and 100GbE, depending on the firewall model. For example, the SRX300 Firewall support integrated Ethernet ports.
Wireless (pp-) Mini-Physical Interface Module (PIM) for WAN backup over 3G and 4G LTE.
ADSL or SHDSL (adsl-) WAN interfaces that carry Asynchronous Transfer Mode (ATM) traffic over asymmetric digital subscriber line (ADSL) or symmetric high-speed DSL (SHDSL) WAN links.
Serial or ATM Interfaces for legacy WAN connections such as Frame Relay, High-Level Data Link Control (HDLC), Point-to-Point Protocol (PPP), and Multilink Point-to-Point Protocol (MLPPP).

For more information about physical interfaces, see Physical Interface Properties.

Logical Interfaces

Logical interfaces have the following characteristics:

  • Are configured under physical interfaces. For example, xe-0/0/0.0.

  • Support protocol families such as inet (IPv4), inet6 (IPv6), vlan, and mlppp.

  • Support features such as VLAN tagging and encapsulation, integrated routing and bridging (IRB) for Layer 2 (L2) or Layer 3 (L3) integration, and Maximum Transmission Unit (MTU) adjustment.

For more information about logical interfaces, see Logical Interface Properties.

Aggregated Ethernet Interfaces

Aggregated Ethernet interfaces (ae-) have the following characteristics:

  • Bundle multiple physical links with Link Aggregation Control Protocol (LACP) for redundancy or load balancing.

  • Used for high-availability and increased bandwidth.

For more information about aggregated Ethernet interfaces, see Aggregated Ethernet Interfaces Overview.

Service Interfaces

Service interfaces have the following characteristics:

  • Handled by Services Processing Cards (SPCs) or Services Processing Units (SPUs) on newer models.

  • Support IPsec VPN, Network Address Translation (NAT), stateful firewall filters, and generic routing encapsulation (GRE) and IP over IP (IP-IP) through the respective tunnel services interfaces (gre- and ip-).

  • Automatically generated and nonconfigurable for GRE and IP-IP tunnels.

For more information about service interfaces, see Interfaces Fundamentals for Junos OS.

Special Interfaces

Special interfaces are non-physical interfaces used for specific functions like management, services, monitoring, or internal operations, distinct from standard network interfaces.

Table 2: Special Interfaces
Interface Description
fxp0 Dedicated out-of-band management (OOBM) Ethernet port on the Routing Engine.
lo0 Loopback interface for routing protocols, keepalives, and services such as Virtual Router Redundancy Protocol (VRRP).
jsrc Discard interface for unhandled traffic.

For more information about special interfaces, see Interfaces Fundamentals for Junos OS.

Related Documentation