Re: [j-nsp] proposed changes to "clear bgp neighbor"
On (2014-02-26 10:36 -0500), Phil Shafer wrote: > I'm looking for feedback about this change. My working assumption > is that "clear bgp neighbor" is a sufficiently rare command and > would not be used in automation/scripts, so the impact of making > the neighbor/all argument mandatory would be minimal. Is this > assumption accurate? Support. I can't fathom which automated system would rely on this working and would not be possible to change in 5min. But I'm generally against downward-compatibility, it hurts innovation and creates codebase complexity creep (i.e. bugs). I'm all for regularly exploding everything. In JunOS case, between major version, you could state that all bets are off with backward compatibility and fix crimes of those who became before us(tm). But I understand my opinion is not popular one and would not pass marketing. Rant follows, stop reading now. As obligatory counter-point (not trying to pick on anyone, just finding first example that came into my mind) CSCO's EVC is tragic example of breaking stuff for sake of breaking stuff. EVC is new logical interface configuration, which completely breaks standard SNMP MIB support and every tooling which relied on logical interfaces looking certain way. And there is 0 benefit, everything you configure in EVC, you could configure in regular logical interface. Only possible reason I can think of, was parser simplicity, now parser easily knows what part of hardware needs to be programmed without parsing contents of the logical interface. I would have been even OK with all old logical interfaces going away and all features moved to EVC (don't see the point, but even that would have been better) -- ++ytti ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
For me is ok too. Massimo 2014-02-27 8:07 GMT+01:00 Mark Tinka : > On Wednesday, February 26, 2014 09:24:21 PM Eric Van Tol > wrote: > > > I don't see a problem with adding the requirement 'all'. > > I support this as well. > > Mark. > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] sshd log messages !!
On Thursday, February 27, 2014 01:14:26 AM Rodrigo Augusto wrote: > Protect your RE. Put a filter on your loopback and permit > only your netwoks to access this port(22). Yep. You really shouldn't let your SSH daemon have easy access to the world. Mark. signature.asc Description: This is a digitally signed message part. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
On Wednesday, February 26, 2014 09:25:00 PM ryanL wrote: > yeah, i'm not slagging. just seems like poor training for > newbie noc engineers or something. this is a pretty > rookie error, in my view, but i've been around almost as > long as you have ;-) I suppose the idea is to keep the network running, not show how much of a rookie you are not :-). Mark. signature.asc Description: This is a digitally signed message part. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
On Wednesday, February 26, 2014 09:24:21 PM Eric Van Tol wrote: > I don't see a problem with adding the requirement 'all'. I support this as well. Mark. signature.asc Description: This is a digitally signed message part. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] sshd log messages !!
> > Message: 6 > Date: Wed, 26 Feb 2014 21:04:54 +0100 > From: Fernando Garcia Fernandez > To: Eric Van Tol > Cc: "juniper-nsp@puck.nether.net" > Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor" > Message-ID: > Content-Type: text/plain; charset=windows-1252 > > +1 to include the ?all? option. > > In fact, coming from the IOS world, it amused me when I discovered that there > was no ?*? or ?all? option to clear all neighbors. > > > El 26/02/2014, a las 20:24, Eric Van Tol escribi?: > >>> it's a nice-to-have, maybe? but this sounds more like an opportunity for >>> you to sell some JNCIA courses. i mean, how long has junos been around >>> now? >> >> Confusing comment, since this enhancement isn't about CLI inexperience. It >> doesn't matter how long Junos has been around or how experienced someone is, >> it's still too incredibly easy to hit 'Enter' too soon and clear all your >> BGP neighbors by accident. >> >> I don't see a problem with adding the requirement 'all'. >> >> -evt >> >> ___ >> juniper-nsp mailing list juniper-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/juniper-nsp > > > > > -- > > Message: 7 > Date: Wed, 26 Feb 2014 14:25:00 -0500 > From: ryanL > To: Phil Shafer > Cc: Juniper for Network Service Providers > > Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor" > Message-ID: > > Content-Type: text/plain; charset=ISO-8859-1 > > yeah, i'm not slagging. just seems like poor training for newbie noc > engineers or something. this is a pretty rookie error, in my view, but i've > been around almost as long as you have ;-) > > > On Wed, Feb 26, 2014 at 1:44 PM, Phil Shafer wrote: > >> ryanL writes: >>> it's a nice-to-have, maybe? but this sounds more like an opportunity for >>> you to sell some JNCIA courses. i mean, how long has junos been around >> now? >> >> Not selling anything; just trying to solve a problem multiple >> customers have reported and escalated. I'm a software developer, >> working on the UI code (CLI, MGD, configuration, XML API, scripting) >> for 17+ years. >> >> JUNOS 3.0 (the first release with the ui code) shipped during the >> summer of 1998, IIRC. >> >> Thanks, >> Phil >> >> > > > -- > > Message: 8 > Date: Wed, 26 Feb 2014 21:37:20 +0100 > From: "Jonas Frey (Probe Networks)" > To: p...@juniper.net > Cc: Juniper for Network Service Providers > > Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor" > Message-ID: <1393447040.4974.178.camel@wks02> > Content-Type: text/plain; charset="utf-8" > > +1 for the "all" requirement > > Am Mittwoch, den 26.02.2014, 10:36 -0500 schrieb Phil Shafer: >> Juniper users, >> >> We've been asked to make a change the "clear bgp neighbor" command >> to make the neighbor or "all" argument mandatory. The root cause >> is the severe impact of "clear bgp neighbor" and the increasing >> accidental use of this command without a specific neighbor. >> >> In general, we avoid changing commands to add mandatory arguments, >> but my feeling is that the impact and severity of this specific >> command makes this an acceptable occasion for such a change. >> >> I'm looking for feedback about this change. My working assumption >> is that "clear bgp neighbor" is a sufficiently rare command and >> would not be used in automation/scripts, so the impact of making >> the neighbor/all argument mandatory would be minimal. Is this >> assumption accurate? >> >> Thanks, >> Phil >> >> [I've set reply-to to myself to avoid impacting the list] >> >> ___ >> juniper-nsp mailing list juniper-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/juniper-nsp > -- next part -- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 198 bytes > Desc: This is a digitally signed message part > URL: > <https://puck.nether.net/pipermail/juniper-nsp/attachments/20140226/ad7a1719/attachment-0001.sig> > > -- > > Message: 9 > Date: Wed, 26 Feb 2014 22:10:50 +0100 (CET) > From: sth...@nethelp.no > To: p...@juniper.net > Cc: juniper-nsp@puck.nether.net > Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor" > Message-ID: <20140226.221050.71112673.sth...@nethelp.no> > Content-Type: Text/Plain; charset=us-ascii > >> We've been asked to make a change the "clear bgp neighbor" command >> to make the neighbor or "all" argument mandatory. The root cause >> is the severe impact of "clear bgp neighbor" and the increasing >> accidental use of this command without a specific neighbor. >> >> In general, we avoid changing commands to add mandatory arguments, >> but my feeling is that the impact and severity of this specific >> command makes this an acceptable occasion for such a change. >> >> I'm looking for feedback about this change. My working assumption >> is that "clear bgp neighbor" is a sufficiently rare command and >> would not be used in automation/scripts, so the impact of making >> the neighbor/all argument mandatory would be minimal. Is this >> assumption accurate? > > For us, yes. Fully support the idea of requiring an "all" argument. > > Steinar Haug, AS 2116 > > > -- > > Subject: Digest Footer > > ___ > juniper-nsp mailing list > juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > > -- > > End of juniper-nsp Digest, Vol 135, Issue 29 > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] sshd log messages !!
disable root-login will render most of attack useless. On Wed, Feb 26, 2014 at 8:56 PM, Phil Shafer wrote: > Rodrigo Augusto writes: >>Protect your RE. Put a filter on your loopback and permit only your netwoks >>to access th >>is port(22). > > Also consider disabling passwords completely. In 13.3 we introduced > the [system services ssh no-passwords] flag that turns off password- > based authentication, requiring ssh keys instead. This means > password guessing brute force attacks are prevented. > > Of course, if you lose your key file, you're as out of luck as you'd > be if you forgot your password. > > Thanks, > Phil > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] sshd log messages !!
Rodrigo Augusto writes: >Protect your RE. Put a filter on your loopback and permit only your netwoks to >access th >is port(22). Also consider disabling passwords completely. In 13.3 we introduced the [system services ssh no-passwords] flag that turns off password- based authentication, requiring ssh keys instead. This means password guessing brute force attacks are prevented. Of course, if you lose your key file, you're as out of luck as you'd be if you forgot your password. Thanks, Phil ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
+1 to the idea of making all / neighbor ip mandatory. On 27 February 2014 01:36, Phil Shafer wrote: > Juniper users, > > We've been asked to make a change the "clear bgp neighbor" command > to make the neighbor or "all" argument mandatory. The root cause > is the severe impact of "clear bgp neighbor" and the increasing > accidental use of this command without a specific neighbor. > > In general, we avoid changing commands to add mandatory arguments, > but my feeling is that the impact and severity of this specific > command makes this an acceptable occasion for such a change. > > I'm looking for feedback about this change. My working assumption > is that "clear bgp neighbor" is a sufficiently rare command and > would not be used in automation/scripts, so the impact of making > the neighbor/all argument mandatory would be minimal. Is this > assumption accurate? > > Thanks, > Phil > > [I've set reply-to to myself to avoid impacting the list] > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > -- Regards, Craig Askings io Networks Pty Ltd. mobile: 0404 019365 phone: 1300 1 2 4 8 16 ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
On Thu, 27 Feb 2014, heasley wrote: Thu, Feb 27, 2014 at 10:30:29AM +0900, Paul S.: +1 to the 'all' requirement -- and then further include another question as suggested like 'Reset all BGP sessions? [Y/N]' Please - if you're dumb enough to enter a command that you do not understand on a production device, you deserve what you get. Stupid should be painful. Clearly someone should take away my router configuration license since I accidentally hit the wrong key on occasion. -- Brandon Ross Yahoo & AIM: BrandonNRoss +1-404-635-6667ICQ: 2269442 Skype: brandonross Schedule a meeting: http://www.doodle.com/bross ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
On 2/27/2014 午前 10:38, heasley wrote: Thu, Feb 27, 2014 at 10:30:29AM +0900, Paul S.: +1 to the 'all' requirement -- and then further include another question as suggested like 'Reset all BGP sessions? [Y/N]' Please - if you're dumb enough to enter a command that you do not understand on a production device, you deserve what you get. Stupid should be painful. Well, if stupidity is meant to be painful -- I don't even see why Juniper is even considering fixing this as the only people who'd even enter it at its current state are people who likely don't know what they're doing. A little safeguarding never hurt anyone ;) ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
Thu, Feb 27, 2014 at 10:30:29AM +0900, Paul S.: > +1 to the 'all' requirement -- and then further include another question > as suggested like 'Reset all BGP sessions? [Y/N]' Please - if you're dumb enough to enter a command that you do not understand on a production device, you deserve what you get. Stupid should be painful. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
+1 to the 'all' requirement -- and then further include another question as suggested like 'Reset all BGP sessions? [Y/N]' That, in my opinion, is the most sane way to go about it. On 2/27/2014 ?? 05:37, Jonas Frey (Probe Networks) wrote: +1 for the "all" requirement Am Mittwoch, den 26.02.2014, 10:36 -0500 schrieb Phil Shafer: Juniper users, We've been asked to make a change the "clear bgp neighbor" command to make the neighbor or "all" argument mandatory. The root cause is the severe impact of "clear bgp neighbor" and the increasing accidental use of this command without a specific neighbor. In general, we avoid changing commands to add mandatory arguments, but my feeling is that the impact and severity of this specific command makes this an acceptable occasion for such a change. I'm looking for feedback about this change. My working assumption is that "clear bgp neighbor" is a sufficiently rare command and would not be used in automation/scripts, so the impact of making the neighbor/all argument mandatory would be minimal. Is this assumption accurate? Thanks, Phil [I've set reply-to to myself to avoid impacting the list] ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] sshd log messages !!
how long has junos been around >>> now? >> >> Confusing comment, since this enhancement isn't about CLI inexperience. It >> doesn't matter how long Junos has been around or how experienced someone is, >> it's still too incredibly easy to hit 'Enter' too soon and clear all your >> BGP neighbors by accident. >> >> I don't see a problem with adding the requirement 'all'. >> >> -evt >> >> ___ >> juniper-nsp mailing list juniper-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/juniper-nsp > > > > > -- > > Message: 7 > Date: Wed, 26 Feb 2014 14:25:00 -0500 > From: ryanL > To: Phil Shafer > Cc: Juniper for Network Service Providers > > Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor" > Message-ID: > > Content-Type: text/plain; charset=ISO-8859-1 > > yeah, i'm not slagging. just seems like poor training for newbie noc > engineers or something. this is a pretty rookie error, in my view, but i've > been around almost as long as you have ;-) > > >> On Wed, Feb 26, 2014 at 1:44 PM, Phil Shafer wrote: >> >> ryanL writes: >>> it's a nice-to-have, maybe? but this sounds more like an opportunity for >>> you to sell some JNCIA courses. i mean, how long has junos been around >> now? >> >> Not selling anything; just trying to solve a problem multiple >> customers have reported and escalated. I'm a software developer, >> working on the UI code (CLI, MGD, configuration, XML API, scripting) >> for 17+ years. >> >> JUNOS 3.0 (the first release with the ui code) shipped during the >> summer of 1998, IIRC. >> >> Thanks, >> Phil > > > -- > > Message: 8 > Date: Wed, 26 Feb 2014 21:37:20 +0100 > From: "Jonas Frey (Probe Networks)" > To: p...@juniper.net > Cc: Juniper for Network Service Providers > > Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor" > Message-ID: <1393447040.4974.178.camel@wks02> > Content-Type: text/plain; charset="utf-8" > > +1 for the "all" requirement > > Am Mittwoch, den 26.02.2014, 10:36 -0500 schrieb Phil Shafer: >> Juniper users, >> >> We've been asked to make a change the "clear bgp neighbor" command >> to make the neighbor or "all" argument mandatory. The root cause >> is the severe impact of "clear bgp neighbor" and the increasing >> accidental use of this command without a specific neighbor. >> >> In general, we avoid changing commands to add mandatory arguments, >> but my feeling is that the impact and severity of this specific >> command makes this an acceptable occasion for such a change. >> >> I'm looking for feedback about this change. My working assumption >> is that "clear bgp neighbor" is a sufficiently rare command and >> would not be used in automation/scripts, so the impact of making >> the neighbor/all argument mandatory would be minimal. Is this >> assumption accurate? >> >> Thanks, >> Phil >> >> [I've set reply-to to myself to avoid impacting the list] >> >> ___ >> juniper-nsp mailing list juniper-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/juniper-nsp > -- next part -- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 198 bytes > Desc: This is a digitally signed message part > URL: > <https://puck.nether.net/pipermail/juniper-nsp/attachments/20140226/ad7a1719/attachment-0001.sig> > > -- > > Message: 9 > Date: Wed, 26 Feb 2014 22:10:50 +0100 (CET) > From: sth...@nethelp.no > To: p...@juniper.net > Cc: juniper-nsp@puck.nether.net > Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor" > Message-ID: <20140226.221050.71112673.sth...@nethelp.no> > Content-Type: Text/Plain; charset=us-ascii > >> We've been asked to make a change the "clear bgp neighbor" command >> to make the neighbor or "all" argument mandatory. The root cause >> is the severe impact of "clear bgp neighbor" and the increasing >> accidental use of this command without a specific neighbor. >> >> In general, we avoid changing commands to add mandatory arguments, >> but my feeling is that the impact and severity of this specific >> command makes this an acceptable occasion for such a change. >> >> I'm looking for feedback about this change. My working assumption >> is that "clear bgp neighbor" is a sufficiently rare command and >> would not be used in automation/scripts, so the impact of making >> the neighbor/all argument mandatory would be minimal. Is this >> assumption accurate? > > For us, yes. Fully support the idea of requiring an "all" argument. > > Steinar Haug, AS 2116 > > > -- > > Subject: Digest Footer > > ___ > juniper-nsp mailing list > juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > > -- > > End of juniper-nsp Digest, Vol 135, Issue 29 > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] sshd log messages !!
d > >> now? > > > > Confusing comment, since this enhancement isn't about CLI inexperience. It > > doesn't matter how long Junos has been around or how experienced someone > > is, it's still too incredibly easy to hit 'Enter' too soon and clear all > > your BGP neighbors by accident. > > > > I don't see a problem with adding the requirement 'all'. > > > > -evt > > > > ___ > > juniper-nsp mailing list juniper-nsp@puck.nether.net > > https://puck.nether.net/mailman/listinfo/juniper-nsp > > > > > -- > > Message: 7 > Date: Wed, 26 Feb 2014 14:25:00 -0500 > From: ryanL > To: Phil Shafer > Cc: Juniper for Network Service Providers > > Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor" > Message-ID: > > Content-Type: text/plain; charset=ISO-8859-1 > > yeah, i'm not slagging. just seems like poor training for newbie noc > engineers or something. this is a pretty rookie error, in my view, but i've > been around almost as long as you have ;-) > > > On Wed, Feb 26, 2014 at 1:44 PM, Phil Shafer wrote: > > > ryanL writes: > > >it's a nice-to-have, maybe? but this sounds more like an opportunity for > > >you to sell some JNCIA courses. i mean, how long has junos been around > > now? > > > > Not selling anything; just trying to solve a problem multiple > > customers have reported and escalated. I'm a software developer, > > working on the UI code (CLI, MGD, configuration, XML API, scripting) > > for 17+ years. > > > > JUNOS 3.0 (the first release with the ui code) shipped during the > > summer of 1998, IIRC. > > > > Thanks, > > Phil > > > > > > > -- > > Message: 8 > Date: Wed, 26 Feb 2014 21:37:20 +0100 > From: "Jonas Frey (Probe Networks)" > To: p...@juniper.net > Cc: Juniper for Network Service Providers > > Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor" > Message-ID: <1393447040.4974.178.camel@wks02> > Content-Type: text/plain; charset="utf-8" > > +1 for the "all" requirement > > Am Mittwoch, den 26.02.2014, 10:36 -0500 schrieb Phil Shafer: > > Juniper users, > > > > We've been asked to make a change the "clear bgp neighbor" command > > to make the neighbor or "all" argument mandatory. The root cause > > is the severe impact of "clear bgp neighbor" and the increasing > > accidental use of this command without a specific neighbor. > > > > In general, we avoid changing commands to add mandatory arguments, > > but my feeling is that the impact and severity of this specific > > command makes this an acceptable occasion for such a change. > > > > I'm looking for feedback about this change. My working assumption > > is that "clear bgp neighbor" is a sufficiently rare command and > > would not be used in automation/scripts, so the impact of making > > the neighbor/all argument mandatory would be minimal. Is this > > assumption accurate? > > > > Thanks, > > Phil > > > > [I've set reply-to to myself to avoid impacting the list] > > > > ___ > > juniper-nsp mailing list juniper-nsp@puck.nether.net > > https://puck.nether.net/mailman/listinfo/juniper-nsp > -- next part -- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 198 bytes > Desc: This is a digitally signed message part > URL: > <https://puck.nether.net/pipermail/juniper-nsp/attachments/20140226/ad7a1719/attachment-0001.sig> > > -- > > Message: 9 > Date: Wed, 26 Feb 2014 22:10:50 +0100 (CET) > From: sth...@nethelp.no > To: p...@juniper.net > Cc: juniper-nsp@puck.nether.net > Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor" > Message-ID: <20140226.221050.71112673.sth...@nethelp.no> > Content-Type: Text/Plain; charset=us-ascii > > > We've been asked to make a change the "clear bgp neighbor" command > > to make the neighbor or "all" argument mandatory. The root cause > > is the severe impact of "clear bgp neighbor" and the increasing > > accidental use of this command without a specific neighbor. > > > > In general, we avoid changing commands to add mandatory arguments, > > but my feeling is that the impact and severity of this specific > > command makes this an acceptable occasion for such a change. > > > > I'm looking for feedback about this change. My working assumption > > is that "clear bgp neighbor" is a sufficiently rare command and > > would not be used in automation/scripts, so the impact of making > > the neighbor/all argument mandatory would be minimal. Is this > > assumption accurate? > > For us, yes. Fully support the idea of requiring an "all" argument. > > Steinar Haug, AS 2116 > > > -- > > Subject: Digest Footer > > ___ > juniper-nsp mailing list > juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > > -- > > End of juniper-nsp Digest, Vol 135, Issue 29 > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean. > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
I don't chime in much on the threads but in this case I'm with you, fat fingers can kill and the idiot do u really want to do this Y/N isn't a bad idea either. You do this long enough you guys that haven't had an oops moment eventually will. Sent from my iPhone > On Feb 26, 2014, at 4:29 PM, "Brandon Ross" wrote: > >> On Wed, 26 Feb 2014, ryanL wrote: >> >> yeah, i'm not slagging. just seems like poor training for newbie noc >> engineers or something. this is a pretty rookie error, in my view, but i've >> been around almost as long as you have ;-) > > I've been doing BGP work for nearly 20 years, and Juniper for more than 15, > including for many major and minor service providers, Interop and NANOG > itself, and somehow I still make mistakes, hit the wrong key, log into the > wrong window, etc. > > I fully support this change. > > -- > Brandon Ross Yahoo & AIM: BrandonNRoss > +1-404-635-6667ICQ: 2269442 > Skype: brandonross > Schedule a meeting: http://www.doodle.com/bross > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
Hi there, yes, please make "all" mandatory. We had copy/paste in the past where there was a CRLF before the IP of a neighbor and that killed all neighbors. Regards, Joerg -Ursprüngliche Nachricht- Von: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] Im Auftrag von Phil Shafer Gesendet: Mittwoch, 26. Februar 2014 16:37 An: Juniper for Network Service Providers Betreff: [j-nsp] proposed changes to "clear bgp neighbor" Juniper users, We've been asked to make a change the "clear bgp neighbor" command to make the neighbor or "all" argument mandatory. The root cause is the severe impact of "clear bgp neighbor" and the increasing accidental use of this command without a specific neighbor. In general, we avoid changing commands to add mandatory arguments, but my feeling is that the impact and severity of this specific command makes this an acceptable occasion for such a change. I'm looking for feedback about this change. My working assumption is that "clear bgp neighbor" is a sufficiently rare command and would not be used in automation/scripts, so the impact of making the neighbor/all argument mandatory would be minimal. Is this assumption accurate? Thanks, Phil [I've set reply-to to myself to avoid impacting the list] ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] sshd log messages !!
gt; Not selling anything; just trying to solve a problem multiple > customers have reported and escalated. I'm a software developer, > working on the UI code (CLI, MGD, configuration, XML API, scripting) > for 17+ years. > > JUNOS 3.0 (the first release with the ui code) shipped during the > summer of 1998, IIRC. > > Thanks, > Phil > > -- Message: 8 Date: Wed, 26 Feb 2014 21:37:20 +0100 From: "Jonas Frey (Probe Networks)" To: p...@juniper.net Cc: Juniper for Network Service Providers Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor" Message-ID: <1393447040.4974.178.camel@wks02> Content-Type: text/plain; charset="utf-8" +1 for the "all" requirement Am Mittwoch, den 26.02.2014, 10:36 -0500 schrieb Phil Shafer: > Juniper users, > > We've been asked to make a change the "clear bgp neighbor" command > to make the neighbor or "all" argument mandatory. The root cause > is the severe impact of "clear bgp neighbor" and the increasing > accidental use of this command without a specific neighbor. > > In general, we avoid changing commands to add mandatory arguments, > but my feeling is that the impact and severity of this specific > command makes this an acceptable occasion for such a change. > > I'm looking for feedback about this change. My working assumption > is that "clear bgp neighbor" is a sufficiently rare command and > would not be used in automation/scripts, so the impact of making > the neighbor/all argument mandatory would be minimal. Is this > assumption accurate? > > Thanks, > Phil > > [I've set reply-to to myself to avoid impacting the list] > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp -- next part -- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20140226/ad7a1719/attachment-0001.sig> -- Message: 9 Date: Wed, 26 Feb 2014 22:10:50 +0100 (CET) From: sth...@nethelp.no To: p...@juniper.net Cc: juniper-nsp@puck.nether.net Subject: Re: [j-nsp] proposed changes to "clear bgp neighbor" Message-ID: <20140226.221050.71112673.sth...@nethelp.no> Content-Type: Text/Plain; charset=us-ascii > We've been asked to make a change the "clear bgp neighbor" command > to make the neighbor or "all" argument mandatory. The root cause > is the severe impact of "clear bgp neighbor" and the increasing > accidental use of this command without a specific neighbor. > > In general, we avoid changing commands to add mandatory arguments, > but my feeling is that the impact and severity of this specific > command makes this an acceptable occasion for such a change. > > I'm looking for feedback about this change. My working assumption > is that "clear bgp neighbor" is a sufficiently rare command and > would not be used in automation/scripts, so the impact of making > the neighbor/all argument mandatory would be minimal. Is this > assumption accurate? For us, yes. Fully support the idea of requiring an "all" argument. Steinar Haug, AS 2116 -- Subject: Digest Footer ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp -- End of juniper-nsp Digest, Vol 135, Issue 29 ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
that sounds exactly like CLI inexperience to me. in any case, i did state that it would be a nice to have. On Wed, Feb 26, 2014 at 2:24 PM, Eric Van Tol wrote: > > it's a nice-to-have, maybe? but this sounds more like an opportunity for > > you to sell some JNCIA courses. i mean, how long has junos been around > > now? > > Confusing comment, since this enhancement isn't about CLI inexperience. > It doesn't matter how long Junos has been around or how experienced > someone is, it's still too incredibly easy to hit 'Enter' too soon and > clear all your BGP neighbors by accident. > > I don't see a problem with adding the requirement 'all'. > > -evt > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
On Wed, 26 Feb 2014, ryanL wrote: yeah, i'm not slagging. just seems like poor training for newbie noc engineers or something. this is a pretty rookie error, in my view, but i've been around almost as long as you have ;-) I've been doing BGP work for nearly 20 years, and Juniper for more than 15, including for many major and minor service providers, Interop and NANOG itself, and somehow I still make mistakes, hit the wrong key, log into the wrong window, etc. I fully support this change. -- Brandon Ross Yahoo & AIM: BrandonNRoss +1-404-635-6667ICQ: 2269442 Skype: brandonross Schedule a meeting: http://www.doodle.com/bross ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
> We've been asked to make a change the "clear bgp neighbor" command > to make the neighbor or "all" argument mandatory. The root cause > is the severe impact of "clear bgp neighbor" and the increasing > accidental use of this command without a specific neighbor. > > In general, we avoid changing commands to add mandatory arguments, > but my feeling is that the impact and severity of this specific > command makes this an acceptable occasion for such a change. > > I'm looking for feedback about this change. My working assumption > is that "clear bgp neighbor" is a sufficiently rare command and > would not be used in automation/scripts, so the impact of making > the neighbor/all argument mandatory would be minimal. Is this > assumption accurate? For us, yes. Fully support the idea of requiring an "all" argument. Steinar Haug, AS 2116 ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
+1 for the "all" requirement Am Mittwoch, den 26.02.2014, 10:36 -0500 schrieb Phil Shafer: > Juniper users, > > We've been asked to make a change the "clear bgp neighbor" command > to make the neighbor or "all" argument mandatory. The root cause > is the severe impact of "clear bgp neighbor" and the increasing > accidental use of this command without a specific neighbor. > > In general, we avoid changing commands to add mandatory arguments, > but my feeling is that the impact and severity of this specific > command makes this an acceptable occasion for such a change. > > I'm looking for feedback about this change. My working assumption > is that "clear bgp neighbor" is a sufficiently rare command and > would not be used in automation/scripts, so the impact of making > the neighbor/all argument mandatory would be minimal. Is this > assumption accurate? > > Thanks, > Phil > > [I've set reply-to to myself to avoid impacting the list] > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp signature.asc Description: This is a digitally signed message part ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
yeah, i'm not slagging. just seems like poor training for newbie noc engineers or something. this is a pretty rookie error, in my view, but i've been around almost as long as you have ;-) On Wed, Feb 26, 2014 at 1:44 PM, Phil Shafer wrote: > ryanL writes: > >it's a nice-to-have, maybe? but this sounds more like an opportunity for > >you to sell some JNCIA courses. i mean, how long has junos been around > now? > > Not selling anything; just trying to solve a problem multiple > customers have reported and escalated. I'm a software developer, > working on the UI code (CLI, MGD, configuration, XML API, scripting) > for 17+ years. > > JUNOS 3.0 (the first release with the ui code) shipped during the > summer of 1998, IIRC. > > Thanks, > Phil > > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
+1 to include the “all” option. In fact, coming from the IOS world, it amused me when I discovered that there was no “*” or “all” option to clear all neighbors. El 26/02/2014, a las 20:24, Eric Van Tol escribió: >> it's a nice-to-have, maybe? but this sounds more like an opportunity for >> you to sell some JNCIA courses. i mean, how long has junos been around >> now? > > Confusing comment, since this enhancement isn't about CLI inexperience. It > doesn't matter how long Junos has been around or how experienced someone is, > it's still too incredibly easy to hit 'Enter' too soon and clear all your BGP > neighbors by accident. > > I don't see a problem with adding the requirement 'all'. > > -evt > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
Phil, I think what you propose sounds like a reasonable and appropriately-scoped response to a real problem. Brent Sweeny Indiana University On 2/26/2014 7:36 AM, Phil Shafer wrote: > Juniper users, > > We've been asked to make a change the "clear bgp neighbor" command > to make the neighbor or "all" argument mandatory. The root cause > is the severe impact of "clear bgp neighbor" and the increasing > accidental use of this command without a specific neighbor. > > In general, we avoid changing commands to add mandatory arguments, > but my feeling is that the impact and severity of this specific > command makes this an acceptable occasion for such a change. > > I'm looking for feedback about this change. My working assumption > is that "clear bgp neighbor" is a sufficiently rare command and > would not be used in automation/scripts, so the impact of making > the neighbor/all argument mandatory would be minimal. Is this > assumption accurate? > > Thanks, > Phil > > [I've set reply-to to myself to avoid impacting the list] > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
> it's a nice-to-have, maybe? but this sounds more like an opportunity for > you to sell some JNCIA courses. i mean, how long has junos been around > now? Confusing comment, since this enhancement isn't about CLI inexperience. It doesn't matter how long Junos has been around or how experienced someone is, it's still too incredibly easy to hit 'Enter' too soon and clear all your BGP neighbors by accident. I don't see a problem with adding the requirement 'all'. -evt ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
Just add a line "Reset all bgp sessions? [Y/N]" for confirmation. On Wed, Feb 26, 2014 at 1:24 PM, Eric Van Tol wrote: > > it's a nice-to-have, maybe? but this sounds more like an opportunity for > > you to sell some JNCIA courses. i mean, how long has junos been around > > now? > > Confusing comment, since this enhancement isn't about CLI inexperience. > It doesn't matter how long Junos has been around or how experienced > someone is, it's still too incredibly easy to hit 'Enter' too soon and > clear all your BGP neighbors by accident. > > I don't see a problem with adding the requirement 'all'. > > -evt > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
ryanL writes: >it's a nice-to-have, maybe? but this sounds more like an opportunity for >you to sell some JNCIA courses. i mean, how long has junos been around now? Not selling anything; just trying to solve a problem multiple customers have reported and escalated. I'm a software developer, working on the UI code (CLI, MGD, configuration, XML API, scripting) for 17+ years. JUNOS 3.0 (the first release with the ui code) shipped during the summer of 1998, IIRC. Thanks, Phil ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
it's a nice-to-have, maybe? but this sounds more like an opportunity for you to sell some JNCIA courses. i mean, how long has junos been around now? On Wed, Feb 26, 2014 at 10:36 AM, Phil Shafer wrote: > Juniper users, > > We've been asked to make a change the "clear bgp neighbor" command > to make the neighbor or "all" argument mandatory. The root cause > is the severe impact of "clear bgp neighbor" and the increasing > accidental use of this command without a specific neighbor. > > In general, we avoid changing commands to add mandatory arguments, > but my feeling is that the impact and severity of this specific > command makes this an acceptable occasion for such a change. > > I'm looking for feedback about this change. My working assumption > is that "clear bgp neighbor" is a sufficiently rare command and > would not be used in automation/scripts, so the impact of making > the neighbor/all argument mandatory would be minimal. Is this > assumption accurate? > > Thanks, > Phil > > [I've set reply-to to myself to avoid impacting the list] > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
Jerzy Pawlus writes: > 1. Would it be possible to "clear bgp neighbor" command do nothing? > after applying above change. We could have it say something like "Oh no you didn't!", but I'd rather use the CLI completion to get users to see that something more is needed. > 2. You can add an option under "protocol bgp" allowing to choose > the syntax of the "clear bgp neighbor" command Sure, but I'm trying to avoid the scenario when the user has to turn on a config knob to get us to do the obviously right thing. Thanks, Phil ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] proposed changes to "clear bgp neighbor"
Hi, > > We've been asked to make a change the "clear bgp neighbor" command > to make the neighbor or "all" argument mandatory. The root cause > is the severe impact of "clear bgp neighbor" and the increasing > accidental use of this command without a specific neighbor. > 1. Would it be possible to "clear bgp neighbor" command do nothing? after applying above change. 2. You can add an option under "protocol bgp" allowing to choose the syntax of the "clear bgp neighbor" command Kind regards, Jurek ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] proposed changes to "clear bgp neighbor"
Juniper users, We've been asked to make a change the "clear bgp neighbor" command to make the neighbor or "all" argument mandatory. The root cause is the severe impact of "clear bgp neighbor" and the increasing accidental use of this command without a specific neighbor. In general, we avoid changing commands to add mandatory arguments, but my feeling is that the impact and severity of this specific command makes this an acceptable occasion for such a change. I'm looking for feedback about this change. My working assumption is that "clear bgp neighbor" is a sufficiently rare command and would not be used in automation/scripts, so the impact of making the neighbor/all argument mandatory would be minimal. Is this assumption accurate? Thanks, Phil [I've set reply-to to myself to avoid impacting the list] ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Anybody have MX80 tip program for reverse telnet?
Does anybody have an MX80 (ppc) tip program - useful for reverse telnet? It has existed for other architectures for quite a while now, e.g. an MX480 running 10.4 (not exactly the newest, I know) has % ls -l /usr/bin/tip /packages/mnt/jbase/usr/bin/tip -r-xr-xr-x 1 root wheel 53316 Jun 14 2011 /packages/mnt/jbase/usr/bin/tip lrwxr-xr-x 1 root wheel 31 Jun 19 2011 /usr/bin/tip -> /packages/mnt/jbase/usr/bin/tip Any other good alternatives for MX80 reverse telnet? Steinar Haug, Nethelp consulting, sth...@nethelp.no ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
