Re: [j-nsp] AS Path regular expression for Null AS

2010-06-21 Thread Ricardo Tavares 
Hi,

Everything in the junos doc works as expected and I have tried a lot
of combs, if you are using this procedure to select only local BGP
routes do not forget to reject everything else too, because the
default accept policy in the junos BGP, not sure if this is the
problem.

Below a Juniper example that worked fine for me:

[edit policy-options]
null-as ();
policy-statement only-my-routes {
term just-my-as {
from {
protocol bgp;
as-path null-as;
}
then accept;
}
term nothing-else {
then reject;
}
}
protocol {
bgp {
neighbor 10.2.2.6 {
export only-my-routes;
}
}
}


On Mon, Jun 21, 2010 at 7:39 PM, Judah Scott judah.scott@gmail.com wrote:
 Just a guess but try ^ $ to match beginning and end with nothing in
 between.  Or you can match against ^ 1234{0,1} $ which matches the
 null as or a single occurrence of only AS 1234 (just insert any unused
 AS).

 -J Scott

 On Mon, Jun 21, 2010 at 3:10 PM, Leah Lynch leah.ly...@clearwire.com wrote:
 I cannot seem to get any of the regular expressions that I know of for null 
 AS to work. I have tried () and * and neither expression returns any 
 results. Does anyone out there have a known working expression for this on 
 M/MX routers?

 Leah


 This email may contain confidential and privileged material for the sole use 
 of the intended recipient. Any review, use, distribution or disclosure by 
 others is strictly prohibited. If you are not the intended recipient (or 
 authorized to receive for the recipient), please contact the sender by reply 
 email and delete all copies of this message.

 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp


 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp




-- 
Rio de Janeiro Ciclopata! Coração Brasiliense e Floripano!
Twitter: http://www.twitter.com/curupas
Orkut: http://www.orkut.com.br/Main#Profile?rl=mpuid=6915582353112941469
Vai Encarar? http://www.vaiencarar.com.br

___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] event script: set protocols overload' if more than x SIB is/are failed

2010-02-24 Thread Ricardo Tavares 
Hi Fellows,

Have anyone created an event-script that change the router conf based
on a SIB failure event?

The idea is isolate a router  that is still operational considering
the routing plane but  not  so ok considering the forwarding plane
(one or more SIB failed).

I think that is possible to write some kind of event-script to do
that. Someone have implemented something like that and, if possible,
share the solution?

Best Regards,
Ricardo Tavares
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] LDP/MPLS is mandatory in the route-reflector bgp vpnv4 uplink?

2009-12-02 Thread Ricardo Tavares 
Hi guys,

I did some tests using JunOS 9.4 acting as BGP reflector for vpnv4
address-family and found that when I disable LDP in the uplink to the MPLS
core the routes sent by this reflector are discarded by the PEs (Cisco or
Juniper) but the routes advertised by a Cisco router acting as vpnv4
reflector works fine without LDP.

 Is this a normal behavior? If yes someone can explain the process? If yes
maybe there is a knob to control this?

Best Regards,

Ricardo Tavares
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] CoA script

2008-12-12 Thread Ricardo Tavares 
Hi Diogo,

Maybe if u try this url:

http://www.juniper.net/techpubs/en_US/src3.0/topics/example/simple/sae-devices-coa-sample.html

and

https://download.juniper.net/software/sdx/src-pe-3.0.0/SDK+AppSupport+Demos+Samples.tar.gz

Regars,
Ricardo.


On Fri, Dec 12, 2008 at 11:51 AM, Diogo Montagner diogo.montag...@gmail.com
 wrote:

 Hey guys

 I'm looking for a script to send a CoA to a radius server. Do you know
 where
 I can get one ?

 I found some discussion about radsqlkill.pl but I couldn't found this
 script
 for download.

 I would like to save time in write one ;-)

 Thanks in advance!

 ./diogo -montagner
 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp




-- 
__
Vai Encarar? http://www.vaiencarar.com.br
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] juniper mpls mtu

2008-12-02 Thread Ricardo Tavares 
Hi!

Old topic:

http://puck.nether.net/pipermail/juniper-nsp/2007-June/008349.html


On Tue, Dec 2, 2008 at 6:05 PM, Andreas Friedrich [EMAIL PROTECTED] wrote:

 That sounds as we have interpreted it. But it does not seam to work for us.
 We have following setup
 CPE - PE (E-Series) - P (Cisco CRS-1)
 We send from the CPE ipv4 ping with 1500 byte DF set
 We get at the PE 2 labels on top. Only difference for E-Series is 18 bytes
 for Ethernet.
 PE int to P config:
 mtu 1534
 ip mtu 1500

 Calculation: 1534 - Ethernet header 18 byte - 4 byte .1q - 12 byte labels =
 1500

 We use only 2 labels.

 If we configure mtu 1542 it works. If I calculate back I get

 1500IP packet
 4   .1q
 8   2 MPLS labels
 18  Ethernet
 --
 1530 byte used

 So I need to configure 12 byte more. And that sounds for the 12 byte (3
 labels).

 What do you think?

 Thanks,
 Andreas


 Am 02.12.2008 um 20:47 schrieb Cyn D.:

  Juniper default physical layer MTU 1514, family inet (IP) MTU 1500, family
 MPLS 1488 (=1514-14-3X4) counted most tags possible (3).

 To pass big IP packet (1460+20+20), make MPLS MTU 1500, therefore
 interface physical MTU is set to 1500+3x4+14=1526. this also makes family
 inet mtu=1526-14=1512.



 C.

 - Original Message - From: Andreas Friedrich [EMAIL PROTECTED]
 
 To: Phil Bedard [EMAIL PROTECTED]
 Cc: juniper-nsp@puck.nether.net
 Sent: Tuesday, December 02, 2008 2:04 PM
 Subject: Re: [j-nsp] juniper mpls mtu



 One more question regarding this MPLS MTU.
 Are the 12 byte (3 labels) reserved by Juniper for there purpose and I
 have to calculate my labels additional? So is MPLS MTU  than 1512 if I
 want to use also 3 labels?

 Thanks,
 Andreas

 Am 04.06.2008 um 01:54 schrieb Phil Bedard:

  I think with most of the forwarding engines, the maximum number of
  labels that can be pushed at one time is 3, hence the 12 bytes.

 Phil

 On Jun 3, 2008, at 9:15 AM, cp wrote:

  I hoping someone can provide insight into why by default juniper
 calculates mpls mtu at 12 bytes less than the ip mtu?  I've been
  testing
 using l3vpn and it seems that mpls mtu pads 8 bytes to its mpls mtu
 reducing the ip mtu the inside packet by 8 bytes. Quick example. So  if
 mpls mtu is 1508 the ip mtu of the packet inside is 1500. That  means
 the
 ip mtu of the mpls interface is 1520. The only reason I can see
 additional bytes needed on top of the l3vpn two is for fast reroute
 bypass.  I assume it's for the safety factor although I am probably
 missing something. Any information is appreciated.



 -Chip













 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp


 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp


 Andreas Friedrich
 Network Engineer

 COLT Telecom GmbH
 Herriotstr. 4
 60528 Frankfurt


 Tel: + 49 (0)69 56606 6005Internal: 8 491 6005
 Fax: + 49 (0)69 56606 6350
 Email: [EMAIL PROTECTED]



 www.colt.net





 Data | Voice | Managed Services

 Schütze Deine Umwelt | Erst denken, dann drucken

 *
 COLT Telecom GmbH, Herriotstraße 4, 60528 Frankfurt/Main, Deutschland
 • Tel +49 (0)69 56606 0 • Fax +49 (0)69 56606  •

 Geschäftsführer: Albertus Marinus Oosterom (Vors.), Rita Thies •
 Amtsgericht Frankfurt/Main HRB 46123 • USt.-IdNr. DE 197 498 400


 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp


 Andreas Friedrich
 Network Engineer

 COLT Telecom GmbH
 Herriotstr. 4
 60528 Frankfurt


 Tel: + 49 (0)69 56606 6005Internal: 8 491 6005
 Fax: + 49 (0)69 56606 6350
 Email: [EMAIL PROTECTED]



 www.colt.net





 Data | Voice | Managed Services

 Schütze Deine Umwelt | Erst denken, dann drucken

 *
 COLT Telecom GmbH, Herriotstraße 4, 60528 Frankfurt/Main, Deutschland • Tel
 +49 (0)69 56606 0 • Fax +49 (0)69 56606  •

 Geschäftsführer: Albertus Marinus Oosterom (Vors.), Rita Thies •
 Amtsgericht Frankfurt/Main HRB 46123 • USt.-IdNr. DE 197 498 400


 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp




-- 
__
Vai Encarar? http://www.vaiencarar.com.br
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Traffic Logging

2008-12-01 Thread Ricardo Tavares 
Try something like:

=
set system syslog file Special-Events daemon info
set system syslog file Special-Events match (.*EVENT
UpDown.*-.*)|(.*bgp.*)|(.*LDP.*)|(.*OSPF.*);
=

so you can do:

show log Special-Events

or

monitor start Special-Events

Regards,
Ricardo

On Mon, Dec 1, 2008 at 8:46 PM, a. rahman isnaini rst / netsoft 
[EMAIL PROTECTED] wrote:

 Hi,


 To generate log like cisco sh logging using access-list, i have
 configured :
 - FirewallFamily InetFilter logMatch all then log
 - InterfaceUnit x Family Inet input filter log
 - SystemServicesSyslogall facilities [any]

 All I've seen by show log messages is just simply standard log (somebody
 is login, etc..).
 And as well, show firewall log, it match the log but only shows Point
 to Point session.

 Any simple way to have log such cisco did ? please kindly advice.

 rgs
 a. r.isnaini rangkayo sutan
 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp




-- 
__
Vai Encarar? http://www.vaiencarar.com.br
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Strange RX issue w/ GE PIC

2008-08-25 Thread Ricardo Tavares 
Have you tried the show interfaces diagnostics optics to check the power
levels?

Regards.


Ricardo.



On Mon, Aug 25, 2008 at 12:05 PM, Eric Van Tol [EMAIL PROTECTED] wrote:

 Hi all,
 I'm experiencing a strange RX issue on a link and I need some more ideas on
 where to look.  Two routers, an M7i and M20, are connected back-to-back,
 sort-of (there's optical gear between them, obviously), over a WDM link.
  Ping tests work perfectly from one to the other, using various packet
 sizes.  When enabling traffic from the M7i to the M20 by lowering an OSPF
 metric, the link works fine.  When enabling traffic in the opposite
 direction, M20 to M7i, I begin to get massive input errors on the M20 GE
 PIC.  I see no errors at all on the M7i side, ever.  Errors only start to
 accrue when traffic reaches a certain as-yet-undetermined level, when
 bi-directional traffic is enabled.

 Done so far:
  - Cleaned every connector in the path.
  - Replaced both patch cables at either end of the link.
  - Installed intermediary switch to rule out PIC/SFP problems.
  - Failed over to redundant light path to rule out primary path problems.

 In what situation would one see input errors accrue on one side, but only
 when bi-directional traffic is enabled?

 Thanks,
 evt
 ___
 juniper-nsp mailing list juniper-nsp@puck.nether.net
 https://puck.nether.net/mailman/listinfo/juniper-nsp




-- 
__
Vai Encarar? http://www.vaiencarar.com.br
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp