Example: Setting Up Basic Bridging and a VLAN for an EX Series Switch
EX Series switches use bridging and virtual LANs (VLANs) to connect network devices in a LAN—desktop computers, IP telephones, printers, file servers, wireless access points, and others—and to segment the LAN into smaller bridging domains. The switch's default configuration provides a quick setup of bridging and a single VLAN.
This example describes how to configure basic bridging and VLANs for an EX Series switch:
Requirements
This example uses the following software and hardware components:
- JUNOS Release 9.0 or later for EX Series switches
- One EX4200 Virtual Chassis switch
Before you set up bridging and a VLAN, be sure you have:
- Installed your EX Series switch. See Installing and Connecting an EX3200 or EX4200 Switch.
- Performed the initial switch configuration. See Connecting and Configuring an EX Series Switch (J-Web Procedure).
Overview and Topology
EX Series switches connect network devices in an office LAN or a data center LAN to provide sharing of common resources such as printers and file servers and to enable wireless devices to connect to the LAN through wireless access points. Without bridging and VLANs, all devices on the Ethernet LAN are in a single broadcast domain, and all the devices detect all the packets on the LAN. Bridging creates separate broadcast domains on the LAN, creating VLANs, which are independent logical networks that group together related devices into separate network segments. The grouping of devices on a VLAN is independent of where the devices are physically located in the LAN.
To use an EX Series switch to connect network devices on a LAN, you must, at a minimum, configure bridging and VLANs. If you simply power on the switch and perform the initial switch configuration using the factory-default settings, bridging is enabled on all the switch's interfaces, all interfaces are in access mode, and all interfaces belong to a VLAN called default, which is automatically configured. When you plug access devices—such as desktop computers, Avaya IP telephones, file servers, printers, and wireless access points—into the switch, they are joined immediately into the default VLAN and the LAN is up and running.
The topology used in this example consists of one EX4200-24T switch, which has a total of 24 ports. Eight of the ports support Power over Ethernet (PoE), which means they provide both network connectivity and electric power for the device connecting to the port. To these ports, you can plug in devices requiring PoE, such as Avaya VoIP telephones, wireless access points, and some IP cameras. (Avaya phones have a built-in hub that allows you to connect a desktop PC to the phone, so the desktop and phone in a single office require only one port on the switch.) The remaining 16 ports provide only network connectivity. You use them to connect devices that have their own power sources, such as desktop and laptop computers, printers, and servers. Table 1 details the topology used in this configuration example.
Table 1: Components of the Basic Bridging Configuration Topology
Configuration
CLI Quick Configuration
By default, after you perform the initial configuration on the EX4200 switch, switching is enabled on all interfaces, a VLAN named default is created, and all interfaces are placed into this VLAN. You do not need to perform any other configuration on the switch to set up bridging and VLANs. To use the switch, simply plug the Avaya IP phones into the PoE-enabled ports ge-0/0/1 through ge-0/0/7, and plug in the PCs, file servers, and printers to the non-PoE ports, ge-0/0/8 through ge-0/0/12 and ge-0/0/17 through ge-0/0/20.
Step-by-Step Procedure
To configure bridging and VLANs:
- Make sure the switch is powered on.
- Connect the wireless access point to switch port ge-0/0/0.
- Connect the seven Avaya phones to switch ports ge-0/0/1 through ge-0/0/7.
- Connect the five PCs to ports ge-0/0/8 through ge-0/0/12.
- Connect the two file servers to ports ge-0/0/17 and ge-0/0/18.
- Connect the two printers to ports ge-0/0/19 and ge-0/0/20.
Results
Check the results of the configuration:
- [edit]
- user@switch> show configuration
- ## Last commit: 2008-03-06 00:11:22 UTC by triumph
- version 9.0;
- system {
-
- root-authentication {
- encrypted-password "$1$urmA7AFM$x5SaGEUOdSI3u1K/iITGh1";
## SECRET-DATA
- }
-
- syslog {
-
- user * {
- any emergency;
- }
-
- file messages {
- any notice;
- authorization info;
- }
-
- file interactive-commands {
- interactive-commands any;
- }
- }
-
- commit {
-
- factory-settings {
- reset-chassis-lcd-menu;
- reset-virtual-chassis-configuration;
- }
- }
- }
- interfaces {
-
- ge-0/0/0 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/1 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/2 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/3 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/4 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/5 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/6 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/7 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/8 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/9 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/10 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/11 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/12 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/13 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/14 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/15 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/16 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/17 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/18 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/19 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/20 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/21 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/22 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/0/23 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/1/0 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- xe-0/1/0 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/1/1 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- xe-0/1/1 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/1/2 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
-
- ge-0/1/3 {
-
- unit 0 {
- family ethernet-switching;
- }
- }
- }
- protocols {
-
- lldp {
- interface all;
- }
- rstp;
- }
-
- poe {
- interface all;
- }
Verification
To verify that switching is operational and that a VLAN has been created, perform these tasks:
- Verifying That the VLAN Has Been Created
- Verifying That Interfaces Are Associated with the Proper VLANs
Verifying That the VLAN Has Been Created
Purpose
Verify that the VLAN named default has been created on the switch.
Action
List all VLANs configured on the switch:
user@switch> show vlans Name Tag Interfaces
default
ge-0/0/0.0*, ge-0/0/1.0, ge-0/0/2.0, ge-0/0/3.0,
ge-0/0/4.0, ge-0/0/5.0, ge-0/0/6.0, ge-0/0/7.0,
ge-0/0/8.0*, ge-0/0/9.0, ge-0/0/10.0, ge-0/0/11.0*,
ge-0/0/12.0, ge-0/0/13.0, ge-0/0/14.0, ge-0/0/15.0,
ge-0/0/16.0, ge-0/0/17.0, ge-0/0/18.0, ge-0/0/19.0*,
ge-0/0/20.0, ge-0/0/21.0, ge-0/0/22.0, ge-0/0/23.0,
ge-0/1/0.0*, ge-0/1/1.0*, ge-0/1/2.0*, ge-0/1/3.0*
mgmt
me0.0*
Meaning
The show vlans command lists the VLANs configured on the switch. This output shows that the VLAN default has been created.
Verifying That Interfaces Are Associated with the Proper VLANs
Purpose
Verify that Ethernet switching is enabled on switch interfaces and that all interfaces are included in the VLAN.
Action
List all interfaces on which switching is enabled:
user@switch> show ethernet-switching interfaces
Interface State VLAN members Blocking ge-0/0/0.0 up default unblocked ge-0/0/1.0 down default blocked - blocked by STP/RTG ge-0/0/2.0 down default blocked - blocked by STP/RTG ge-0/0/3.0 down default blocked - blocked by STP/RTG ge-0/0/4.0 down default blocked - blocked by STP/RTG ge-0/0/5.0 down default blocked - blocked by STP/RTG ge-0/0/6.0 down default blocked - blocked by STP/RTG ge-0/0/7.0 down default blocked - blocked by STP/RTG ge-0/0/8.0 up default unblocked ge-0/0/9.0 down default blocked - blocked by STP/RTG ge-0/0/10.0 down default blocked - blocked by STP/RTG ge-0/0/11.0 up default unblocked ge-0/0/12.0 down default blocked - blocked by STP/RTG ge-0/0/13.0 down default blocked - blocked by STP/RTG ge-0/0/14.0 down default blocked - blocked by STP/RTG ge-0/0/15.0 down default blocked - blocked by STP/RTG ge-0/0/16.0 down default blocked - blocked by STP/RTG ge-0/0/17.0 down default blocked - blocked by STP/RTG ge-0/0/18.0 down default blocked - blocked by STP/RTG ge-0/0/19.0 up default unblocked ge-0/0/20.0 down default blocked - blocked by STP/RTG ge-0/0/21.0 down default blocked - blocked by STP/RTG ge-0/0/22.0 down default blocked - blocked by STP/RTG ge-0/0/23.0 down default blocked - blocked by STP/RTG ge-0/1/0.0 up default unblocked ge-0/1/1.0 up default unblocked ge-0/1/2.0 up default unblocked ge-0/1/3.0 up default unblocked me0.0 up mgmt unblocked
Meaning
The show ethernet-switching interfaces command lists all interfaces on which switching is enabled (in the Interfaces column), along with the VLANs that are active on the interfaces (in the VLAN members column). The output in this example shows all the connected interfaces, ge-0/0/0 through ge-0/0/12 and ge-0/0/17 through ge-0/0/20 and that they are all part of VLAN default. Notice that the interfaces listed are the logical interfaces, not the physical interfaces. For example, the output shows ge-0/0/0.0 instead of ge-0/0/0. This is because JUNOS Software creates VLANs on logical interfaces, not directly on physical interfaces.