Preventing Communication Among Customer Edge Devices As Acx Routers; Q-In-Q Tunneling On Acx Series Overview - Juniper ACX1000 Configuration Manual
Junos os; acx series universal access router
Hide thumbs
Also See for ACX1000:
- User manual (216 pages) ,
- Hardware manual (204 pages) ,
- Quick start manual (27 pages)
Table of Contents
Advertisement
ACX Series Universal Access Router Configuration Guide
Related
Documentation
Preventing Communication Among Customer Edge Devices as ACX Routers
Related
Documentation
Q-in-Q Tunneling on ACX Series Overview
770
VPLS routing instance. This limit is applied to all logical interfaces belonging to the
VPLS for which the separate interface MAC address limit is not configured.
set routing-instances routing-instance-name protocols vpls interface interface-name
interface-mac-limit limit
a logical interface in the VPLS. This limit is applied to a specific logical interface in the
VPLS for which it is configured.
In a bridge domain, when a frame is received from a CE interface, it is flooded to the other
CE interfaces and all of the provider edge (PE) interfaces if the destination MAC address
is not learned or if the frame is either broadcast or multicast. If the destination MAC
address is learned on another CE device, such a frame is unicasted to the CE interface
on which the MAC address is learned. This might not be desirable if the service provider
does not want CE devices to communicate with each other directly.
To prevent CE devices from communicating directly, include the
statement at the
[edit bridge-domains bridge-domain-name]
the logical interfaces in the bridge domain as core-facing (PE interfaces) by including
the
statement at the
core-facing
family family]
hierarchy level to specify that the VLAN is physically connected to a
core-facing ISP router and ensures that the network does not improperly treat the interface
as a client interface. When specified, traffic from one CE interface is not forwarded to
another CE interface.
For the
no-local-switching
bridge domain with this option enabled is not treated as a designated CE or PE interface.
Traffic arriving from a CE or PE interface can navigate towards IRB and traffic that reaches
in the input direction to the IRB can pass out of a CE or PE interface. The disabling of
local switching achieves the functionality of split-horizon in a bridge domain. If
no-local-switching is configured in a bridge domain, , then traffic cannot flow between
CE and CE interfaces. This stoppage of trafic flow includes known unicast and multicast,
unknown unicast and multicast, and broadcast traffic. However, traffic continues to be
transmitted between CE and PE interfaces, and PE and PE interfaces..
no-local-switching on page 1637
Q-in-Q tunneling allows service providers to create a Layer 2 Ethernet connection between
two customer sites. Providers can segregate different customers' VLAN traffic on a link
(for example, if the customers use overlapping VLAN IDs) or bundle different customer
VLANs into a single service VLAN. Service providers can use Q-in-Q tunneling to isolate
—Command to configure the interface MAC address limit for
[edit interfaces interface-nameunit logical-unit-number
option , integrated routing and bridging (IRB) configured on a
no-local-switching
hierarchy level. Configure
Copyright © 2017, Juniper Networks, Inc.
- Quick Links:
- Interfaces
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
