Re: [j-nsp] display bug? ex4500 junos 12.2R2.4
It's a "glab" style style match (via fnmatch()), IIRC:
* Matches any string, including the null string.
? Matches any single character.
[...] Matches any one of the enclosed characters. A pair of
characters
separated by a hyphen denotes a range expression; any
character
that sorts between those two characters, inclusive, using the
cur-
rent locale's collating sequence and character set, is
matched.
Think characters, not numbers. This means that [32-34] matches
"3", the characters between "2" and "4", and "3". It's not the
range of numbers between 32 and 34. [3234] matches "3", "2", "3",
and "4" (both are identical to "2-4").
"f[e-x]*" matches fe-0/0/0 and fxp0.
Thanks,
Phil
ryanL writes:
>erik wins. duh. thanks man.
>
>fwiw, it works on my MX boxes :-/
>
>On Tue, May 7, 2013 at 2:56 PM, Erik Muller wrote:
>> On 5/7/13 16:03 , ryanL wrote:
>>>
>>> this seems to work fine on my 4200's running different code.
>>>
>>> {master:0}
>>> ry@fs-cs2> show interfaces ge-0/0/[32-34]
>>> ry@fs-cs2> show interfaces ge-0/0/[3234]
>>> ry@fs-cs2> show interfaces ge-0/0/[323]
>>
>>
>> I don't have handy access to anything with 12.2 to try it out, but does
>> "show interfaces ge-0/0/3[2-4]" work? the [32-34] isn't standard regex for
>> what you seem to mean, and it may be that older parsers were more lenient.
>>
>> -e
>>
>> ___
>> juniper-nsp mailing list juniper-nsp@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>___
>juniper-nsp mailing list juniper-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] display bug? ex4500 junos 12.2R2.4
that seems to work.
ry@fs-cs2# run show interfaces ge-* terse | except "\."
Interface Admin Link ProtoLocal Remote
ge-0/0/0upup
ge-0/0/32 upup
ge-0/0/33 upup
ge-0/0/34 upup
ge-0/0/35 upup
On Tue, May 7, 2013 at 2:51 PM, Phil Shafer wrote:
> What does:
>
> show interfaces ge-* terse | except "\."
>
> say?
>
> Thanks,
> Phil
>
>
>
> ryanL writes:
>>this seems to work fine on my 4200's running different code.
>>
>>{master:0}
>>ry@fs-cs2> show interfaces ge-0/0/[32-34]
>>
>>{master:0}
>>ry@fs-cs2> show interfaces ge-0/0/[3234]
>>
>>{master:0}
>>ry@fs-cs2> show interfaces ge-0/0/[323]
>>
>>{master:0}
>>ry@fs-cs2>blargh
>>___
>>juniper-nsp mailing list juniper-nsp@puck.nether.net
>>https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] display bug? ex4500 junos 12.2R2.4
erik wins. duh. thanks man.
fwiw, it works on my MX boxes :-/
On Tue, May 7, 2013 at 2:56 PM, Erik Muller wrote:
> On 5/7/13 16:03 , ryanL wrote:
>>
>> this seems to work fine on my 4200's running different code.
>>
>> {master:0}
>> ry@fs-cs2> show interfaces ge-0/0/[32-34]
>> ry@fs-cs2> show interfaces ge-0/0/[3234]
>> ry@fs-cs2> show interfaces ge-0/0/[323]
>
>
> I don't have handy access to anything with 12.2 to try it out, but does
> "show interfaces ge-0/0/3[2-4]" work? the [32-34] isn't standard regex for
> what you seem to mean, and it may be that older parsers were more lenient.
>
> -e
>
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] display bug? ex4500 junos 12.2R2.4
On 5/7/13 16:03 , ryanL wrote:
this seems to work fine on my 4200's running different code.
{master:0}
ry@fs-cs2> show interfaces ge-0/0/[32-34]
ry@fs-cs2> show interfaces ge-0/0/[3234]
ry@fs-cs2> show interfaces ge-0/0/[323]
I don't have handy access to anything with 12.2 to try it out, but does
"show interfaces ge-0/0/3[2-4]" work? the [32-34] isn't standard regex for
what you seem to mean, and it may be that older parsers were more lenient.
-e
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] display bug? ex4500 junos 12.2R2.4
What does:
show interfaces ge-* terse | except "\."
say?
Thanks,
Phil
ryanL writes:
>this seems to work fine on my 4200's running different code.
>
>{master:0}
>ry@fs-cs2> show interfaces ge-0/0/[32-34]
>
>{master:0}
>ry@fs-cs2> show interfaces ge-0/0/[3234]
>
>{master:0}
>ry@fs-cs2> show interfaces ge-0/0/[323]
>
>{master:0}
>ry@fs-cs2>blargh
>___
>juniper-nsp mailing list juniper-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] ex4500 best-effort drops nowhere near congested
good discussion. the tl;dr - nothing i can do about it. right? On Thu, May 2, 2013 at 2:51 PM, Michael Loftis wrote: > I was finally able to get this explained via a third party who designs > these things ... > > Basically in S&F you have an input and output queue, per port. When > port 1 sends to port 2 frames are moved from 1's input queue to 2's > output queue. If 2's out queue fills, it blocks back into 1's input > queue. This causes drops not only for frames destined for port 2 but > unrelated frames as well. In CT mode they get rid of the input queue, > and use that space for the output. When a port's output queue fills, > drops for that port still happen, but drops for other, unaffected > ports, now do not happen. CT mode also means the frame is transmitted > much earlier in the 1G-1G and 10G-1G modes (as soon as the ethernet > header is there) when there's no congestion. So frames w/o an > interframe gap aren't as problematic either (which is the case > sometimes for microburst drops, insufficient interframe gap for the > CRC computation and the switching to occur before buffers fill) > > Atleast now I understand how/why it improves things more than just > deeper buffers. Basically unrelated traffic is unaffected, whereas > with S&F mode, unrelated traffic can get backed up and lots of frames > get dropped that have nothing to do with the actual bottleneck. > > > > > On Thu, May 2, 2013 at 2:22 PM, joel jaeggli wrote: >> On 5/2/13 1:24 PM, Benny Amorsen wrote: >>> >>> joel jaeggli writes: >>> There's literally no options in between. so a 1/10Gb/s TOR like the force10 s60 might have 2GB of shared packet buffer, while an like an arista 7050s-64 would have 9MB for all the ports, assuming you run it as all 10Gb/s rather than 100/1000/1/4 mixes of ports it can cut-through-forward to every port which goes a long way toward ameliorating your exposure to shallow buffers. >>> >>> Why does cut-through help so much? In theory it should save precisely >>> one packets worth of memory, i.e. around 9kB per port. 500kB extra >>> buffer for the whole 50-port switch does not seem like a lot. >> >> >> Until there's contention for the output side, you should only have one >> packet in the output queue at a time for each port on a cut through switch. >> which is like 96K of buffer for 1500 byte frames on a 64 port switch >> >> Store and forward means you hold onto the packet a lot longer mechanically >> even if nominally you are able to forward at line rate so long as there's >> always a packet in the ouput queue to put on the wire. consider that the >> fastest cut-through 10Gb/s switches now are around .4usec and your 1500 byte >> packet takes ~1.2usec to arrive. >> >> when adding rate conversion, consider that when having a flow come from a >> 10Gb/s to 1Gb/s port that another 1500byte packet can arrive every ~1.2usec >> but you can only clock them back out every 12usec. jumbos just push the >> opportunities to queue for rate conversion out that much furthure >> >> >> >>> Lots of people say that cut-through helps prevents packet loss due to >>> lack of buffer, so something more complicated must be happening. >>> >>> >>> /Benny >>> >> >> ___ >> juniper-nsp mailing list juniper-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/juniper-nsp > > > > -- > > "Genius might be described as a supreme capacity for getting its possessors > into trouble of all kinds." > -- Samuel Butler > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] display bug? ex4500 junos 12.2R2.4
this seems to work fine on my 4200's running different code.
{master:0}
ry@fs-cs2> show interfaces ge-0/0/[32-34]
{master:0}
ry@fs-cs2> show interfaces ge-0/0/[3234]
{master:0}
ry@fs-cs2> show interfaces ge-0/0/[323]
{master:0}
ry@fs-cs2>blargh
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Srx 240 ipsec site to site
Hi, have to check if using a hostname as peer address works with 12.1x44. But in 11.4 it is not possible. As soon as one used a hostname as peer address the SRX resolves the IP address and puts it in the config. Still waiting for all the neat little features, that made ScreenOS such a strong system Klaus — Sent from Mailbox for iPhone On Tue, May 7, 2013 at 10:59 AM, Martin, Paul wrote: > Morning, > Cisco have a DMVPN solution for this, I believe the equivalent juniper > solution can be seen at the following link > http://kb.juniper.net/kb/documents/public/junos_es/JUNOS_ES_Multipoint_VPN_with_NHTB.pdf > It's worth noting that this is a few years old now so it's likely to have > been superseded by something else. > Regards > Paul > -Original Message- > From: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of > Nc Aji > Sent: 07 May 2013 05:14 > To: juniper-nsp@puck.nether.net > Subject: [j-nsp] Srx 240 ipsec site to site > Dear Group, > I have a small customer requiring a VPN between two of the sites, One site > is so remote where in we have only 3g internet connection available. other > site which is considered to be the main site is having internet over an > ADSL link . In essence both sides are getting dynamic IP address , can i > have a site to site vpn in this situation ? > Does SRX support dyndns feature ? can I use it for establishing site to > site vpn ? > if not what is the other option to suggest to customer ? > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Srx 240 ipsec site to site
Morning, Cisco have a DMVPN solution for this, I believe the equivalent juniper solution can be seen at the following link http://kb.juniper.net/kb/documents/public/junos_es/JUNOS_ES_Multipoint_VPN_with_NHTB.pdf It's worth noting that this is a few years old now so it's likely to have been superseded by something else. Regards Paul -Original Message- From: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Nc Aji Sent: 07 May 2013 05:14 To: juniper-nsp@puck.nether.net Subject: [j-nsp] Srx 240 ipsec site to site Dear Group, I have a small customer requiring a VPN between two of the sites, One site is so remote where in we have only 3g internet connection available. other site which is considered to be the main site is having internet over an ADSL link . In essence both sides are getting dynamic IP address , can i have a site to site vpn in this situation ? Does SRX support dyndns feature ? can I use it for establishing site to site vpn ? if not what is the other option to suggest to customer ? ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
