Re: [j-nsp] Juniper routing and switch lab support required

[Dale Shaw]

Hi Hitesh,

On 25 August 2016 at 13:40, Hitesh Kumar  wrote:
>
> I am struggling for preparing a Juniper lab for Juniper Routing and
> Switching.
>
> I am using juniper vSRX on VMWare workstation. I am not able to practise
> ethernet switching commands. Need support to get the proper ova file for
> pracising it at home.
>
> I am preparing for JNCIP-ENT exam, which essentially require to get
> practise on box. Please guide me for the same. It would be great help if I
> get some material in any form to prepare for the certification.

The only virtual instantiation of a Juniper switching product is the
vQFX10K:

See: https://github.com/Juniper/vqfx10k-vagrant

You'll need to contact your friendly Juniper SE for a copy of the images,
and right now only VirtualBox is supported.

You could also play with a trial of vMX. Be aware that with both vQFX10K
and vMX, the config syntax does differ slightly to, say, EX4200.

Part (all?) of the reason you won't find anything else is that the other
switching platforms are based on Marvell or Broadcom PFEs, and Juniper is
not as free to distribute virtual editions of those technologies.

Your other option is to pick up a 2nd hand EX-series switch or, depending
on how far you want to go with it, use the Ethernet switching capabilities
of SRX branch series (again, these can be picked up cheaply on the 2nd hand
market). If you have a relationship with Juniper, you might be able to
borrow some gear from your SE until you pass the exam.

Cheers,
Dale
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] Juniper routing and switch lab support required

[Hitesh Kumar]

Hi All

I am struggling for preparing a Juniper lab for Juniper Routing and
Switching.

I am using juniper vSRX on VMWare workstation. I am not able to practise
ethernet switching commands. Need support to get the proper ova file for
pracising it at home.

I am preparing for JNCIP-ENT exam, which essentially require to get
practise on box. Please guide me for the same. It would be great help if I
get some material in any form to prepare for the certification.

Thanks in advance

Br-
Hitesh
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] ACX2200 - bandwidth control at subinterfaces

[Alexandre Guimaraes]

Gents, afternoon,


After some research and a talk with my SE about how to control
bandwidth at subinterfaces using ACX2200 Access Routers. I´h reached a point
where we can´t control bandwidth using subinterfaces.

Had someone of you guys, find a way to control that?

Class-of-services only control the interface itself, not the
subinterface.




Alexandre
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] SRX logical system gre tunnel

[Paulhamus, Jon]

Hello group -

Does anyone know how to, or if it's even possible to assign a gre tunnel 
interface such as gr-0/0/0.100 to a logical system?  The SRX5400 takes the 
commands to assign the interface, but it never shows up in the logical system 
after commit.

Any help would be appreciated.

Thanks!
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Limit on the number of BGP communities a route can be tagged with?

[Alexander Arseniev]

Hello,


JUNOS does not have regex backreference, unlike IOS.

My regex matches not the same community N+1 times but ANY standard 
community N+1 times, all unique or all repeating or some unique & some 
repeating.


Thanks

Alex


On 24/08/2016 06:47, Huan Pham wrote:

Hi Alex,

I am pretty sure, you will never see the same community twice (unlike 
AS in AS-PATH). So your regex to match multiple occurrences of a 
community is not necessary.




On Wednesday, August 24, 2016, Alexander Arseniev 
> wrote:


Hello,

JUNOS allows You to use regex with communities


https://www.juniper.net/techpubs/en_US/junos16.1/topics/usage-guidelines/policy-defining-bgp-communities-and-extended-communities-for-use-in-routing-policy-match-conditions.html




So if You want to restrict ANY community value to no more than N
occurences, then

set policy-options community no-more-than-N-only members
"^(.*):(.*){N+1,}$"

- and matching it in the BGP import policy should do the job.

And I never tested it myself...

You may need to construct another regex for extended communities
though.


HTH

Thx

Alex


On 23/08/2016 14:04, James Bensley wrote:

On 23 August 2016 at 13:40, Olivier Benghozi
 wrote:

And about a limitation to 10 communities:
I've seen that on SEOS (Redback/Ericsson OS for SmartEdge
routers) when using "set community" in a route-map. This
is a ridiculous arbitrary limitation, of course.

Hopefully the limitation was only in the CLI, not in the
BGP code itself. So the workaround was to use the
route-map "continue" command like in a BASIC GOTO
structure to add more communities in additional route-map
entries (with set community additive - these are
Cisco-like commands).

Le 23 août 2016 à 14:03, Alexander Arseniev
 a écrit :

In BGP messages, a regular community is encoded in 7
bytes, and extended one in 11 bytes.

Max BGP message size is 4096 bytes - this sets a limit
for regular communities number to about 4K/7=570, and
for extended communities to about 4K/11=360, if You
consider the minimal mandatory information that has to
be there apart from communities.


On 23/08/2016 03:18, Huan Pham wrote:

I remember hitting a limit on a number of
communities (something like 10 or
so) on a platform (can not remember which one from
which vendor). So I
believe that there is a hard limit a platform or
OS can support.

I test this in the lab and found no problem with
tagging 100 communities.

Is there a maximum number of communities that
Junos can tag to a route? If
yes, then what it is?  Thanks.


Hi,

Hopefully not completely hijacking this thread; I'm interested
to know
if there is a way I can limit a peer to a maximum number of
communities?


Cheers,
James.
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp



___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp




___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Limit on the number of BGP communities a route can be tagged with?

[Saku Ytti]

On 24 August 2016 at 08:47, Huan Pham  wrote:

Hey,

> I am pretty sure, you will never see the same community twice (unlike AS in
> AS-PATH). So your regex to match multiple occurrences of a community is not
> necessary.

I agree that this is not something operator should worry about, but
certainly something vendor/developer should worry about.

What would stop me from coding that on the BGP frame?

There has been several BGP parser bugs causing crash of thousands of
routers on the Internet. It would be surprising if there weren't many
still left, with probably budgetary cost of finding one is <10kEUR.

-- 
  ++ytti
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp