Re: [j-nsp] remote ssh command to an EX series switch

2010-09-07 Thread Laurent HENRY 
Le Monday 06 September 2010 17:32:43 Jens Rosenboom, vous avez écrit :
 On Mon, Sep 06, 2010 at 04:04:33PM +0200, Laurent HENRY wrote:
 ...

  Is someone know a good doc pointer helping me how to configure ssh keys
  to launch remote command from or to an EX ?

 You can attach your public key to the user account on the EX:

 user xy {
 authentication {
 ssh-rsa ssh-rsa AA...==;
 }
 }

 Note the double ssh-rsa, once for the key type, the second as part of the
 public key string itself.

That's it !
thank you very much !

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] remote ssh command to an EX series switch

2010-09-06 Thread Laurent HENRY 
Hello all,

 I am willing to obtain the output of a simple command (show arp) remotely 
from my linux host to a EX switch.

i can use
%ssh netad...@router1 'show arp'  from my desktop
Obviously, i need to deal with ssh public keys.

I tried this to from switch to desktop too
%echo show arp | /usr/sbin/cli  j.txt; scp j.txt 
x...@192.168.0.152:/home/x/j.txt
with a similar issue.

Is someone know a good doc pointer helping me how to configure ssh keys to 
launch remote command from or to an EX ?

Tank you

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] remote ssh command to an EX series switch

2010-09-06 Thread Laurent HENRY 
Hi Jérome, 

the basic is grab the output of a show arp remotely via a crontab.

For the IP resolution, i used  show arp no-resolve, interactively the result 
comes instantly.


Le Monday 06 September 2010 17:14:14 Jérôme Fleury, vous avez écrit :
 Hi Laurent,

 and what is the issue exactly ?

 You don't strictly need a ssh key on the switch for it to work.

 Also please note that this command can take a long time to achieve if
 your resolver on the switch does not work. The switch tries to resolve
 each IP address on the list.

 Regards,

 Jerome.

 On Mon, Sep 6, 2010 at 16:04, Laurent HENRY laurent.he...@ehess.fr wrote:
  Hello all,
 
      I am willing to obtain the output of a simple command (show arp)
  remotely from my linux host to a EX switch.
 
  i can use
  %ssh netad...@router1 'show arp'  from my desktop
  Obviously, i need to deal with ssh public keys.
 
  I tried this to from switch to desktop too
  %echo show arp | /usr/sbin/cli  j.txt; scp j.txt
  x...@192.168.0.152:/home/x/j.txt
  with a similar issue.
 
  Is someone know a good doc pointer helping me how to configure ssh keys
  to launch remote command from or to an EX ?
 
  Tank you
 
  ___
  juniper-nsp mailing list juniper-nsp@puck.nether.net
  https://puck.nether.net/mailman/listinfo/juniper-nsp



-- 
Laurent HENRY
Administrateur Systèmes  Réseaux
Responsable du CRI/RSSI
EHESS - CRI
54 Bd Raspail
75006 Paris
Secrétariat du CRI: 01 49 54 23 08
Tel: 01 49 54 23 61

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] EX 4200 stability with BGP and OSPF redistribution ?

2010-06-22 Thread Laurent HENRY 

Thank you !
No weird bugs encountered ?


Le Monday 21 Ju4ne 2010 23:25:13 Dan Farrell, vous avez écrit :
 We leverage the EX3200 and 4200's extensively in our network, for edge,
 core, and access.

 As far as edge (ISP connectivity) we use EX3200's in pairs- each EX3200 has
 a separate peer session to each upstream provider, providing redundancy
 (high-availability) without merging the two units as one logical unit. This
 makes zero-downtime maintenance easier at your edge, as upgrading a stacked
 chassis involves rebooting all the devices at once. And they're cheaper
 than their 4200 counterparts.

 I'm elated at the 4200's performance in our core- I think what may be of
 use to you is a comparison to equivalent Cisco gear- in this light we just
 replaced a two-chassis 3750G stack with a two-chassis EX4200 stack (we
 stack them to take advantage of port densities with staggered growth in the
 core), and we are glad we did so.

 The EX series allows 1000 RVI's and 4k VLANS per virtual chassis- the
 Catalyst 3xxx series only actually supports 8 RVI's, and they don't publish
 this (you will find it when configuring the profile of the device). This
 created a problem with 10 OSPF interfaces (and 15 other non-OPSF
 interfaces) on the Cisco. Upon a link-state change on any of the Cisco's
 OSPF-configured interfaces, the CPU would crank up to 100% and the stacked
 device throughput was ground to a crawl (80%+ traffic loss). Changing the
 configuration in the OSPF subsection, elimination of the problem interface
 (flapping or not) from the configuration, or a complete reboot would solve
 the problem- none of which are attractive solutions to a problem we
 shouldn't have been having in the first place.

 Compare this to a two-chassis EX4200-48T stack we have in another part of
 the network- 13 OSPF interfaces and ~845 other non-OSPF RVI's , and the
 stacked device hasn't given us any grief.  They cost us 1/3 less than the
 Cisco solution, and doubled the port density (the Ciscos had 24 and the
 Junipers we got have 48 ports).

 There are platform limitations, like memory, which may cause you to be a
 little more exotic on BGP route selection, but the Catalyst 3750G's have
 even less memory as I recall. Overall they have been extremely good for our
 network, and have caused me to swear off Cisco completely.

 Hope this provides some insight.

 Dan

 -Original Message-
 From: juniper-nsp-boun...@puck.nether.net
 [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Laurent HENRY
 Sent: Monday, June 21, 2010 6:29 AM
 To: juniper-nsp@puck.nether.net
 Subject: [j-nsp] EX 4200 stability with BGP and OSPF redistribution ?

 Hi all,
 I am thinking about using two EX 4200 as redondant border routers
 of my main Internet link.

 In this design, I would then need to use BGP with my ISP and OSPF for
 inside route redistribution.

 Reading the archive, and on my own experience with the product too, i am
 looking for feedbacks about stability of this solution with EX.

 In archives i understood there could have been some huge stability
 problems, am i right ?

 Could things be different with 10.1 JunOS release ?

 Does anyone actually use these features actively with this platform ?


 Regards


 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] EX 4200 stability with BGP and OSPF redistribution ?

2010-06-21 Thread Laurent HENRY 
Hi all,
I am thinking about using two EX 4200 as redondant border routers of 
my main Internet link.

In this design, I would then need to use BGP with my ISP and OSPF for inside 
route redistribution.

Reading the archive, and on my own experience with the product too, i am 
looking for feedbacks about stability of this solution with EX.

In archives i understood there could have been some huge stability problems, 
am i right ?

Could things be different with 10.1 JunOS release ?

Does anyone actually use these features actively with this platform ?


Regards


___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] GRE with EX series

2009-09-03 Thread Laurent HENRY 
Hello,
   While looking in the documentation of Juniper EX switches series, i see 
GRE protocol is insupported.

During some surfing around, i've seen GRE support is in some roadmap for what 
seems to be a long time.

Could we expect something about that shortly ?

Regards.
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp