[j-nsp] DHCPv6 relay on an M10i

2014-11-25 Thread Tim St. Pierre 
Does anyone have DHCPv6 relay working on an M10i?

I have a number of GPON customers attached to a ge interface via a layer
2 access network.  I want to be able to provide the customer routers
with an IP address, DNS servers, and a delegated prefix that will be
added to the route table as an access route.

V4 DHCP relay works just great, but I can't seem to get it to work with
v6 using more or less the same configuration.  Does anyone else have
this working?

Thanks!

-Tim

-- 
--
Tim St. Pierre
System Operator
Communicate Freely
289 225 1220 x5101
t...@communicatefreely.net
www.communicatefreely.net

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] Protect-re

2014-11-25 Thread Rodrigo 1telecom 
Hi folks... We have some firewall rules to protect our router... But i want to 
know what kind of rules you guys implement to protec re?! And what you sugest 
to use?! 


Enviado via iPhone 
Grupo Connectoway
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] networks aggregation

2014-11-25 Thread Michael Gehrmann 
Hi Edwardo,

EX4200 are limited to virtual-chassis extension by uplink modules only. You 
will also have to maintain a ring topology for you VCP connections a star 
topology is not how virtual-chassis works.

Virtual chassis will certainly make management easier however I think your 
requirements can be met by a pair of fibre switches in your main building  
using virtual-chassis fanning out in a star topology using AE interface uplinks 
to avoid spanning-tree. You can still extend the same vlans out to all 
buildings. I suggest you refer back to the Juniper Virtual-Chassis Best 
Practice Guide if you have any queries on how VC works.

Regards

Michael Gehrmann
Hosting Support Specialist – Networks 
Macquarie Telecom 


-Original Message-
From: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of 
Edwardo Garcia
Sent: Tuesday, 25 November 2014 4:11 PM
To: juniper-nsp
Subject: [j-nsp] networks aggregation

Halo,
repost, original not seem to make list?

Current we have 7 building, with 2 more being built next year.
These all have ex4200 and are link via an Rpi's, via ethernet to central 
building.
Messy, many subnets and cheap design, but now central building need undergo 
renovation in January, so need to fix the messy since  main switch and router 
to be moved to admin building

I am hope to have a central switch where can link remote buildings to, can use 
fibre, in fact prefere fibre, but need to have star configuration,

Assume switch 1 is main.

want to link 1-2 1-3 1-4 1-5... etc and use virtual chasis if possible for one 
big single lan, can this be done like this? I assume use fibre in uplink port 
of remote 4200s to switch one,  if so what recommended to use as switch one 
which will have 6+ fibre link into?  Be good if switch one could also take 
standard ethernet port as well, but not mandatory, we can use exisit 4200 in 
admin build.

thanks you - disclaim is networking and english are not my experience.

___
juniper-nsp mailing list juniper-nsp@puck.nether.net 
https://puck.nether.net/mailman/listinfo/juniper-nsp

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] configuration archival, commit comments

2014-11-25 Thread Phil Shafer 
Mike,
  I'd be very interested in the particulars of your issues.
What sorts of boot-time issues are you seeing?  I'm not sure what
you mean by "leaves the configs visible identical".  Do you have a
PR or support case already open?

FWIW, you might be better off doing the "commit to git" script as
an event script, triggered by the commit event.  As an event script,
it would be done after your commit, in the background.

Thanks,
 Phil


Mike Williams writes:
>I would not use that commit script if I were you, and I wrote it.
>We don't anymore.
>
>On single devices it might be OK but we use a lot of J/SRX clusters and all 
>sort of nastiness occurs when they reboot.
>JUNOS issues a commit during boot, it's easy to blindly accept it in the 
>commit script but it leaves the configs visible identical by actually 
>different between cluster members.
>
>On Monday 10 November 2014 18:46:29 Stefan Cioata wrote:
>> Hello everyone,
>> 
>> The only partial reference to my problem that I found on the net was posted
>> by:
>> 
>> Author Message
>> Mike Williams
>> PostPosted: Thu Mar 20, 2014 1:50 pmPost subject: configuration
>> archival, commit comments
>> 
>> 
>> 
>> Here is my challenge:
>> 
>> a) I use  system archival
>> 
>> stefan@stefan_test_desktop> show configuration system archival
>> configuration {
>> transfer-on-commit;
>> archive-sites {
>> "scp://backup@x.y.z.w:/data/backup/" password
>> "$9$a9JjqTz6ApBGDi.f56/"; ## SECRET-DATA
>> }
>> }
>> 
>> b) the file arrives at the destination with the user striped:
>> 
>> [root@anetlogger backup]# zcat
>> stefan_test_desktop_juniper.conf.gz_20140217_221525 | more
>> ## Last changed: 2014-02-17 22:15:20 PST< *by stefan is
>> missing!!!*
>> version 12.3R2.5;
>> /*
>>  * $Id$
>>  *
>>  * ex4200-defaults.conf  - Default configurations for EX4200
>>  *
>>  * Copyright (c) 2010, Juniper Networks, Inc.
>>  * All rights reserved.
>>  */
>> groups {...
>> 
>> the backup file is different then:
>> 
>> stefan@stefan_test_desktop> show configuration
>> ## Last commit: 2014-11-10 14:40:52 PST by stefan*<---The info is
>> there!!!*
>> 
>> c) I would like  to implement git. That will require at minimum to have the
>> user on the ".gz transferred file.
>> 
>> Any help would be more the apreciated.
>> 
>> Thank you,
>> 
>> Stefan
>> ___
>> juniper-nsp mailing list juniper-nsp@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>-- 
>Mike Williams
>___
>juniper-nsp mailing list juniper-nsp@puck.nether.net
>https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] EX2200 rate limiting/shaping question

2014-11-25 Thread Tim Jackson 
filter-specific means that if you apply multiple terms in the firewall
filter with an action of policer that it aggregates across all of
those in that filter.

term-specific means each term gets its own rate in that filter.

To do what you're after you just do a interface-specific firewall
filter which should cause it to use different counters/policers per
interface that it is applied to.

--
Tim



On Tue, Nov 25, 2014 at 11:10 AM, joe mcguckin  wrote:
> Can someone explain the difference between filter-specific and term-specific? 
> I want to create a filter for rate limiting and apply it to multiple  
> physical ports and have each interface
> rate limited independently, not as an aggregate.
>
> Thanks,
>
> Joe
>
>
>
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] EX2200 rate limiting/shaping question

2014-11-25 Thread joe mcguckin 
Can someone explain the difference between filter-specific and term-specific? I 
want to create a filter for rate limiting and apply it to multiple  physical 
ports and have each interface 
rate limited independently, not as an aggregate.

Thanks,

Joe



___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] configuration archival, commit comments

2014-11-25 Thread Mike Williams 
I would not use that commit script if I were you, and I wrote it.
We don't anymore.

On single devices it might be OK but we use a lot of J/SRX clusters and all 
sort of nastiness occurs when they reboot.
JUNOS issues a commit during boot, it's easy to blindly accept it in the 
commit script but it leaves the configs visible identical by actually 
different between cluster members.

On Monday 10 November 2014 18:46:29 Stefan Cioata wrote:
> Hello everyone,
> 
> The only partial reference to my problem that I found on the net was posted
> by:
> 
> Author Message
> Mike Williams
> PostPosted: Thu Mar 20, 2014 1:50 pmPost subject: configuration
> archival, commit comments
> 
> 
> 
> Here is my challenge:
> 
> a) I use  system archival
> 
> stefan@stefan_test_desktop> show configuration system archival
> configuration {
> transfer-on-commit;
> archive-sites {
> "scp://backup@x.y.z.w:/data/backup/" password
> "$9$a9JjqTz6ApBGDi.f56/"; ## SECRET-DATA
> }
> }
> 
> b) the file arrives at the destination with the user striped:
> 
> [root@anetlogger backup]# zcat
> stefan_test_desktop_juniper.conf.gz_20140217_221525 | more
> ## Last changed: 2014-02-17 22:15:20 PST< *by stefan is
> missing!!!*
> version 12.3R2.5;
> /*
>  * $Id$
>  *
>  * ex4200-defaults.conf  - Default configurations for EX4200
>  *
>  * Copyright (c) 2010, Juniper Networks, Inc.
>  * All rights reserved.
>  */
> groups {...
> 
> the backup file is different then:
> 
> stefan@stefan_test_desktop> show configuration
> ## Last commit: 2014-11-10 14:40:52 PST by stefan*<---The info is
> there!!!*
> 
> c) I would like  to implement git. That will require at minimum to have the
> user on the ".gz transferred file.
> 
> Any help would be more the apreciated.
> 
> Thank you,
> 
> Stefan
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

-- 
Mike Williams
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] chassisd memory Usage on MX

2014-11-25 Thread Joerg Staedele 
Hi there,

i have a MX80 with JunOS 11.4R12 where the chassisd process consumes ~33MB of 
memory. Then I have two MX80 with 12.3R7 where the chassisd consumes 120MB 
(this is nearly 4 times higher than on 11.4).

Is this normal or is there any way to slim it?

Kind regards,
 Joerg


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] networks aggregation

2014-11-25 Thread Edwardo Garcia 
Halo,
repost, original not seem to make list?

Current we have 7 building, with 2 more being built next year.
These all have ex4200 and are link via an Rpi's, via ethernet to
central building.
Messy, many subnets and cheap design, but now central building need
undergo renovation in January, so need to fix the messy since  main
switch and router to be moved to admin building

I am hope to have a central switch where can link remote buildings to,
can use fibre, in fact prefere fibre, but need to have star
configuration,

Assume switch 1 is main.

want to link 1-2 1-3 1-4 1-5... etc and use virtual chasis if possible
for one big single lan, can this be done like this? I assume use fibre
in uplink port of remote 4200s to switch one,  if so what recommended
to use as switch one which will have 6+ fibre link into?  Be good if
switch one could also take standard ethernet port as well, but not
mandatory, we can use exisit 4200 in admin build.

thanks you - disclaim is networking and english are not my experience.

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp