...
https://www.juniper.net/documentation/en_US/junos/topics/concept/lag-qfx-series-overview.html
|
|
---|
EX |
|
|
|
QFX Junos OS Evolved | https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/link-aggregation-cli.html Code Block |
---|
title | AE/LAG interface and LACP |
---|
| set chassis aggregated-devices ethernet device-count 2
set interfaces ae0 aggregated-ether-options link-speed 1g
set interfaces xe-0/0/4 ether-options 802.3ad ae0
set interfaces ae0.0 family inet address 192.168.200.1/24
set interfaces xe-1/0/4 ether-options 802.3ad ae0
set interfaces ae0 aggregated-ether-options minimum-links 1
{master:0}
root@QFX5100-1-RL102> show interfaces ae0 detail | find "Logical interface ae0.0"
Logical interface ae0.0 (Index 656) (SNMP ifIndex 720) (HW Token 4095) (Generation 247)
Flags: Up SNMP-Traps 0x4004000 Encapsulation: ENET2
Statistics Packets pps Bytes bps
Bundle:
Input : 13 0 3900 0
Output: 35 0 7483 0
Adaptive Statistics:
Adaptive Adjusts: 0
Adaptive Scans : 0
Adaptive Updates: 0
Link:
xe-0/0/4.0
Input : 0 0 0 0
Output: 6 0 1878 0
xe-1/0/4.0
Input : 0 0 0 0
Output: 51 0 13524 0
Aggregate member links: 2
Marker Statistics: Marker Rx Resp Tx Unknown Rx Illegal Rx
xe-0/0/4.0 0 0 0 0
xe-1/0/4.0 0 0 0 0
Protocol inet, MTU: 1500
Max nh cache: 75000, New hold nh limit: 75000, Curr nh cnt: 0, Curr new hold cnt: 0, NH drop cnt: 0
Generation: 224, Route table: 8
Flags: Sendbcast-pkt-to-re, Is-Primary
Addresses, Flags: Is-Default Is-Preferred Is-Primary
Destination: 192.168.200/24, Local: 192.168.200.1, Broadcast: 192.168.200.255, Generation: 140
|
https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/lacp-cli.html
Code Block |
---|
title | LACP config and show commands |
---|
collapse | true |
---|
| set interfaces ae0 aggregated-ether-options lacp active
{master:0}
root@QFX5100-1-RL102> show lacp interfaces
Aggregated interface: ae0
LACP state: Role Exp Def Dist Col Syn Aggr Timeout Activity
xe-1/0/4 Actor No No Yes Yes Yes Yes Fast Active
xe-1/0/4 Partner No No Yes Yes Yes Yes Fast Passive
xe-0/0/4 Actor No No Yes Yes Yes Yes Fast Active
xe-0/0/4 Partner No No Yes Yes Yes Yes Fast Passive
LACP protocol: Receive State Transmit State Mux State
xe-1/0/4 Current Fast periodic Collecting distributing
xe-0/0/4 Current Fast periodic Collecting distributing
{master:0}
root@QFX5100-1-RL102> show lacp statistics interfaces ae0
Aggregated interface: ae0
LACP Statistics: LACP Rx LACP Tx Unknown Rx Illegal Rx
xe-0/0/4 37 179 0 0
xe-1/0/4 35 180 0 0
{master:0}
root@QFX5100-1-RL102> ping routing-instance vr1 192.168.200.2
PING 192.168.200.2 (192.168.200.2): 56 data bytes
64 bytes from 192.168.200.2: icmp_seq=0 ttl=64 time=18.152 ms
64 bytes from 192.168.200.2: icmp_seq=1 ttl=64 time=13.183 ms
|
https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/lacp-cli.html | SRX | AE configuration Security Zone Configuration Code Block |
---|
| BMS1 Zone:
set security zones security-zone BMS1Zone host-inbound-traffic system-services all
set security zones security-zone BMS1Zone host-inbound-traffic protocols all
set security zones security-zone BMS1Zone interfaces ae0
DC-GW Zone:
set security zones security-zone DC-GW1 host-inbound-traffic system-services all
set security zones security-zone DC-GW1 host-inbound-traffic protocols all
set security zones security-zone DC-GW1 interfaces ge-0/0/2.0
set security zones security-zone DC-GW1 interfaces ge-0/0/3.0
|
Code Block |
---|
title | show interface and security zone |
---|
collapse | true |
---|
| root@SRX300-1-RL102> show interfaces ae0 detail | find "Security: Zone:"
Security: Zone: BMS1Zone
Allowed host-inbound traffic : bfd bgp dvmrp igmp ldp msdp nhrp ospf pgm pim rip router-discovery rsvp sap vrrp
Flow Statistics :
Flow Input statistics :
Self packets : |
|
|
|
SRX | AE configuration Code Block |
---|
|
set interfaces ge-0/0/4 ether-options 802.3ad ae0
set interfaces ge-0/0/5 ether-options 802.3ad ae0
set interfaces ae0 unit 0 family inet address 192.168.200.2/24
|
Security Zone Configuration Code Block |
---|
| BMS1 Zone:
set security zones security-zone BMS1Zone host-inbound-traffic system-services all
set security zones security-zone BMS1Zone host-inbound-traffic protocols all
set security zones security-zone BMS1Zone interfaces ae0
DC-GW Zone:
set security zones security-zone DC-GW1 host-inbound-traffic system-services all
set security zones security-zone DC-GW1 host-inbound-traffic protocols all
set security zones security-zone DC-GW1 interfaces ge-0/0/2.0
set security zones security-zone DC-GW1 interfaces ge-0/0/3.0
|
Code Block |
---|
title | show interface and security zone |
---|
collapse | true |
---|
| root@SRX300-1-RL102> show interfaces ae0 detail | find "Security: Zone:"
Security: Zone: BMS1Zone
Allowed host-inbound traffic : bfd bgp dvmrp igmp ldp msdp nhrp ospf pgm pim rip router-discovery rsvp sap vrrp
Flow Statistics :
Flow Input statistics :
Self packets : 2
ICMP packets : 3
VPN packets : 0
Multicast packets : 0
Bytes permitted by policy : 168
Connections established : 0
Flow Output statistics:
Multicast packets : 0
Bytes permitted by policy : 168
Flow error statistics (Packets dropped due to):
Address spoofing: 0
Authentication failed: 0
Incoming NAT errors: 0
Invalid zone received packet: 0
Multiple user authentications: 0
Multiple incoming NAT: 0
No parent for a gate: 0
No one interested in self packets: 0
No minor session: 0
No more sessions: 0
No NAT gate: 0
No route present: 2 0
ICMP packetsNo :SA for incoming SPI: 0
3 No tunnel found: VPN packets : 0
No session 0for a gate: Multicast packets : 0
No zone or 0NULL zone binding Bytes permitted by1
policy : Policy denied: 168 Connections established : 0
Flow Output statistics:Security association not active: 0
Multicast packets : TCP sequence number out of window: 0
0 Syn-attack protection: Bytes permitted by policy : 0
168 Flow errorUser statisticsauthentication (Packetserrors: dropped due to): 0
Address spoofing: Protocol inet, MTU: 1500
Max nh cache: 100000, New hold nh limit: 0100000, Curr nh cnt: 1, Curr new Authenticationhold failedcnt: 0, NH drop cnt: 0
Generation: 167, Route table: 0
Incoming NAT errorsFlags: Sendbcast-pkt-to-re
Addresses, Flags: Is-Preferred Is-Primary
0 Invalid zone received packet: 0
Multiple user authentications: 0
Destination: 192.168.200/24, Local: 192.168.200.2, Broadcast: 192.168.200.255, Generation: 154
|
LACP configuration Code Block |
---|
title | LACP config and show commands |
---|
collapse | true |
---|
| set interfaces ae0 aggregated-ether-options lacp passive
root@SRX300-1-RL102> show lacp interfaces
Aggregated interface: ae0
MultipleLACP incoming NATstate: Role Exp 0Def Dist Col Syn No parentAggr for aTimeout gate: Activity
ge-0/0/4 0 Actor No one interested in selfNo packets: 0 Yes Yes Yes No minorYes session: Fast Passive
ge-0/0/4 0 Partner No more sessions: No Yes Yes Yes Yes Fast 0 Active
No NAT gate: ge-0/0/5 Actor No No Yes Yes 0Yes Yes No routeFast present: Passive
ge-0/0/5 Partner 0No No No SAYes for incomingYes SPI: Yes Yes Fast 0 Active
LACP Noprotocol: tunnel found: Receive State Transmit State 0 Mux State
No session for a gate: ge-0/0/4 0 Current Fast Noperiodic zoneCollecting ordistributing
NULL zone binding ge-0/0/5 1 Policy denied: Current Fast periodic Collecting distributing
root@SRX300-1-RL102> show lacp statistics interfaces ae0
0Aggregated interface: ae0
SecurityLACP associationStatistics: not active: 0 LACP Rx TCP sequenceLACP numberTx out of window:Unknown 0Rx Illegal Rx
Syn-attack protection: ge-0/0/4 0 User392 authentication errors: 392 0 Protocol inet, MTU: 1500 0 Max nh cache: 100000, New hold nh limit: 100000, Curr nh0
cnt: 1, Curr new hold cnt: 0, NH drop cnt: 0ge-0/0/5 Generation: 167, Route table: 0 392 Flags: Sendbcast-pkt-to-re 390 Addresses, Flags: Is-Preferred Is-Primary 0 Destination: 192.168.200/24, Local: 192.168.200.2, Broadcast: 192.168.200.255, Generation: 1540
| LACP configuration
|
|
|
MX |
|
|
|
|
|
|
|
|
|