RtoDto.net
Network/Security/Programming

Trunk between Cisco,EX switch and SRX

rtoodtoo switching March 13, 2013

cisco2950switchex2200com

Today I needed to test communication between a Cisco switch and EX switch to carry traffic via a trunk port from a PC to
the final destination SRX device. I thought it is worth putting my config here for future reference as I am not working with cisco/ex switches much.
Above is my exact topology and I carry traffic from a PC in Vlan 200 to the port fe-0/0/7 in SRX which is in vlan 200 as well. Here is the config from Cisco switch till to SRX.


cisco2950#show run interface fa0/1
Building configuration...

Current configuration : 109 bytes
!
interface FastEthernet0/1
 switchport access vlan 200
 switchport mode access
 spanning-tree portfast
end




cisco2950#show run int fa0/24
Building configuration...

Current configuration : 57 bytes
!
interface FastEthernet0/24
switchport mode trunk
end



cisco2950#show run vlan 200
Building configuration...

Current configuration:
!
vlan 200
 name vlan200
end

 vtp mode transparent

In an nutshell, we set the port fa0/1 to access mode assign vlan 200 and set port fa0/24 to trunk . Then we create the vlan 200 and set the vtp mode to transparent

[edit]
root@ex2200-1# show interfaces ge-0/0/10
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members vlan200;
        }
    }
}


[edit]
root@ex2200-1# show interfaces ge-0/0/11
description "SRX100 TRUNK";
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members all;
        }
    }
}

In EX side, we set ge-0/0/10 and ge-0/0/11 ports to trunk. I have only set vlan200 on ge-0/0/10 port as I have no other vlan there.

[edit]
root@srx100-1# show interfaces fe-0/0/7
unit 0 {
    family ethernet-switching {
        port-mode trunk;
        vlan {
            members all;
        }
    }
}

[edit]
root@srx100-1# show interfaces vlan.200
family inet {
    address 192.168.200.1/24;
}

SRX side is also similar to EX. I set the EX facing interface fe-0/0/7 to trunk to accept any vlan traffic and vlan.200 interface to 192.168.200.1
Once I ping from the PC having address 192.168.200.100


root@asus:~$ ping 192.168.200.1
PING 192.168.200.1 (192.168.200.1) 56(84) bytes of data.
64 bytes from 192.168.200.1: icmp_req=1 ttl=64 time=0.540 ms
64 bytes from 192.168.200.1: icmp_req=2 ttl=64 time=0.532 ms
^C
--- 192.168.200.1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.532/0.536/0.540/0.004 ms

You can see how it works!

About: rtoodtoo

Worked for more than 10 years as a Network/Support Engineer and also interested in Python, Linux, Security and SD-WAN // JNCIE-SEC #223 / RHCE / PCNSE

You have a feedback?

Discover more from RtoDto.net

Subscribe now to keep reading and get access to the full archive.

Continue reading