Hi All,
Thank you for taking the time to read my question.
I have a spanning-tree free core network of 4 location/devices (EX92x + MX) which is running MPLS+EVPN. This pretty much functions as a dumb switch for alot of VLANs.
Currently, all STP BPDU's from edge switches is running through the entire network. Any change or switch up/down will cause STP to recalculate the tree thus impacting all switches on every edge location. This is not desires as we want isolation on every location.
To solve this issue, my idea was to have a STP root bridge on every location. Even for the same VLANs.
To achieve this, i want to block BPDU's on the core routers. To be more precise; a L2 filter on the core interface to the edge switch. This way BPDU's from other locations should not hit other locations. Thus creating multiple root bridges. More information here:
https://kb.juniper.net/InfoCenter/index?page=content&id=KB30304&cat=SWITCHING&actp=LIST
Since we are running multple VRF's and EVPN instances, interfaces are configured as follows;
[edit interfaces ae33]
USER@LOCATION1-CORE01# show
description labsw1;
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
unit 511 {
encapsulation vlan-bridge;
vlan-id 511;
}
unit 827 {
encapsulation vlan-bridge;
vlan-id 827;
}
unit 829 {
encapsulation vlan-bridge;
vlan-id 829;
}
When applying the filter; i am running into the following issue:
Warning: referenced filter must be defined under firewall family any
However, when i move the filter to Firewall Family Any, there is no option for L2 destination-mac filtering.
Does anyone have an idea on how i can apply a L2 filter in my scenario?