Supported Platforms
Configuring a Layer 2 Virtual Switch
A Layer 2 virtual switch, which isolates a LAN segment with its spanning-tree protocol instance and separates its VLAN ID space, filters and forwards traffic only at the data link layer. Layer 3 routing is not performed. Each bridge domain consists of a set of logical ports that participate in Layer 2 learning and forwarding. A virtual switch represents a Layer 2 network.
Two main types of interfaces are used in virtual switch hierarchies:
- Layer 2 logical interface—This type of interface uses the VLAN-ID as a virtual circuit identifier and the scope of the VLAN-ID is local to the interface port. This type of interface is often used in service-provider-centric applications.
- Access or trunk interface—This type of interface
uses a VLAN-ID with global significance. The access or trunk interface
is implicitly associated with bridge domains based on VLAN membership.
Access or trunk interfaces are typically used in enterprise-centric
applications.
Note: The difference between access interfaces and trunk interfaces is that access interfaces can be part of one VLAN only and the interface is normally attached to an end-user device (packets are implicitly associated with the configured VLAN). In contrast, trunk interfaces multiplex traffic from multiple VLANs and usually interconnect switches.
To configure a Layer 2 virtual switch, include the following statements:
To enable a virtual switch, you must specify virtual-switch as the instance-type.
For each bridge domain that you configure for the virtual switch, specify a bridge-domain-name. You must also specify the value bridge for the domain-type statement.
For the vlan-id statement, you can specify either a valid VLAN identifier or the none or all options. If you specify a valid VLAN identifier, you cannot also use the none option. These statements are mutually exclusive.
The all option is not supported with IRB.
| Note: You do not have to specify a VLAN identifier for a bridge domain. However, you cannot specify the same VLAN identifier for more than one bridge domain within a virtual switch. Each bridge domain within a virtual switch must have a unique VLAN identifier. |
| Note: For a single bridge domain, you can include either the vlan-id statement or the vlan-tags statement, but not both. |
To specify one or more logical interfaces to include in the bridge domain, specify an interface-name for an Ethernet interface you configured at the [edit interfaces] hierarchy level. For more information, see the Junos OS Network Interfaces Library for Routing Devices.
For information about how to configure spanning tree protocols, see the Junos OS Feature Guides.
