Re: [j-nsp] Upgrading from 7.1 to ?
On Wed, Jan 02, 2008 at 09:47:54PM -0700, David Ball wrote: > if you're going to go all the way to 8.5, I'd recommend making your > way to 8.4R2.4 first, THEN going to 8.5R1.14 if your hardware can > handle it. 8.5 involves a significant upgrade in the underlying > FreeBSD operating system (see release notes again) and partition > layout, and 8.4 to 8.5R1.14 is your best bet if you're going to go > that far. I ran into issues on T-series when trying to go from 8.2 to > 8.5. I don't know if there are any partition changes this time around, but there are certainly a lot of kernel and library changes in the inherited FreeBSD code. That should really be taken care of by the jinstall though, which is required when changing between 8.5 and earlier versions. Normally you would use jbundle when doing incremental upgrades, which just swaps out the md vnode-backed images comprising JUNOS, thus magically and almost atomically "replacing" all of the files on a running system (and allowing for a single reboot to upgrade). This normally works fine, you don't even have to immediately restart the daemons, but the major changes in 8.5 (like say, the new libc) would completely break all of the dynamically linked programs still running. The solution is to require jinstall, which is just the jbundle image plus a small installer image. When you reboot after adding the jinstall the installer image boots the next time around, does a newfs and any necessary repartitioning of the disks (after first saving a copy of important things like your router configuration in memory :P), then does a regular jbundle install onto the newly "fresh" system and finally reboots a second time. Because you're newfs'ing from an installer image running entirely in memory, there should be no issues with partition or libraries changes. Thats not to say that it isn't possible there is some other bug (I've run into many of them on the install scripts which take care of the internal changes between versions, config validation, etc), but at least it's not really an issue of partition changes. -- Richard A Steenbergen <[EMAIL PROTECTED]> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC) ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Upgrading from 7.1 to ?
FWIW, I just took an M7i with an RE-850 from 7.5R2 to 8.4R2 with no problem. However, I did make sure we had the necessary hardware to handle it (such as the aforementioned 256M compact flash). Your mileage may vary depending on what's in your box. On Jan 2, 2008 8:31 PM, joe mcguckin <[EMAIL PROTECTED]> wrote: > Any reason not to upgrade to the latest 8.X version? > > > Joe McGuckin > ViaNet Communications > > [EMAIL PROTECTED] > 650-207-0372 cell > 650-213-1302 office > 650-969-2124 fax > > > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Upgrading from 7.1 to ?
Well, that's a loaded question. It depends largely on your hardware. See 8.5's upgrade instructions and/or release notes pertaining to the compact flash size requirements (256MB CF). Also, it's generally recommended to undergo incremental version upgrades, say, no more than 3 versions at a time (ie. 7.1 to 7.4, etc). Also, if you're going to go all the way to 8.5, I'd recommend making your way to 8.4R2.4 first, THEN going to 8.5R1.14 if your hardware can handle it. 8.5 involves a significant upgrade in the underlying FreeBSD operating system (see release notes again) and partition layout, and 8.4 to 8.5R1.14 is your best bet if you're going to go that far. I ran into issues on T-series when trying to go from 8.2 to 8.5. At any rate, checking Release Notes for each incremental upgrade you do can save your bacon. David On 02/01/2008, joe mcguckin <[EMAIL PROTECTED]> wrote: > Any reason not to upgrade to the latest 8.X version? > > > Joe McGuckin > ViaNet Communications > > [EMAIL PROTECTED] > 650-207-0372 cell > 650-213-1302 office > 650-969-2124 fax > > > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Upgrading from 7.1 to ?
Any reason not to upgrade to the latest 8.X version? Joe McGuckin ViaNet Communications [EMAIL PROTECTED] 650-207-0372 cell 650-213-1302 office 650-969-2124 fax ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] a problem about redistribute ospf into isis
hi, I tried as you said,but ... I succeed to use the similar command to redistribute connected route into isis. for example: vir r7 interface loopback 100 ip address 192.168.1.2 255.255.255.255 access-list test permit ip 192.168.0.0 0.0.3.255 any log ! route-map "ospf-isis" permit 10 match ip address test set metric-type internal router isis is-type level-1 net 49.0002.0100..9007.00 metric-style wide redistribute ospf match external 1 level-1 metric 10 route-map ospf-isis redistribute connected level-1 route-map ospf-isis The last comand took effect,but redistribute ospf didn't,now i'm confused. 2008/1/2, Sam Mortimer <[EMAIL PROTECTED]>: > > Hi, > > I can't test this right now but (if memory serves) I *think* you need > to explictly set the IS-IS metric. > > ie try changing: > router isis > redistribute ospf match external 1 level-1-2 route-map ospf-isis > > to: > router isis > redistribute ospf match external 1 level-1-2 metric 10 route-map ospf-isis > > Let me know if this helps! > > Regards, > -Sam. > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Insane BGP Log messages - what do they mean?
On Wed, Jan 02, 2008 at 01:09:44PM -0800, Jonathan Crawford wrote: > My guess is > > https://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2007-12-008 > > You can rectify the problem from happening by upgrading to 8.4R2.4 No, if you're experiencing that issue the message you would see is: Dec 4 20:44:47 xxx rpd[3475]: bgp_read_v4_update: NOTIFICATION sent to x.x.x.x (External AS ): code 3 (Update Message Error) subcode 1 (invalid attribute list) Note that some versions of IOS will send code 3 subcode 1 in response to tripping max-prefix, which can be confusing if you're looking at your logs for evidence of the Juniper BGP issue. :) -- Richard A Steenbergen <[EMAIL PROTECTED]> http://www.e-gerbil.net/ras GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC) ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Insane BGP Log messages - what do they mean?
On Wed, Jan 02, 2008 at 01:09:44PM -0800, Jonathan Crawford wrote: > My guess is > > https://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2007-12-008 > > You can rectify the problem from happening by upgrading to 8.4R2.4 The message for the above advisory would look different. It is wise to keep your software up-to-date. - Jared -- Jared Mauch | pgp key available via finger from [EMAIL PROTECTED] clue++; | http://puck.nether.net/~jared/ My statements are only mine. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Insane BGP Log messages - what do they mean?
My guess is https://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2007-12-008 You can rectify the problem from happening by upgrading to 8.4R2.4 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of STEWART KIRK Sent: Wednesday, January 02, 2008 12:31 PM To: juniper-nsp@puck.nether.net Subject: [j-nsp] Insane BGP Log messages - what do they mean? Hi Quick question - We have recently experienced a problem where due to a faulty equipment downstream from a Juniper router we were experiencing loss of BGP keepalive messages and therefore experiencing some instability due to BGP going up and down. This has been resolved but on examination of the logs on the Juniper router (M40e) we have noticed that there are some log messages relating to seeing extra data which was 'probably insane' - does anyone know what this means? example Jan 1 14:40:17.758 2008 NN-IP_RE0 rpd[3281]: %DAEMON-4: bgp_traffic_timeout: NOTIFICATION sent to xxx.xxx.xxx.xxx (Internal AS ): code 4 (Hold Timer Expired Error), Reason: holdtime expired for xxx.xxx.xxx.xxx (Internal AS ), socket buffer sndcc: 57 rcvcc: 0 TCP state: 4, snd_una: 2706114888 snd_nxt: 2706114926 snd_wnd: 15928 rcv_nxt: 3229612859 rcv_adv: 3229665384, keepalive timer 0 Jan 1 14:41:33.364 2008 NN-IP_RE0 rpd[3281]: %DAEMON-4: bgp_pp_recv: peer xxx.xxx.xxx.xxx (Internal AS ) sent unexpected extra data, probably insane Your assistance is appreciated Kirk ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Insane BGP Log messages - what do they mean?
Hi Quick question - We have recently experienced a problem where due to a faulty equipment downstream from a Juniper router we were experiencing loss of BGP keepalive messages and therefore experiencing some instability due to BGP going up and down. This has been resolved but on examination of the logs on the Juniper router (M40e) we have noticed that there are some log messages relating to seeing extra data which was 'probably insane' - does anyone know what this means? example Jan 1 14:40:17.758 2008 NN-IP_RE0 rpd[3281]: %DAEMON-4: bgp_traffic_timeout: NOTIFICATION sent to xxx.xxx.xxx.xxx (Internal AS ): code 4 (Hold Timer Expired Error), Reason: holdtime expired for xxx.xxx.xxx.xxx (Internal AS ), socket buffer sndcc: 57 rcvcc: 0 TCP state: 4, snd_una: 2706114888 snd_nxt: 2706114926 snd_wnd: 15928 rcv_nxt: 3229612859 rcv_adv: 3229665384, keepalive timer 0 Jan 1 14:41:33.364 2008 NN-IP_RE0 rpd[3281]: %DAEMON-4: bgp_pp_recv: peer xxx.xxx.xxx.xxx (Internal AS ) sent unexpected extra data, probably insane Your assistance is appreciated Kirk ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Subject: Cisco equivalent of exist-map
On Wed, Jan 02, 2008 at 10:35:57AM -0700, Sergio D. wrote: > aggregate routes with policy should work with something like this possibly: No, as only routes "within" 10/8 do get fed thru the policy for filtering. What the OP really wants ain't possible with JunOS as far as I'm aware. Best regards, Daniel -- CLUE-RIPE -- Jabber: [EMAIL PROTECTED] -- [EMAIL PROTECTED] -- PGP: 0xA85C8AA0 ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Subject: Cisco equivalent of exist-map
aggregate routes with policy should work with something like this possibly: [EMAIL PROTECTED] top show routing-options aggregate { route 10.0.0.0/8 policy active; } [edit routing-options] [EMAIL PROTECTED] top show policy-options policy-statement active term one { from { route-filter 9.9.9.9/32 exact; } then accept; } term two { then reject; } -- Sergio Danelli ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] a problem about redistribute ospf into isis
I want to redistrbute some ospf route into level-1 isis router,but i'm failed to do it. The topology like this r5---r7-ospf-rtr level-1-2 ---level-1/ospfospf/connected The configuration of r7 is: router isis is-type level-1 net 49.0002.0100..9007.00 metric-style wide redistribute ospf match external 1 level-1-2 route-map ospf-isis access-list test permit ip 192.168.0.0 0.0.3.255 any log ! route-map "ospf-isis" permit 10 match ip address test set metric-type internal 192.168.0.0-192.168.3.255 is learned from ospf-rtr as external type 1 ospf route . ERX1410-down:r7#show ip route Protocol/Route type codes: I1- ISIS level 1, I2- ISIS level2, I- route type intra, IA- route type inter, E- route type external, i- metric type internal, e- metric type external, O- OSPF, E1- external type 1, E2- external type2, N1- NSSA external type1, N2- NSSA external type2 L- MPLS label, V- VRF, *- via indirect next-hop Prefix/Length Type Next Hop Dst/Met Interface -- - --- -- --- 0.0.0.0/0 I1-I-i10.0.8.9115/426141 FastEthernet0/1.57 2864 10.0.3.5/32I1-I-i10.0.8.9115/20 FastEthernet0/1.57 10.0.5.0/24I1-IA-i 10.0.8.9115/530 FastEthernet0/1.57 10.0.8.0/30Connect 10.0.8.20/0 FastEthernet0/0.67 10.0.8.4/30I1-I-i10.0.8.1115/20 FastEthernet0/0.67 10.0.8.9115/20 FastEthernet0/1.57 10.0.8.8/30Connect 10.0.8.10 0/0 FastEthernet0/1.57 10.0.9.6/32I1-I-i10.0.8.1115/20 FastEthernet0/0.67 10.0.9.7/32Connect 10.0.9.70/0 loopback0 172.16.40.0/30 O-I 172.16.40.5 110/2 FastEthernet0/0.61 172.16.40.4/30 Connect 172.16.40.6 0/0 FastEthernet0/0.61 192.168.0.1/32 O-E1 172.16.40.5 114/2 FastEthernet0/0.61 192.168.1.1/32 O-E1 172.16.40.5 114/2 FastEthernet0/0.61 192.168.2.1/32 O-E1 172.16.40.5 114/2 FastEthernet0/0.61 192.168.3.1/32 O-E1 172.16.40.5 114/2 FastEthernet0/0.61 but r5 counldn't learned route about 192.168.0.0/0.0.3.255 ,i also found the r7 doesn't learned 192.168.0.0/0.0.3.255 in its level-1 LSP. ERX1410-down:r7#show isis database detail | be r7.00 Metric: 0 IS ERX1410-down:r7.00 ERX1410-down:r7.00-00*0x0262 0x97DB612 0/0/0 Area Address: 49.0002 NLPID: 0x81 0xcc IP Address: 10.0.8.10 Hostname: ERX1410-down:r7 Metric: 0 ES ERX1410-down:r7 Metric: 10 IS ERX1410-down:r7.02 Metric: 10 IS ERX1410-down:r6.02 Metric: 10 IP 10.0.9.7/32 Metric: 10 IP 10.0.8.8/30 Metric: 10 IP 10.0.8.0/30 ERX1410-down:r7.02-00*0x0248 0x8682612 0/0/0 Metric: 0 IS ERX1410-down:r7.00 Metric: 0 IS ERX1410-down:r5.00 anyone cound give me some advice,i'll very appreciate. King. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Cisco equivalent of exist-map
Hey Gurus :) I have a question for you, is there a command in Junos or policy example that conditionally advertises routes, for example I want to advertise 10/x if 9.9.9.9/32 is in the Rib as an active route. I thought of using policy with aggregate routes however this is not helping me here. Any ideas ? I want the policy to be very specific for certain reasons, so in essence i am matching a /32 active route and want to advertise my bgp prefix only if its available. Thanks, JFD. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp