Re: [j-nsp] switch idea.?
I played with MVRP in a lab scenario and it seemed very nice, so good for juniper to have something similar. But have'nt had the opportunity to go further with it as the production network I work with is not a uniform juniper network. Darius On Fri, Dec 7, 2012 at 10:21 PM, Chuck Anderson c...@wpi.edu wrote: On Thu, Dec 06, 2012 at 09:00:40AM -0800, Michael Loftis wrote: On Thu, Dec 6, 2012 at 8:35 AM, Mike Devlin juni...@meeksnet.ca wrote: Its ironic this thread has started, since my company is in the process of replacing the core infrastructure, and we have it narrowed down to HP IRF on 5900 and 5800 platform vs Juniper EX4550 and EX4200 VChassis. I was considering asking the list about any experiences they have had comparing the 2 platforms. The biggest thing I miss over Cisco is VTP. Managing VLAN's is a huge pain without it when you've got dozens of switches that all need the same VLAN config. The pros on both HP and Juniper though tend to outweigh Cisco How does MVRP compare to VTP? http://www.juniper.net/techpubs/en_US/junos11.4/topics/concept/bridging-mvrp-ex-series.html ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] SRX doing IPv6 on DSL
Hey all, Does anyone know is the SRX110 is capable of doing DHCP-PD or 6RD yet? If not, does anyone know of a X release or when it may hit mainline? IPv6 is starting to get popular with engineers and at the moment all they seem to be able to use are Cisco 877/887 and ISR's with DSL WIC cards. Surely Juniper has some plans afoot? ...Skeeve * * *Skeeve Stevens, CEO - *eintellego Pty Ltd ske...@eintellego.net ; www.eintellego.net Phone: 1300 753 383; Cell +61 (0)414 753 383 ; skype://skeeve facebook.com/eintellego ; http://twitter.com/networkceoau linkedin.com/in/skeeve twitter.com/networkceoau ; blog: www.network-ceo.net The Experts Who The Experts Call Juniper - Cisco – IBM - Brocade - Cloud - Check out our Juniper promotion website! eintellego.mx Free Apple products during this promotion!!! ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] SRX doing IPv6 on DSL
(Thunderbird crashed taking away my first response) Skeeve's post is spurred by a post of mine to Ausnog earlier today looking for a new reliable home ADSL CPE. In fact although I can now set family inet6 on a PPPoE interface, I can't do something similar to family inet negotiate-address which makes it useless for consumer circuits, even if I could avoid the need for DHCP-PD (previously my ISP required DHCP-PD before they'd route a static block, this may have changed). The fact that I can't even do SLAAC on an Ethernet port means it's also not usable if I was on FTTH. On 10/12/12 23:26, Skeeve Stevens wrote: Hey all, Does anyone know is the SRX110 is capable of doing DHCP-PD or 6RD yet? If not, does anyone know of a X release or when it may hit mainline? IPv6 is starting to get popular with engineers and at the moment all they seem to be able to use are Cisco 877/887 and ISR's with DSL WIC cards. Surely Juniper has some plans afoot? ...Skeeve * * *Skeeve Stevens, CEO - *eintellego Pty Ltd ske...@eintellego.net ; www.eintellego.net Phone: 1300 753 383; Cell +61 (0)414 753 383 ; skype://skeeve facebook.com/eintellego ; http://twitter.com/networkceoau linkedin.com/in/skeeve twitter.com/networkceoau ; blog: www.network-ceo.net The Experts Who The Experts Call Juniper - Cisco – IBM - Brocade - Cloud - Check out our Juniper promotion website! eintellego.mx Free Apple products during this promotion!!! ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp -- Julien Goodwin Studio442 Blue Sky Solutioneering signature.asc Description: OpenPGP digital signature ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] SRX1400 logical system configuration
Hi all, i'm planning an upgrade to a production SRX cluster, i would like to enable the logical systems on the machines and create a new logical system. Actually the cluster consists in two SRX1400 in an active/passive configuration, no particular or strange things. I'm reading the config guide (Logical Systems Configuration Guide for SecurityDevices) and it seems a pretty straightforward configuration. The only thing i cannot find in the docs is the impact of this configuration in a production machine, what happens when i enable the logical systems funtionality creating a new logical sys ? Can I do this in a production environment or should I plan for some downtime maintenance ? The actual configuration remains in the root logical sys or should i do something to migrate the config to a logical sys aware config ? Any particular/strange caveats regarding the HA config ? (on the docs the only thing i found was regarding the need of different licenses per physical node) thanks ! ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] SRX doing IPv6 on DSL
SRX can't do it, yet. http://forums.juniper.net/t5/SRX-Services-Gateway/Branch-SRX-as-a-DHCPv6-prefix-delegation-client/m-p/158172#M20307 On Tuesday 11 December 2012 00:17:44 Julien Goodwin wrote: (Thunderbird crashed taking away my first response) Skeeve's post is spurred by a post of mine to Ausnog earlier today looking for a new reliable home ADSL CPE. In fact although I can now set family inet6 on a PPPoE interface, I can't do something similar to family inet negotiate-address which makes it useless for consumer circuits, even if I could avoid the need for DHCP-PD (previously my ISP required DHCP-PD before they'd route a static block, this may have changed). The fact that I can't even do SLAAC on an Ethernet port means it's also not usable if I was on FTTH. On 10/12/12 23:26, Skeeve Stevens wrote: Hey all, Does anyone know is the SRX110 is capable of doing DHCP-PD or 6RD yet? If not, does anyone know of a X release or when it may hit mainline? IPv6 is starting to get popular with engineers and at the moment all they seem to be able to use are Cisco 877/887 and ISR's with DSL WIC cards. Surely Juniper has some plans afoot? ...Skeeve * * *Skeeve Stevens, CEO - *eintellego Pty Ltd ske...@eintellego.net ; www.eintellego.net Phone: 1300 753 383; Cell +61 (0)414 753 383 ; skype://skeeve facebook.com/eintellego ; http://twitter.com/networkceoau linkedin.com/in/skeeve twitter.com/networkceoau ; blog: www.network-ceo.net The Experts Who The Experts Call Juniper - Cisco – IBM - Brocade - Cloud - Check out our Juniper promotion website! eintellego.mx Free Apple products during this promotion!!! ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp -- Mike Williams ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] IPv6 an Advanced Feature? Cmon
Restoring an old topic, but since it was related … the same whitepaper mentions: EX series switches will be able to be configured to act as both a DHCPv6 server and relay agent in future releases. I see that the DHCPv6 server is available, but I see no trace of dhcpv6 relay options (also not in the latest release notes) Am I overlooking something, or is not there yet? Br, Thomas On 13 May 2012, at 15:15, Skeeve Stevens skeeve+juniper...@eintellego.netmailto:skeeve+juniper...@eintellego.net wrote: Hey Juniper, Is there a reason that IPv6 is mostly down as an Advanced Feature? Given we're trying to encourage the whole world into moving to IPv6 and given there is little or no end-user business case to doing so - which makes things hard enough. All desktop/server operating systems, IPv6 is a free inclusion. Why is Juniper charging for IPv6 routing in the base image? From: IPv6 in the Enterprise Using EX serIes switches - http://www.juniper.net/us/en/local/pdf/whitepapers/2000418-en.pdf *Licensing* An advanced feature license (AFL) is required to deploy IPv6 routing protocols such as RiPng, OSPFv3, IS-IS, MBGP, PIM, and MLDv1/2 on eX series switches. An AFL is also required for deploying 6Pe and 6vPe functionality on the eX8200 line. All other functionality, including IPv6 infrastructure (SLAAC, NDP, and path MTU discovery), IPv6 quality of service (Qos), firewall filters, FBF, VRRP for IPv6, DHCPv6 server/relay, port security, management and OAM, is available in the base image. *Skeeve Stevens, CEO* eintellego Pty Ltd ske...@eintellego.net ; www.eintellego.net http://www.eintellego.net.au Phone: 1300 753 383 ; Fax: (+612) 8572 9954 Cell +61 (0)414 753 383 ; skype://skeeve facebook.com/eintellego twitter.com/networkceoau ; www.linkedin.com/in/skeeve PO Box 7726, Baulkham Hills, NSW 1755 Australia The Experts Who The Experts Call Juniper - Cisco – IBM ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] About third-party 1G SFP SX, MX-80 and link with Cisco SCE2k
Hello dear colleagues! Maybe you have some experience with multimode 1G SFP optics in Juniper MX80 device. One of my customers asked me, why can one SFP module which works fine in EX-4200, cannot establish a link in MX80. Its laser source is on (I can see it by power meter, and even Cisco end puts this link up), but MX80 says that link down without any error messages. Maybe you can share with me any information, why can it be so? Thank you in advance, Leonid. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] M10i with bras?
Since somebody asked about MX5, I figured I'd ask about M10i... We have a few hundred PPPoE DSL customers from ATT (old BellSouth land), delivered to us over an ATM OC-3 (they won't deliver over anything but ATM) carrying L2TP tunnels. Right now, that's terminated on some old EOL equipment, and I'd like to get them on something newer. We have an M10i that is not doing a lot, and I think I have seen mention of using that platform as an LNS. Any comments? Is this something that would work, or is it a case of here be dragons? -- Chris Adams cmad...@hiwaay.net Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] M10i with bras?
We have a few hundred PPPoE DSL customers from ATT (old BellSouth land), delivered to us over an ATM OC-3 (they won't deliver over anything but ATM) carrying L2TP tunnels. Right now, that's terminated on some old EOL equipment, and I'd like to get them on something newer. We have an M10i that is not doing a lot, and I think I have seen mention of using that platform as an LNS. Any comments? Is this something that would work, or is it a case of here be dragons? Not commenting on L2TP specifically: Please not that the BRAS functionality (e.g. forwarding-options dhcp-relay) is *not* supported on M7i/M10i. It *is* supported on MX. Having said that: We ran DHCP relay on M7i for a while, and it worked for us. Steinar Haug, Nethelp consulting, sth...@nethelp.no ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Multicast - interop with Cisco
Thanks! It works :-)
Should this also work in the vrf?
Global:
pe...@ar100.nn# run show pim rps
Instance: PIM.master
address-family INET
RP address TypeMode Holdtime Timeout Groups Group prefixes
10.224.0.255auto-rp sparse 181 175 1 224.0.0.0/4
pe...@ar100.nn show pim rps instance iptv
Instance: PIM.bynett
address-family INET
address-family INET6
We should get another RP.
[edit routing-instances iptv]
pe...@ar100.nn# show
instance-type vrf;
interface ge-0/0/0.0;
interface lo0.1;
route-distinguisher 65339:50;
provider-tunnel {
pim-asm {
group-address 239.1.1.1;
}
}
vrf-target target:65339:50;
vrf-table-label;
protocols {
pim {
dense-groups {
224.0.1.39/32;
224.0.1.40/32;
}
vpn-tunnel-source 10.224.0.96;
vpn-group-address 239.1.1.1;
rp {
auto-rp discovery;
}
}
interface lo0.1 {
mode sparse-dense;
}
interface ge-0/0/0.0 {
mode sparse-dense;
}
}
}
Add this to your config:
[edit protocols pim]
user@host# set dense-groups 224.0.1.39/32
user@host# set dense-groups 224.0.1.40/32
Further info can be found here:
http://www.juniper.net/techpubs/en_US/junos12.2/topics/topic-map/mcast-pim-auto-rp.html
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Multicast - interop with Cisco
Yes, Auto-RP in the VRF should work.
It's been a while since I've done Rosen configs, but try removing the
vpn-tunnel-source from the PIM config in your VRF.
--Stacy
On Dec 10, 2012, at 10:14 AM, Peder Bach pederb...@gmail.com wrote:
Thanks! It works :-)
Should this also work in the vrf?
Global:
pe...@ar100.nn# run show pim rps
Instance: PIM.master
address-family INET
RP address TypeMode Holdtime Timeout Groups Group prefixes
10.224.0.255auto-rp sparse 181 175 1 224.0.0.0/4
pe...@ar100.nn show pim rps instance iptv
Instance: PIM.bynett
address-family INET
address-family INET6
We should get another RP.
[edit routing-instances iptv]
pe...@ar100.nn# show
instance-type vrf;
interface ge-0/0/0.0;
interface lo0.1;
route-distinguisher 65339:50;
provider-tunnel {
pim-asm {
group-address 239.1.1.1;
}
}
vrf-target target:65339:50;
vrf-table-label;
protocols {
pim {
dense-groups {
224.0.1.39/32;
224.0.1.40/32;
}
vpn-tunnel-source 10.224.0.96;
vpn-group-address 239.1.1.1;
rp {
auto-rp discovery;
}
}
interface lo0.1 {
mode sparse-dense;
}
interface ge-0/0/0.0 {
mode sparse-dense;
}
}
}
Add this to your config:
[edit protocols pim]
user@host# set dense-groups 224.0.1.39/32
user@host# set dense-groups 224.0.1.40/32
Further info can be found here:
http://www.juniper.net/techpubs/en_US/junos12.2/topics/topic-map/mcast-pim-auto-rp.html
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Chassis cluster and forwarding performance
Hi, (This is for packet mode J-2350) I've been reading on chassis cluster, and noted that data plane is active/active mode, does that mean double PPS in general? Thanks. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Chassis cluster and forwarding performance
(This is for packet mode J-2350) I've been reading on chassis cluster, and noted that data plane is active/active mode, does that mean double PPS in general? As there is no flow state, there is no need for cluster in packet mode. And it is not supported. In general active/active data plane for JSRP cluster means you can place reth interfaces into different redundant groups, where different nodes are active. There is just no special 'mode' inside JUNOS for active/passive, and it's totally up to you how to group your interfaces and behave when one of them fails. You can attract all traffic to one node or divide it between nodes. Routing a packet between interfaces placed into RG's where different nodes are master requires h-shape forwarding (through the fabric link), that is where double pps occurs. But there is nothing pushing you to route like this. In my opinion, nearly 100% of real-word FW cluster implementations need a single RG1, to which all interfaces belong. This basically means active/passive data plane behavior. An only feasible exception might a kind of multi-tenant scenario where traffic to/from some VLAN's is always passed through a given node. When a failure occurs performance degrades. So you can reach more performance under normal conditions. But I'd say it's not worth it because a 2x hardware overkill is often much cheaper than advanced NOC skills required to maintain and troubleshoot the more complex solution. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] juniper cisco switch interconnection
Has anyone connected a Juniper EX series switch with a Cisco switch (I have a 3550)? Do you use a standard crossover cable? MDIX? Any Layer 2 issues with RSTP and PVST+? Any specific configuration required to make it work? Stability? thanks in advance, Mike ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] juniper cisco switch interconnection
harbor235 harbor...@gmail.com writes: Has anyone connected a Juniper EX series switch with a Cisco switch (I have a 3550)? Yes Do you use a standard crossover cable? MDIX? I have only attempted 1Gbps, that just worked with a straight cable. Any Layer 2 issues with RSTP and PVST+? It seems to work so far... Any specific configuration required to make it work? Avoid VLAN 1. You can probably make VLAN 1 work if you try, but for me it was easier to simply not use it. /Benny ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] juniper cisco switch interconnection
Just a quick note: if you need multiple vlan STP (like what PVST+ has...), use VSTP on the Juniper. Ensure that VLAN 1 is on any trunk line between the Cisco and the Juniper. You don't need to have traffic there, but PVST+ uses VLAN 1 and VSTP will listen on VLAN 1 for STP information. If it's not configured, all kinds of strangeness occurs. YMMV -Patrick -Original Message- From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Benny Amorsen Sent: Monday, December 10, 2012 2:16 PM To: harbor235 Cc: Juniper List Subject: Re: [j-nsp] juniper cisco switch interconnection harbor235 harbor...@gmail.com writes: Has anyone connected a Juniper EX series switch with a Cisco switch (I have a 3550)? Yes Do you use a standard crossover cable? MDIX? I have only attempted 1Gbps, that just worked with a straight cable. Any Layer 2 issues with RSTP and PVST+? It seems to work so far... Any specific configuration required to make it work? Avoid VLAN 1. You can probably make VLAN 1 work if you try, but for me it was easier to simply not use it. /Benny ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] juniper cisco switch interconnection
Hi Patrick, On Tue, Dec 11, 2012 at 8:20 AM, Patrick Dickey dickeypj...@yahoo.com wrote: Just a quick note: if you need multiple vlan STP (like what PVST+ has...), use VSTP on the Juniper. Ensure that VLAN 1 is on any trunk line between the Cisco and the Juniper. You don't need to have traffic there, but PVST+ uses VLAN 1 and VSTP will listen on VLAN 1 for STP information. If it's not configured, all kinds of strangeness occurs. Your comment reminded me of some VSTP strangeness I'd seen previously. Do you know if VSTP wants VLAN 1 even in a pure Juniper environment? Or is this only required for Cisco PVST+ interop? Cheers, Dale ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] juniper cisco switch interconnection
Hi Dale- As far as I know, it's a Cisco interop issue. Cisco only sends certain info to the standard multicast address on VLAN 1. On all other VLANs, it sends info only to the Cisco multicast address (not the standard RFC address). At least that's how I remember the problem could be wrong. Patrick -Original Message- From: dale.s...@gmail.com [mailto:dale.s...@gmail.com] On Behalf Of Dale Shaw Sent: Monday, December 10, 2012 2:50 PM To: Patrick Dickey Cc: Juniper List Subject: Re: [j-nsp] juniper cisco switch interconnection Hi Patrick, On Tue, Dec 11, 2012 at 8:20 AM, Patrick Dickey dickeypj...@yahoo.com wrote: Just a quick note: if you need multiple vlan STP (like what PVST+ has...), use VSTP on the Juniper. Ensure that VLAN 1 is on any trunk line between the Cisco and the Juniper. You don't need to have traffic there, but PVST+ uses VLAN 1 and VSTP will listen on VLAN 1 for STP information. If it's not configured, all kinds of strangeness occurs. Your comment reminded me of some VSTP strangeness I'd seen previously. Do you know if VSTP wants VLAN 1 even in a pure Juniper environment? Or is this only required for Cisco PVST+ interop? Cheers, Dale ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] juniper cisco switch interconnection
Hi, I also came across issues when running PVST on Cisco switches RSTP on Juniper. Had to change the Spanning Tree mode to MSTP on all the Cisco and Juniper switches and that's been working fine. Regards, Saba On Tue, Dec 11, 2012 at 6:05 AM, harbor235 harbor...@gmail.com wrote: Has anyone connected a Juniper EX series switch with a Cisco switch (I have a 3550)? Do you use a standard crossover cable? MDIX? Any Layer 2 issues with RSTP and PVST+? Any specific configuration required to make it work? Stability? thanks in advance, Mike ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] juniper cisco switch interconnection
you can bcast storm your network to a halt if you are not careful. Use VSTP on juniper side to match the cisco PVST+. I believe Juniper's RSTP uses one instance of spanning tree over the physical network not an instance per vlan like cisco's implementation. I would also watch out for vlan 1. - Original Message - From: Benny Amorsen benny+use...@amorsen.dk To: harbor235 harbor...@gmail.com Cc: Juniper List juniper-nsp@puck.nether.net Sent: Monday, December 10, 2012 3:16:10 PM Subject: Re: [j-nsp] juniper cisco switch interconnection harbor235 harbor...@gmail.com writes: Has anyone connected a Juniper EX series switch with a Cisco switch (I have a 3550)? Yes Do you use a standard crossover cable? MDIX? I have only attempted 1Gbps, that just worked with a straight cable. Any Layer 2 issues with RSTP and PVST+? It seems to work so far... Any specific configuration required to make it work? Avoid VLAN 1. You can probably make VLAN 1 work if you try, but for me it was easier to simply not use it. /Benny ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] juniper cisco switch interconnection
Here is a quick summary of the JUNOS RSTP/VSTP interop behavior. If you enable RSTP on the Juniper side, and do NOT set any native-vlans on any of the cisco ports connected to juniper, then JUNOS will interop with the cisco RSTP frames sent untagged, and VLAN1 will block correctly. The cisco devices will see each other via PVST on all other VLANs and block those accordingly. If you only enable VSTP on the Juniper side and you define VLAN 1 on the Juniper side with a vlan tag of 1 specified, then bad things happen prior to 12.1r2/12.2 software. This is due to the fact that JUNOS transmits/expects tagged packets for VLAN1 and drops all untagged STP frames. While the cisco device will transmit untagged STP frames to both the STP MAC and the PVST MAC, but both are untagged. So basically the Juniper and the Cisco will not see each other on the wire. With 12.1r2 and 12.2 software, JUNOS will behave similarly to the cisco side, in that it will transmit the VSTP(PVST) frames untagged. If you enable both RSTP and VSTP on the Juniper side and you define VLAN 1 on the Juniper side with a VLAN tag of 1 specified, the behavior is the same as above, as RSTP won't be transmitted out the interface because all VLANs have VLAN-IDs associated with them. Again 12.1r2/12.2 and beyond address this. If you enable RSTP and VSTP on the Juniper side and you define VLAN 1 WITHOUT a VLAN id defined, then all is well, as the Juniper will interoperate with Cisco on all VLANs other than VLAN1 using VSTP/PVST, and it will interoperate with the Cisco on VLAN1 using RSTP. This behavior can be used on all releases prior to 12.1r2/12.2 based on what I've seen in the past. There is a minimum release in which to run RSTP+VSTP, but I don't remember that off the top of my head, probably a low 10.x release. Joe -Original Message- From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Mike Azevedo Sent: Monday, December 10, 2012 3:28 PM To: Benny Amorsen Cc: Juniper List Subject: Re: [j-nsp] juniper cisco switch interconnection you can bcast storm your network to a halt if you are not careful. Use VSTP on juniper side to match the cisco PVST+. I believe Juniper's RSTP uses one instance of spanning tree over the physical network not an instance per vlan like cisco's implementation. I would also watch out for vlan 1. - Original Message - From: Benny Amorsen benny+use...@amorsen.dk To: harbor235 harbor...@gmail.com Cc: Juniper List juniper-nsp@puck.nether.net Sent: Monday, December 10, 2012 3:16:10 PM Subject: Re: [j-nsp] juniper cisco switch interconnection harbor235 harbor...@gmail.com writes: Has anyone connected a Juniper EX series switch with a Cisco switch (I have a 3550)? Yes Do you use a standard crossover cable? MDIX? I have only attempted 1Gbps, that just worked with a straight cable. Any Layer 2 issues with RSTP and PVST+? It seems to work so far... Any specific configuration required to make it work? Avoid VLAN 1. You can probably make VLAN 1 work if you try, but for me it was easier to simply not use it. /Benny ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] juniper cisco switch interconnection
