Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
Hi Dave,
You still need a bridge-domain with matching vlan-id configured. What
interface-mode does is when you add a vlan under a interface with
"interface-mode access" or in vlan-id-list under "interface-mode trunk", it
will automatically associate that interface with the bridge-domain that you
have already configured with same vlan-id. You don't have to manually go and
add interface under bridge. The association is dynamic.
Here is an example.
[edit]
l...@lumos-re0# show interfaces ge-1/1/2
unit 0 {
family bridge {
interface-mode access;
vlan-id 400;
}
}
[edit]
l...@lumos-re0# show interfaces ge-1/1/3
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list [ 400 500 ];
}
}
[edit]
l...@lumos-re0#
l...@lumos-re0# show bridge-domains vlan-400
domain-type bridge;
vlan-id 400;
[edit]
l...@lumos-re0# show bridge-domains vlan-500
domain-type bridge;
vlan-id 500;
[edit]
l...@lumos-re0#
Here with the show command below, you can see that ge-1/1/2 is part of bridge
"vlan-400" which is already configured with vlan-id 400. This is an access
port. While interface ge-1/1/3 is part of both bridges vlan-400 and vlan-500.
This is a trunk port.
l...@lumos-re0> show bridge domain vlan-400
Routing instanceBridge domainVLAN ID Interfaces
default-switch vlan-400 400
ge-1/1/2.0
ge-1/1/3.0
l...@lumos-re0> show bridge domain vlan-500
Routing instanceBridge domainVLAN ID Interfaces
default-switch vlan-500 500
ge-1/1/3.0
l...@lumos-re0>
Now, if I have to mix the old-style configuration here, here is how I can do
it. I take a new interface and add 2 logical units in it. Each unit is
configured with a unique vlan-id.
l...@lumos-re0# show interfaces ge-1/1/4
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
unit 0 {
encapsulation vlan-bridge;
vlan-id 400;
}
unit 1 {
encapsulation vlan-bridge;
vlan-id 500;
}
[edit]
l...@lumos-re0#
With old style, now I have to go and manually associate interfaces to their
respective bridge domains which are meant for those 2 vlans.
[edit]
l...@lumos-re0# show bridge-domains
<...>
vlan-400 {
domain-type bridge;
vlan-id 400;
interface ge-1/1/4.0; <<<
}
vlan-500 {
domain-type bridge;
vlan-id 500;
interface ge-1/1/4.1; <<<
}
<...>
Now if I run the same show command again, I will see both old style and new
style interfaces configured under respective bridges.
l...@lumos-re0> show bridge domain vlan-400
Routing instanceBridge domainVLAN ID Interfaces
default-switch vlan-400 400
ge-1/1/2.0
ge-1/1/3.0
ge-1/1/4.0 <<<
l...@lumos-re0>
l...@lumos-re0> show bridge domain vlan-500
Routing instanceBridge domainVLAN ID Interfaces
default-switch vlan-500 500
ge-1/1/3.0
ge-1/1/4.1 <<<
l...@lumos-re0>
HTH,
Thanks,
Nilesh.
On 8/21/09 4:28 PM, "Dave Diller" wrote:
> Interface-mode knob is more user-friendly in that, when you
> configure it in access or trunk mode with either vlan-id or vlan-id-
> list respectively, the interface is automatically associated with
> the corresponding bridge-domain.
That's interesting, I didn't have that experience, and I just
coincidentally tried it an hour ago on 9.5R1.8.
I added a new vlan 555 to two trunked interfaces:
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list [ 104 555 ];
}
}
but I could not ping across until I manually added it to the bridge-
domain:
d...@lab-mx480> show configuration bridge-domains
test {
vlan-id-list [ 101-106 555 ];
}
Do I need some magic sauce to allow it to automatically associate?
-dd
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
Interface-mode knob is more user-friendly in that, when you
configure it in access or trunk mode with either vlan-id or vlan-id-
list respectively, the interface is automatically associated with
the corresponding bridge-domain.
That's interesting, I didn't have that experience, and I just
coincidentally tried it an hour ago on 9.5R1.8.
I added a new vlan 555 to two trunked interfaces:
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list [ 104 555 ];
}
}
but I could not ping across until I manually added it to the bridge-
domain:
d...@lab-mx480> show configuration bridge-domains
test {
vlan-id-list [ 101-106 555 ];
}
Do I need some magic sauce to allow it to automatically associate?
-dd
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
This is some great information!
This is one of the only things I dislike about Junipers; there are so
many ways to do one thing... In the long rung I suppose it's better
that way. I'm going to read up on the different options here and see
what is a right fit for our design based on the two examples shown
here.
I noticed on the Brian's example; it includes the STP configuration
via VSTP . Is this still required but just not included in the initial
config same by James? I just want to make sure I have this crystal
clear in my head before diving into the documentation.
Thanks for all the help guys!!
Michael
*off to read more JUNOS*
On Fri, Aug 21, 2009 at 3:09 PM, Nilesh Khambal wrote:
> Hi Brian,
>
> Your way of configuring trunks and access ports is what I call an old style
> of configuration before the introduction of "interface-mode trunk" and
> "interface-mode access" knobs in JUNOS. Old style was a bit painful to use
> when you had to configure multiple vlans on trunk interface. With new style,
> you don't need to configure trunk interfaces with multiple logical units and
> assign each unit to its corresponding bridge-domains. Interface-mode knob is
> more user-friendly in that, when you configure it in access or trunk mode
> with either vlan-id or vlan-id-list respectively, the interface is
> automatically associated with the corresponding bridge-domain.
>
> Again, it all depends on user convenience. You should be able to mix
> old-style configuration with new-style configuration, especially in cases
> where vlan id normalization is needed.
>
> Thanks,
> Nilesh.
>
>
> On 8/21/09 12:47 PM, "Brian Fitzgerald" wrote:
>
> Hello Michael
>
> An alternate is to use the flexible-services that the MX has available -
> leaves you able to use other vlans on the ports for direct routed use,
> logical routers, QinQ tagging, VPLS, etc.
>
> HSRP is Cisco specific - the equivalent with everyone else is VRRP -
> which most Cisco gear also supports
>
> The VSTP spanning tree protocol used on the MX (essentially PVST+) is
> something I tinkered with, but we never implemented, so double-check my
> syntax. As well, it does limit you to using the same vlan tags and a
> matching "normalizing" bridge group tag on all interfaces that are part
> of the bridge group - a fixed requirement on TCAM based Cisco gear, but
> NOT on the MX (which allows you to bridge together dissimilar tags on
> each interface that are part of a bridge group, if you aren't using
> VSTP)
>
> Example:
>
>
> interfaces {
> ge-2/0/0 {
> flexible-vlan-tagging;
> encapsulation flexible-ethernet-services;
> unit 200 {
> encapsulation vlan-bridge;
> vlan-id 200;
> }
> }
> ge-2/1/0 {
> flexible-vlan-tagging;
> encapsulation flexible-ethernet-services;
> unit 200 {
> encapsulation vlan-bridge;
> vlan-id 200;
> }
> }
> irb {
> unit 200 {
> family inet {
> address 10.10.10.2/26;
> vrrp-group 1 {
> virtual-address 10.10.10.1;
> priority 10;
> }
> }
> }
> }
> }
> protocols {
> vstp {
> vlan 200 {
> interface ge-2/0/0.200;
> interface ge-2/1/0.200;
> }
> }
> }
>
> bridge-domains {
> vlan200 {
> domain-type bridge;
> vlan-id 200;
> interface ge-2/0/0.200;
> interface ge-2/1/0.200;
> routing-interface irb.200
> }
> }
>
> -Original Message-
> From: juniper-nsp-boun...@puck.nether.net
> [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Michael Phung
> Sent: Friday, August 21, 2009 9:24 AM
> To: juniper-nsp@puck.nether.net
> Subject: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
>
> Hello everyone,
>
> I just got my hands on a Juniper mx router and I'm starting the
> initial config in preparation to convert from Cisco. As I configure
> the interfaces, I can't seem to figure our how to create a routed vlan
> interface and have the ability to trunk it down multiple physical
> interfaces. I've looked up on the the web but was unable to find
> anything that direct describes what I'm trying to achieve.
>
> Below is a sample config from a Cisco;
>
> !
> spanning-tree mode pvst
> spanning-tree vlan 200 priority 8192
> !
> interface GigabitEthernet2/1
> switchport
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan 200
> switchport mode trunk
> switchport nonegotiate
> !
> interface GigabitEthernet2/10
> switchport
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan 200
> switchport mode trunk
> switchport nonegotiate
> !
> interface Vlan200
> ip address 10.10.10.2 255.255.255.192
> no ip redirects
> no ip unreachables
> no ip proxy-arp
> standby ip 10.10.10.1
> !
