Skip to content

Support



Juniper was the first North American IP routing vendor to achieve the prestigious TL 9000 certification by the Quality of Excellence for Suppliers of Telecommunications (QuEST) Forum in the router category, for design, development, provision and service and support.



What is J-Care?

It's the world-class service and support that you expect from a company that delivers the industry's best infrastructure and security products. With J-Care, you now have the confidence knowing that Juniper will do our part to keep you on top of the world!


Example: Configure Automatic VLAN Administration Using GVRP

As a network expands and the number of clients and VLANs increases, VLAN administration becomes complex, and the task of efficiently configuring VLANs on multiple switches becomes increasingly difficult. To automate VLAN administration, you can enable GARP VLAN Registration Protocol (GVRP) on the network.

GVRP learns VLANs on a particular 802.1Q trunk port, and adds the corresponding trunk port to the VLAN if the advertised VLAN is preconfigured or existing already on the switch. For example, a VLAN named “sales” is advertised to trunk port 1 on the GVRP-enabled switch. The switch adds trunk port 1 to the sales VLAN if the sales VLAN already exists on the switch.

As individual ports become active and send a request to join a VLAN, the VLAN configuration is updated and propagated among the switches. Limiting the VLAN configuration to active participants reduces the network overhead. GVRP also provides the benefit of pruning VLANs to limit the scope of broadcast, unknown unicast, and multicast (BUM) traffic to interested devices only.

This example describes how to statically configure VLANs on a single switch, then enable GVRP on another switch to dynamically propagate the configuration:

Requirements

This example uses the following hardware and software components:

  • One EX 4200 distribution switch
  • One EX 3200 access switch
  • JUNOS Release 9.0 or later for EX-series switches

Before you configure the GVRP network on the access switch and the distribution switch, be sure you have:

Overview and Topology

This example shows a simple configuration to illustrate the basic steps for creating five VLANs on a single distribution switch. After the static VLAN configuration is created, GVRP is enabled on the access switch in the topology to dynamically distribute the VLAN configuration.

The topology for this example consists of a GVRP network configured on one access switch and one distribution switch.

Table 1: Components of the GVRP Network Topology

PropertySettings

Switch hardware
  • Switch 1–EX 4200 distribution switch
  • Switch 2–EX 3200 access switch

VLAN names and tag IDs

voice-vlan, tag 10
employee-vlan, tag 20
guest-vlan, tag 30
camera-vlan, tag 40
analyzer-vlan, tag 999


This configuration example creates a static VLAN configuration on an EX 4200 distribution switch (Switch 1). There are five VLANs in the configuration, each serving a different purpose in the network.

After the VLANs are configured, GVRP is enabled on Switch 1 and Switch 2. GVRP will dynamically distribute the VLAN configuration on Switch 1 to Switch 2.

Configuring VLANs and GVRP on Switch 1

To create a static VLAN configuration on a distribution switch, and enable GVRP on all switches, perform these tasks:

CLI Quick Configuration

To quickly configure the voice-vlan, employee-vlan, guest-vlan, camera-vlan, and analyzer-vlan VLANs on Switch 1 and enable GVRP, copy the following commands and paste them into the switch terminal window:


[edit]


set interfaces ge-0/0/0 family ethernet-switching vlan members voice-vlan
set interfacs ge-0/0/0 family ethernet-switching vlan members employee-vlan
set interfaces ge-0/0/0 family ethernet-switching vlan members guest-vlan
set interfaces ge-0/0/0 family ethernet-switching vlan members camera-vlan
set interfaces ge-0/0/0 family ethernet-switching vlan members analyzer-vlan
set vlans voice-vlan vlan-id 10
set vlans employee-vlan vlan–id 20
set vlans guest-vlan vlan-id 30
set vlans camera-vlan vlan-id 40
set vlans analyzer-vlan vlan-id 999
set protocols gvrp enable join-timer 40
set protocols gvrp enable leave-timer 120
set protocols gvrp enable leaveall-timer 2000
set protocols gvrp interface all enable

