Re: [j-nsp] AS Path regular expression for Null AS
Hi, Everything in the junos doc works as expected and I have tried a lot of combs, if you are using this procedure to select only local BGP routes do not forget to reject everything else too, because the default accept policy in the junos BGP, not sure if this is the problem. Below a Juniper example that worked fine for me: [edit policy-options] null-as (); policy-statement only-my-routes { term just-my-as { from { protocol bgp; as-path null-as; } then accept; } term nothing-else { then reject; } } protocol { bgp { neighbor 10.2.2.6 { export only-my-routes; } } } On Mon, Jun 21, 2010 at 7:39 PM, Judah Scott judah.scott@gmail.com wrote: Just a guess but try ^ $ to match beginning and end with nothing in between. Or you can match against ^ 1234{0,1} $ which matches the null as or a single occurrence of only AS 1234 (just insert any unused AS). -J Scott On Mon, Jun 21, 2010 at 3:10 PM, Leah Lynch leah.ly...@clearwire.com wrote: I cannot seem to get any of the regular expressions that I know of for null AS to work. I have tried () and * and neither expression returns any results. Does anyone out there have a known working expression for this on M/MX routers? Leah This email may contain confidential and privileged material for the sole use of the intended recipient. Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive for the recipient), please contact the sender by reply email and delete all copies of this message. ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp -- Rio de Janeiro Ciclopata! Coração Brasiliense e Floripano! Twitter: http://www.twitter.com/curupas Orkut: http://www.orkut.com.br/Main#Profile?rl=mpuid=6915582353112941469 Vai Encarar? http://www.vaiencarar.com.br ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] event script: set protocols overload' if more than x SIB is/are failed
Hi Fellows, Have anyone created an event-script that change the router conf based on a SIB failure event? The idea is isolate a router that is still operational considering the routing plane but not so ok considering the forwarding plane (one or more SIB failed). I think that is possible to write some kind of event-script to do that. Someone have implemented something like that and, if possible, share the solution? Best Regards, Ricardo Tavares ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
[j-nsp] LDP/MPLS is mandatory in the route-reflector bgp vpnv4 uplink?
Hi guys, I did some tests using JunOS 9.4 acting as BGP reflector for vpnv4 address-family and found that when I disable LDP in the uplink to the MPLS core the routes sent by this reflector are discarded by the PEs (Cisco or Juniper) but the routes advertised by a Cisco router acting as vpnv4 reflector works fine without LDP. Is this a normal behavior? If yes someone can explain the process? If yes maybe there is a knob to control this? Best Regards, Ricardo Tavares ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] CoA script
Hi Diogo, Maybe if u try this url: http://www.juniper.net/techpubs/en_US/src3.0/topics/example/simple/sae-devices-coa-sample.html and https://download.juniper.net/software/sdx/src-pe-3.0.0/SDK+AppSupport+Demos+Samples.tar.gz Regars, Ricardo. On Fri, Dec 12, 2008 at 11:51 AM, Diogo Montagner diogo.montag...@gmail.com wrote: Hey guys I'm looking for a script to send a CoA to a radius server. Do you know where I can get one ? I found some discussion about radsqlkill.pl but I couldn't found this script for download. I would like to save time in write one ;-) Thanks in advance! ./diogo -montagner ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp -- __ Vai Encarar? http://www.vaiencarar.com.br ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] juniper mpls mtu
Hi! Old topic: http://puck.nether.net/pipermail/juniper-nsp/2007-June/008349.html On Tue, Dec 2, 2008 at 6:05 PM, Andreas Friedrich [EMAIL PROTECTED] wrote: That sounds as we have interpreted it. But it does not seam to work for us. We have following setup CPE - PE (E-Series) - P (Cisco CRS-1) We send from the CPE ipv4 ping with 1500 byte DF set We get at the PE 2 labels on top. Only difference for E-Series is 18 bytes for Ethernet. PE int to P config: mtu 1534 ip mtu 1500 Calculation: 1534 - Ethernet header 18 byte - 4 byte .1q - 12 byte labels = 1500 We use only 2 labels. If we configure mtu 1542 it works. If I calculate back I get 1500IP packet 4 .1q 8 2 MPLS labels 18 Ethernet -- 1530 byte used So I need to configure 12 byte more. And that sounds for the 12 byte (3 labels). What do you think? Thanks, Andreas Am 02.12.2008 um 20:47 schrieb Cyn D.: Juniper default physical layer MTU 1514, family inet (IP) MTU 1500, family MPLS 1488 (=1514-14-3X4) counted most tags possible (3). To pass big IP packet (1460+20+20), make MPLS MTU 1500, therefore interface physical MTU is set to 1500+3x4+14=1526. this also makes family inet mtu=1526-14=1512. C. - Original Message - From: Andreas Friedrich [EMAIL PROTECTED] To: Phil Bedard [EMAIL PROTECTED] Cc: juniper-nsp@puck.nether.net Sent: Tuesday, December 02, 2008 2:04 PM Subject: Re: [j-nsp] juniper mpls mtu One more question regarding this MPLS MTU. Are the 12 byte (3 labels) reserved by Juniper for there purpose and I have to calculate my labels additional? So is MPLS MTU than 1512 if I want to use also 3 labels? Thanks, Andreas Am 04.06.2008 um 01:54 schrieb Phil Bedard: I think with most of the forwarding engines, the maximum number of labels that can be pushed at one time is 3, hence the 12 bytes. Phil On Jun 3, 2008, at 9:15 AM, cp wrote: I hoping someone can provide insight into why by default juniper calculates mpls mtu at 12 bytes less than the ip mtu? I've been testing using l3vpn and it seems that mpls mtu pads 8 bytes to its mpls mtu reducing the ip mtu the inside packet by 8 bytes. Quick example. So if mpls mtu is 1508 the ip mtu of the packet inside is 1500. That means the ip mtu of the mpls interface is 1520. The only reason I can see additional bytes needed on top of the l3vpn two is for fast reroute bypass. I assume it's for the safety factor although I am probably missing something. Any information is appreciated. -Chip ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp Andreas Friedrich Network Engineer COLT Telecom GmbH Herriotstr. 4 60528 Frankfurt Tel: + 49 (0)69 56606 6005Internal: 8 491 6005 Fax: + 49 (0)69 56606 6350 Email: [EMAIL PROTECTED] www.colt.net Data | Voice | Managed Services Schütze Deine Umwelt | Erst denken, dann drucken * COLT Telecom GmbH, Herriotstraße 4, 60528 Frankfurt/Main, Deutschland • Tel +49 (0)69 56606 0 • Fax +49 (0)69 56606 • Geschäftsführer: Albertus Marinus Oosterom (Vors.), Rita Thies • Amtsgericht Frankfurt/Main HRB 46123 • USt.-IdNr. DE 197 498 400 ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp Andreas Friedrich Network Engineer COLT Telecom GmbH Herriotstr. 4 60528 Frankfurt Tel: + 49 (0)69 56606 6005Internal: 8 491 6005 Fax: + 49 (0)69 56606 6350 Email: [EMAIL PROTECTED] www.colt.net Data | Voice | Managed Services Schütze Deine Umwelt | Erst denken, dann drucken * COLT Telecom GmbH, Herriotstraße 4, 60528 Frankfurt/Main, Deutschland • Tel +49 (0)69 56606 0 • Fax +49 (0)69 56606 • Geschäftsführer: Albertus Marinus Oosterom (Vors.), Rita Thies • Amtsgericht Frankfurt/Main HRB 46123 • USt.-IdNr. DE 197 498 400 ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp -- __ Vai Encarar? http://www.vaiencarar.com.br ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Traffic Logging
Try something like: = set system syslog file Special-Events daemon info set system syslog file Special-Events match (.*EVENT UpDown.*-.*)|(.*bgp.*)|(.*LDP.*)|(.*OSPF.*); = so you can do: show log Special-Events or monitor start Special-Events Regards, Ricardo On Mon, Dec 1, 2008 at 8:46 PM, a. rahman isnaini rst / netsoft [EMAIL PROTECTED] wrote: Hi, To generate log like cisco sh logging using access-list, i have configured : - FirewallFamily InetFilter logMatch all then log - InterfaceUnit x Family Inet input filter log - SystemServicesSyslogall facilities [any] All I've seen by show log messages is just simply standard log (somebody is login, etc..). And as well, show firewall log, it match the log but only shows Point to Point session. Any simple way to have log such cisco did ? please kindly advice. rgs a. r.isnaini rangkayo sutan ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp -- __ Vai Encarar? http://www.vaiencarar.com.br ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
Re: [j-nsp] Strange RX issue w/ GE PIC
Have you tried the show interfaces diagnostics optics to check the power levels? Regards. Ricardo. On Mon, Aug 25, 2008 at 12:05 PM, Eric Van Tol [EMAIL PROTECTED] wrote: Hi all, I'm experiencing a strange RX issue on a link and I need some more ideas on where to look. Two routers, an M7i and M20, are connected back-to-back, sort-of (there's optical gear between them, obviously), over a WDM link. Ping tests work perfectly from one to the other, using various packet sizes. When enabling traffic from the M7i to the M20 by lowering an OSPF metric, the link works fine. When enabling traffic in the opposite direction, M20 to M7i, I begin to get massive input errors on the M20 GE PIC. I see no errors at all on the M7i side, ever. Errors only start to accrue when traffic reaches a certain as-yet-undetermined level, when bi-directional traffic is enabled. Done so far: - Cleaned every connector in the path. - Replaced both patch cables at either end of the link. - Installed intermediary switch to rule out PIC/SFP problems. - Failed over to redundant light path to rule out primary path problems. In what situation would one see input errors accrue on one side, but only when bi-directional traffic is enabled? Thanks, evt ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp -- __ Vai Encarar? http://www.vaiencarar.com.br ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp