Re: [j-nsp] Juniper 10G Switch Options
On 4/Jun/15 15:51, Raphael Mazelier wrote: > > > EX4550 in the other hand are not perfect, but stable and less expensive. > For aggregation swithes with only 10G ports I will go with EX4550. We love them. We aggregate customers on them (Layer 2 only), and can simply switch from 1Gbps to 10Gbps just by moving optics. What more can a guy ask for :-). Mark. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper 10G Switch Options
On 4/Jun/15 15:49, Giuliano (WZTECH) wrote: > I think the better option is to use ACX5048 > > Same qfx hardware with a different software > > It will support vpls and evpn > > But I think you will need license for 10G interfaces and L3vpn Broadcom chipset, however. So look out and test for any features that would normally work on a Juniper-designed ASIC. Mark. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Multiple policers for interface/units
On 2 June 2015 at 21:15, Chris Adams wrote:
> I have used policers on units to limit the traffic for a particular
> VLAN, but now I have a need to limit the total traffic on an interface.
> I have a gigE link that is telco-limited to 500Mbps (but I need to
> police the link so I don't put more than 500M in), with several VLANs
> that each need to have their own rate.
>
> I haven't done that before; what's the best way to do that?
>
> This is on an MX960.
> --
> Chris Adams
>
Hi Chris,
I've done aggregate policing before although not hierarchical, but I'll
have a go at suggesting what might work.
The aggregate policing can be achieved with a firewall filter and policer
combo and under the policer you need 'physical-interface-policer'. This
needs to be applied to all IFL's.
Then I think you can police each IFL with the 'policer' command. The output
policers should be evaluated after the firewall filters so in theory it
should work.
I haven't tested it but would be interested to know if you get it to work.
Config would look something like:
firewall {
family inet {
filter AGG_POLICE_500M {
physical-interface-filter;
term POLICE {
then {
policer POLICER_AGG_500M;
}
}
}
}
policer POLICER_AGG_500M {
physical-interface-policer;
if-exceeding {
bandwidth-limit 500m;
burst-size-limit 312500;
}
then discard;
}
policer POLICER_100M {
if-exceeding {
bandwidth-limit 100m;
burst-size-limit 62500;
}
then discard;
}
}
interfaces {
ge-0/0/0 {
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
unit 100 {
vlan-id 100;
family inet {
filter {
output AGG_POLICE_500M;
}
policer {
output POLICER_100M;
}
}
}
unit 200 {
vlan-id 200;
family inet {
filter {
output AGG_POLICE_500M;
}
policer {
output POLICER_100M;
}
}
}
}
}
Cheers,
Dan
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper 10G Switch Options
+1 for the EX 4600 or QFX 5100. For aggregation a 4600 should do the trick. On Jun 4, 2015, at 9:19 AM, Colton Conor wrote: > We need a Juniper switch with at least 24 built in SFP+ ports. Looks like > Juniper has a ton of options including the EX4500, EX4550, EX4600, and the > QFX line which I don't know much about. This switch will be for aggregation > purposes for an access network that has GPON OLT's with 10G uplinks on > them. What do you recommend? Which has the latest hardware? Which is the > most cost effective? Any limitations to be aware of? > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper 10G Switch Options
Le 04/06/15 15:19, Colton Conor a écrit : We need a Juniper switch with at least 24 built in SFP+ ports. Looks like Juniper has a ton of options including the EX4500, EX4550, EX4600, and the QFX line which I don't know much about. This switch will be for aggregation purposes for an access network that has GPON OLT's with 10G uplinks on them. What do you recommend? Which has the latest hardware? Which is the most cost effective? Any limitations to be aware of? EX4600/QFX5100 are relatively new switchs, and use newer asics. I can say there were not completly bug free... But the situation is moving fastly and newer release fix a log of bugs. But they have 40G ports and higher density than EX4550. EX4550 in the other hand are not perfect, but stable and less expensive. For aggregation swithes with only 10G ports I will go with EX4550. -- Raphael Mazelier ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper 10G Switch Options
I think the better option is to use ACX5048 Same qfx hardware with a different software It will support vpls and evpn But I think you will need license for 10G interfaces and L3vpn Sent from my iPhone > On Jun 4, 2015, at 10:38, Tim Jackson wrote: > > It should support EVPN shortly. > >> On Thu, Jun 4, 2015, 6:38 AM Joe Freeman wrote: >> >> Keep in mind the QFX5100 doesn't support evpn or vpls. To do vpls right >> now, we're having to l2vpn back to an MX tunnel interface and stitch into a >> bridge domain. It's not pretty but so far it has worked. We've got our >> fingers crossed that evpn is coming soon. >> >> Also, the 5100's apparently aren't using ASICs, or at least aren't using >> an ASIC on the interfaces that will support flexible-ethernet-services. >> What this means is that I can't L2 switch a customer on the same QFX >> interface that I'm either A) Terminating another customer at L3 (l3 vpn for >> example), or B) Doing a vlan-ccc/l2circuit/l2vpn connection on. This means >> there are some use cases (p2p ethernet circuits between olt's in the same >> CO for instance) that may require more than 1 port between the QFX and the >> olt. >> >> Joe >> >>> On Thu, Jun 4, 2015 at 8:26 AM, Tim Jackson wrote: >>> >>> I'd recommend QFX5100 or EX4600. Same hardware inside for both. >>> >>> Beware that there are a few issues with DHCP and DHCPv6 pass through on >>> them, but that seems to be resolved now. On Jun 4, 2015 6:22 AM, "Colton Conor" wrote: We need a Juniper switch with at least 24 built in SFP+ ports. Looks >>> like Juniper has a ton of options including the EX4500, EX4550, EX4600, and >>> the QFX line which I don't know much about. This switch will be for >>> aggregation purposes for an access network that has GPON OLT's with 10G uplinks on them. What do you recommend? Which has the latest hardware? Which is the most cost effective? Any limitations to be aware of? ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp >>> ___ >>> juniper-nsp mailing list juniper-nsp@puck.nether.net >>> https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper 10G Switch Options
It should support EVPN shortly. On Thu, Jun 4, 2015, 6:38 AM Joe Freeman wrote: > Keep in mind the QFX5100 doesn't support evpn or vpls. To do vpls right > now, we're having to l2vpn back to an MX tunnel interface and stitch into a > bridge domain. It's not pretty but so far it has worked. We've got our > fingers crossed that evpn is coming soon. > > Also, the 5100's apparently aren't using ASICs, or at least aren't using > an ASIC on the interfaces that will support flexible-ethernet-services. > What this means is that I can't L2 switch a customer on the same QFX > interface that I'm either A) Terminating another customer at L3 (l3 vpn for > example), or B) Doing a vlan-ccc/l2circuit/l2vpn connection on. This means > there are some use cases (p2p ethernet circuits between olt's in the same > CO for instance) that may require more than 1 port between the QFX and the > olt. > > Joe > > On Thu, Jun 4, 2015 at 8:26 AM, Tim Jackson wrote: > >> I'd recommend QFX5100 or EX4600. Same hardware inside for both. >> >> Beware that there are a few issues with DHCP and DHCPv6 pass through on >> them, but that seems to be resolved now. >> On Jun 4, 2015 6:22 AM, "Colton Conor" wrote: >> >> > We need a Juniper switch with at least 24 built in SFP+ ports. Looks >> like >> > Juniper has a ton of options including the EX4500, EX4550, EX4600, and >> the >> > QFX line which I don't know much about. This switch will be for >> aggregation >> > purposes for an access network that has GPON OLT's with 10G uplinks on >> > them. What do you recommend? Which has the latest hardware? Which is the >> > most cost effective? Any limitations to be aware of? >> > ___ >> > juniper-nsp mailing list juniper-nsp@puck.nether.net >> > https://puck.nether.net/mailman/listinfo/juniper-nsp >> > >> ___ >> juniper-nsp mailing list juniper-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/juniper-nsp >> > > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper 10G Switch Options
Keep in mind the QFX5100 doesn't support evpn or vpls. To do vpls right now, we're having to l2vpn back to an MX tunnel interface and stitch into a bridge domain. It's not pretty but so far it has worked. We've got our fingers crossed that evpn is coming soon. Also, the 5100's apparently aren't using ASICs, or at least aren't using an ASIC on the interfaces that will support flexible-ethernet-services. What this means is that I can't L2 switch a customer on the same QFX interface that I'm either A) Terminating another customer at L3 (l3 vpn for example), or B) Doing a vlan-ccc/l2circuit/l2vpn connection on. This means there are some use cases (p2p ethernet circuits between olt's in the same CO for instance) that may require more than 1 port between the QFX and the olt. Joe On Thu, Jun 4, 2015 at 8:26 AM, Tim Jackson wrote: > I'd recommend QFX5100 or EX4600. Same hardware inside for both. > > Beware that there are a few issues with DHCP and DHCPv6 pass through on > them, but that seems to be resolved now. > On Jun 4, 2015 6:22 AM, "Colton Conor" wrote: > > > We need a Juniper switch with at least 24 built in SFP+ ports. Looks like > > Juniper has a ton of options including the EX4500, EX4550, EX4600, and > the > > QFX line which I don't know much about. This switch will be for > aggregation > > purposes for an access network that has GPON OLT's with 10G uplinks on > > them. What do you recommend? Which has the latest hardware? Which is the > > most cost effective? Any limitations to be aware of? > > ___ > > juniper-nsp mailing list juniper-nsp@puck.nether.net > > https://puck.nether.net/mailman/listinfo/juniper-nsp > > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper 10G Switch Options
I'd recommend QFX5100 or EX4600. Same hardware inside for both. Beware that there are a few issues with DHCP and DHCPv6 pass through on them, but that seems to be resolved now. On Jun 4, 2015 6:22 AM, "Colton Conor" wrote: > We need a Juniper switch with at least 24 built in SFP+ ports. Looks like > Juniper has a ton of options including the EX4500, EX4550, EX4600, and the > QFX line which I don't know much about. This switch will be for aggregation > purposes for an access network that has GPON OLT's with 10G uplinks on > them. What do you recommend? Which has the latest hardware? Which is the > most cost effective? Any limitations to be aware of? > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Multiple policers for interface/units
Once upon a time, Arie Vayner said: > You should actually shape to 500Mbps and not police your traffic... Shaping adds jitter (feeds the bufferbloat problem). > I think this could be a good start: > http://www.juniper.net/techpubs/en_US/junose15.1/information-products/topic-collections/qos-configuration/index.html?book-swconfig-qos-configuration.html That's for ERX/JUNOS-E, not MX/JUNOS. -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Juniper 10G Switch Options
We need a Juniper switch with at least 24 built in SFP+ ports. Looks like Juniper has a ton of options including the EX4500, EX4550, EX4600, and the QFX line which I don't know much about. This switch will be for aggregation purposes for an access network that has GPON OLT's with 10G uplinks on them. What do you recommend? Which has the latest hardware? Which is the most cost effective? Any limitations to be aware of? ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] BGP behaviour with Juniper router
Hi,
Here is what i know, and what i've been able to find:
I don't think there is automatic grouping of neighbor in junos, you have
to make the groups by yourself, example:
> show configuration protocols bgp
group external-peers {
type external;
export bgp_public_out;
peer-as ...;
neighbor ;
neighbor ;
}
group internal-peers {
type internal;
export ibgp_export;
neighbor ...;
neighbor ...;
neighbor ...;
}
As for the advertisement interval, the junos term seem to be "out-delay"
and default to 0, but you can set it to the value you like
in each of your group
http://www.juniper.net/techpubs/en_US/junos13.2/topics/reference/configuration-statement/out-delay-edit-protocols-bgp.html
As for the output of a very simple bgp router:
> show bgp group
Group Type: External Local AS: 65530
Name: external-peers Index: 1 Flags: <>
Export: [ bgp_public_out ]
Options:
Holdtime: 0
Total peers: 2Established: 2
a:b:c:d::1+179
x.y.z.a+179
Trace options: state, normal
Trace file: /var/log/log-bgp size 1048576 files 5
inet.0: 1/1/1/0
inet6.0: 1/1/1/0
Group Type: InternalAS: 65530 Local AS: 65530
Name: internal-peers Index: 0 Flags: <>
Export: [ ibgp_export ]
Options:
Holdtime: 0
Total peers: 4Established: 4
e:f:g:h::1+179
w.x.y.z+51904
Trace options: state, normal
Trace file: /var/log/log-bgp size 1048576 files 5
inet.0: 6/17/17/0
inet6.0: 18/24/24/0
Groups: 2 Peers: 6External: 2Internal: 4Down peers: 0
Flaps: 3
Table Tot Paths Act Paths SuppressedHistory Damp State
Pending
inet.0
18 7 0 0
0 0
inet6.0
25 19 0 0
0 0
Le 04/06/2015 08:40, Eng. Bahaa via juniper-nsp a écrit :
> Hi Charles,Thanks for your reply.As I explained in my previous e-mail, Cisco
> router that run BGP deals with its neighbor as two groups by defaults, one
> for external peers with 30 seconds as Minimum time between advertisement and
> 0 second for internal peers.this an example of the output of the command show
> ip bgp update-group :
> BGP version 4 update-group 1, external, Address Family: IPv4 Unicast BGP
> Update version : 30/0, messages 0, active RGs: 1 Topology: global, highest
> version: 30, tail marker: 30 Format state: Current working (OK, last minimum
> advertisement interval)Refresh blocked (not in list, last not
> in list) Update messages formatted 27, replicated 54, current 0, refresh 0,
> limit 1000 Number of NLRIs in the update sent: max 1, min 0 Minimum time
> between advertisement runs is 30 seconds Has 2 members: 10.0.0.25
> 10.0.0.30
> What I need is simply output of an equivalent command in Juniper router or
> how is the behavior of BGP with Juniper router.
>
>
> Regards
> Bahaa
>
>
> From: Charles van Niman
> To: Eng. Bahaa
> Cc: "juniper-nsp@puck.nether.net"
> Sent: Wednesday, June 3, 2015 11:04 PM
> Subject: Re: [j-nsp] BGP behaviour with Juniper router
>
> Hello,
>
> Not quite sure what you mean by groups, I usually just refer
> to them in cisco-land as "types, ibgp/ebgp" until I'm actually using
> the peer-group neighbor statements. As for the command, you might try
> show route receive-protocol bgp . This is a pretty good
> reference: http://networking.ringofsaturn.com/Cisco/ciscojuniper.php
> and Juniper has some pretty good documentation as well.
>
> /Charles
>
>
>
> On Wed, Jun 3, 2015 at 7:39 AM, Eng. Bahaa via juniper-nsp
> wrote:
>> Hi Guys,I am new with this group and with Juniper products as well.I curious
>> to know the behaviour of BGP routing with Juniper routers.With Cisco router,
>> a BGP speaker deals by default with all external peers as one group and with
>> internal peers as another group.With external peers,it starts a timer of 30
>> seconds after each announce or forwarded update/updates to other neighbors
>> while it send it directly with 0 seconds to internal peers (on the same
>> AS).My question is Juniper routers work in the same behaviour?I really
>> appreciate if someone has configured BGP in Juniper router and send me the
>> o/p of show ip bgp update-groups (this a cisco command not really sure how
>> it looks like in Juniper).
>>
>> Regards
>> Bahaa
>>
>>
>> ___
>> juniper-nsp mailing list juniper-nsp@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.n