Step-by-Step Procedure

To configure the VLANs and VLAN tag identifiers, then configure the VLANs on interface ge-0/0/0, enable GVRP on all interfaces, and set the GVRP timers (optional):

  1. Configure the VLANs voice-vlan, employee-vlan, guest-vlan, camera-vlan, and analyzer-vlan:
    [edit vlans]
    user@switch# set voice-vlan vlan-id 10
    user@switch# set employee-vlan vlan-id 20
    user@switch# set guest-vlan vlan-id 30
    user@switch# set camera-vlan vlan-id 40
    user@switch# set analyzer-vlan vlan-id 999
  2. Configure the voice-vlan, employee-vlan, guest-vlan, camera-vlan, and analyzer-vlan VLANs on interface ge-0/0/0:
    [edit interfaces ge-0/0/0 family ethernet-switching]
    user@switch# set vlan members voice-vlan
    user@switch# set vlan members employee-vlan
    user@switch# set vlan members guest-vlan
    user@switch# set vlan members camera-vlan
    user@switch# set vlan-members analyzer-vlan
  3. Globally enable GVRP networking:
    [edit protocols gvrp]
    user@switch# set enable

  4. Set the join-timer to specify the maximum number of milliseconds the interfaces wait before sending VLAN advertisements:
    [edit protocols gvrp]
    user@switch# set join-timer 40
  5. Set the leave-timer to configure the number of milliseconds an interface must wait after receiving a leave message to remove the interface from the VLAN specified in the message:
    [edit protocols gvrp]
    user@switch# set leave-timer 120
  6. Set the leaveall-timer to configure the interval at which Leave All messages are sent on interfaces. Leave All messages help to maintain current GVRP VLAN membership information in the network.:
    [edit protocols gvrp]
    user@switch# set leaveall-timer 2000

    Note: Default values are associated with each timer: 200 ms for the join-timer, 600 ms for the leave-timer, and 1000 ms for the leaveall-timer. Modifying timers to inappropriate values may cause and imbalance in the operation of GVRP. Refer to IEEE 802.1D [2004] Clause 12 for more information.

  7. Apply GVRP networking on all interfaces:
    [edit protocols gvrp]
    user@switch# set interface all enable

Configuration Results

Display the results of the configuration:

user@switch# show
interfaces {
ge-0/0/0 {
unit 0 {
family-ethernet-switching {
vlan members voice-vlan;
vlan members employee-vlan;
vlan members guest-vlan;
vlan members camera-vlan;
vlan members analyzer-vlan;
}
}
}
}
protocols {
gvrp {
enable {
join-timer 40;
leave-timer 120;
leaveall-timer 2000;
interface all;
}
}
}
vlans {
analyzer-vlan {
vlan-id 999;
}
camera-vlan {
vlan-id 40;
}
employee-vlan {
vlan-id 20;
}
guest-vlan {
vlan-id 30;
}
voice-vlan {
vlan-id 10;
}
}

Configuring GVRP on Switch 2

CLI Quick Configuration

To quickly enable GVRP on Switch 2, copy the following commands and paste them into the switch terminal window:


[edit]

set protocols gvrp enable join-timer 40
set protocols gvrp enable leave-timer 120
set protocols gvrp enable leaveall-timer 2000
set protocols gvrp interface all enable

Step-by-Step Procedure

Enable GVRP networking on all interfaces on Switch 2 and set the GVRP timers:

  1. Globally enable GVRP networking:
    [edit protocols gvrp]
    user@switch# set enable

  2. Set the join-timer to specify the maximum number of milliseconds the interfaces wait before sending VLAN advertisements:
    [edit protocols gvrp]
    user@switch# set join-timer 40
  3. Set the leave-timer to configure the number of milliseconds an interface must wait after receiving a leave message to remove the interface from the VLAN specified in the message:
    [edit protocols gvrp]
    user@switch# set leave-timer 120
  4. Set the leaveall-timer to configure the interval at which Leave All messages are sent on interfaces. Leave All messages help to maintain current GVRP VLAN membership information in the network:
    [edit protocols gvrp]
    user@switch# set leaveall-timer 2000
  5. Apply GVRP networking on all interfaces:
    [edit protocols gvrp]
    user@switch# set interface all enable

