Network Interface Naming
Junos uses the following interface naming conventions:- The
show interface tersecommand displays a list of the interfaces.
user@host> show interfaces terse
Interface Admin Link Proto Local Remote
ge-0/0/0 up up
ge-0/0/0.0 up up inet 10.85.49.150/24
gr-0/0/0 up up
ip-0/0/0 up up
lsq-0/0/0 up up
lt-0/0/0 up up
mt-0/0/0 up up
pd-0/0/0 up up
pe-0/0/0 up up
- The syntax for the interface name, such as ge-0/0/0, is as follows:
Interface Type - Slot / Module / Port . Logical number
- All numbers for the slot, module, and port start with 0. For example :
ge-0/0/0 = First onboard Gigabit Interface
st0.0 = First Secure Tunnel Interface (VPN Tunnel)
lo0 = First loopback interface
- Wildcards--Many commands accept wildcards in the interface names. For example:
show interfaces ge-0/0/*Security Zone
A security zone is a collection of interfaces that define a security boundary. Internal network interfaces may be assigned to a security zone named "trust," and external network interfaces may be assigned to a security zone named "untrust." Security policies are then used to control transit traffic between security zones. For more information about security zones.CLI
The following example configures a security zone with one interface:
- Verify
existing security zones, and verify which interfaces have been assigned
to the security zones by using one of the following commands:
user@host> show security zones
user@host>show interfaces - Configure the ge-0/0/1.0 interface with the IP address 192.168.20.2/24.
user@host# set interfaces ge-0/0/1 unit 0 family inet address 192.168.20.2/24.- If a security zone name does not exist, configure a security zone:
user@host# set
security zones security-zone trust
- Assign the ge-0/0/1.0 interface to the trust security zone.
user@host# set
security zones security-zone trust interfaces ge-0/0/1.0
No comments:
Post a Comment