Juniper SRX and FTTN VDSL

Over the last few years, Australia has been rolling out a National Broadband Network (NBN for short) (National Bullsh!t Network if you ask me). I recently moved into a new house that was connected to the NBN via Fibre to the Node (FTTN) utilising VDSL technology.

I was very excited to know that my Juniper SRX110 had an inbuilt VDSL modem! My old place had ADSL, so I was hoping to use the same modem, rather than the Huawei TPG sent me. The end goal was to have my Juniper SRX connected to the NBN directly.

After spending hours and hours on it, my SRX wasn’t compatible as NBN needs Vectoring supported in the modem (G.993.5 vectoring) which I was very disappointed about, but I was able to do it with putting the Huawei into full bridge mode and bridging it on the first ethernet port using pp0.

Fast forward a few months and I circled back to it.

Turns out that vectoring is introduced in firmware (please note that in JunOS firmware and software are different things) 2.16 supports vectoring!

However, there are 2 versions of the SRX110
SRX110H-VA   <- Stops at Junos 12.1.46
SRX110H2-VA <- Expands into Junos 12.3
The firmware doesn’t seem to be available for the earlier devices. If you want to take a risk, you can read more here. I’ll eventually try this on mine, and will let you know how I go as I ended up getting a V2.

Running “show system firmware” reveals that I have the older firmware.
root@srx110> show system firmware
PIC 0          VDSLBCM        10  2.10.0              OK
I won’t detail upgrading this, but you can read some good info here A free account with Juniper will allow you to read this article which details the commands needed to upgrade the firmware.The rest of this article assumes you have version 2.16 as without vectoring, you wont even get a sync to the node.
This Whirlpool article is extremely helpful and was the basis of how I got mine working.

The below config should get you online. The last stanza is the most important. This changed the priority of the LCP packets and allows you to auth with the ISP. Without that, you can get a sync, but no auth or IP.

    pt-1/0/0 {
        vlan-tagging;
        vdsl-options {
            vdsl-profile 17a;
        }
        unit 0 {
            encapsulation ppp-over-ether;
            vlan-id 2;
        }
    }
    pp0 {
        unit 0 {
            ppp-options {
                pap {
                    local-name "REDACTED";
                    local-password "REDACTED";
                    passive;
                }
            }
            pppoe-options {
                underlying-interface pt-1/0/0.0;
                idle-timeout 0;
                auto-reconnect 10;
                client;
            }
            family inet {
                negotiate-address;
            }
class-of-service {
    host-outbound-traffic {
        ieee-802.1 {
            default be;
        }
    }
}

For those who are stuck with a SRX110H -VA device and wanted more info about how to do the bridging, the below SHOULD work, but I haven’t tested it. (I blew away the config once I got my V2)

    fe-0/0/0 {
        unit 0 {
           I honestly can't remember what to put here, sorry. 
           But if you are playing with JunOS, you should be able to figure it out :) 
           And then comment below and I'll credit you for your input :) 
        }
    }
    pp0 {
        unit 0 {
            ppp-options {
                pap {
                    local-name "REDACTED";
                    local-password "REDACTED";
                    passive;
                }
            }
            pppoe-options {
                underlying-interface fe-0/0/0.0;
                idle-timeout 0;
                auto-reconnect 10;
                client;
            }
            family inet {
                negotiate-address;
            }

2 comments

    • bobsie on 16/01/2019 at 11:15 PM
    • Reply

    “`
    I honestly can’t remember what to put here, sorry.
    But if you are playing with JunOS, you should be able to figure it out 🙂
    And then comment below and I’ll credit you for your input 🙂
    “`

    lol.

    Dude, I am looking for a suitable Juniper SRX for FTTN in Australia.

    I am also new to Juniper. So you reckon I should get myself `SRX110H2-VA` or another better one in SRX series?

    Thanks!

    1. Depends what you have behind it. If you are just running plain internet – then a SRX110 will be fine. If you are looking to connect a NAS and a bunch of other stuff, then something with Gigabit ports might be useful. Good luck!

Leave a Reply

Your email address will not be published.

Blue Captcha Image
Refresh

*

RSS
Pinterest
fb-share-icon
LinkedIn
LinkedIn
Share