Re: [j-nsp] BGP Policy - then accept == Route Reflector?
* Brad Fleming bdfle...@gmail.com [2010-11-12 16:48]: the MX960 with 9.6R2.11 did that. I was quite surprised as I was expecting the behaviour you describe. Do you happen to have configurations saved from that situation? That seems like either (a) a MASSIVE BGP bug or (b) configuration causing unintended results. With a sample config, we might be able to confirm or deny the (b) possibility. Hello, it was a relatively simple configuration for testing purposes. This was the iBGP configuration, I only changed the IPs and Communities: group access-int { type internal; local-address 192.168.0.10; import access-rt-in; authentication-key XXX; ## SECRET-DATA export [ next-hop-self access-rt-out ]; neighbor 192.168.0.1; neighbor 192.168.0.2; neighbor 192.168.0.3; neighbor 192.168.0.4; neighbor 192.168.0.5; neighbor 192.168.0.6; neighbor 192.168.0.7; neighbor 192.168.0.8; neighbor 192.168.0.9; } community blackhole-com members [ 65000:1 65000:2 ]; community no-export members no-export; as-path private 64512-65535; as-path no-as (); policy-statement next-hop-self { from protocol bgp; then { next-hop self; } } policy-statement access-rt-in { term 10 { from community blackhole-com; then accept; } term 20 { then { community add no-export; } } } policy-statement access-rt-out { term 10 { from as-path [ private no-as ]; then accept; } term 100 { then reject; } } -- New GPG Key: 0x93A0B9CE (F4F6 B1A3 866B 26E9 450A 9D82 58A2 D94A 93A0 B9CE) Old GPG Key-ID: 0x76B79F20 (0x1B6034F476B79F20) 'Are you Death?' ... IT'S THE SCYTHE, ISN'T IT? PEOPLE ALWAYS NOTICE THE SCYTHE. -- Terry Pratchett, The Fifth Elephant ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] SRX100/2x0 as small MPLS CPE?
On 11/15/2010 07:31 PM, sth...@nethelp.no wrote: The SRX only supports traffic with a single tag. I don't think you can provide L2 services without at least two tags. Interesting; do you have a reference? You *can* provide MPLS L2 services with some difficulty with just a single tag - this is what Juniper offers on the EX switch series. Means you need to use an MPLS LSP as your building element instead of a pseudowire / Martini tunnel. It's not nearly as convenient, though. And mind you, I have not verified whether the SRX series supports enough MPLS functionality to do this. I've tested Kompella l2vpn and it's working fine. Steinar Haug, Nethelp consulting, sth...@nethelp.no ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp -- Regards,,, Miroslav Georgiev SpectrumNet Jsc. +(359 2)4890604 +(359 2)4890619 ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] EX 10.0S10.1
So I recently updated almost everything to 10.0R4.7 (I still have some stuff on 10.0S1.1). I'm not experiencing any issues, that I'm aware of. I would like to see the IGMP snooping issues ironed out, but for the most part, I'm content. My question is should I wait 'til the next recommended release, or is there a compelling reason I should update everything again, now? I am a little concerned about the [PR/546674 EX4200 Virtual Chassis problem not passing traffic] issue. Thanks, -b -- Bill Blackford Senior Network Engineer Technology Systems Group Northwest Regional ESD Logged into reality and abusing my sudo priviledges ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] EX 10.0S10.1
Hi Bill, On Wed, Nov 17, 2010 at 8:44 AM, Bill Blackford bblackf...@nwresd.k12.or.us wrote: So I recently updated almost everything to 10.0R4.7 (I still have some stuff on 10.0S1.1). I'm not experiencing any issues, that I'm aware of. I would like to see the IGMP snooping issues ironed out, but for the most part, I'm content. My question is should I wait 'til the next recommended release, or is there a compelling reason I should update everything again, now? I am a little concerned about the [PR/546674 EX4200 Virtual Chassis problem not passing traffic] issue. We're in a similar boat. We're running 10.0S1 almost exclusively and just started to play with 10.0R4. I saw the PSN bulletin for 10.0S10 yesterday and saw all the multicast PRs. *sigh* I suspect we're being bitten by the VLAN-tag-gets-mangled-when-multicast-flooded-over-dot1q-trunk bug. I'm waiting for some advice back from the JTAC about whether any of the PRs fixed in 10.0S10 could be a factor in one or two open cases. Cheers, Dale ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] AE Bundle Load Balancing | EX series
How would I determine the load balancing method in use for aggregated Ethernet bundles, what the choices are and how to change? Thanks, -b -- Bill Blackford Senior Network Engineer Technology Systems Group Northwest Regional ESD Logged into reality and abusing my sudo priviledges ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp