Juniper Filter-Based VLAN Assignment


Ever wanted to allocated multiple VLANs to an access port and bridge traffic to the VLAN based on higher-layer information? Now you can! Filter-based VLAN assignment allows you to use a firewall filter to assign traffic to a vlan.

Configuration example:

[edit firewall family ethernet-switching]
filter assign-some-vlans {
    term match-v20 {
        from { 
            source-address {
                172.21.20.0/24;
            }
        }
    then vlan vlan-20;
}
term default-accept {
    then accept; 
}


[edit interfaces ge-0/0/0]
unit 0 {
    family ethernet-switchign {
        filter {
            input assign-some-vlans;
        }
    }
}

[edit vlans]
vlan-5 {
    vlan-id 5;
    interface {
        ge-0/0/0.0;
    }
}
vlan-20 {
    vlan-id 20;
    interface {
        ge-0/0/0.0 {
             mapping {
                 policy;
             }
        }
    }
}