Mailing List Archive

Juniper EX/QFX vlan-id-list limitation
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Juniper EX/QFX vlan-id-list limitation [ In reply to ]
Hi,

We miraculously found this doc before implementing such QinQ conf on EX4600 (that are low end QFX5100).
So we didn't try to test the switch with this case, and we directly used such config: instead of vlan-id-list [some ids], we (nearly) always use the same one everywhere: vlan-id-list 2-4094. Problem fixed before it appeared.

Sometimes we use vlan-id-list 1-4094 and native-vlan 1, when some untagged traffic must be carried too – in this case the untagged traffic is double-tagged on the NNI port with dot1q tag 1 as cvlan – there's a thread about that in this mailing-list by the way.


> Le 12 août 2020 à 18:18, Robin Williams via juniper-nsp <juniper-nsp@puck.nether.net> a écrit :
>
> Has anyone come across PR1395312 before?
>
> “On ACX/EX/QFX platforms, if VLAN ID lists are configured under a single physical interface, Q-in-Q might stop working for certain VLAN ID lists”.
>
> [...]
>
> interfaces {
> xe-0/1/0 {
> flexible-vlan-tagging;
> encapsulation extended-vlan-bridge;
> unit 3104 {
> vlan-id-list [ 1102 1128 1150 1172 4000 4001 4002 4003];
> input-vlan-map push;
> output-vlan-map pop;
> }
>
> The docs page for ‘vlan-id-lists’ does mention:
> https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/vlan-id-list-edit-bridge-domains.html
>
> “WARNING On some EX and QFX Series switches, if VLAN identifier list (vlan-id-list) is used for Q-in-Q tunnelling, you can apply no more than eight VLAN identifier lists to a physical interface.”

_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Juniper EX/QFX vlan-id-list limitation [ In reply to ]
_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: Juniper EX/QFX vlan-id-list limitation [ In reply to ]
Our QinQ usage model is many UNIs toward one NNI, therefore we never have several QinQ stuff per UNI. Maybe it's the difference between your usage and ours ?
If you need to have several QinQ svlans on one UNI port, I guess you'll be bitten again by the number of IDs limit (but maybe several ranges are possible?).


Anyway, here are the QinQ configs we use on EX4600 (so: ELS style):


NNI interface (also using real vlans on unit 0, completely independent of QinQ ones – this mix works only on 4600, not on smaller switches):

ae0 {
flexible-vlan-tagging;
mtu 9216;
encapsulation flexible-ethernet-services;
unit 0 {
family ethernet-switching {
interface-mode trunk;
vlan {
members [. some vlan we use as real vlans, having nothing to do with QinQ ];
}
}
}
unit 3000 {
description "Q-in-Q My Customer 1";
encapsulation vlan-bridge;
vlan-id 3000;
}
unit 3001 {
description "Q-in-Q My Customer 2";
encapsulation vlan-bridge;
vlan-id 3001;
}
}



UNI interfaces:

ae3 {
description "My Customer 1";
flexible-vlan-tagging;
mtu 9216;
encapsulation extended-vlan-bridge;
unit 3000 {
description "Q-in-Q My Customer 1";
vlan-id-list 2-4094;
input-vlan-map push;
output-vlan-map pop;
}
}
ae4 {
description "My Customer 2";
flexible-vlan-tagging;
native-vlan-id 1;
mtu 9216;
encapsulation extended-vlan-bridge;
unit 3001 {
description "Q-in-Q My Customer 2";
vlan-id-list 1-4094;
input-vlan-map push;
output-vlan-map pop;
}
}


QinQ vlans:

vlans {
qinq-3000 {
description "Q-in-Q My Customer 1";
interface ae0.3000;
interface ae3.3000;
switch-options {
no-mac-learning;
}
}
qinq-3001 {
description "Q-in-Q My Customer 2";
interface ae0.3001;
interface ae4.3001;
switch-options {
no-mac-learning;
}
}
}


> Le 13 août 2020 à 23:04, Robin Williams <robin.williams@tnp.net.uk> a écrit :
>
> Hi Olivier,
>
> Thanks for the reply - it does seem rather odd that I can't do on a new high end EX or QFX switch, what I used to be able to do on a bottom end EX2200 with the dot1q-tunnelling stanza.
>
> Regarding your workaround - were you running this config on the same physical interface? As that won't commit in this scenario (as it presumably doesn't know which vlans to push into which outer..)
>
> flexible-vlan-tagging;
> encapsulation extended-vlan-bridge;
> unit 3104 {
> vlan-id-list 1-4094;
> input-vlan-map push;
> output-vlan-map pop;
> }
> unit 3107 {
> vlan-id-list 1-4094;
> input-vlan-map push;
> output-vlan-map pop;
> }
>
> {master:0}[edit interfaces ge-0/0/1]
> # commit check
> [edit interfaces ge-0/0/1]
> 'unit 3107'
> duplicate VLAN-ID on interface
> error: configuration check-out failed
>
> Cheers,
> Rob
>
>
>
>
>
> -----Original Message-----
> From: juniper-nsp <juniper-nsp-bounces@puck.nether.net> On Behalf Of Olivier Benghozi
> Sent: 12 August 2020 19:12
> To: juniper-nsp@puck.nether.net
> Subject: Re: [j-nsp] Juniper EX/QFX vlan-id-list limitation
>
> Hi,
>
> We miraculously found this doc before implementing such QinQ conf on EX4600 (that are low end QFX5100).
> So we didn't try to test the switch with this case, and we directly used such config: instead of vlan-id-list [some ids], we (nearly) always use the same one everywhere: vlan-id-list 2-4094. Problem fixed before it appeared.
>
> Sometimes we use vlan-id-list 1-4094 and native-vlan 1, when some untagged traffic must be carried too – in this case the untagged traffic is double-tagged on the NNI port with dot1q tag 1 as cvlan – there's a thread about that in this mailing-list by the way.
>
>
>> Le 12 août 2020 à 18:18, Robin Williams via juniper-nsp <juniper-nsp@puck.nether.net> a écrit :
>>
>> Has anyone come across PR1395312 before?
>>
>> “On ACX/EX/QFX platforms, if VLAN ID lists are configured under a single physical interface, Q-in-Q might stop working for certain VLAN ID lists”.
>>
>> [...]
>>
>> interfaces {
>> xe-0/1/0 {
>> flexible-vlan-tagging;
>> encapsulation extended-vlan-bridge;
>> unit 3104 {
>> vlan-id-list [ 1102 1128 1150 1172 4000 4001 4002 4003];
>> input-vlan-map push;
>> output-vlan-map pop;
>> }
>>
>> The docs page for ‘vlan-id-lists’ does mention:
>> https://www.juniper.net/documentation/en_US/junos/topics/reference/con
>> figuration-statement/vlan-id-list-edit-bridge-domains.html
>>
>> “WARNING On some EX and QFX Series switches, if VLAN identifier list (vlan-id-list) is used for Q-in-Q tunnelling, you can apply no more than eight VLAN identifier lists to a physical interface.”

_______________________________________________
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp