[j-nsp] SSG350 Link Shifting

[sameer mughal]

Dear All,

I have two ISP's on my SSG350M firewall, i want to shift my one ISP link to
other in case of one iSP link failure. But physical interface in my SSG
will never down due to it is connected thru ethernet and ISP connected thru
fiber.
Can anyone please suggest me solution?
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] ACX5048 - 40 gbps ER 40 km optic

[Josh Reynolds]

Wrap it around a pencil a few times

On Oct 5, 2017 8:34 AM, "Chuck Anderson"  wrote:

> Insert a 3dB or 7dB attenuator pad for lab testing.  In a pinch (no pun
> intended) you can take a fiber jumper and bend it tightly into a loop (like
> 1/4" diameter) to attenuate the signal, but I would use a disposable jumper
> for that.  Use a twist tie or similar to hold it in the tight loop.
> Monitor the receive power level while adjusting the tightness of the loop
> until it is lower than -5 dBm but higher than -20 dBm.
>
> On Wed, Oct 04, 2017 at 07:04:05PM -0500, Aaron Gould wrote:
> > Well, when the transport eng I work with found out that I had these two
> 40km optics connected with a 3’ jumper he ran into the lab to disconnect
> it…. So that’s probably why you see no light right now…. Lemme get back
> into the office Monday and we will go from there… yeah, as I mentioned I’m
> working with my Juniper account SE on this, so he may update support matrix
> if he discovers they are good…. I dunno.
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] ACX5048 - 40 gbps ER 40 km optic

[Gustavo Santos]

Here in Brazil where everything costs a lot more than US because of taxes,
about U$2485 per module.

2017-10-09 23:53 GMT-03:00 Colton Conor :

> How much do those cost? We have used many of the 10KM optics in out
> ACX5048, but never the 40KM due to cost. It seems much cheaper to use 4
> colored SFP+'s?
>
> On Mon, Oct 9, 2017 at 8:16 AM, Gustavo Santos 
> wrote:
>
>> Hi,
>>
>> It's an ER4 , LR4 is just the label precision coded for compatibility.
>> The module part name is PRE-QSFP-ER4
>>
>> 2017-10-04 19:57 GMT-03:00 Aaron Gould :
>>
>> > Hey that’s good to know Gustavo… but LR4 , is that shorter than 40 km ?
>> >
>> >
>> >
>> > -Aaron
>> >
>> >
>> >
>> ___
>> juniper-nsp mailing list juniper-nsp@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>>
>
>
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] *humor*. MX480 sound card options

[Phil Shafer]

Matthew Crocker writes:
>/usr/sbin/alsactl: save_state:1590: No soundcards found...

That's only needed for screaming protocols.

Thanks,
 Phil
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] *humor*. MX480 sound card options

[Chuck Anderson]

On Mon, Oct 09, 2017 at 11:34:52PM +, Matthew Crocker wrote:
> 
> 
> I’m performing an upgrade on my MX480 NG-REs and I see this scroll through 
> the console:
> 
> ALSA: Storing mixer settings...
> /usr/sbin/alsactl: save_state:1590: No soundcards found...
> 
> 
> So, the question is, what sound card options can I get on my MX480?  Is there 
> a 3D sound option for ‘SonicIP’?

Try a USB sound card and let us know how it goes :-)
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] layer 2 sp services

[adamv0025]

> Aaron Gould [mailto:aar...@gvtc.com]
> Sent: Monday, October 09, 2017 6:58 PM
> 
> Alexander, Adam, et al,
> 
> Do y'all know if I can test evpn in logical systems ?  I have read it's
not
> possible... but want to know if anyone has ever made it work.
> 
Hey Aaron,

Sorry haven't played with EVPN in logical systems. 
Logical systems are trouble, 

What I'm using in concepts testing are simulated backbones, you just need to
get the same code you're using in production or intend to use for the new
rollout.
What is excellent about this is that you can simulate complete backbones
with this NFV approach (no approximations or abbreviations). 
You don't have to have WANDL or SPIRENT/IXIA "simulating" parts of your
backbone for what if simulations you can have the real thing (well virtual
but with all its complexity). 
When using the same version of code the control plane is the same so
whatever happens in the virtual lab would happen in production network.
You can connect the virtual lab to your standard OSS/BSS systems to get the
complete view -or test new ones (e.g. test SDN controllers, etc..).
And the best thing about this is that you can have multiple copies,
(streamlining the migration procedures from old setup to new setup on one
copy, developing new product on other copy)

But of course for the performance (Data-Plane) and scalability
(Control-Plane constrained by HW) testing you still have to test on the
exact same equipment as there is in production. 


adam



___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] LDP VPLS - Multi-homing

[Youssef Bengelloun-Zahr]

Dear Aaron,

I can't relate for MX product-line and LSYS interactions.

Regarding SRX product-line and LSYS, it's mostly some functionnalities not
being handled well by the firewall at the LSYS level. In the end, I know it
forced my hosting colleagues to resort to some nasty workarounds that
became cumbersome and painful over time. So, in th end, less (if not !?!)
operationnel gain and a complexified debug process.

Regarding Logical DOM, it's is going to replace the LSYS functionnality.
Juniper is going to move trade off ressources / process separation for
scalabilty... Meaning, hardware and software ressources will not be
segregated anymore. Instead, you will be able to use create much more
logical DOM instances.

Juniper is just going to align with what other vendors are doing out there.

I hope this answers your questions.

Best regards.



