Juniper EX4200 Questions

Notice: Page may contain affiliate links for which we may earn a small commission through services like Amazon Affiliates or Skimlinks.

thehotdog

New Member
Sep 16, 2015
6
0
1
36
I recently picked up a couple EX4200-48PX switches and am testing them. This is my fist time using Juniper HW so i am still figuring them out. Anyone know of any issues or have any helpful tips dealing with Juniper?
How is the management? I noticed it has a web ui but I haven't looked at it yet because it keeps complaining about needing an update.
How does one go about getting updates from Juniper? I created an account but it looks like I need something on maintenance to get access. Any tricks like buying something cheap just to get an active account?
 

gslavov

New Member
Jun 7, 2017
17
5
3
45
I have never used their WebUI but the cli is quite simple and intuitive. If you have ever worked with Cisco gear, think a cleaner version of that which actually makes sense when you read the config.

As for updates, supports contracts tend to be expensive and not really worth it for home labs. PM me about a current junos for the 4200.
 

Blinky 42

Active Member
Aug 6, 2015
615
232
43
48
PA, USA
JWeb is really handy only to get different summarized / alternative views of things, but everything is possible in the CLI. The CLI is also far faster than jweb on every juniper device I have ever used. I highly recommend just learning the cli and ignoring jweb. Use of the CLI is so common that the newer switches ship with a stripped down mini jweb instance that gives you basic status and a way to upgrade the software packages on the switch, and install the enhanced jweb if you need to.

Most juniper devices also have a few license levels, to unlock things like IGMP/PIM, BGP etc. Typically you can commit configurations that need extra license levels but it will warn you only have X days to add the license before you can't commit the config with the statements needing the extra license. X=30 if I recall correctly from spinning up BGP4 on a ex3300 to fix temporary problems earlier this summer. When you remove the config items that need the license, it stops complaining.
 
  • Like
Reactions: thehotdog

aero

Active Member
Apr 27, 2016
346
86
28
54
Jweb is trash IMHO...so slow. The cli is pretty great, although not Cisco-like. Commit-confirm method for applying config changes is a really nice feature.
 
  • Like
Reactions: Hrast

WANg

Well-Known Member
Jun 10, 2018
1,302
967
113
46
New York, NY
Issues? No. Things I can tell you? Sure.

First things first - JunOS is basically forked FreeBSD, so somewhere on the switch is the ability to get a bash shell.
Second, the onboard hardware is a Freescale (now NXP) MPC8533 PowerQuicc III, it's an e500 core (think of it as like a stripped down PowerPC G5 chip minus the 64 bit general use registers) combined with 1GB of RAM. The flash supposedly reside on a USB-DOM.

As for the UI/CLI? J-web is...meh. I have it enabled on my SRX100H2, but it's not really necessary. The CLI is a godsend. Autocompletion, time triggered rollbacks, very intuitive compared to the bleh-ness and inconsistencies of Cisco.

JunOS availability? Oh, the switch has been EOLed for the past 2 years. If you know what you need, I am pretty sure people here can oblige.
 
Last edited:
  • Like
Reactions: thehotdog

thehotdog

New Member
Sep 16, 2015
6
0
1
36
Thank you for the responses. I am hoping to dive into it next week.
I was able to find a copy of 15.1R7.9 which looks like the latest OS for this model.
I picked up a couple 10g cards to test out too.

@Blinky 42 Thanks for the advice. I hadn't even thought about license levels. It will be awhile before I have the time to look at BGP though.

@WANg Thanks for the info. It looks like the CLI is the way to go.
 

thehotdog

New Member
Sep 16, 2015
6
0
1
36
Just hit my first speed bump.
I am trying to setup vlans and would like the default vlan be 1 and a tagged vlan of 500 on each port. So each port will default to 1 with untagged traffic and it will allow 500 traffic if tagged.

I tried setting up the two vlans and then running the following for each port but it didn't seem to work.
set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode trunk
set interfaces ge-0/0/0 unit 0 family ethernet-switching native-vlan-id 1

Any advice on what I missed?
 

gslavov

New Member
Jun 7, 2017
17
5
3
45
Just hit my first speed bump.
I am trying to setup vlans and would like the default vlan be 1 and a tagged vlan of 500 on each port. So each port will default to 1 with untagged traffic and it will allow 500 traffic if tagged.

