On Mon, Jan 25, 2010 at 03:04:39PM -0600, Richard A Steenbergen wrote: > Perhaps somebody with some experience on these platforms can help answer > this one. I have an SRX210 running 10.0R2 at my house, running an IPSEC > ESP'd GRE tunnel over my trusty home connectivity to a J2300 on the > other end (running 9.3R4, the last real junos image made for 'em). The > network in the middle is of course some clunky old 1500-byte-only, so of > course I have to dial down my MTU on the tunnel to something in the 1420 > dept. Now, for ordinary tcp traffic this isn't a problem because I can > just adjust the mss and avoid fragmentation in the first place, but I > happen to have some non-tcp traffic which is breaking because of the > restricted MTU.
Oh good lord. I tried to downgrade the SRX from 10.0R2 to 9.6R2 after a few people suggested off-list that there might be some sw bugs, but the SRX never came back from the upgrade: FreeBSD/MIPS U-Boot bootstrap loader, Revision 1.6 (buil...@ormonth.juniper.net, Sat Dec 12 15:59:41 UTC 2009) Memory: 1024MB [1]Booting from nand-flash slice 1 Un-Protected 1 sectors writing to flash... Protected 1 sectors \ can't load '/kernel' can't load '/kernel.old' Press Enter to stop auto bootsequencing and to enter loader prompt. Type '?' for a list of commands, 'help' for more detailed help. loader> ls open '/' failed: no such file or directory Now here's the fun part... there is no install-media for the small SRX boxes on Juniper's website, only the 3000/5000. So how does one recover from something like this? All I have to say is thank god this is only for my home use, 'cause I'd hate to see someone try to use this POS in a production environment. -- Richard A Steenbergen <r...@e-gerbil.net> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC) _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp