While adding a new security zone on your SRX firewall, you may encountered the following error while committing your changes:
[edit security zones security-zone VLAN1]
‘interfaces irb.1’
Interface irb.1 must be configured under interfaces
error: configuration check-out failed
This is a common mistake where the irb interface configuration was forgotten. For those unfamiliar with the concept of the irb (Integrated Routing and Bridging) interfaces, this is how JunOS segment traffic on separated broadcast domains. This is the statement where the layer3 gateway IP will be defined.
Here is an example of what is referred to and missing from the error output above:
set interfaces irb unit 1 family inet address 10.10.1.1/24