I tried setting up the two vlans and then running the following for each port but it didn't seem to work.
set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode trunk
set interfaces ge-0/0/0 unit 0 family ethernet-switching native-vlan-id 1

Any advice on what I missed?
Never tried setting a vlan by its numerical id on a Juniper so that might be your issue. Below is what I have configured on one of my switches:

set interfaces ge-0/0/40 unit 0 family ethernet-switching port-mode trunk
set interfaces ge-0/0/40 unit 0 family ethernet-switching vlan members Server
set interfaces ge-0/0/40 unit 0 family ethernet-switching vlan members Desktop
set interfaces ge-0/0/40 unit 0 family ethernet-switching native-vlan-id Server
 

thehotdog

New Member
Sep 16, 2015
6
0
1
36
Another speed bump has materialized in this process.
I configured two vlans one for untagged traffic (default) and one for tagged 500 (phone). I then added each port of the switch to both of the vlans and assigned the native-vlan-id to default.

I have connected a couple devices to the switch for testing and have a couple problems. The server received an ip address but when I used Hyper-V to create a virtual switch the virtual nic for the host wouldn't get an ip. I could manually tag the nic with vlan 1 and it would then work. I connected a poe phone that was configured for vlan 500 and it worked. I also connected the ipmi nic from the server to the switch and it wouldn't get an ip. The ipmi wasn't tagged. I don't get why untagged traffic worked for the server before the virtual switch was setup or why the ipmi port doesn't get an address. I did start down the road of packet capture and it looks like the dhcp request is being sent and the dhcp server responds, but the offering doesn't make it back to the requester. Is there anywhere else in the config file that i need to edit? Or is there something misconfigured in these lines which i missed? Thanks for the help.

Here is the config
Code:
version 15.1R7.9;
system {
    host-name MDFSW3;
    root-authentication {
        encrypted-password
    }
    services {
        ssh {
            protocol-version v2;
        }
        netconf {
            ssh;
        }
        web-management {
            http;
        }
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    ge-0/0/0 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/1 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/2 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/3 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/4 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/5 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/6 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/7 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/8 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/9 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/10 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/11 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/12 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/13 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/14 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/15 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/16 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/17 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/18 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/19 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/20 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/21 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/22 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/23 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/24 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/25 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/26 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/27 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/28 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/29 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/30 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/31 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/32 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/33 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/34 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/35 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/36 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/37 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/38 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/39 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/40 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/41 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/42 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/43 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/44 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/45 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/46 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/0/47 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/1/0 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    xe-0/1/0 {
        unit 0 {
            family ethernet-switching;
        }
    }
    ge-0/1/1 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    xe-0/1/1 {
        unit 0 {
            family ethernet-switching;
        }
    }
    ge-0/1/2 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    ge-0/1/3 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ Default Phone ];
                }
                native-vlan-id Default;
            }
        }
    }
    vlan {
        unit 0 {
            family inet {
                address 192.168.0.221/24;
            }
        }
    }
}
routing-options {
    static {
        route 0.0.0.0/0 next-hop 192.168.0.1;
    }
}
protocols {
    igmp-snooping {
        vlan all;
    }
    rstp;
    lldp {
        interface all;
    }
    lldp-med {
        interface all;
    }
}
ethernet-switching-options {
    storm-control {
        interface all;
    }
}
vlans {
    Default {
        vlan-id 1;
        l3-interface vlan.0;
    }
    Phone {
        vlan-id 500;
    }
}
poe {
    interface all;
}
 

Roelf Zomerman

Active Member
Jan 10, 2019
147
27
28
blog.azureinfra.com
this is what i have in my EX2200-C - where the members are the VLAN names

so no need to put the Default in the members again (it's already untagged on the port by native-vlan-id)
Code:
    ge-0/0/1 {
        description to-GS108-1;
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ DMZ WIFIG VPNTEST ];
                }
                native-vlan-id default;
            }
        }
    }

In your Hyper-V switch - you can create multiple networks with VLAN-ID's and a native one without specifying an ID.. and on one of the ports on the switch you can specify port mode is "access", so that port gets untagged VLAN traffic (for example for your iLO/Management port of the server). Specifying a VLAN in that config binds the interface to a VLAN..

which looks like:
Code:
    ge-0/0/5 {
        unit 0 {
            family ethernet-switching {
                port-mode access;
                vlan {
                    members DMZ;
                }
            }
        }
    }
And finally, if you have a port that just needs the native VLAN and nothing more, it would look like:
Code:
    ge-0/0/11 {
        unit 0 {
            family ethernet-switching {
                port-mode access;
            }
        }
    }
 
Last edited:

gslavov

New Member
Jun 7, 2017
17
5
3
45
Where does your DHCP server sit? I see that you are not using the switch to route traffic so something else must be doing the routing between the voice and default vlans. If the phones are getting an IP then you probably have your DHCP server there.

If all that is working fine then you probably just need to setup the forwarding options as below:

forwarding-options {
helpers {
bootp {
server 192.168.xxx.xxx;
interface {
vlan.0;
}
}
}
}
 

thehotdog

New Member
Sep 16, 2015
6
0
1
36
Thank you for the suggestions unfortunately the switch is still misbehaving.

@Roelf Zomerman i appreciate the advice, but i cannot make any of the switch ports access ports as i need the switch to be able to reassign the vlan that a port belongs to should a device be changed.
@gslavov thank you for the response, including those forwarding options allows tagged traffic to pass through
I've made it most of the way there as now it will process both unsigned traffic and traffic signed with vlan 500 correctly. However for a reason i cannot explain the switch refuses to process any other traffic correctly. I have tried to get network access through the switch with a number of other vlan tags and they have not worked. The traffic, whether it matches a vlan i have configured or not, will not make it to the network through the switch. Is there anything which i may have overlooked which could cause this problem? Thanks for the help as always.

I have an updated config file here:

Code:
version 15.1R7.9;
system {
    host-name MDFSW3;
    root-authentication {
        encrypted-password
    }
    services {
        ssh {
            protocol-version v2;
        }
        netconf {
            ssh;
        }
        web-management {
            http;
        }
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    ge-0/0/0 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/1 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/2 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/3 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/4 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/5 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/6 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/7 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/8 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/9 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/10 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/11 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/12 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/13 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/14 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/15 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/16 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/17 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/18 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/19 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/20 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/21 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/22 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/23 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/24 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/25 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/26 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/27 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/28 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/29 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/30 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/31 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/32 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/33 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/34 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/35 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/36 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/37 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/38 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/39 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/40 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/41 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/42 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/43 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/44 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/45 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/46 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/47 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/1/0 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    xe-0/1/0 {
        unit 0 {
            family ethernet-switching;
        }
    }
    ge-0/1/1 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    xe-0/1/1 {
        unit 0 {
            family ethernet-switching;
        }
    }
    ge-0/1/2 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/1/3 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    vlan {
        unit 0 {
            family inet {
                address 192.168.0.221/24;
            }
        }
    }
}
routing-options {
    static {
        route 0.0.0.0/0 next-hop 192.168.0.1;
    }
}
forwarding-options {
    helpers {
        bootp {
            server 192.168.0.8;
            interface {
                vlan.0;
            }
        }
    }
}
protocols {
    igmp-snooping {
        vlan all;
    }
    rstp;
    lldp {
        interface all;
    }
    lldp-med {
        interface all;
    }
}
ethernet-switching-options {
    storm-control {
        interface all;
    }
}
vlans {
    default {
        vlan-id 1;
        l3-interface vlan.0;
    }
    phone {
        vlan-id 500;
    }
    other {
        vlan-id 100;
    }
}
poe {
    interface all;
}
 

Blinky 42

Active Member
Aug 6, 2015
615
232
43
48
PA, USA
Do you have a 1G or 10G interface in the SFP+ ports?
If they interfaces are active at 10G then the xe-0/1/0 block applies, if 1G or lower then the ge-0/1/0 block applies.
In
Code:
   ge-0/1/0 {
       unit 0 {
           family ethernet-switching {
               port-mode trunk;
               vlan {
                   members [ phone other];
               }
               native-vlan-id default;
           }
       }
   }
   xe-0/1/0 {
       unit 0 {
           family ethernet-switching;
       }
   }
 

gslavov

New Member
Jun 7, 2017
17
5
3
45
From your config you have vlan 1 on every port as untagged and vlans 100 and 500 as tagged.

Your IP helper is attached to vlan 1 which look like the same vlan as the DHCP server from your addressing thus not doing anything useful. In addition you have no l3 interfaces on the other vlans so how are you routing traffic to them?

Any chance you can upload a simple sketch of what you are trying to achieve and what devices you have connected and I'll be happy to edit your config to match that. Otherwise PM me and I can walk you through the settings you need on chat.

Thank you for the suggestions unfortunately the switch is still misbehaving.

@Roelf Zomerman i appreciate the advice, but i cannot make any of the switch ports access ports as i need the switch to be able to reassign the vlan that a port belongs to should a device be changed.
@gslavov thank you for the response, including those forwarding options allows tagged traffic to pass through
I've made it most of the way there as now it will process both unsigned traffic and traffic signed with vlan 500 correctly. However for a reason i cannot explain the switch refuses to process any other traffic correctly. I have tried to get network access through the switch with a number of other vlan tags and they have not worked. The traffic, whether it matches a vlan i have configured or not, will not make it to the network through the switch. Is there anything which i may have overlooked which could cause this problem? Thanks for the help as always.

I have an updated config file here:

Code:
version 15.1R7.9;
system {
    host-name MDFSW3;
    root-authentication {
        encrypted-password
    }
    services {
        ssh {
            protocol-version v2;
        }
        netconf {
            ssh;
        }
        web-management {
            http;
        }
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
}
interfaces {
    ge-0/0/0 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/1 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/2 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/3 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/4 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/5 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/6 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/7 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/8 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/9 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/10 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/11 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/12 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/13 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/14 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/15 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/16 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/17 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/18 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/19 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/20 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/21 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/22 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/23 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/24 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/25 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/26 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/27 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/28 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/29 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/30 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/31 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/32 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/33 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/34 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/35 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/36 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/37 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/38 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/39 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/40 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/41 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/42 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/43 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/44 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/45 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/46 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/0/47 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/1/0 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    xe-0/1/0 {
        unit 0 {
            family ethernet-switching;
        }
    }
    ge-0/1/1 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    xe-0/1/1 {
        unit 0 {
            family ethernet-switching;
        }
    }
    ge-0/1/2 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    ge-0/1/3 {
        unit 0 {
            family ethernet-switching {
                port-mode trunk;
                vlan {
                    members [ phone other];
                }
                native-vlan-id default;
            }
        }
    }
    vlan {
        unit 0 {
            family inet {
                address 192.168.0.221/24;
            }
        }
    }
}
routing-options {
    static {
        route 0.0.0.0/0 next-hop 192.168.0.1;
    }
}
forwarding-options {
    helpers {
        bootp {
            server 192.168.0.8;
            interface {
                vlan.0;
            }
        }
    }
}
protocols {
    igmp-snooping {
        vlan all;
    }
    rstp;
    lldp {
        interface all;
    }
    lldp-med {
        interface all;
    }
}
ethernet-switching-options {
    storm-control {
        interface all;
    }
}
vlans {
    default {
        vlan-id 1;
        l3-interface vlan.0;
    }
    phone {
        vlan-id 500;
    }
    other {
        vlan-id 100;
    }
}
poe {
    interface all;
}
 

chung2313

New Member
Feb 2, 2021
1
0
1
May be Port Security caused the problem, Junos by default enables a tight port Security when VLAN is created, this mostly causing connection problem when pick and un-plug LAN cables of VM Server within the VLAN created, try disbale port security to see if this fix, then you can monitor the Port Security status to realize which host causing error, in most case, packet may be droped by failed ARP inspection.... Good luck !