I started rebuilding my lab and wanted to document some of the architecture as well as commands used for the different networking devices I use at home.
Dell vlans:
Configure the vlan
enable > configure
vlan 10
configure interface vlan 10
ip address 10.0.1.1 /24
exit
Configure Trunk Port
configure interface Te1/1/4
switchport mode trunk
switchport trunk allowed vlan add 2,4
exit
console#show running-config interface Tengigabitethernet 1/1/4
spanning-tree portfast
switchport mode trunk
no lldp tlv-select dcbxp ets-config
no lldp tlv-select dcbxp ets-recommend
no lldp tlv-select dcbxp pfc
no lldp tlv-select dcbxp application-priority
configure access ports
configure interface Te1/0/8
switchport mode access
switchport access vlan 4
console#show running-config interface Tengigabitethernet 1/0/8
speed auto 10000
description “comp1blue”
spanning-tree portfast
switchport general pvid 4
switchport access vlan 4
no lldp tlv-select dcbxp ets-config
no lldp tlv-select dcbxp ets-recommend
no lldp tlv-select dcbxp pfc
no lldp tlv-select dcbxp application-priority
Save configuration
copy running-config startup-config
show all vlans
console#show vlan
VLAN Name Ports Type
—– ————— ————- ————–
1 default Po1-128, Default
Te1/0/1-3,
Te1/0/5-7,
Te1/0/10-16,
Te1/0/18,
Te1/0/20-24,
Te1/1/1-4
2 ipmi Te1/0/19, Static
Te1/0/23,
Te1/1/4
4 External Te1/0/4, Static
Te1/0/8-9,
Te1/0/17,
Te1/0/23,
Te1/1/4
HP ProCurve Switch 2810-24G
enable->configure
ProCurve Switch 2810-24G(config)#
hostname “ProCurve Switch 2810-24G”
ip default-gateway 192.168.1.1
snmp-server community “public” Unrestricted
vlan 1
name “DEFAULT_VLAN”
untagged 1-10,20-24
ip address 192.168.1.2 255.255.255.0
no untagged 11-19
exit
vlan 2
name “smc”
untagged 11-19
ip address 10.0.2.3 255.255.255.0
tagged 23
exit
gvrp
password manager
Trunk port is configured via tagged statement and port number
Access port is configured via untagged statement and port number
Save config
write memory
Juniper SRX
Configure SRX 300 vlan
set vlans ipmi vlan-id 2
set vlans External vlan-id 3
root> show vlans
Routing instance VLAN name Tag Interfaces
default-switch External 4
ge-0/0/2.0
ge-0/0/5.0*
default-switch default 1
default-switch ipmi 2
ge-0/0/1.0*
ge-0/0/5.0*
default-switch vlan-trust 3
ge-0/0/3.0
ge-0/0/4.0
ge-0/0/5.0*
ge-0/0/6.0
L3 interface
set vlans ipmi l3-interface irb.2
set vlans External l3-interface irb.4
set interfaces irb unit 2 family inet address 10.0.2.1/24
set interfaces irb unit 4 family inet address 10.0.4.1/24
set security zones security-zone trust interfaces irb.2
set security zones security-zone trust interfaces irb.4
If you want that the different interfaces can ping each other a new policy in zone trust needs to be created.
from-zone trust to-zone trust {
policy trust-to-trust {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
make sure you are allowing ping as well
zones {
security-zone trust {
host-inbound-traffic {
system-services {
all;
ping;
}
protocols {
all;
}
}
Verify ethernet-switching is working
root> show ethernet-switching interface
Routing Instance Name : default-switch
Logical Interface flags (DL – disable learning, AD – packet action drop,
LH – MAC limit hit, DN – interface down,
MMAS – Mac-move action shutdown,
SCTL – shutdown by Storm-control )
Logical Vlan TAG MAC STP Logical Tagging
interface members limit state interface flags
ge-0/0/1.0 16383 untagged
ipmi 2 16383 Forwarding untagged
ge-0/0/2.0 16383 DN untagged
External 4 16383 Discarding untagged
ge-0/0/3.0 16383 DN untagged
vlan-trust 3 16383 Discarding untagged
ge-0/0/4.0 16383 DN untagged
vlan-trust 3 16383 Discarding untagged
ge-0/0/5.0 16383 tagged
ipmi 2 16383 Forwarding tagged
vlan-trust 3 16383 Forwarding tagged
External 4 16383 Forwarding tagged
ge-0/0/6.0 16383 DN untagged
vlan-trust 3 16383 Discarding untagged
Trunk port
root# show interfaces ge-0/0/5
unit 0 {
family ethernet-switching {
interface-mode trunk;
vlan {
members [ vlan-trust ipmi External ];
}
}
}