Chuck,
The way that are you doing works well (I call it as dot1q tagging
services), The way that I need to use, L2TP doesn't works. (QinQ services)
Due the limited "QinQ", I need to keep CPE at customers to deal with
QinQ/L2TP services.
Att.
AŁexandre
De: Chuck Anderson
Enviado: sábado, 25 de março 09:28
Assunto: Re: [j-nsp] RES: RES: QFX 5100 and Q-in-Q
Para: [email protected]
I'm using Q-in-Q as a tap aggregation function. Port mirrors and/or optical
taps from other devices are connected to QFX5100 ports which encapsulate the
foreign traffic with Q-in-Q, then flood the traffic to all ports in the same
outer VLAN. Analyzers are connected to the output ports. It may be that L2
protocols like PVST+ are not passing through, but that doesn't matter much for
my use case: set interfaces xe-0/0/0 description "MIRROR1 INPUT from device
foo" set interfaces xe-0/0/0 flexible-vlan-tagging set interfaces xe-0/0/0
native-vlan-id 2 set interfaces xe-0/0/0 mtu 9216 set interfaces xe-0/0/0
encapsulation extended-vlan-bridge set interfaces xe-0/0/0 unit 2 vlan-id-list
1-4094 set interfaces xe-0/0/0 unit 2 input-vlan-map push set interfaces
xe-0/0/0 unit 2 input-vlan-map vlan-id 2 set interfaces xe-0/0/0 unit 2
output-vlan-map pop set interfaces xe-0/0/0 unit 2 family ethernet-switching
filter output DISCARD set interfaces xe-0/0/24 description "MIRROR1 OUTPUT to
analyzer bar" set interfaces xe-0/0/24 flexible-vlan-tagging set interfaces
xe-0/0/24 mtu 9216 set interfaces xe-0/0/24 encapsulation extended-vlan-bridge
set interfaces xe-0/0/24 unit 2 vlan-id-list 1-4094 set interfaces xe-0/0/24
unit 2 input-vlan-map push set interfaces xe-0/0/24 unit 2 input-vlan-map
vlan-id 2 set interfaces xe-0/0/24 unit 2 output-vlan-map pop set interfaces
xe-0/0/24 unit 2 family ethernet-switching filter input DISCARD set vlans
MIRROR1 interface xe-0/0/0.2 set vlans MIRROR1 interface xe-0/0/24.2 set vlans
MIRROR1 switch-options no-mac-learning On Sat, Mar 25, 2017 at 12:22:40AM
+0000, Alexandre Guimaraes wrote: > Chuck, > > > Could you please share portion
of your QinQ configuration? In my tests, facing customer side, used: > > set
vlans S-VLAN-200 vlan-id 200 > set vlans S-VLAN-200 interface ge-0/0/14.200 > >
set interfaces ge-0/0/14 flexible-vlan-tagging > set interfaces ge-0/0/14
native-vlan-id 200 > set interfaces ge-0/0/14 mtu 6000 > set interfaces
ge-0/0/14 encapsulation extended-vlan-bridge > set interfaces ge-0/0/14 unit
200 vlan-id-list 10-30 > set interfaces ge-0/0/14 unit 200 input-vlan-map push
> set interfaces ge-0/0/14 unit 200 output-vlan-map pop > > > Even you can
encapsulates customer vlan inside a service vlan, all layer 2 protocols will
not pass. > > > > ________________________________________ > De: juniper-nsp
[[email protected]] em nome de Chuck Anderson [[email protected]]
> Enviado: sexta-feira, 24 de março de 2017 18:33 > Para:
[email protected] > Assunto: Re: [j-nsp] RES: QFX 5100 and Q-in-Q > >
I had to load 14.1X53-D40 to have a basic working Q-in-Q config. D35 > was
broken in some fundamental way. > > On Fri, Mar 24, 2017 at 04:31:56PM +0000,
Alexandre Guimaraes wrote: > > Alain, > > > > As far i know, QinQ - L2TP does
not work at QFX5100. > > > > Att., > > Alexandre > > > >
________________________________________ > > De: juniper-nsp
[[email protected]] em nome de Alain Hebert
[[email protected]] > > Enviado: sexta-feira, 24 de março de 2017 13:07 > >
Para: [email protected] > > Assunto: [j-nsp] QFX 5100 and Q-in-Q > >
> > Well, > > > > We're having all sort of massive failure making Q-in-Q works
in our > > QFX5100 in standard and VCF mode... and that with 14.x, 15x, 16.x,
17.x > > > > Such a simple thing should not take 1 week of back & forth with
JTAC. > > > > Anyone have some experience to share on that subject? > > > >
Thank. _______________________________________________ juniper-nsp mailing list
[email protected] https://puck.nether.net/mailman/listinfo/juniper-nsp
_______________________________________________
juniper-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/juniper-nsp