>
> Can this be done on a MX router? if so, can a sample config be provided?
>
> Any help would be m
Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
Thanks Nilesh, that helps clarify some things that have been nagging at
me.
We are running 9.3, so the knobs are sort-of there, and we are using
them for ports where we know the mode of operation is consistent (access
or trunk, with the associated bridge normalization - locally connected
machines, equipment, and services).
Good to know they have evolved to support mixed-use support.
Where we use the old-style config is on ports that are mixed services -
multiple layers of tagging, mixed tag values in the same bridge (with
and without normalization or IRB interfaces), sub-interfaces associated
with other bridge routing-instances, VPLS, VRFs and logical routers -
and we really are using the whole gamut on one interface at the same
time. It also maintains consistency of configuration on multi-service
interfaces with a number of other M-Series routers we have in service.
I guess it depends on what you already have deployed and are comfortable
with, what you are primarily using the box for (switch or router) and
just how complex what you are trying to do is...
Thanks for the update - more than I could find out from the docs ;-)
Brian
-Original Message-
From: Nilesh Khambal [mailto:nkham...@juniper.net]
Sent: Friday, August 21, 2009 3:09 PM
To: Brian Fitzgerald; Michael Phung
Cc: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
Hi Brian,
Your way of configuring trunks and access ports is what I call an old
style of configuration before the introduction of "interface-mode trunk"
and "interface-mode access" knobs in JUNOS. Old style was a bit painful
to use when you had to configure multiple vlans on trunk interface. With
new style, you don't need to configure trunk interfaces with multiple
logical units and assign each unit to its corresponding bridge-domains.
Interface-mode knob is more user-friendly in that, when you configure it
in access or trunk mode with either vlan-id or vlan-id-list
respectively, the interface is automatically associated with the
corresponding bridge-domain.
Again, it all depends on user convenience. You should be able to mix
old-style configuration with new-style configuration, especially in
cases where vlan id normalization is needed.
Thanks,
Nilesh.
On 8/21/09 12:47 PM, "Brian Fitzgerald"
wrote:
Hello Michael
An alternate is to use the flexible-services that the MX has available -
leaves you able to use other vlans on the ports for direct routed use,
logical routers, QinQ tagging, VPLS, etc.
HSRP is Cisco specific - the equivalent with everyone else is VRRP -
which most Cisco gear also supports
The VSTP spanning tree protocol used on the MX (essentially PVST+) is
something I tinkered with, but we never implemented, so double-check my
syntax. As well, it does limit you to using the same vlan tags and a
matching "normalizing" bridge group tag on all interfaces that are part
of the bridge group - a fixed requirement on TCAM based Cisco gear, but
NOT on the MX (which allows you to bridge together dissimilar tags on
each interface that are part of a bridge group, if you aren't using
VSTP)
Example:
interfaces {
ge-2/0/0 {
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
unit 200 {
encapsulation vlan-bridge;
vlan-id 200;
}
}
ge-2/1/0 {
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
unit 200 {
encapsulation vlan-bridge;
vlan-id 200;
}
}
irb {
unit 200 {
family inet {
address 10.10.10.2/26;
vrrp-group 1 {
virtual-address 10.10.10.1;
priority 10;
}
}
}
}
}
protocols {
vstp {
vlan 200 {
interface ge-2/0/0.200;
interface ge-2/1/0.200;
}
}
}
bridge-domains {
vlan200 {
domain-type bridge;
vlan-id 200;
interface ge-2/0/0.200;
interface ge-2/1/0.200;
routing-interface irb.200
}
}
-Original Message-
From: juniper-nsp-boun...@puck.nether.net
[mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Michael Phung
Sent: Friday, August 21, 2009 9:24 AM
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
Hello everyone,
I just got my hands on a Juniper mx router and I'm starting the
initial config in preparation to convert from Cisco. As I configure
the interfaces, I can't seem to figure our how to create a routed vlan
interface and have the ability to trunk it down multiple physical
interfaces. I've looked up on the the web but was unable to find
anything that direct describes what I'm trying to achieve.
Below is a sample config from a Cisco;
!
spanning-tree mode pvst
spanning-tree vlan 200 priority 8192
!
interface GigabitEthernet2/1
switchport
switchport trunk encapsula
Re: [j-nsp] Partition/Format new HD
> Date: Fri, 21 Aug 2009 16:46:40 -0500 > From: Richard A Steenbergen > > On Fri, Aug 21, 2009 at 12:26:10PM -0700, Kevin Oberman wrote: > > Yes, but it was the dd(1) that fixed the real problem. The disk was > > pre-formatted for either FAT or NTFS and that resulted in a partition > > table on the drive that FreeBSD (JunOS) could not work with. The dd(1) > > command blanked the partition table on the drive so the 'request system > > partition hard-drive' command could do the job. > > > > I believe that the sequence of things (at the FreeBSD level) is: > > Check for /dev/ad1s1 > > If it is not found, fdisk to create it. > > bsdlabel to partition the slice > > Back in the day I remember having to do a completely manual fdisk and > bsdlabel, complete with manually calculating all the sizes and offsets > for the slices when the drive size changed (*), whenever I had to > install a new drive. Recently I tried installing 9.3 from install-media > onto a completely non-standard sized drive with some pre-existing > Windows partitions even, and was completely surprised to find that all > the install scripts Just Worked (tm). Go Juniper. I remember doing this for a long time on BSD 4.2 systems before JunOS existed. That did not make it fun. Calculate every value at least twice...more often when you didn't get the same answer both times. We're stating to sound old, RAS. > (*) Who else remembers having to boot their Juniper RE-2.0's into dos to > flash the bios from 0.9 to 1.2 to work around the old award bios bug > that blew up when you put in > 32gb drives? Now THAT was a pain in the > ass. :) That one I was fortunate enough to miss. Still all Cisco back then. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: ober...@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
Hi Brian,
Your way of configuring trunks and access ports is what I call an old style of
configuration before the introduction of "interface-mode trunk" and
"interface-mode access" knobs in JUNOS. Old style was a bit painful to use when
you had to configure multiple vlans on trunk interface. With new style, you
don't need to configure trunk interfaces with multiple logical units and assign
each unit to its corresponding bridge-domains. Interface-mode knob is more
user-friendly in that, when you configure it in access or trunk mode with
either vlan-id or vlan-id-list respectively, the interface is automatically
associated with the corresponding bridge-domain.
Again, it all depends on user convenience. You should be able to mix old-style
configuration with new-style configuration, especially in cases where vlan id
normalization is needed.
Thanks,
Nilesh.
On 8/21/09 12:47 PM, "Brian Fitzgerald" wrote:
Hello Michael
An alternate is to use the flexible-services that the MX has available -
leaves you able to use other vlans on the ports for direct routed use,
logical routers, QinQ tagging, VPLS, etc.
HSRP is Cisco specific - the equivalent with everyone else is VRRP -
which most Cisco gear also supports
The VSTP spanning tree protocol used on the MX (essentially PVST+) is
something I tinkered with, but we never implemented, so double-check my
syntax. As well, it does limit you to using the same vlan tags and a
matching "normalizing" bridge group tag on all interfaces that are part
of the bridge group - a fixed requirement on TCAM based Cisco gear, but
NOT on the MX (which allows you to bridge together dissimilar tags on
each interface that are part of a bridge group, if you aren't using
VSTP)
Example:
interfaces {
ge-2/0/0 {
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
unit 200 {
encapsulation vlan-bridge;
vlan-id 200;
}
}
ge-2/1/0 {
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
unit 200 {
encapsulation vlan-bridge;
vlan-id 200;
}
}
irb {
unit 200 {
family inet {
address 10.10.10.2/26;
vrrp-group 1 {
virtual-address 10.10.10.1;
priority 10;
}
}
}
}
}
protocols {
vstp {
vlan 200 {
interface ge-2/0/0.200;
interface ge-2/1/0.200;
}
}
}
bridge-domains {
vlan200 {
domain-type bridge;
vlan-id 200;
interface ge-2/0/0.200;
interface ge-2/1/0.200;
routing-interface irb.200
}
}
-Original Message-
From: juniper-nsp-boun...@puck.nether.net
[mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Michael Phung
Sent: Friday, August 21, 2009 9:24 AM
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
Hello everyone,
I just got my hands on a Juniper mx router and I'm starting the
initial config in preparation to convert from Cisco. As I configure
the interfaces, I can't seem to figure our how to create a routed vlan
interface and have the ability to trunk it down multiple physical
interfaces. I've looked up on the the web but was unable to find
anything that direct describes what I'm trying to achieve.