ooh VSTP/PVST+ interop. Boy have we had some fun here over the years.. Cisco PVST+ sends IEEE and Cisco BPDUs on the *native* VLAN and Cisco BPDUs for each VLAN that is tagged on an interface. Juniper VSTP only sends IEEE BPDUs on the native VLAN 1 (or did as of 11.4) but sends Cisco BPDUs for each tagged VLAN. A gotcha to watch out for is if you are using default VLAN in Junos as your native, you need to manually set the VLAN-ID to 1 or the VSTP config will not pick it up: set vlan default vlan-id 1 There is a change in 12.2 regarding something similar to this: VSTP compatibility with Cisco PVST+—When you configure VSTP using the set protocol vstp vlan all configuration mode command, VLAN ID 1 is now excluded, thus making Junos OS VSTP compatible with Cisco PVST+. To include VLAN ID 1 in the VSTP VLAN, you must now add it explicitly using the set protocol vstp vlan 1 configuration mode command. If you're in a pure Juniper environment, you don't need to worry too much though - as long as you have a common native VLAN (or even if you have none) everything generally works pretty well provided you make sure you're not running an EX software version affected by this bad boy: http://kb.juniper.net/InfoCenter/index?page=contentid=KB22111cat=EX_SERIESactp=LISTsmlogin=true If your VLAN count is getting up over 100, consider MSTP - the CPU thrashing on a 3550 or 3750 when they all reconverge has some NASTY side-effects (like delaying the sending of BPDUs, causing the issue to spiral even further). On 11/12/2012, at 7:28 AM, Mike Azevedo mikea...@iristransport.com wrote: you can bcast storm your network to a halt if you are not careful. Use VSTP on juniper side to match the cisco PVST+. I believe Juniper's RSTP uses one instance of spanning tree over the physical network not an instance per vlan like cisco's implementation. I would also watch out for vlan 1. - Original Message - From: Benny Amorsen benny+use...@amorsen.dk To: harbor235 harbor...@gmail.com Cc: Juniper List juniper-nsp@puck.nether.net Sent: Monday, December 10, 2012 3:16:10 PM Subject: Re: [j-nsp] juniper cisco switch interconnection harbor235 harbor...@gmail.com writes: Has anyone connected a Juniper EX series switch with a Cisco switch (I have a 3550)? Yes Do you use a standard crossover cable? MDIX? I have only attempted 1Gbps, that just worked with a straight cable. Any Layer 2 issues with RSTP and PVST+? It seems to work so far... Any specific configuration required to make it work? Avoid VLAN 1. You can probably make VLAN 1 work if you try, but for me it was easier to simply not use it. /Benny ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] J-Flow Configuration on MX5
Has Anyone had experiences in configuring J-Flow on MX5 and it works? I have been trying to find the documents, most of them are for SRX and J series and not for MX series. I think the configuration would be the same , but somehow it's not working for me. Any link, idea ,advice all would be very appreciated. Cheers, Samol ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] J-Flow Configuration on MX5
what kind of j-flow (re bassed or inline-jflow) are you trying to configure
? could you share the configuration? we have RE-bassed on our mx80
configured w/o any issues, and inline on 960s
typical configuration for re based will be something like:
input {
rate 2000;
run-length 0;
max-packets-per-second 1;
}
family inet {
output {
flow-inactive-timeout 60;
flow-active-timeout 60;
flow-server x.x.x.x {
port 5000;
source-address y.y.y.y;
version 5;
}
}
}
2012/12/11 Samol molas...@gmail.com
Has Anyone had experiences in configuring J-Flow on MX5 and it works? I
have been trying to find the documents, most of them are for SRX and J
series and not for MX series. I think the configuration would be the same ,
but somehow it's not working for me. Any link, idea ,advice all would be
very appreciated.
Cheers,
Samol
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
