Juniper EX4600 Layer 3 Config -Interfaces – Part 1

Juniper EX4600 Layer 3 Config -Interfaces – Part 1

Deploying a Mist Wireless Network is really easy. The whole process can be automated via UI and/or APIs. I can literally just design everything in Ekahau, drag and drop and be done with it. When it comes to Juniper Switching and it’s integration into the Mist Dashboard, that process is still improving as they continue to add features based on the user feedback.

Recently I’ve had to do some Layer 3 configuration on Juniper EX4600 switches. I come from a Cisco background and can accomplish it on a Cisco L3 switch with my eyes closed. It was bit of a curve doing it on a Juniper switch. Before I go any further, I would like to appreciate Juniper/Mist support, Matthew Jolly and Dan LaMay, Jake Snyder for their help and assistance.

Network Topology:

Because of the configuration differences between Juniper and Cisco, I had to figure out how exactly I would create the VLAN interfaces on the Juniper switch and connect the switch to the upstream router. Following picture displays a high level topology:

EX4600 point to point with Cisc

Creating Interfaces:

First step was to configure the link between Cisco and Juniper. I simply created a port-channel on a Cisco router; added two physical interfaces gig0/1 and gig0/2 under that port channel interface, and added the IP Address to the port channel. For Juniper side my initial config was as follows:

set chassis aggregated-devices ethernet device-count 128
set interfaces ge-0/0/23 ether-options 802.3ad ae23
set interfaces ge-1/0/23 ether-options 802.3ad ae23
set interfaces ae23 aggregated-ether-options minimum-links 1
set interfaces ae23 aggregated-ether-options lacp active
set interfaces ae23 aggregated-ether-options lacp force-up
set interfaces irb unit 0 family inet adddress
set routing-options static route next-hop

This config worked fine. I was able to ping the Cisco’s interface successfully and even out to the internet from the EX4600. But when the time came to get this in the Mist Dashboard I realized that under the IP configuration I have to specify a VLAN, regardless of if I choose DHCP or Static. This means I can not simply put the IP on the physical interface, I have to utilize a logical interface. Kind of like using a pass-through VLAN.

To resolve this, I simply created a VLAN for the interconnect between Cisco and Juniper and set it up as VLAN 888.

Secondly, Mist has added a static route option which allowed me to add a default route from the UI instead of CLI. Note: It shows BETA for now, but it works perfectly fine. This can be defined on the org level, site level or device level.

Mist – Wired Assurance – Static Route

Next step was adding all the other VLAN interfaces to the Juniper switch. For this purpose I utilized the “Additional CLI Command” area in the Mist Dashboard.

Mist Dashboard – Wired Assurance – Additional CLI Commands

Mist Dashboard magic:

I did realize during the process that instead of adding all those CLI commands for the VLAN interfaces I can also create all the VLAN interfaces via Mist UI using the “Add IP Configuration” option.

Mist – Wired Assurance – Add IP Configuration
Mist – Wired Assurance – New IP Configuration

Once all the interfaces are created, it should look something like this. NOTE: One important thing that confused me here was that, not all interfaces were showing up here. This part of the UI after you create VLAN interfaces only shows 5 interfaces. I kept thinking that I may be doing something wrong. Looking at the CLI I was able to confirm that all the interfaces were there as shown in the two sample pictures below.

This can also be confirmed by looking under “STATISTICS” section as shown below. NOTE: One thing I need to look into more is “(vlan 0)”. That should say “(vlan 1)”. Even though it is tagged as 1, but in the UI why it is showing up as “0”?

Mist – Wired Assurance – EX4600 L3 Config

Some Key Notes:

  • On a Cisco switch, I am used to typing “ip routing” for the inter-vlan routing to work. I noticed that I did not have to do that in EX4600 switch.
  • For the port-channel/LAG to work between Cisco Router and Juniper EX4600 I needed to use the “force-up” command because Cisco router does not support LACP or PAgP. Both sides require “mode on/force-up”.
  • Switch needs access to the internet so that it can download its configuration.
  • Either use management port with access to DHCP server and outbound connectivity (can be done during staging)
  • If there is no DHCP and switch is getting connected directly to the upstream device and a LAG, initial minimum config is needed, so that switch can go out and pull rest of it’s config.
set chassis aggregated-devices ethernet device-count ###
set interfaces ae## aggregated-ether-options minimum-links 1
set interfaces ae## aggregated-ether-options lacp active
set interfaces ae## aggregated-ether-options lacp force-up
set interfaces irb unit ## family inet address ip-address
set routing-options static route next-hop gateway-ip

As Mist adds features in their UI, I think configuring switches and deploying them would keep getting easier. Feel free to add and/or correct here, always looking for good feedback that can help us all. To be continued …….

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

WordPress SEO