I think you are probably looking for BCP of the following aspects:
- Loopback filter for RE protection against surplus ICMP/ssh/ftp etc..
- Minimizing excessive logging/sampling on hard disk.
- Utilizing chassis redundancy options {like GRES, failover etc}
Am I correct in my understanding?
T
Experts,
are you aware of 'best common practice' for RE protection in an SP environment?
Thanks,
TheDarkOne
Я в Моем Мире - http://my.mail.ru/list/thedarkone/
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listin
hi!
example below:
login {
class r1 {
idle-timeout 3;
logical-system r1;
login-tip;
permissions all;
}
class r2 {
idle-timeout 3;
logical-system r2;
login-tip;
permissions all;
}
class r3 {
idle-timeout 3;
Hi!
Nothing there:
zones {
security-zone trust {
tcp-rst;
host-inbound-traffic {
system-services {
ping;
ssh;
snmp;
}
protocols {
bfd;
bgp;
}
On Mon, Sep 7, 2009 at 1:20 PM, Hoogen wrote:
> But since this was in the M-Series... and I would assume when they
> mentioned
> "permit four archived copies that will be no larger than 128K"
> The solution should have been "archive size 128k files 4" and not just left
> as default. Maybe there w
Most daemons would restart.
What is in your log message file ?
Anything in /var/tmp or /var/crash directories ?
I have this running here across 2 x M10's and I don't see an issue, so
maybe firewall is causing it.
How are you allowing BFD traffic into the ES box ?
cheers
On 9/8/09 1:27 PM, Ma
Hi!
We are using only iBGP between our routers on different locations. There
is a working BGP and data-connection between the two systems. Perhaps I
can somehow restart the BFD-daemon? Maybe it crashed?
Matthias
Sean Clarke schrieb:
Are you not using an IGP ?
Can you ping between the 2 rout
Are you not using an IGP ?
Can you ping between the 2 routers ?
On 9/8/09 1:07 PM, Matthias Gelbhardt wrote:
Hi!
I see now only outgoing BFD packets... Perhaps I should better think
about using an IGP for the internal communication.
Matthias
___
Hi!
I see now only outgoing BFD packets... Perhaps I should better think
about using an IGP for the internal communication.
Matthias
Matthias Gelbhardt schrieb:
Hi!
I do not understand why, but I do not see packets on the other router.
But there is no icmp either, when I ping the other sid
Hi!
I do not understand why, but I do not see packets on the other router.
But there is no icmp either, when I ping the other side. The ES is on
one router, but in routermode. But I have explicitly allowed BFD now.
Strange, I do not understand, why the tcpdump is not working correctly.
Matth
On Monday 07 September 2009 09:31:28 pm Matthias Gelbhardt
wrote:
> great tip. Unfortunatly BFD for BGP - though detailed
> documented - has no examples flying around. Perhaps I am
> missing something here.
It's possible you aren't seeing many examples "out there"
because typically, most folks
Hi Matthias,
I am no expert on J-Seris, but looking at BFD state, I feel that there is an
issue sending or receiving BFD packets on your Router B. AdminDown state
here may mean that no packets were ever received from Router A. If you are
running a Junos Enhanced Services version on these J-Series
Hi!
No, actually they are directly connected, so I do not know, why there is
a multihop output. Perhaps somehow he thinks to be not directly
connected and that is the problem?
Both routers are J6350.
Regards,
Matthias
Nilesh Khambal schrieb:
Hi Matthias,
Are these peers established over
Hi Matthias,
Are these peers established over a directly connected IPs or is this an
indirect session?
The session shows multihop on both routers from the show output provided
below.
What is the router platform on both sides?
Thanks,
Nilesh
On 9/8/09 1:25 AM, "Matthias Gelbhardt" wrote:
>
Hi!
That is the doc I have used for configuring.
Both routers are Juniper routers over a Laver 2 Link directly connected.
One router is 9.3R2.8 The other 9.4R2.9.
Regards,
Matthias
Nilesh Khambal schrieb:
Hi Matthias,
What JUNOS version are you running on this router? Is other end router
Hi Matthias,
What JUNOS version are you running on this router? Is other end router also
a Juniper router? Are both peers directly connected or is this a multihop
session?
Try this doc link see if it can help.
http://www.juniper.net/techpubs/software/junos/junos85/swconfig85-routing/id
-13279139
Has no one an idea? It seems, that I am really stuck here. Do I have to
activate something on the other side (hence the AdminDown status?)
Regards,
Matthias
Matthias Gelbhardt schrieb:
Hello David,
great tip. Unfortunatly BFD for BGP - though detailed documented - has
no examples flying aro
17 matches
Mail list logo
