Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Also:     Aggregated Ethernet Links (AE) to for an link aggregation group (LAG)

...

https://www.juniper.net/documentation/en_US/junos/topics/concept/lag-qfx-series-overview.html




EX


QFX   

Junos OS Evolved

https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/link-aggregation-cli.html

Code Block
titleAE/LAG interface and LACP
set chassis aggregated-devices ethernet device-count 2
set interfaces ae0 aggregated-ether-options link-speed 1g
set interfaces xe-0/0/4 ether-options 802.3ad ae0
set interfaces ae0.0 family inet address 192.168.200.1/24
set interfaces xe-1/0/4 ether-options 802.3ad ae0
set interfaces ae0 aggregated-ether-options minimum-links 1



{master:0}
root@QFX5100-1-RL102> show interfaces ae0 detail | find "Logical interface ae0.0"
  Logical interface ae0.0 (Index 656) (SNMP ifIndex 720) (HW Token 4095) (Generation 247)
    Flags: Up SNMP-Traps 0x4004000 Encapsulation: ENET2
    Statistics        Packets        pps         Bytes          bps
    Bundle:
        Input :            13          0          3900            0
        Output:            35          0          7483            0
    Adaptive Statistics:
        Adaptive Adjusts:          0
        Adaptive Scans  :          0
        Adaptive Updates:          0
    Link:
      xe-0/0/4.0
        Input :             0          0             0            0
        Output:             6          0          1878            0
      xe-1/0/4.0
        Input :             0          0             0            0
        Output:            51          0         13524            0


    Aggregate member links: 2

    Marker Statistics:   Marker Rx     Resp Tx   Unknown Rx   Illegal Rx
      xe-0/0/4.0                 0           0            0            0
      xe-1/0/4.0                 0           0            0            0
    Protocol inet, MTU: 1500
    Max nh cache: 75000, New hold nh limit: 75000, Curr nh cnt: 0, Curr new hold cnt: 0, NH drop cnt: 0
    Generation: 224, Route table: 8
      Flags: Sendbcast-pkt-to-re, Is-Primary
      Addresses, Flags: Is-Default Is-Preferred Is-Primary
        Destination: 192.168.200/24, Local: 192.168.200.1, Broadcast: 192.168.200.255, Generation: 140


https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/lacp-cli.html


Code Block
titleLACP configuration




SRX

AE configuration


Security Zone Configuration

Code Block
titlesecurity zones
BMS1 Zone:
set security zones security-zone BMS1Zone host-inbound-traffic system-services all
set security zones security-zone BMS1Zone host-inbound-traffic protocols all
set security zones security-zone BMS1Zone interfaces ae0

DC-GW Zone:
set security zones security-zone DC-GW1 host-inbound-traffic system-services all
set security zones security-zone DC-GW1 host-inbound-traffic protocols all
set security zones security-zone DC-GW1 interfaces ge-0/0/2.0
set security zones security-zone DC-GW1 interfaces ge-0/0/3.0


Code Block
titleshow interface and security zone
collapsetrue
root@SRX300-1-RL102> show interfaces ae0 detail | find "Security: Zone:"
    Security: Zone: BMS1Zone
    Allowed host-inbound traffic : bfd bgp dvmrp igmp ldp msdp nhrp ospf pgm pim rip router-discovery rsvp sap vrrp
    Flow Statistics :
    Flow Input statistics :
      Self packets :                     2
      ICMP packets :                     3
      VPN packets :                      0
      Multicast packets :                0
      Bytes permitted by policy :        168
      Connections established :          0
    Flow Output statistics:
      Multicast packets :                0
      Bytes permitted by policy :        168
    Flow error statistics (Packets dropped due to):
      Address spoofing:                  0
      Authentication failed:             0
      Incoming NAT errors:               0
      Invalid zone received packet:      0
      Multiple user authentications:     0
      Multiple incoming NAT:             0
      No parent for a gate:              0
      No one interested in self packets: 0
      No minor session:                  0
      No more sessions:                  0
      No NAT gate:                       0
      No route present:                  0
      No SA for incoming SPI:            0
      No tunnel found:                   0
      No session for a gate:             0
      No zone or NULL zone binding       1
      Policy denied:                     0
      Security association not active:   0
      TCP sequence number out of window: 0
      Syn-attack protection:             0
      User authentication errors:        0
    Protocol inet, MTU: 1500
    Max nh cache: 100000, New hold nh limit: 100000, Curr nh cnt: 1, Curr new hold cnt: 0, NH drop cnt: 0
    Generation: 167, Route table: 0
      Flags: Sendbcast-pkt-to-re
      Addresses, Flags: Is-Preferred Is-Primary
        Destination: 192.168.200/24, Local: 192.168.200.2, Broadcast: 192.168.200.255, Generation: 154



LACP configuration



MX