Configuration Results

Display the results of the configuration:

user@switch# show
protocols {
gvrp {
enable {
join-timer 40;
leave-timer 120;
leaveall-timer 2000;
interface all;
}
}
}

Verification

To confirm that the configuration is working properly, perform these tasks:

Verifying VLANs and GVRP Configuration on Switch 1

Purpose

Verify that the VLANs voice-vlan, employee-vlan, guest-vlan, camera-vlan, and analyzer-vlan have been created on the switch and that GVRP is enabled.

Action

Use the operational mode commands:


user@switch1> show vlans 
Name           Tag     Interfaces
analyzer—vlan	999
                       ge-0/0/0.0
camera—vlan    40
                       ge-0/0/0.0
default
                       ge-0/0/1.0, ge-0/0/2.0, ge-0/0/3.0, ge-0/0/4.0,
                       ge-0/0/5.0, ge-0/0/6.0, ge-0/0/7.0, ge-0/0/8.0,
                       ge-0/0/9.0, ge-0/0/10.0*, ge-0/0/11.0, ge-0/0/12.0,
                       ge-0/0/13.0*,ge-0/0/14.0, ge-0/0/15.0, ge-0/0/16.0,
                       ge-0/0/17.0, ge-0/0/18.0, ge-0/0/19.0, ge-0/0/20.0,
                       ge-0/0/21.0, ge-0/0/22.0 ge-0/0/23.0*, ge-0/0/0.24,
                       ge-0/0/25.0, ge-0/0/26.0, ge-0/0/27.0, ge-0/0/28.0, 
                       ge-0/0/29.0, ge-0/0/30.0, ge-0/0/31.0, ge-0/0/32.0, 
                       ge-0/0/33.0, ge-0/0/34.0, ge-0/0/35.0, ge-0/0/36.0, 
                       ge-0/0/37.0, ge-0/0/38.0, ge-0/0/39.0, ge-0/0/40.0, 
                       ge-0/0/41.0, ge-0/0/42.0, ge-0/0/43.0, ge-0/0/45.0, 
                       ge-0/0/44.0, ge-0/0/46.0*, ge-0/0/47.0, ge-0/1/0.0*
                       ge-0/1/1.0*, ge-0/1/2.0*, ge-0/1/3.0*
                      
employee—vlan  20
                       ge-0/0/0.0
guest—vlan     30
                       ge-0/0/0.0
voice—vlan     10
                       ge-0/0/0.0
mgmt          
                       me0.0*

user@switch1> show gvrp 
Global GVRP configuration
  GVRP status   : Enabled
  GVRP timers (ms)
    Join        : 40
    Leave       : 120
    Leaveall    : 2000
 
  Interface based configuration: 
  Interface		GVRP status	 
  ----------	-----------	 
  ge-0/0/0.0	Enabled

Meaning

The show vlans command lists all VLANs configured on the switch and which interfaces are members of each VLAN. The show gvrp command shows that GVRP is enabled on the switch.

Verifying GVRP Configuration on Switch 2

Purpose

Verify that GVRP is enabled on the switch.

Action

Use the operational mode command:


user@switch> show gvrp 
Global GVRP configuration
  GVRP status   : Enabled
  GVRP timers (ms)
    Join        : 40
    Leave       : 120
    Leaveall    : 2000
 
  Interface based configuration: 
  Interface		GVRP status	 
  ----------	-----------	 
  ge-0/0/0.0	Enabled

Meaning

The show gvrp command shows that GVRP is enabled on the switch.