Re: [j-nsp] 'Juniper BGP issues causing locallized Internet Problems, (Mon, Nov 7th)?

Well...basically yes. The issue (PSN-2011-08-327) is known since august. I guess the fact that juniper has listed the issue as "the probability of exploiting this defect is extremely low" has led many networks to not implent a immediate fix for this on a security perspective. As you know maintenan

Re: [j-nsp] 'Juniper BGP issues causing locallized Internet Problems, (Mon, Nov 7th)?

On 7 November 2011 21:46, Jack Bates wrote: > Thanks. So I'm guessing anyone effected by it, shouldn't have been (given > I'd think large networks would have been notified and have valid support > contracts). Right, because upon the release of any new PSNs, immediate network-wide code upgrades

Re: [j-nsp] 'Juniper BGP issues causing locallized Internet Problems, (Mon, Nov 7th)?

On 11/7/2011 8:28 PM, Chris Adams wrote: Once upon a time, Jack Bates said: More importantly, if it was the issue dated in August, how in the heck do I get on a list which tells me such a critical bug exists? If you have a Juniper support account, go to www.juniper.net/alerts, scroll to the bo

Re: [j-nsp] 'Juniper BGP issues causing locallized Internet Problems, (Mon, Nov 7th)?

Once upon a time, Jack Bates said: > More importantly, if it was the issue dated in August, how in the heck > do I get on a list which tells me such a critical bug exists? If you have a Juniper support account, go to www.juniper.net/alerts, scroll to the bottom, and click on "Modify Your Alert P

Re: [j-nsp] J-Series Router Options

To be fair, you find a Cisco product in the same price range with the same features that can come even close to that throughput! K. On Tue, Nov 8, 2011 at 12:00, David Ball wrote: > On 7 November 2011 14:10, Phil Mayers wrote: > >> What are others doing to deal with the "flow" issues associate

Re: [j-nsp] 'Juniper BGP issues causing locallized Internet Problems, (Mon, Nov 7th)?

Juniper doesn't believe security bugs should be public. You must be a customer with support to access their portal. Cisco has a good policy. You can view any security bugs and get fixes regardless of your contract status. Jared Mauch On Nov 7, 2011, at 6:53 PM, Jack Bates wrote: > More imp

Re: [j-nsp] J-Series Router Options

On 7 November 2011 14:10, Phil Mayers wrote: >> What are others doing to deal with the "flow" issues associated with >> more recent versions of code? > > We simply upgraded the RAM and forced packet mode. > > Interestingly, we're toying with the idea of using the little SRX2xx series > devices in

Re: [j-nsp] 'Juniper BGP issues causing locallized Internet Problems, (Mon, Nov 7th)?

More importantly, if it was the issue dated in August, how in the heck do I get on a list which tells me such a critical bug exists? Jack On 11/7/2011 2:03 PM, Krembs, Jesse wrote: Has anyone else seen this issue? 'Juniper BGP issues causing locallized Internet Problem

Re: [j-nsp] J-Series Router Options

On 07/11/11 06:18, R. Benjamin Kessler wrote: > Hello All - > > We have a client with a lot of J-Series routers running 9.3 code or earlier. > We really like the features and functionality of JUNOS as a router and are > more than a little annoyed that Juniper seems to be forcing us to turn thes

Re: [j-nsp] J-Series Router Options

That would be cool if it didn't also break IPSec VPNs...bummer -Original Message- From: Timh Bergström [mailto:timh.bergst...@videoplaza.com] Sent: Monday, November 07, 2011 4:28 PM To: R. Benjamin Kessler Cc: juniper-nsp@puck.nether.net Subject: Re: [j-nsp] J-Series Router Options Hey,

Re: [j-nsp] J-Series Router Options

Hey, I'd say get a bigger CF and install some 10.4 version and follow this; http://juniper.cluepon.net/index.php/Enabling_packet_based_forwarding Disables all that flow stuff you really don't want on a router. -- Timh Bergström System Operations Videoplaza timh.bergst...@videoplaza.com +46 727

Re: [j-nsp] J-Series Router Options

On 11/07/2011 02:18 PM, R. Benjamin Kessler wrote: Hello All - We have a client with a lot of J-Series routers running 9.3 code or earlier. We really like the features and functionality of JUNOS as a router and are more than a little annoyed that Juniper seems to be forcing us to turn these rou

[j-nsp] 'Juniper BGP issues causing locallized Internet Problems, (Mon, Nov 7th)?

Has anyone else seen this issue? 'Juniper BGP issues causing locallized Internet Problems, (Mon, Nov 7th) via SANS Internet Storm Center, InfoCON: green on 11/7/11 We're starting to get reports

Re: [j-nsp] J-Series Router Options

On Mon, Nov 7, 2011 at 6:18 AM, R. Benjamin Kessler wrote: > Hello All - > > We have a client with a lot of J-Series routers running 9.3 code or earlier.   > We really like the features and functionality of JUNOS as a router and are > more than a little annoyed that Juniper seems to be forcing us

Re: [j-nsp] J-Series Router Options

Ben, Nobody is forcing the jseries to become firewalls. They did alter the default behavior of the packet handling to be flow mode..but you can configure that. To enable "packet mode" junos. Just issue the following commands. delete security set security forwarding-options family mpls mode packe

Re: [j-nsp] SRX-650 NAT Questions

I got clarification from JTAC on this one: The 131,072 would be if you were using source NAT without translating the port. Otherwise source NAT would be for 1024 pools * ~65,000 ports per pool. Static translations - more than 6000 supported. I totally read this wrong - I hope this helps some

Re: [j-nsp] how to prepare JNCIE-SP lab

> i have check ur doc yestersday.there are two question: > 1.how to check mx box have tunnel service card. It probably doesn't - however, if you have a DPC or MPC you can configure the necessary tunnel "PIC". E.g. assuming a 20 port GigE DPC in slot 0, chassis { fpc 0 { pic 0 {

[j-nsp] understanding interface traffic counters of Juniper router

I made a following setup: http://img4.imageshack.us/img4/9311/switchvsroutertraffic.png "Setup with Juniper router" uses Juniper router and "Setup with Cisco router" uses Cisco router. Both computers sent data(Iperf sends 1470 byte datagrams) for 300 seconds at 9Mbps. As you can see, in case of C

[j-nsp] J-Series Router Options

Hello All - We have a client with a lot of J-Series routers running 9.3 code or earlier. We really like the features and functionality of JUNOS as a router and are more than a little annoyed that Juniper seems to be forcing us to turn these routers into firewalls. What are others doing to dea

Re: [j-nsp] how to prepare JNCIE-SP lab

hello stefan, i have check ur doc yestersday.there are two question: 1.how to check mx box have tunnel service card. 2. is it 10 is special for tunnel in lt-0/0/10 . can we use 8 9 or 7 ? logical-systems { dc { interfaces { lt-0/0/10 {