Below is a sample config from a Cisco;
!
spanning-tree mode pvst
spanning-tree vlan 200 priority 8192
!
interface GigabitEthernet2/1
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 200
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet2/10
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 200
switchport mode trunk
switchport nonegotiate
!
interface Vlan200
ip address 10.10.10.2 255.255.255.192
no ip redirects
no ip unreachables
no ip proxy-arp
standby ip 10.10.10.1
!
Can this be done on a MX router? if so, can a sample config be provided?
Any help would be much appreciated.
Michael
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Partition/Format new HD
On Fri, Aug 21, 2009 at 12:26:10PM -0700, Kevin Oberman wrote: > Yes, but it was the dd(1) that fixed the real problem. The disk was > pre-formatted for either FAT or NTFS and that resulted in a partition > table on the drive that FreeBSD (JunOS) could not work with. The dd(1) > command blanked the partition table on the drive so the 'request system > partition hard-drive' command could do the job. > > I believe that the sequence of things (at the FreeBSD level) is: > Check for /dev/ad1s1 > If it is not found, fdisk to create it. > bsdlabel to partition the slice Back in the day I remember having to do a completely manual fdisk and bsdlabel, complete with manually calculating all the sizes and offsets for the slices when the drive size changed (*), whenever I had to install a new drive. Recently I tried installing 9.3 from install-media onto a completely non-standard sized drive with some pre-existing Windows partitions even, and was completely surprised to find that all the install scripts Just Worked (tm). Go Juniper. (*) Who else remembers having to boot their Juniper RE-2.0's into dos to flash the bios from 0.9 to 1.2 to work around the old award bios bug that blew up when you put in > 32gb drives? Now THAT was a pain in the ass. :) -- Richard A Steenbergenhttp://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC) ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] How to find GGSN Version?
Got my answer: Probably the easiest way is to log into the node and run the following command:- must...@ggsn1 > show services ggsn status Interface: gc-0/1/0 External address: 212.129.65.65 Internal address: 10.0.0.17 Function: Node Controller Hardware version: 1.11.0.0 , Software version: 4.0.13.27 On Fri, Aug 21, 2009 at 9:21 PM, Mustafa Golam - wrote: > Hi Experts, > How to find GGSN Version [ like GGSN R4 FP01 CP05] for Ericsson GGSN > in Juniper Platform? Any command, other than finding latest installed > ggsn-install-.tgz file? > > Thanks in advance, > Mustafa > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Broken Per-Flow load sharing
Hey Serge,
The default behavior is to look at layer-3 info only. The option you
configured below add the layer-4 information to the hash.
Starting in JUNOS 9.5, for MX routers with layer-2 links and link
aggregation, there are more options. In addition to:
[edit forwarding options hash key]
family inet
there is also:
[edit forwarding options hash key]
family multiservice
http://www.juniper.net/techpubs/software/junos/junos95/swconfig-layer-2/id-load-link-sec.html
This is used to layer-2 links can also "look at" the layer-3 and layer-4
information.
Cheers,
-Andy
On Fri, Aug 21, 2009 at 2:53 PM, Serge Vautour wrote:
> For anyone curious, Juniper seems to have 3 ways to solve this problem:
>
>
> http://www.juniper.net/techpubs/software/junos/junos93/swconfig-policy/configuring-per-flow-load-balancing-information.html#id-11352490
>
> I can't say I understand all 3 (docs are a bit vague). We implemented the
> first and it worked perfectly:
>
> [edit forwarding-options hash-key]
> family inet {
> layer-3;
> layer-4;
> }
>
> Serge
>
>
>
> - Original Message
> From: Serge Vautour
> To: juniper-nsp@puck.nether.net
> Sent: Thursday, August 20, 2009 11:44:25 AM
> Subject: [j-nsp] Broken Per-Flow load sharing
>
> Hello,
>
> We have several M320s & T640s in our network running 8.5R4.3. They are all
> configured for per-flow load sharing:
>
> RouterA> show configuration routing-options forwarding-table
> export perDestinationLoadBalance;
>
> RouterA> show configuration policy-options policy-statement
> perDestinationLoadBalance
> /* Policy exported against forwarding-table configuration to ensure
> per-flow-destination load balance */
> then {
>load-balance per-packet;
> }
>
>
> The routers have 2x 10GEs via switches to reach Aggregation routers. OSPF
> sees 2 equal cost paths to the BGP next hops and splits the traffic across
> the links. This has been working fine for a few years (it worked on 8.2 as
> well).
>
> We recently upgraded to 9.3R2.8 and load sharing is no longer working:
>
> RouterA> show interfaces xe-1/0/0 detail | match "Output packets.*pps"
> Output packets: 61838797 pps
> Output packets:00 pps
> Output packets:525426 pps
> Output packets:192790 pps
> Output packets: 31340 pps
> Output packets:00 pps
>
> RouterA> show interfaces xe-2/0/0 detail | match "Output packets.*pps"
> Output packets: 285078265156 228705 pps
> Output packets:00 pps
> Output packets: 280511288646 221803 pps
> Output packets: 4118406919 6075 pps
> Output packets:442607080 894 pps
> Output packets:00 pps
>
> The first "Output" line is the 10GE aggregate. The other output lines are
> the VLANs on the 10GE. Note that the xe-1/0/0 interface has next to 0 pps on
> output!! We have upgraded two M320s and they are both showing the same
> problem.
>
> My guess is that the per-flow load balancing hash has changed in the newer
> release. The 9.3 manual talks about setting something like this:
>
> [edit forwarding-options hash-key]
> family inet {
> layer-3;
> layer-4;
> }
>
> But it's a bit unclear as to what happens if it isn't set. Can anyone
> confirm that this will restore per-flow load sharing?
>
> Any help would be appreciated.
>
> Thanks,
> Serge
>
>
> __
> Looking for the perfect gift? Give the gift of Flickr!
>
> http://www.flickr.com/gift/
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
>
> __
> The new Internet Explorer® 8 - Faster, safer, easier. Optimized for Yahoo!
> Get it Now for Free! at http://downloads.yahoo.com/ca/internetexplorer/
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Fwd: AS path loop detection from IBGP peer
Hi Steve, In my setup, I am using Juniper as a spoke PE and it doesn't have any EBGP peers.I only have IBGP-peering with HUB (Redback SE). The problem is, the spoke (JUNO) is not installing those routes which have generated from othe spoke (spoke 2) but it is installing those routes generated from HUB CE. === I have hub and spoke MPLS/VPN topology, hub as redback SE and spoke as Juniper. I tried to send exported routes to juno from SE (SE received routes from another EBGP peer), but somehow Juniper is not installing those routes which are received from another AS (here AS path is 2,1 when it comes to Juno) but where as those routes which are coming directly from Hub CE (static routes whose AS path is 2) are successfully installed. spoke1 PE(IBGP 1) Hub PE (EBGP 2)Hub CE | spoke2 PE ---(IBGP 1) | hub PE has 2 VRFs export and import. import is recieving routes from Spokes and export is sending routes to all spokes. These 2 VRFs are EBGPed to Hub CE. Ec: In the debugs the route 500:: is not getting installed, the only difference I saw is, the ASPATH contain its own AS 1 (ASPath(2) length 14: 2000 1 2 ) The other routes generated from HUB CE which has only 2000 got installed successfully (140::) === ug 18 10:49:59.677406 BGP RECV 1.1.1.1+62849 -> 1.1.1.4+179 Aug 18 10:49:59.677412 BGP RECV message type 2 (Update) length 440 Aug 18 10:49:59.677602 BGP RECV flags 0x40 code Origin(1): Incomplete Aug 18 10:49:59.677612 BGP RECV flags 0x50 code ASPath(2) length 14: 2000 1 2 Aug 18 10:49:59.677617 BGP RECV flags 0x80 code MultiExitDisc(4): 0 Aug 18 10:49:59.677621 BGP RECV flags 0x40 code LocalPref(5): 100 Aug 18 10:49:59.677626 BGP RECV flags 0xd0 code Extended Communities(16): 2:1:1000 Aug 18 10:49:59.677631 BGP RECV flags 0x90 code MP_reach(14): AFI/SAFI 2/128 Aug 18 10:49:59.677637 BGP RECV nhop :::1.1.1.1 len 24 Aug 18 10:49:59.677654 BGP RECV 1.1.1.1:1000:500::d/128 (label 590031) , 1.1.1.1:1000:500::e/128 (label 590031) , 1.1.1.1:1000:500::f/128 (label 590031) , 1.1.1.1:1000:500::10/128 (label 590031) Aug 18 10:49:59.677674 BGP RECV 1.1.1.1:1000:500::11/128 (label 590031) , 1.1.1.1:1000:500::12/128 (lab el 590031) , 1.1.1.1:1000:500::13/128 (label 590031) , 1.1.1.1:1000:500::14/128 (label 590031) Aug 18 10:49:59.677689 BGP RECV 1.1.1.1:1000:500::15/128 (label 590031) , 1.1.1.1:1000:500::16/128 (lab el 590031) , 1.1.1.1:1000:500::17/128 (label 590031) , 1.1.1.1:1000:500::18/128 (label 590031) Aug 18 10:49:59.677699 bgp_should_merge_as2_and_as4_path():1837 AS4-Peer 1.1.1.1 (Internal AS 1)(RECV): No merg e of as-paths required as the peer is 4 byte as capable Aug 18 10:49:59.677705 bgp_process_aspath_and_aggr_attr():2251 AS4-Peer 1.1.1.1 (Internal AS 1)(RECV): bgp_shou ld_merge_as2_and_as4_path() says NO Aug 18 10:49:59.677712 bgp_process_aspath_and_aggr_attr():2288 AS4-Peer 1.1.1.1 (Internal AS 1)(RECV): Merged a sp: path_len 12, path_seg_len 2, path2_len 0, path2_seg_len 0, path4_len 0, path4_seg_len 0, path_attr_len 0, p ath_aggr_len 0, path4_aggr_len 0, path4_flags 0x0, path_flags 0x0 Aug 18 10:49:59.677720 bgp_rcv_nlri: Peer 1.1.1.1 (Internal AS 1) Aug 18 10:49:59.677727 bgp_rcv_nlri: 1.1.1.1:1000:500::d/192 ug 18 14:39:31.952606 BGP RECV 1.1.1.1+64520 -> 1.1.1.4+179 Aug 18 14:39:31.952612 BGP RECV message type 2 (Update) length 156 Aug 18 14:39:31.952617 BGP RECV flags 0x40 code Origin(1): Incomplete Aug 18 14:39:31.952622 BGP RECV flags 0x50 code ASPath(2) length 6: 2000 Aug 18 14:39:31.952626 BGP RECV flags 0x80 code MultiExitDisc(4): 0 Aug 18 14:39:31.952630 BGP RECV flags 0x40 code LocalPref(5): 100 Aug 18 14:39:31.952635 BGP RECV flags 0xd0 code Extended Communities(16): 2:1:1000 Aug 18 14:39:31.952639 BGP RECV flags 0x90 code MP_reach(14): AFI/SAFI 2/128 Aug 18 14:39:31.952644 BGP RECV nhop :::1.1.1.1 len 24 Aug 18 14:39:31.952655 BGP RECV 1.1.1.1:1000:140::/64 (label 590029) , 1.1.1.1:1000:1000::/64 (label 59 0029) , 1.1.1.1:1000:1100::/64 (label 590029) Aug 18 14:39:31.952667 bgp_should_merge_as2_and_as4_path():1837 AS4-Peer 1.1.1.1 (Internal AS 1)(RECV): No merg e of as-paths required as the peer is 4 byte as capable Aug 18 14:39:31.952673 bgp_process_aspath_and_aggr_attr():2251 AS4-Peer 1.1.1.1 (Internal AS 1)(RECV): bgp_shou ld_merge_as2_and_as4_path() says NO Aug 18 14:39:31.952683 bgp_process_aspath_and_aggr_attr():2288 AS4-Peer 1.1.1.1 (Internal AS 1)(RECV): Merged a sp: path_len 4, path_seg_len 2, path2_len 0, path2_seg_len 0, path4_len 0, path4_seg_len 0, path_attr_len 0, pa th_aggr_len 0, path4_aggr_len 0, path4_flags 0x0, path_flags 0x0 On Fri, Aug 21, 2009 at 12:59 PM, Steven Brenchley wrote: > Hi Jana, > > I think I may have found a better solution. There is another option, > which is to pass the iBGP information of your customer transparently across > the VPN network. i.e. the routes on the customer side will not see the > AS(es) that are
Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
Hello Michael
An alternate is to use the flexible-services that the MX has available -
leaves you able to use other vlans on the ports for direct routed use,
logical routers, QinQ tagging, VPLS, etc.
HSRP is Cisco specific - the equivalent with everyone else is VRRP -
which most Cisco gear also supports
The VSTP spanning tree protocol used on the MX (essentially PVST+) is
something I tinkered with, but we never implemented, so double-check my
syntax. As well, it does limit you to using the same vlan tags and a
matching "normalizing" bridge group tag on all interfaces that are part
of the bridge group - a fixed requirement on TCAM based Cisco gear, but
NOT on the MX (which allows you to bridge together dissimilar tags on
each interface that are part of a bridge group, if you aren't using
VSTP)
Example:
interfaces {
ge-2/0/0 {
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
unit 200 {
encapsulation vlan-bridge;
vlan-id 200;
}
}
ge-2/1/0 {
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
unit 200 {
encapsulation vlan-bridge;
vlan-id 200;
}
}
irb {
unit 200 {
family inet {
address 10.10.10.2/26;
vrrp-group 1 {
virtual-address 10.10.10.1;
priority 10;
}
}
}
}
}
protocols {
vstp {
vlan 200 {
interface ge-2/0/0.200;
interface ge-2/1/0.200;
}
}
}
bridge-domains {
vlan200 {
domain-type bridge;
vlan-id 200;
interface ge-2/0/0.200;
interface ge-2/1/0.200;
routing-interface irb.200
}
}
-Original Message-
From: juniper-nsp-boun...@puck.nether.net
[mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Michael Phung
Sent: Friday, August 21, 2009 9:24 AM
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
Hello everyone,
I just got my hands on a Juniper mx router and I'm starting the
initial config in preparation to convert from Cisco. As I configure
the interfaces, I can't seem to figure our how to create a routed vlan
interface and have the ability to trunk it down multiple physical
interfaces. I've looked up on the the web but was unable to find
anything that direct describes what I'm trying to achieve.
Below is a sample config from a Cisco;
!
spanning-tree mode pvst
spanning-tree vlan 200 priority 8192
!
interface GigabitEthernet2/1
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 200
switchport mode trunk
switchport nonegotiate
!
interface GigabitEthernet2/10
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 200
switchport mode trunk
switchport nonegotiate
!
interface Vlan200
ip address 10.10.10.2 255.255.255.192
no ip redirects
no ip unreachables
no ip proxy-arp
standby ip 10.10.10.1
!
Can this be done on a MX router? if so, can a sample config be provided?
Any help would be much appreciated.
Michael
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] How to find GGSN Version?
Hi Experts, How to find GGSN Version [ like GGSN R4 FP01 CP05] for Ericsson GGSN in Juniper Platform? Any command, other than finding latest installed ggsn-install-.tgz file? Thanks in advance, Mustafa ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Fwd: AS path loop detection from IBGP peer
Hi Jana,
I think I may have found a better solution. There is another option,
which is to pass the iBGP information of your customer transparently across
the VPN network. i.e. the routes on the customer side will not see the
AS(es) that are used on the VPN network.
You can do this by configuring a VRF such that:
routing-options {
autonomous-system <*customer AS*> *independent-domain*;
}
protocols {
bgp {
group ibgp {
type *internal*;
neighbor ;
}
}
}
This will instruct the PE to transport the customer network BGP
attributes transparently over the VPN infrastructure. The protocol extension
is documented in draft-marques-l3vpn-ibgp-01.
On Thu, Aug 20, 2009 at 1:48 PM, janardhan madabattula <
janardhan...@gmail.com> wrote:
> Hi Steve,
>
> This is not working in IBGP case, I mean the command itself is not taking
> affect.
>
> Do you expect this to work in IBGP peers (PEs).?
>
>
> =
>}
> policy-statement loopback1 {
> from {
> route-filter 6.6.6.6/32 exact;
> }
> then accept;
> }
> policy-statement spoke3-EX {
> from protocol [ static direct bgp ];
> then {
> community add spoke3-comm1;
> accept;
> }
> }
> policy-statement spoke3-IMP {
> from {
> protocol bgp;
> community spoke3-comm2;
> }
> then accept;
> }
> community vpn1-comm members target:1:6500;
> community spoke3-comm1 members target:1:1100;
> community spoke3-comm2 members target:1:1000;
> }
> routing-instances {
> vpn1 {
> instance-type vrf;
> interface ge-0/0/6.1;
> route-distinguisher 1.1.1.4:6500;
> vrf-import vpn1-IMP;
> vrf-export vpn1-EX;
> routing-options {
> rib vpn1.inet6.0 {
> static {
> route 210::/64 next-hop 3ffe::21:1;
> }
> }
> }
> protocols {
> bgp {
> family inet6 {
> unicast;
> }
> group to-N2X {
> peer-as 1000;
> local-as 1;
> neighbor 200::1;
> }
> }
> }
> }
> spoke3 {
> instance-type vrf;
> interface ge-0/0/6.2;
> route-distinguisher 1.1.1.4:1100;
> vrf-import spoke3-IMP;
> vrf-export spoke3-EX;
> routing-options {
> rib spoke3.inet6.0 {
> static {
> route 155::/64 next-hop 150::1;
> }
> }
> }
> }
> }
> routing-options {
> autonomous-system loops 2;
> }
> [edit groups MPBN logical-systems jana]
> t...@systest-m320# commit check
> [edit logical-systems jana routing-options]
> 'autonomous-system'
> Missing mandatory statement:
> error: configuration check-out failed: (missing mandatory statements)
> [edit groups MPBN logical-systems jana]
> t...@systest-m320# set routing-options autonomous-system loops 2 1
> [edit groups MPBN logical-systems jana]
> t...@systest-m320# commit check
> [edit groups MPBN logical-systems jana protocols bgp group PE1]
> 'local-as'
> Invalid loop count configured
> error: configuration check-out failed
> [edit groups MPBN logical-systems jana]
> t...@systest-m320#
> ==
> THanks,
> Janardhan
>
> On Tue, Aug 18, 2009 at 4:45 PM, Steven Brenchley wrote:
>
>> I've never set it up with IPV6 and the doc's don't say one way or
>> another but I would think it wouldn't make a difference
>> .
>> If this is in a routing instance then you'll need to apply it in the
>> routing instance?
>>
>> # set routing-instances vpn routing-options autonomous-system loops 2
>>
>>
>> On Tue, Aug 18, 2009 at 7:03 PM, janardhan madabattula <
>> janardhan...@gmail.com> wrote:
>>
>>> Hi,
>>>
>>> Does this work in 6VPE environment ?
>>>
>>> Still, I am seeing the IBGP peer is not installing those routes with its
>>> own AS in AS-PATH list.
>>>
>>> THanks,
>>> Jana
>>>
>>> On Tue, Aug 18, 2009 at 3:47 PM, Steven Brenchley >> > wrote:
>>>
Hi Janardhan,
There is no way to disable AS loop detection but you can make the
router accept an AS loop up to 10 times. Use the following command.
# set routing-options autonomous-system loops 10
On Tue, Aug 18, 2009 at 5:01 PM, janardhan madabattula <
janardhan...@gmail.com> wrote:
> Hi,
>
> Is there any way to disable AS path loop detection when it recieve
> route
> update from IBGP peer.
>
> Thanks,
> Janardhan
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
--
Steven Brenchley
-
Re: [j-nsp] Broken Per-Flow load sharing
For anyone curious, Juniper seems to have 3 ways to solve this problem:
http://www.juniper.net/techpubs/software/junos/junos93/swconfig-policy/configuring-per-flow-load-balancing-information.html#id-11352490
I can't say I understand all 3 (docs are a bit vague). We implemented the first
and it worked perfectly:
[edit forwarding-options hash-key]
family inet {
layer-3;
layer-4;
}
Serge
- Original Message
From: Serge Vautour
To: juniper-nsp@puck.nether.net
Sent: Thursday, August 20, 2009 11:44:25 AM
Subject: [j-nsp] Broken Per-Flow load sharing
Hello,
We have several M320s & T640s in our network running 8.5R4.3. They are all
configured for per-flow load sharing:
RouterA> show configuration routing-options forwarding-table
export perDestinationLoadBalance;
RouterA> show configuration policy-options policy-statement
perDestinationLoadBalance
/* Policy exported against forwarding-table configuration to ensure
per-flow-destination load balance */
then {
load-balance per-packet;
}
The routers have 2x 10GEs via switches to reach Aggregation routers. OSPF sees
2 equal cost paths to the BGP next hops and splits the traffic across the
links. This has been working fine for a few years (it worked on 8.2 as well).
We recently upgraded to 9.3R2.8 and load sharing is no longer working:
RouterA> show interfaces xe-1/0/0 detail | match "Output packets.*pps"
Output packets: 61838797 pps
Output packets:00 pps
Output packets:525426 pps
Output packets:192790 pps
Output packets: 31340 pps
Output packets:00 pps
RouterA> show interfaces xe-2/0/0 detail | match "Output packets.*pps"
Output packets: 285078265156 228705 pps
Output packets:00 pps
Output packets: 280511288646 221803 pps
Output packets: 4118406919 6075 pps
Output packets:442607080 894 pps
Output packets:00 pps
The first "Output" line is the 10GE aggregate. The other output lines are the
VLANs on the 10GE. Note that the xe-1/0/0 interface has next to 0 pps on
output!! We have upgraded two M320s and they are both showing the same problem.
My guess is that the per-flow load balancing hash has changed in the newer
release. The 9.3 manual talks about setting something like this:
[edit forwarding-options hash-key]
family inet {
layer-3;
layer-4;
}
But it's a bit unclear as to what happens if it isn't set. Can anyone confirm
that this will restore per-flow load sharing?
Any help would be appreciated.
Thanks,
Serge
__
Looking for the perfect gift? Give the gift of Flickr!
http://www.flickr.com/gift/
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
__
The new Internet Explorer® 8 - Faster, safer, easier. Optimized for Yahoo!
Get it Now for Free! at http://downloads.yahoo.com/ca/internetexplorer/
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Partition/Format new HD
> Date: Fri, 21 Aug 2009 14:50:51 -0400 > From: Brendan Mannella > > Yes, but that command did not work for me until I did "request system > snapshot partition" first. Then I did "request system partition hard-disk" > > Initially I replaced the bad disk with a brand new SSD out of the box, > booted and ran. "request system partition hard-disk" and I got the following > error.. > > r...@ibr1.pit> request system partition hard-disk > mount: /dev/ad1s1e on /altconfig: incorrect super block > ERROR: Can't access hard disk, aborting partition. > > Not until I ran "request system snapshot partition" first did it work. Yes, but it was the dd(1) that fixed the real problem. The disk was pre-formatted for either FAT or NTFS and that resulted in a partition table on the drive that FreeBSD (JunOS) could not work with. The dd(1) command blanked the partition table on the drive so the 'request system partition hard-drive' command could do the job. I believe that the sequence of things (at the FreeBSD level) is: Check for /dev/ad1s1 If it is not found, fdisk to create it. bsdlabel to partition the slice If the disk is already FAT or NTFS formatted, it will have /dev/ad1s1, but it won't be a FreeBSD type slice, so bsdlabel will fail (as it did). Wiping the partition table prevents this and causes fdisk to be run before bsdlabel. I am pretty sure that just doing the dd followed by the 'request system partition hard-disk' would have done the job. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: ober...@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
Dan,
This EX switch configuration. Original post requested configuration for MX
Switches.
Thanks,
Nilesh.
On 8/21/09 11:45 AM, "Dan Farrell" wrote:
This is how I do it... if this is not a recommended method, please let me know
(PLEASE!) I currently configure around 90 L3 interfaces in this manner right
now.
interfaces {
ge-0/0/20 {
description "physical port";
unit 0 {
family ethernet-switching {
port-mode trunk;
native-vlan-id 3007;
}
}
}
vlan {
unit 98 {
description "prov - vlan 98 - 8.0.0.0/30 - pri-switch -
fa0/3";
family inet {
address 8.0.0.1/30;
}
}
unit 4070 {
description "psc - vlan 4070 - 10.254.0.128/26";
family inet {
address 10.254.0.129/26;
}
}
}
vlans {
prov {
description "prov - vlan 98 - 8.0.0.0/30 - pri-switch - fa0/3";
vlan-id 98;
interface {
ge-0/0/20.0;
ge-0/0/1.0;
}
l3-interface vlan.98;
}
psc {
description "psc - vlan 4070 - 10.254.0.128/26";
vlan-id 4070;
interface {
ge-0/0/20.0;
}
l3-interface vlan.4070;
}
Thanks,
Dan
-Original Message-
From: juniper-nsp-boun...@puck.nether.net
[mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of ??
Sent: Friday, August 21, 2009 1:34 PM
To: Michael Phung
Cc: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
interfaces {
ge-0/0/0 {
unit 0 {
family bridge {
interface-mode access;
vlan-id 10;
}
}
}
ge-0/0/1 {
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list 1-4000;
}
}
}
irb {
unit 10 {
family inet {
address 10.0.0.3/29
}
}
}
}
}
}
}
bridge-domains {
vlan10 {
vlan-id 10;
routing-interface irb.10;
}
}
On Sat, Aug 22, 2009 at 12:23 AM, Michael Phung wrote:
> Hello everyone,
>
> I just got my hands on a Juniper mx router and I'm starting the
> initial config in preparation to convert from Cisco. As I configure
> the interfaces, I can't seem to figure our how to create a routed vlan
> interface and have the ability to trunk it down multiple physical
> interfaces. I've looked up on the the web but was unable to find
> anything that direct describes what I'm trying to achieve.
>
> Below is a sample config from a Cisco;
>
> !
> spanning-tree mode pvst
> spanning-tree vlan 200 priority 8192
> !
> interface GigabitEthernet2/1
> switchport
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan 200
> switchport mode trunk
> switchport nonegotiate
> !
> interface GigabitEthernet2/10
> switchport
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan 200
> switchport mode trunk
> switchport nonegotiate
> !
> interface Vlan200
> ip address 10.10.10.2 255.255.255.192
> no ip redirects
> no ip unreachables
> no ip proxy-arp
> standby ip 10.10.10.1
> !
>
> Can this be done on a MX router? if so, can a sample config be provided?
>
> Any help would be much appreciated.
>
> Michael
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
--
BR!
James Chen
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Partition/Format new HD
Yes, but that command did not work for me until I did "request system snapshot partition" first. Then I did "request system partition hard-disk" Initially I replaced the bad disk with a brand new SSD out of the box, booted and ran. "request system partition hard-disk" and I got the following error.. r...@ibr1.pit> request system partition hard-disk mount: /dev/ad1s1e on /altconfig: incorrect super block ERROR: Can't access hard disk, aborting partition. Not until I ran "request system snapshot partition" first did it work. On 8/21/09 1:53 PM, "Kevin Oberman" wrote: >> Date: Fri, 21 Aug 2009 09:56:45 -0700 >> From: "Kevin Oberman" >> Sender: juniper-nsp-boun...@puck.nether.net >> >>> Date: Fri, 21 Aug 2009 12:32:30 -0400 >>> From: Brendan Mannella >>> Sender: juniper-nsp-boun...@puck.nether.net >>> >>> Hello, >>> >>> I have been battling trying to replace a failed hard disk on my juniper m7i. >>> I have finally got the disk to be recognized by the system. Now I need to >>> put all the partitions back. The router successfully boots from the CF so I >>> can run system commands. >>> >>> I tried.. >>> >>> r...@ibr1.pit> request system partition hard-disk >>> mount: /dev/ad1s1e on /altconfig: incorrect super block >>> ERROR: Can't access hard disk, aborting partition. >>> >>> Am I missing a command first? >> >> request system snapshot partition >> >> but, if the disk is already partitioned for Windows, you should first >> start shell and 'dd if=/dev/zero of=/dev/adq bs=512 count=1024 >> >> This assumes the hard disk is ad1. You can confirm this with 'tail >> /var/run/dmesg' after starting shell or 'file show /var/run/dmesg' in >> the CLI. > > Replying to myself to correct my mistakes: > > The command to wipe the partition table on a disk set up for Windows, it > should have read: > dd if=/dev/zero of=/dev/ad1 bs=512 count=1024 > Lazy finger! > > More importantly, once that is done 'request system partition hard-disk' > is the correct way to partition the hard drive. the snapshot command > will only create the partitions needed to snapshot the flash and not 'b' > (swap) or 'f' (var) which don't exist on the CF. > > Sorry for posting the bogus information. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
This is how I do it... if this is not a recommended method, please let me know
(PLEASE!) I currently configure around 90 L3 interfaces in this manner right
now.
interfaces {
ge-0/0/20 {
description "physical port";
unit 0 {
family ethernet-switching {
port-mode trunk;
native-vlan-id 3007;
}
}
}
vlan {
unit 98 {
description "prov - vlan 98 - 8.0.0.0/30 - pri-switch -
fa0/3";
family inet {
address 8.0.0.1/30;
}
}
unit 4070 {
description "psc - vlan 4070 - 10.254.0.128/26";
family inet {
address 10.254.0.129/26;
}
}
}
vlans {
prov {
description "prov - vlan 98 - 8.0.0.0/30 - pri-switch - fa0/3";
vlan-id 98;
interface {
ge-0/0/20.0;
ge-0/0/1.0;
}
l3-interface vlan.98;
}
psc {
description "psc - vlan 4070 - 10.254.0.128/26";
vlan-id 4070;
interface {
ge-0/0/20.0;
}
l3-interface vlan.4070;
}
Thanks,
Dan
-Original Message-
From: juniper-nsp-boun...@puck.nether.net
[mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of ??
Sent: Friday, August 21, 2009 1:34 PM
To: Michael Phung
Cc: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
interfaces {
ge-0/0/0 {
unit 0 {
family bridge {
interface-mode access;
vlan-id 10;
}
}
}
ge-0/0/1 {
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list 1-4000;
}
}
}
irb {
unit 10 {
family inet {
address 10.0.0.3/29
}
}
}
}
}
}
}
bridge-domains {
vlan10 {
vlan-id 10;
routing-interface irb.10;
}
}
On Sat, Aug 22, 2009 at 12:23 AM, Michael Phung wrote:
> Hello everyone,
>
> I just got my hands on a Juniper mx router and I'm starting the
> initial config in preparation to convert from Cisco. As I configure
> the interfaces, I can't seem to figure our how to create a routed vlan
> interface and have the ability to trunk it down multiple physical
> interfaces. I've looked up on the the web but was unable to find
> anything that direct describes what I'm trying to achieve.
>
> Below is a sample config from a Cisco;
>
> !
> spanning-tree mode pvst
> spanning-tree vlan 200 priority 8192
> !
> interface GigabitEthernet2/1
> switchport
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan 200
> switchport mode trunk
> switchport nonegotiate
> !
> interface GigabitEthernet2/10
> switchport
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan 200
> switchport mode trunk
> switchport nonegotiate
> !
> interface Vlan200
> ip address 10.10.10.2 255.255.255.192
> no ip redirects
> no ip unreachables
> no ip proxy-arp
> standby ip 10.10.10.1
> !
>
> Can this be done on a MX router? if so, can a sample config be provided?
>
> Any help would be much appreciated.
>
> Michael
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
--
BR!
James Chen
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Partition/Format new HD
> Date: Fri, 21 Aug 2009 09:56:45 -0700 > From: "Kevin Oberman" > Sender: juniper-nsp-boun...@puck.nether.net > > > Date: Fri, 21 Aug 2009 12:32:30 -0400 > > From: Brendan Mannella > > Sender: juniper-nsp-boun...@puck.nether.net > > > > Hello, > > > > I have been battling trying to replace a failed hard disk on my juniper m7i. > > I have finally got the disk to be recognized by the system. Now I need to > > put all the partitions back. The router successfully boots from the CF so I > > can run system commands. > > > > I tried.. > > > > r...@ibr1.pit> request system partition hard-disk > > mount: /dev/ad1s1e on /altconfig: incorrect super block > > ERROR: Can't access hard disk, aborting partition. > > > > Am I missing a command first? > > request system snapshot partition > > but, if the disk is already partitioned for Windows, you should first > start shell and 'dd if=/dev/zero of=/dev/adq bs=512 count=1024 > > This assumes the hard disk is ad1. You can confirm this with 'tail > /var/run/dmesg' after starting shell or 'file show /var/run/dmesg' in > the CLI. Replying to myself to correct my mistakes: The command to wipe the partition table on a disk set up for Windows, it should have read: dd if=/dev/zero of=/dev/ad1 bs=512 count=1024 Lazy finger! More importantly, once that is done 'request system partition hard-disk' is the correct way to partition the hard drive. the snapshot command will only create the partitions needed to snapshot the flash and not 'b' (swap) or 'f' (var) which don't exist on the CF. Sorry for posting the bogus information. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: ober...@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Partition/Format new HD
I am actually ok now, thanks to Kevin Oberman from Energy Sciences Network
(ESnet). I am working on documenting the events to post to the list, as I am
sure this will happen to someone else. And surprisingly I could not find one
place for the answer.
On 8/21/09 2:13 PM, "Nalkhande Tarique Abbas" wrote:
>
> Brendan,
>
> Your new hdd doesn't look to be in good shape, how about a quick health
> check?
>
> A smartd,
>
> r...@radium-re0-tarique% smartd -oX /dev/ad1
> Drive Command Successful, Extended Self test has begun
> Please wait 17 minutes for test to complete
> Use smartd -oA to abort test
>
> Ensure alternate super block exists,
>
> r...@radium-re0-tarique% newfs -N /dev/ad1s1a
> r...@radium-re0-tarique% newfs -N /dev/ad1s1e
>
> Perform filechecks,
>
>
> r...@radium-re0-tarique% fsck -f /dev/ad1s1a
> r...@radium-re0-tarique% fsck -f /dev/ad1s1e
>
> {-f : Force fsck to check `clean' filesystems when preening}
>
> If the above fails, we could preen.
>
> r...@radium-re0-tarique% fsck -p /dev/ad1s1a
> r...@radium-re0-tarique% fsck -p /dev/ad1s1e
>
> -p : Preen filesystems
>
> Some of the corrective actions which are not correctable under the -p
> option can result in some loss of data.
>
>
> The above checks will determine our next step.
>
>
>
> Thanks & Regards,
> Tarique A. Nalkhande
>
> -Original Message-
> From: juniper-nsp-boun...@puck.nether.net
> [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Brendan
> Mannella
> Sent: Friday, August 21, 2009 10:03 PM
> To: juniper-nsp@puck.nether.net
> Subject: [j-nsp] Partition/Format new HD
>
> Hello,
>
> I have been battling trying to replace a failed hard disk on my juniper
> m7i.
> I have finally got the disk to be recognized by the system. Now I need
> to
> put all the partitions back. The router successfully boots from the CF
> so I
> can run system commands.
>
> I tried..
>
> r...@ibr1.pit> request system partition hard-disk
> mount: /dev/ad1s1e on /altconfig: incorrect super block
> ERROR: Can't access hard disk, aborting partition.
>
> Am I missing a command first?
>
> Thanks,
>
> BRendan
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Restore M7 to initial state
Many thanks to all for answers. *am* - Andrea Montefusco iw0hdvhttp://www.montefusco.com tel: +393356992791 fax: +390623318709 - ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Partition/Format new HD
Brendan,
Your new hdd doesn't look to be in good shape, how about a quick health
check?
A smartd,
r...@radium-re0-tarique% smartd -oX /dev/ad1
Drive Command Successful, Extended Self test has begun
Please wait 17 minutes for test to complete
Use smartd -oA to abort test
Ensure alternate super block exists,
r...@radium-re0-tarique% newfs -N /dev/ad1s1a
r...@radium-re0-tarique% newfs -N /dev/ad1s1e
Perform filechecks,
r...@radium-re0-tarique% fsck -f /dev/ad1s1a
r...@radium-re0-tarique% fsck -f /dev/ad1s1e
{-f : Force fsck to check `clean' filesystems when preening}
If the above fails, we could preen.
r...@radium-re0-tarique% fsck -p /dev/ad1s1a
r...@radium-re0-tarique% fsck -p /dev/ad1s1e
-p : Preen filesystems
Some of the corrective actions which are not correctable under the -p
option can result in some loss of data.
The above checks will determine our next step.
Thanks & Regards,
Tarique A. Nalkhande
-Original Message-
From: juniper-nsp-boun...@puck.nether.net
[mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Brendan
Mannella
Sent: Friday, August 21, 2009 10:03 PM
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Partition/Format new HD
Hello,
I have been battling trying to replace a failed hard disk on my juniper
m7i.
I have finally got the disk to be recognized by the system. Now I need
to
put all the partitions back. The router successfully boots from the CF
so I
can run system commands.
I tried..
r...@ibr1.pit> request system partition hard-disk
mount: /dev/ad1s1e on /altconfig: incorrect super block
ERROR: Can't access hard disk, aborting partition.
Am I missing a command first?
Thanks,
BRendan
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
FYI
Thanks,
Nilesh
On 8/21/09 10:34 AM, "陈江" wrote:
interfaces {
ge-0/0/0 {
unit 0 {
family bridge {
interface-mode access;
vlan-id 10;
}
}
}
ge-0/0/1 {
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list 1-4000;
}
}
}
irb {
unit 10 {
family inet {
address 10.0.0.3/29
}
}
}
}
}
}
}
bridge-domains {
vlan10 {
vlan-id 10;
routing-interface irb.10;
}
}
On Sat, Aug 22, 2009 at 12:48 AM, Nilesh Khambal wrote:
Check the MX solution guide in documentation for latest JUNOS release.
You need to look for "interface-mode trunk", "bridge-domain
configuration" and "IRB interface configuration"
Thanks,
Nilesh
--
Sent from my mobile handheld device
On Aug 21, 2009, at 9:27 AM, "Michael Phung" wrote:
> Hello everyone,
>
> I just got my hands on a Juniper mx router and I'm starting the
> initial config in preparation to convert from Cisco. As I configure
> the interfaces, I can't seem to figure our how to create a routed vlan
> interface and have the ability to trunk it down multiple physical
> interfaces. I've looked up on the the web but was unable to find
> anything that direct describes what I'm trying to achieve.
>
> Below is a sample config from a Cisco;
>
> !
> spanning-tree mode pvst
> spanning-tree vlan 200 priority 8192
> !
> interface GigabitEthernet2/1
> switchport
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan 200
> switchport mode trunk
> switchport nonegotiate
> !
> interface GigabitEthernet2/10
> switchport
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan 200
> switchport mode trunk
> switchport nonegotiate
> !
> interface Vlan200
> ip address 10.10.10.2 255.255.255.192
> no ip redirects
> no ip unreachables
> no ip proxy-arp
> standby ip 10.10.10.1
> !
>
> Can this be done on a MX router? if so, can a sample config be
> provided?
>
> Any help would be much appreciated.
>
> Michael
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
interfaces {
ge-0/0/0 {
unit 0 {
family bridge {
interface-mode access;
vlan-id 10;
}
}
}
ge-0/0/1 {
unit 0 {
family bridge {
interface-mode trunk;
vlan-id-list 1-4000;
}
}
}
irb {
unit 10 {
family inet {
address 10.0.0.3/29
}
}
}
}
}
}
}
bridge-domains {
vlan10 {
vlan-id 10;
routing-interface irb.10;
}
}
On Sat, Aug 22, 2009 at 12:23 AM, Michael Phung wrote:
> Hello everyone,
>
> I just got my hands on a Juniper mx router and I'm starting the
> initial config in preparation to convert from Cisco. As I configure
> the interfaces, I can't seem to figure our how to create a routed vlan
> interface and have the ability to trunk it down multiple physical
> interfaces. I've looked up on the the web but was unable to find
> anything that direct describes what I'm trying to achieve.
>
> Below is a sample config from a Cisco;
>
> !
> spanning-tree mode pvst
> spanning-tree vlan 200 priority 8192
> !
> interface GigabitEthernet2/1
> switchport
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan 200
> switchport mode trunk
> switchport nonegotiate
> !
> interface GigabitEthernet2/10
> switchport
> switchport trunk encapsulation dot1q
> switchport trunk allowed vlan 200
> switchport mode trunk
> switchport nonegotiate
> !
> interface Vlan200
> ip address 10.10.10.2 255.255.255.192
> no ip redirects
> no ip unreachables
> no ip proxy-arp
> standby ip 10.10.10.1
> !
>
> Can this be done on a MX router? if so, can a sample config be provided?
>
> Any help would be much appreciated.
>
> Michael
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
--
BR!
James Chen
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Partition/Format new HD
> Date: Fri, 21 Aug 2009 12:32:30 -0400 > From: Brendan Mannella > Sender: juniper-nsp-boun...@puck.nether.net > > Hello, > > I have been battling trying to replace a failed hard disk on my juniper m7i. > I have finally got the disk to be recognized by the system. Now I need to > put all the partitions back. The router successfully boots from the CF so I > can run system commands. > > I tried.. > > r...@ibr1.pit> request system partition hard-disk > mount: /dev/ad1s1e on /altconfig: incorrect super block > ERROR: Can't access hard disk, aborting partition. > > Am I missing a command first? request system snapshot partition but, if the disk is already partitioned for Windows, you should first start shell and 'dd if=/dev/zero of=/dev/adq bs=512 count=1024 This assumes the hard disk is ad1. You can confirm this with 'tail /var/run/dmesg' after starting shell or 'file show /var/run/dmesg' in the CLI. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: ober...@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Trunking routed vlan interfaces on a Juniper mx960
Check the MX solution guide in documentation for latest JUNOS release. You need to look for "interface-mode trunk", "bridge-domain configuration" and "IRB interface configuration" Thanks, Nilesh -- Sent from my mobile handheld device On Aug 21, 2009, at 9:27 AM, "Michael Phung" wrote: > Hello everyone, > > I just got my hands on a Juniper mx router and I'm starting the > initial config in preparation to convert from Cisco. As I configure > the interfaces, I can't seem to figure our how to create a routed vlan > interface and have the ability to trunk it down multiple physical > interfaces. I've looked up on the the web but was unable to find > anything that direct describes what I'm trying to achieve. > > Below is a sample config from a Cisco; > > ! > spanning-tree mode pvst > spanning-tree vlan 200 priority 8192 > ! > interface GigabitEthernet2/1 > switchport > switchport trunk encapsulation dot1q > switchport trunk allowed vlan 200 > switchport mode trunk > switchport nonegotiate > ! > interface GigabitEthernet2/10 > switchport > switchport trunk encapsulation dot1q > switchport trunk allowed vlan 200 > switchport mode trunk > switchport nonegotiate > ! > interface Vlan200 > ip address 10.10.10.2 255.255.255.192 > no ip redirects > no ip unreachables > no ip proxy-arp > standby ip 10.10.10.1 > ! > > Can this be done on a MX router? if so, can a sample config be > provided? > > Any help would be much appreciated. > > Michael > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Partition/Format new HD
Hello, I have been battling trying to replace a failed hard disk on my juniper m7i. I have finally got the disk to be recognized by the system. Now I need to put all the partitions back. The router successfully boots from the CF so I can run system commands. I tried.. r...@ibr1.pit> request system partition hard-disk mount: /dev/ad1s1e on /altconfig: incorrect super block ERROR: Can't access hard disk, aborting partition. Am I missing a command first? Thanks, BRendan ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Trunking routed vlan interfaces on a Juniper mx960
Hello everyone, I just got my hands on a Juniper mx router and I'm starting the initial config in preparation to convert from Cisco. As I configure the interfaces, I can't seem to figure our how to create a routed vlan interface and have the ability to trunk it down multiple physical interfaces. I've looked up on the the web but was unable to find anything that direct describes what I'm trying to achieve. Below is a sample config from a Cisco; ! spanning-tree mode pvst spanning-tree vlan 200 priority 8192 ! interface GigabitEthernet2/1 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk switchport nonegotiate ! interface GigabitEthernet2/10 switchport switchport trunk encapsulation dot1q switchport trunk allowed vlan 200 switchport mode trunk switchport nonegotiate ! interface Vlan200 ip address 10.10.10.2 255.255.255.192 no ip redirects no ip unreachables no ip proxy-arp standby ip 10.10.10.1 ! Can this be done on a MX router? if so, can a sample config be provided? Any help would be much appreciated. Michael ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Interest in a (european) Juniper User Group
There is also a Juniper company forum/board for EX and other products, see http://forums.juniper.net Rgds Alex - Original Message - From: "Martin Levin" To: Sent: Friday, August 21, 2009 2:31 PM Subject: Re: [j-nsp] Interest in a (european) Juniper User Group We would absolutely be very interested in such a group, even if actual meetings might be more complicated a place to exchange and write down ideas and known problems would be extremely helpful. The EX-series in particular seems like a moving target still and there's lots information there that could be useful. Not to mention that theoretically the UG could act on behalf of all members in communication with Juniper. So, we (I) are intrested! --- Martin Levin IT-strategy & planning Mölndals stad Från:Thomas Eichhorn Till: Datum:2009-08-21 10:28 Ärende:[j-nsp] Interest in a (european) Juniper User Group -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, I just thought that a Juniper User Group would be quiet cool - if someone else also has interest in it. Due to my latest experiences with Juniper, this could maybe change the way with problems is dealt with and how customers are heard. I believe that a Open PR database founded on the knowledge of the group could be quiet helpful - at least I have been confrontated with many "confidential" PRs, who killed our network, as we switched over to EX. The communication done by Juniper is not very helpful in these cases, and maybe we would be heard better, if we unite in our interests as Juniper users... What do you think? Do you believe this could make any sense? Thanks, Tom -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkqOWQ0ACgkQrUvjMoak8ZdOVwCdGQIXk33ljnRiHmXDClRaeC14 BD0AnjDvYwPZ0bVEJk6gAH1Kskah/p2B =pG53 -END PGP SIGNATURE- ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] routing-instances routing-instance-name instance-type [ vrf | virtual-router|..]
Sure. If you are coming from a Cisco world you can think of virtual-router as vrf-lite. It's not MPLS attached and just used as a seperate routing table and don't require RD or import/export. VRF would be a traditional MPLS L3 VPN instance. HTH, Brandon On Fri, Aug 21, 2009 at 2:36 AM, Mustafa Golam - wrote: > Hi List, > > Can someone put some light on the instance-type: 'vrf' and > 'virtual-router', > > preferably with some explanation/examples of using them ? > > Thanks in advance, > Mustafa > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] op script for checking when rpd fails
If RPD crashes or cores you will get syslog messages, which an event script can match on, then I suppose you could issue 'restart routing'. Truman On 21/08/2009, at 1:33 AM, Noah Garrett Wallach wrote: sth...@nethelp.no wrote: I'd like to have an op script turn off some interfaces when rpd fails. Does anybody know how to notify an op script to do something based on a process failing and/or disappearing? Not really answering your question, but: If you have serious problems with rpd dying *often*, you really need to open a JTAC case. rpd is such an important part of the system that the router really can't do much without it... no doubt - we took care of that within 5 minutes of the core found. we are fairly diligent with that type of stuff. that still does not address our op script next steps. Steinar Haug, Nethelp consulting, sth...@nethelp.no ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Interest in a (european) Juniper User Group
We would absolutely be very interested in such a group, even if actual meetings might be more complicated a place to exchange and write down ideas and known problems would be extremely helpful. The EX-series in particular seems like a moving target still and there's lots information there that could be useful. Not to mention that theoretically the UG could act on behalf of all members in communication with Juniper. So, we (I) are intrested! --- Martin Levin IT-strategy & planning Mölndals stad >>> Från:Thomas Eichhorn Till: Datum:2009-08-21 10:28 Ärende:[j-nsp] Interest in a (european) Juniper User Group -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, I just thought that a Juniper User Group would be quiet cool - if someone else also has interest in it. Due to my latest experiences with Juniper, this could maybe change the way with problems is dealt with and how customers are heard. I believe that a Open PR database founded on the knowledge of the group could be quiet helpful - at least I have been confrontated with many "confidential" PRs, who killed our network, as we switched over to EX. The communication done by Juniper is not very helpful in these cases, and maybe we would be heard better, if we unite in our interests as Juniper users... What do you think? Do you believe this could make any sense? Thanks, Tom -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkqOWQ0ACgkQrUvjMoak8ZdOVwCdGQIXk33ljnRiHmXDClRaeC14 BD0AnjDvYwPZ0bVEJk6gAH1Kskah/p2B =pG53 -END PGP SIGNATURE- ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] EX4200
I can remember we've had such an issue on 9.3R2, but at the end that turned out to be an hardware issue on one of the members of the VC. We're running 9.5R2.7 for about 6 weeks now and did not observe any issues anymore. The switches are used for 'simple' L2 forwarding with MSTP, no L3. We have come a long way with major bugs and issues (we started with 9.1R1!) but since 9.5 the platform is completely stable. BR, Niels -Oorspronkelijk bericht- Van: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-boun...@puck.nether.net] Namens Ross Vandegrift Verzonden: donderdag 20 augustus 2009 22:14 Aan: Brendan Mannella CC: juniper-nsp@puck.nether.net Onderwerp: Re: [j-nsp] EX4200 On Thu, Aug 20, 2009 at 08:15:57AM -0400, Brendan Mannella wrote: > I have just went to 9.3r4.4 and it fixed most issues Seems very stable > so far. Have you reported this issue to JTAC? Is it documented in a PR? This has huge potential impact for system I'll be turning live in the coming months, so the report makes for very good information. I'd like to see that addressed. Ross -- Ross Vandegrift r...@kallisti.us "If the fight gets hot, the songs get hotter. If the going gets tough, the songs get tougher." --Woody Guthrie ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] routing-instances routing-instance-name instance-type [ vrf | virtual-router|..]
Hi List, Can someone put some light on the instance-type: 'vrf' and 'virtual-router', preferably with some explanation/examples of using them ? Thanks in advance, Mustafa ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Interest in a (european) Juniper User Group
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi all, I just thought that a Juniper User Group would be quiet cool - if someone else also has interest in it. Due to my latest experiences with Juniper, this could maybe change the way with problems is dealt with and how customers are heard. I believe that a Open PR database founded on the knowledge of the group could be quiet helpful - at least I have been confrontated with many "confidential" PRs, who killed our network, as we switched over to EX. The communication done by Juniper is not very helpful in these cases, and maybe we would be heard better, if we unite in our interests as Juniper users... What do you think? Do you believe this could make any sense? Thanks, Tom -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkqOWQ0ACgkQrUvjMoak8ZdOVwCdGQIXk33ljnRiHmXDClRaeC14 BD0AnjDvYwPZ0bVEJk6gAH1Kskah/p2B =pG53 -END PGP SIGNATURE- ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
