Re: [j-nsp] Juniper 10G Switch Options
On 4/Jun/15 15:49, Giuliano (WZTECH) wrote: I think the better option is to use ACX5048 Same qfx hardware with a different software It will support vpls and evpn But I think you will need license for 10G interfaces and L3vpn Broadcom chipset, however. So look out and test for any features that would normally work on a Juniper-designed ASIC. Mark. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper 10G Switch Options
+1 for the EX 4600 or QFX 5100. For aggregation a 4600 should do the trick. On Jun 4, 2015, at 9:19 AM, Colton Conor colton.co...@gmail.com wrote: We need a Juniper switch with at least 24 built in SFP+ ports. Looks like Juniper has a ton of options including the EX4500, EX4550, EX4600, and the QFX line which I don't know much about. This switch will be for aggregation purposes for an access network that has GPON OLT's with 10G uplinks on them. What do you recommend? Which has the latest hardware? Which is the most cost effective? Any limitations to be aware of? ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Multiple policers for interface/units
On 2 June 2015 at 21:15, Chris Adams c...@cmadams.net wrote:
I have used policers on units to limit the traffic for a particular
VLAN, but now I have a need to limit the total traffic on an interface.
I have a gigE link that is telco-limited to 500Mbps (but I need to
police the link so I don't put more than 500M in), with several VLANs
that each need to have their own rate.
I haven't done that before; what's the best way to do that?
This is on an MX960.
--
Chris Adams c...@cmadams.net
Hi Chris,
I've done aggregate policing before although not hierarchical, but I'll
have a go at suggesting what might work.
The aggregate policing can be achieved with a firewall filter and policer
combo and under the policer you need 'physical-interface-policer'. This
needs to be applied to all IFL's.
Then I think you can police each IFL with the 'policer' command. The output
policers should be evaluated after the firewall filters so in theory it
should work.
I haven't tested it but would be interested to know if you get it to work.
Config would look something like:
firewall {
family inet {
filter AGG_POLICE_500M {
physical-interface-filter;
term POLICE {
then {
policer POLICER_AGG_500M;
}
}
}
}
policer POLICER_AGG_500M {
physical-interface-policer;
if-exceeding {
bandwidth-limit 500m;
burst-size-limit 312500;
}
then discard;
}
policer POLICER_100M {
if-exceeding {
bandwidth-limit 100m;
burst-size-limit 62500;
}
then discard;
}
}
interfaces {
ge-0/0/0 {
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
unit 100 {
vlan-id 100;
family inet {
filter {
output AGG_POLICE_500M;
}
policer {
output POLICER_100M;
}
}
}
unit 200 {
vlan-id 200;
family inet {
filter {
output AGG_POLICE_500M;
}
policer {
output POLICER_100M;
}
}
}
}
}
Cheers,
Dan
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper 10G Switch Options
I think the better option is to use ACX5048 Same qfx hardware with a different software It will support vpls and evpn But I think you will need license for 10G interfaces and L3vpn Sent from my iPhone On Jun 4, 2015, at 10:38, Tim Jackson jackson@gmail.com wrote: It should support EVPN shortly. On Thu, Jun 4, 2015, 6:38 AM Joe Freeman j...@netbyjoe.com wrote: Keep in mind the QFX5100 doesn't support evpn or vpls. To do vpls right now, we're having to l2vpn back to an MX tunnel interface and stitch into a bridge domain. It's not pretty but so far it has worked. We've got our fingers crossed that evpn is coming soon. Also, the 5100's apparently aren't using ASICs, or at least aren't using an ASIC on the interfaces that will support flexible-ethernet-services. What this means is that I can't L2 switch a customer on the same QFX interface that I'm either A) Terminating another customer at L3 (l3 vpn for example), or B) Doing a vlan-ccc/l2circuit/l2vpn connection on. This means there are some use cases (p2p ethernet circuits between olt's in the same CO for instance) that may require more than 1 port between the QFX and the olt. Joe On Thu, Jun 4, 2015 at 8:26 AM, Tim Jackson jackson@gmail.com wrote: I'd recommend QFX5100 or EX4600. Same hardware inside for both. Beware that there are a few issues with DHCP and DHCPv6 pass through on them, but that seems to be resolved now. On Jun 4, 2015 6:22 AM, Colton Conor colton.co...@gmail.com wrote: We need a Juniper switch with at least 24 built in SFP+ ports. Looks like Juniper has a ton of options including the EX4500, EX4550, EX4600, and the QFX line which I don't know much about. This switch will be for aggregation purposes for an access network that has GPON OLT's with 10G uplinks on them. What do you recommend? Which has the latest hardware? Which is the most cost effective? Any limitations to be aware of? ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper 10G Switch Options
Le 04/06/15 15:19, Colton Conor a écrit : We need a Juniper switch with at least 24 built in SFP+ ports. Looks like Juniper has a ton of options including the EX4500, EX4550, EX4600, and the QFX line which I don't know much about. This switch will be for aggregation purposes for an access network that has GPON OLT's with 10G uplinks on them. What do you recommend? Which has the latest hardware? Which is the most cost effective? Any limitations to be aware of? EX4600/QFX5100 are relatively new switchs, and use newer asics. I can say there were not completly bug free... But the situation is moving fastly and newer release fix a log of bugs. But they have 40G ports and higher density than EX4550. EX4550 in the other hand are not perfect, but stable and less expensive. For aggregation swithes with only 10G ports I will go with EX4550. -- Raphael Mazelier ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] BGP behaviour with Juniper router
Hi,
Here is what i know, and what i've been able to find:
I don't think there is automatic grouping of neighbor in junos, you have
to make the groups by yourself, example:
show configuration protocols bgp
group external-peers {
type external;
export bgp_public_out;
peer-as ...;
neighbor ;
neighbor ;
}
group internal-peers {
type internal;
export ibgp_export;
neighbor ...;
neighbor ...;
neighbor ...;
}
As for the advertisement interval, the junos term seem to be out-delay
and default to 0, but you can set it to the value you like
in each of your group
http://www.juniper.net/techpubs/en_US/junos13.2/topics/reference/configuration-statement/out-delay-edit-protocols-bgp.html
As for the output of a very simple bgp router:
show bgp group
Group Type: External Local AS: 65530
Name: external-peers Index: 1 Flags:
Export: [ bgp_public_out ]
Options: GracefulRestart
Holdtime: 0
Total peers: 2Established: 2
a:b:c:d::1+179
x.y.z.a+179
Trace options: state, normal
Trace file: /var/log/log-bgp size 1048576 files 5
inet.0: 1/1/1/0
inet6.0: 1/1/1/0
Group Type: InternalAS: 65530 Local AS: 65530
Name: internal-peers Index: 0 Flags:
Export: [ ibgp_export ]
Options: GracefulRestart
Holdtime: 0
Total peers: 4Established: 4
e:f:g:h::1+179
w.x.y.z+51904
Trace options: state, normal
Trace file: /var/log/log-bgp size 1048576 files 5
inet.0: 6/17/17/0
inet6.0: 18/24/24/0
Groups: 2 Peers: 6External: 2Internal: 4Down peers: 0
Flaps: 3
Table Tot Paths Act Paths SuppressedHistory Damp State
Pending
inet.0
18 7 0 0
0 0
inet6.0
25 19 0 0
0 0
Le 04/06/2015 08:40, Eng. Bahaa via juniper-nsp a écrit :
Hi Charles,Thanks for your reply.As I explained in my previous e-mail, Cisco
router that run BGP deals with its neighbor as two groups by defaults, one
for external peers with 30 seconds as Minimum time between advertisement and
0 second for internal peers.this an example of the output of the command show
ip bgp update-group :
BGP version 4 update-group 1, external, Address Family: IPv4 Unicast BGP
Update version : 30/0, messages 0, active RGs: 1 Topology: global, highest
version: 30, tail marker: 30 Format state: Current working (OK, last minimum
advertisement interval)Refresh blocked (not in list, last not
in list) Update messages formatted 27, replicated 54, current 0, refresh 0,
limit 1000 Number of NLRIs in the update sent: max 1, min 0 Minimum time
between advertisement runs is 30 seconds Has 2 members: 10.0.0.25
10.0.0.30
What I need is simply output of an equivalent command in Juniper router or
how is the behavior of BGP with Juniper router.
Regards
Bahaa
From: Charles van Niman char...@phukish.com
To: Eng. Bahaa baha...@yahoo.com
Cc: juniper-nsp@puck.nether.net juniper-nsp@puck.nether.net
Sent: Wednesday, June 3, 2015 11:04 PM
Subject: Re: [j-nsp] BGP behaviour with Juniper router
Hello,
Not quite sure what you mean by groups, I usually just refer
to them in cisco-land as types, ibgp/ebgp until I'm actually using
the peer-group neighbor statements. As for the command, you might try
show route receive-protocol bgp neighbor. This is a pretty good
reference: http://networking.ringofsaturn.com/Cisco/ciscojuniper.php
and Juniper has some pretty good documentation as well.
/Charles
On Wed, Jun 3, 2015 at 7:39 AM, Eng. Bahaa via juniper-nsp
juniper-nsp@puck.nether.net wrote:
Hi Guys,I am new with this group and with Juniper products as well.I curious
to know the behaviour of BGP routing with Juniper routers.With Cisco router,
a BGP speaker deals by default with all external peers as one group and with
internal peers as another group.With external peers,it starts a timer of 30
seconds after each announce or forwarded update/updates to other neighbors
while it send it directly with 0 seconds to internal peers (on the same
AS).My question is Juniper routers work in the same behaviour?I really
appreciate if someone has configured BGP in Juniper router and send me the
o/p of show ip bgp update-groups (this a cisco command not really sure how
it looks like in Juniper).
Regards
Bahaa
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list
Re: [j-nsp] BGP behaviour with Juniper router
Hi Charles,Thanks for your reply.As I explained in my previous e-mail, Cisco router that run BGP deals with its neighbor as two groups by defaults, one for external peers with 30 seconds as Minimum time between advertisement and 0 second for internal peers.this an example of the output of the command show ip bgp update-group : BGP version 4 update-group 1, external, Address Family: IPv4 Unicast BGP Update version : 30/0, messages 0, active RGs: 1 Topology: global, highest version: 30, tail marker: 30 Format state: Current working (OK, last minimum advertisement interval) Refresh blocked (not in list, last not in list) Update messages formatted 27, replicated 54, current 0, refresh 0, limit 1000 Number of NLRIs in the update sent: max 1, min 0 Minimum time between advertisement runs is 30 seconds Has 2 members: 10.0.0.25 10.0.0.30 What I need is simply output of an equivalent command in Juniper router or how is the behavior of BGP with Juniper router. Regards Bahaa From: Charles van Niman char...@phukish.com To: Eng. Bahaa baha...@yahoo.com Cc: juniper-nsp@puck.nether.net juniper-nsp@puck.nether.net Sent: Wednesday, June 3, 2015 11:04 PM Subject: Re: [j-nsp] BGP behaviour with Juniper router Hello, Not quite sure what you mean by groups, I usually just refer to them in cisco-land as types, ibgp/ebgp until I'm actually using the peer-group neighbor statements. As for the command, you might try show route receive-protocol bgp neighbor. This is a pretty good reference: http://networking.ringofsaturn.com/Cisco/ciscojuniper.php and Juniper has some pretty good documentation as well. /Charles On Wed, Jun 3, 2015 at 7:39 AM, Eng. Bahaa via juniper-nsp juniper-nsp@puck.nether.net wrote: Hi Guys,I am new with this group and with Juniper products as well.I curious to know the behaviour of BGP routing with Juniper routers.With Cisco router, a BGP speaker deals by default with all external peers as one group and with internal peers as another group.With external peers,it starts a timer of 30 seconds after each announce or forwarded update/updates to other neighbors while it send it directly with 0 seconds to internal peers (on the same AS).My question is Juniper routers work in the same behaviour?I really appreciate if someone has configured BGP in Juniper router and send me the o/p of show ip bgp update-groups (this a cisco command not really sure how it looks like in Juniper). Regards Bahaa ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] Juniper 10G Switch Options
We need a Juniper switch with at least 24 built in SFP+ ports. Looks like Juniper has a ton of options including the EX4500, EX4550, EX4600, and the QFX line which I don't know much about. This switch will be for aggregation purposes for an access network that has GPON OLT's with 10G uplinks on them. What do you recommend? Which has the latest hardware? Which is the most cost effective? Any limitations to be aware of? ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Multiple policers for interface/units
Once upon a time, Arie Vayner ar...@vayner.net said: You should actually shape to 500Mbps and not police your traffic... Shaping adds jitter (feeds the bufferbloat problem). I think this could be a good start: http://www.juniper.net/techpubs/en_US/junose15.1/information-products/topic-collections/qos-configuration/index.html?book-swconfig-qos-configuration.html That's for ERX/JUNOS-E, not MX/JUNOS. -- Chris Adams c...@cmadams.net ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper 10G Switch Options
I'd recommend QFX5100 or EX4600. Same hardware inside for both. Beware that there are a few issues with DHCP and DHCPv6 pass through on them, but that seems to be resolved now. On Jun 4, 2015 6:22 AM, Colton Conor colton.co...@gmail.com wrote: We need a Juniper switch with at least 24 built in SFP+ ports. Looks like Juniper has a ton of options including the EX4500, EX4550, EX4600, and the QFX line which I don't know much about. This switch will be for aggregation purposes for an access network that has GPON OLT's with 10G uplinks on them. What do you recommend? Which has the latest hardware? Which is the most cost effective? Any limitations to be aware of? ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper 10G Switch Options
Keep in mind the QFX5100 doesn't support evpn or vpls. To do vpls right now, we're having to l2vpn back to an MX tunnel interface and stitch into a bridge domain. It's not pretty but so far it has worked. We've got our fingers crossed that evpn is coming soon. Also, the 5100's apparently aren't using ASICs, or at least aren't using an ASIC on the interfaces that will support flexible-ethernet-services. What this means is that I can't L2 switch a customer on the same QFX interface that I'm either A) Terminating another customer at L3 (l3 vpn for example), or B) Doing a vlan-ccc/l2circuit/l2vpn connection on. This means there are some use cases (p2p ethernet circuits between olt's in the same CO for instance) that may require more than 1 port between the QFX and the olt. Joe On Thu, Jun 4, 2015 at 8:26 AM, Tim Jackson jackson@gmail.com wrote: I'd recommend QFX5100 or EX4600. Same hardware inside for both. Beware that there are a few issues with DHCP and DHCPv6 pass through on them, but that seems to be resolved now. On Jun 4, 2015 6:22 AM, Colton Conor colton.co...@gmail.com wrote: We need a Juniper switch with at least 24 built in SFP+ ports. Looks like Juniper has a ton of options including the EX4500, EX4550, EX4600, and the QFX line which I don't know much about. This switch will be for aggregation purposes for an access network that has GPON OLT's with 10G uplinks on them. What do you recommend? Which has the latest hardware? Which is the most cost effective? Any limitations to be aware of? ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Juniper 10G Switch Options
It should support EVPN shortly. On Thu, Jun 4, 2015, 6:38 AM Joe Freeman j...@netbyjoe.com wrote: Keep in mind the QFX5100 doesn't support evpn or vpls. To do vpls right now, we're having to l2vpn back to an MX tunnel interface and stitch into a bridge domain. It's not pretty but so far it has worked. We've got our fingers crossed that evpn is coming soon. Also, the 5100's apparently aren't using ASICs, or at least aren't using an ASIC on the interfaces that will support flexible-ethernet-services. What this means is that I can't L2 switch a customer on the same QFX interface that I'm either A) Terminating another customer at L3 (l3 vpn for example), or B) Doing a vlan-ccc/l2circuit/l2vpn connection on. This means there are some use cases (p2p ethernet circuits between olt's in the same CO for instance) that may require more than 1 port between the QFX and the olt. Joe On Thu, Jun 4, 2015 at 8:26 AM, Tim Jackson jackson@gmail.com wrote: I'd recommend QFX5100 or EX4600. Same hardware inside for both. Beware that there are a few issues with DHCP and DHCPv6 pass through on them, but that seems to be resolved now. On Jun 4, 2015 6:22 AM, Colton Conor colton.co...@gmail.com wrote: We need a Juniper switch with at least 24 built in SFP+ ports. Looks like Juniper has a ton of options including the EX4500, EX4550, EX4600, and the QFX line which I don't know much about. This switch will be for aggregation purposes for an access network that has GPON OLT's with 10G uplinks on them. What do you recommend? Which has the latest hardware? Which is the most cost effective? Any limitations to be aware of? ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
