Deprecated: Hook custom_css_loaded is deprecated since version jetpack-13.5! Use WordPress Custom CSS instead. Jetpack no longer supports Custom CSS. Read the documentation to learn how to apply custom styles to your site: in /var/www/ on line 6031
Native vlan ID in EX switches –

Native vlan ID in EX switches

I would like to show an example how we can use native vlan id in an EX switch. Normally if you set the port mode of an interface as trunk in EX switch, untagged traffic can’t pass through this interface. You have to tell Junos how it should behave on untagged frames.

This is my setup in which ge-0/0/0 port of an EX2200 is connected to an ESX server
I have untagged traffic to ESX server but tagged traffic to the VM cloud inside the host machine. I have two VLANs (101,103) for Virtual Machines inside this host. If I set the ge-0/0/0 as an access port, I can’t forward my frames tagged with these vlans. If I set it as trunk, I can’t reach ESX because it is an end host for my switch (though you can set vlan in ESX host interface, I am not doing for the demonstration purpose)

The config for EX switch for the port ge-0/0/0:

root@ex2200-1# show interfaces ge-0/0/0
/* ESX Server eth0 */
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members [ mgt vms OSlab ];
        native-vlan-id default;

By the configuration statement “native-vlan-id default“, we instruct the switch to accept untagged frames. Our default vlan is really untagged? Let’s see:

root@ex2200-1# run show vlans
Name           Tag     Interfaces
OSlab          103
                       ge-0/0/0.0*, ge-0/0/11.0*
                       ge-0/0/0.0*, ge-0/0/4.0, ge-0/0/5.0
vms            101
                       ge-0/0/0.0*, ge-0/0/11.0*

As you can see although OSlab and vms vlans have tags 101,103, default vlan has no tag assigned which means any untagged frame received by this trunk interface will be in default vlan.

About: rtoodtoo

Worked for more than 10 years as a Network/Support Engineer and also interested in Python, Linux, Security and SD-WAN // JNCIE-SEC #223 / RHCE / PCNSE

You have a feedback?

Discover more from

Subscribe now to keep reading and get access to the full archive.

Continue reading