2017-10-10 14:13 GMT+02:00 Aaron Gould :

> Thanks Youssef, yes sir, you may advise me anytime :)
>
> I currently use lsys in lab for testing and is a nice way of having lots
> of separate routers in one MX104
>
> We (my coworkers and I) have thought that when we rollout a new ring of
> MX960's, that maybe it would be good to try to put the PE functions of an
> MX960 into a lsys.  What are the limitations with that?
>
> What is logical DOM ?  Is this another way of saying "Junos Node Slicing"
> or is logical DOM something altogether different than slicing ?
>
> -Aaron
>
>
>
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] LDP VPLS - Multi-homing

[Aaron Gould]

Thanks Youssef, yes sir, you may advise me anytime :)

I currently use lsys in lab for testing and is a nice way of having lots of 
separate routers in one MX104

We (my coworkers and I) have thought that when we rollout a new ring of 
MX960's, that maybe it would be good to try to put the PE functions of an MX960 
into a lsys.  What are the limitations with that?

What is logical DOM ?  Is this another way of saying "Junos Node Slicing" or is 
logical DOM something altogether different than slicing ?

-Aaron


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] LDP VPLS - Multi-homing

[Aaron Gould]

Thanks Alexander.  I was just now updating GNS3 for just that.  I have used
GNS3 in the past for IOS, XRv, vMX, and olive.  Do I need GNS3 or can I do
it only with VMware, etc as you've stated.

-Aaron



___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] LDP VPLS - Multi-homing

[Aaron Gould]

Thanks James.

As a side note, seems incredible that bgp is actually used for advertising
mac address for a bridging function.  Who would have ever known 20 years ago
that we would be here.  

- Aaron



___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] LDP VPLS - Multi-homing

[Alexander Marhold]

Regarding EVPN testing
Why not taking some vMXes in an VMware or KVM environment, or even vQFX10k
All those are able to do EVPN L2 and L3 and with active/active multihoming

I do it since more than a year using different vMX versions

Regards

Alexander Marhold


-Ursprüngliche Nachricht-
Von: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] Im Auftrag von
James Bensley
Gesendet: Dienstag, 10. Oktober 2017 09:20
An: juniper-nsp
Betreff: Re: [j-nsp] LDP VPLS - Multi-homing

On 10 October 2017 at 01:45, Aaron Gould  wrote:
> Ah, I see what you are asking.  I don't know, perhaps someone on list 
> knows the particulars.
>
> About the multiple active fwd'ing paths for mhome'd pe-ce... I think 
> someone told me that is a benefit that evpn brings to the table... but 
> I heard it has something to do with per-vlan load sharing across those 
> active/active mhomed sites.
>
> Don't know yet, since I'm just diving into evpn, and am already 
> discouraged that I read that evpn isn't supported in lsys, ... lsys is 
> the basis for all my lab testing.  Oh well, perhaps I'll pull a 
> another acx5048 from the warehouse and give it a whirl

If you want to practice with EVPN in a non-Juniper environment I think it
works on the Cumulus Linux free/demo VM and probably some others like Cisco
xrv9k I believe, maybe the latest vMX supports it too?

Yeah EVPN has control-plane level MAC learning; from a high level imagine it
like a typical layer 3 VPN with IP prefixes being sent in BGP UPDATES just
that MACs are sent instead.

Cheers,
James.
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] LDP VPLS - Multi-homing

[James Bensley]

On 10 October 2017 at 01:45, Aaron Gould  wrote:
> Ah, I see what you are asking.  I don't know, perhaps someone on list knows
> the particulars.
>
> About the multiple active fwd'ing paths for mhome'd pe-ce... I think someone
> told me that is a benefit that evpn brings to the table... but I heard it
> has something to do with per-vlan load sharing across those active/active
> mhomed sites.
>
> Don't know yet, since I'm just diving into evpn, and am already discouraged
> that I read that evpn isn't supported in lsys, ... lsys is the basis for all
> my lab testing.  Oh well, perhaps I'll pull a another acx5048 from the
> warehouse and give it a whirl

If you want to practice with EVPN in a non-Juniper environment I think
it works on the Cumulus Linux free/demo VM and probably some others
like Cisco xrv9k I believe, maybe the latest vMX supports it too?

Yeah EVPN has control-plane level MAC learning; from a high level
imagine it like a typical layer 3 VPN with IP prefixes being sent in
BGP UPDATES just that MACs are sent instead.

Cheers,
James.
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] LDP VPLS - Multi-homing

[Youssef Bengelloun-Zahr]

Hello Aaron,

If I may, I would advice you to drop LSYS for two reasons :

1/ on a practical level, it's more constraints and limitations than it sounds 
on the paper. After 5 years of running it into production, we have phased it 
out two weeks ago.

2/ it is dying and replacement feature (logical DOM) is planned for 2018 
according to my SE. So, no more developments planned.

My 2 cents.



> Le 10 oct. 2017 à 02:45, Aaron Gould  a écrit :
> 
> Ah, I see what you are asking.  I don't know, perhaps someone on list knows
> the particulars.
> 
> About the multiple active fwd'ing paths for mhome'd pe-ce... I think someone
> told me that is a benefit that evpn brings to the table... but I heard it
> has something to do with per-vlan load sharing across those active/active
> mhomed sites.
> 
> Don't know yet, since I'm just diving into evpn, and am already discouraged
> that I read that evpn isn't supported in lsys, ... lsys is the basis for all
> my lab testing.  Oh well, perhaps I'll pull a another acx5048 from the
> warehouse and give it a whirl 
> 
> -Aaron
> 
> 
> ___
> juniper-nsp mailing list juniper-nsp@puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp