Service Provider Interface Bridge Configuration

It’s very common for Service Providers to have multiple customers connected to the same physical port on Provider Equipment (PE). Each customer has unique requirements that require additional features on the PE. For example, a customer may have the following requirements:

  • IEEE 802.1Q or 802.1QinQ VLAN mapping

  • Class of Service (CoS) based on Layer 4 information, VLAN ID, or IEEE 802.1p

  • Acceptable VLAN IDs used by the customer

  • Input and output firewall filtering

The Service Provider-style interface configuration is a requirement when dealing with IEEE 802.1Q and 802.1QinQ VLAN mapping or forcing IFLs into a particular bridge domain without relying on Junos to make bridge domain determinations.


There are several different types of VLAN tagging available with the Service Provider-style interface configuration. When implementing VLAN tagging, you have the option to support single tag, dual tag, or a combination of both on the same interface. It’s required to explicitly define which VLAN tagging is needed on the interface, as there’s no automation.

VLAN Tagging

The most basic type of VLAN tagging is the vanilla IEEE 802.1Q, enabled by applying the option vlan-tagging to the IFD. Let’s take a look:

interfaces {
    ae5 {
        encapsulation extended-vlan-bridge;
        unit 100 {
            vlan-id 100;
        unit 200 {
            vlan-id 200;
        unit 300 {
            vlan-id 300;

In this example, interface ae5 will support IEEE 802.1Q for the VLAN IDs 100, 200, and 300. It’s ...

Get Juniper MX Series now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.