> -Original Message-
> From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-
> boun...@puck.nether.net] On Behalf Of Clarke Morledge
> Sent: Thursday, March 17, 2011 6:05 PM
> To: juniper-nsp
> Subject: [j-nsp] SRX policy action to inject a route in a table??
>
> The SRX policy ac
Are these all 10.4R2 bugs or 10.2?
>
> PR588115 - Changing the forwarding-table export policy twice in a row
> quickly (while the previous change is still being evaluated) will cause
> rpd to coredump.
>
> PR581139 - Similar to above, but causes the FPC to crash too. Give it
> several minutes befo
Have you looked into an inline IPS in front of the SRX to just block
misbehaving host? I've had a lot of success with this.
- Original Message -
From: juniper-nsp-boun...@puck.nether.net
To: juniper-nsp
Sent: Thu Mar 17 18:04:36 2011
Subject: [j-nsp] SRX policy action to inject a rou
2011/3/17 James S. Smith
> I'm having a bit of trouble with this configuration: I have an SRX 240
> (JunOS 10.0R3.10) that is connected to the Internet with a CX-111. The
> CX-111 has a 3G stick for its Internet. The SRX receives a DHCP address on
> ge-0/0/0.0 and can reach the Internet witho
You can create a firewall filter and using the routing-instance knob.
-Original Message-
From: juniper-nsp-boun...@puck.nether.net
[mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Clarke Morledge
Sent: Thursday, March 17, 2011 3:05 PM
To: juniper-nsp
Subject: [j-nsp] SRX policy a
>>> On 3/17/2011 at 3:04 PM, Clarke Morledge wrote:
> The SRX policy actions (count, deny, log, permit, reject) are helpful, but
> a little limited. I am wondering if there might be a way to enforce a
> special action such as take the ip address of the source packet and inject
> it into a rou
The SRX policy actions (count, deny, log, permit, reject) are helpful, but
a little limited. I am wondering if there might be a way to enforce a
special action such as take the ip address of the source packet and inject
it into a routing table of some sort.
What I have in mind is some way to
I'm having a bit of trouble with this configuration: I have an SRX 240 (JunOS
10.0R3.10) that is connected to the Internet with a CX-111. The CX-111 has a
3G stick for its Internet. The SRX receives a DHCP address on ge-0/0/0.0 and
can reach the Internet without a problem.
I'd now like to s
They are neccessary for termination of (vlan)-ccc circuits.
So if you just want to have mpls between two routers the non-B is fine.
Its just needed for ccc termination on endpoints.
Regards,
Jonas
Am Donnerstag, den 17.03.2011, 08:43 -0700 schrieb Chris Cappuccio:
> P-1GE-xx-B are necessary for
All,
This is a follow-up to my previous email.
We're seeing the following problem on our J4350 routers under 10.x
versions of JunOS - certainly still present under 10.4R2.7, as well as 10.1
Basically, enabling:
protocols {
mpls {
ipv6-tunneling
}
}
...causes the J-series to start co
To be more specific, by default Junos will perform ECMP, but it's on a
per-prefix basis. For example if you have 100 prefixes with the same two
egress points, you'll see in the RIB how the chevron goes back and forth across
the prefixes. If you have a single prefix or want per flow hashing, th
No that isn't what I mean. That is exactly what I am saying ;)
The per-packet knob is to allow ECMP for multiple egress interfaces. In your
case you have a single egress interface: reth0.
Doug
-Original Message-
From: Walaa Abdel razzak [mailto:wala...@bmc.com.sa]
Sent: Thursday, Ma
P-1GE-xx-B are necessary for ethernet-ccc services... I have a few -B and many
non -B. So
Are the -B cards important for the connections _between_ MPLS capable routers,
or on endpoints facing connections facilitated through ccc, or _both_ ?
--
the preceding comment is my own and in no way
On Tue, Mar 15, 2011 at 10:57:56AM -0700, Steve Feldman wrote:
>
> What sorts of bugs did you see in 10.4R2?
We were just testing 10.4 on MX, since EX features are being a lot more
actively developed, thus making major version jumps much more risky. For
example, when we tried moving from 10.1 t
On Thu, Mar 17, 2011 at 11:23:59AM +0200, Delian Delchev wrote:
> You may mistakenly assume that EX8200 is equivalent to 65xx, and it
> is, in size. But against 65xx and 76xx the more correct juniper
> product should be the MX.
Not really. The best direct comparison to the EX8200 is the Nexus 7k
On Thu, 17 Mar 2011, Bill Blackford wrote:
I would also add that the MX isn't a switch in the sense that it's not
the best choice for campus/core applications. It doesn't do
traditional VLANS, RVI/SVI (bridge-domains/IRB instread). It also
boasts a variety of advanced layer2 features not seen or
I can lol. Still tons of things broken or half baked in the ex platforms.
On Mar 17, 2011 8:26 AM, "Giovanni Bellac" wrote:
> Hello
>
> sflow was introduced in JunOS 9.3 to EX platform.
>
> I can not believe, that sflow is not really working in 10.0...
>
> :(
>
> Best regards
> Giovanni
>
>
>
>
>
>> You may mistakenly assume that EX8200 is
>> equivalent to 65xx, and it is, in size. But against 65xx and 76xx the more
>> correct juniper product should be the MX.
> I disagree at least partially. You wouldn't replace a 65XX in a closet with
> an MX just to plug users into it and run ospf for
> -Original Message-
> From: Walaa Abdel razzak [mailto:wala...@bmc.com.sa]
> Sent: Thursday, March 17, 2011 3:02 AM
> To: Doug Hanks; Stefan Fouant; juniper-nsp@puck.nether.net
> Subject: RE: [j-nsp] SRX 650 reth interface load balancing
>
> Hi Doug
>
> So, do you mean that there is no n
> -Original Message-
> From: Walaa Abdel razzak [mailto:wala...@bmc.com.sa]
> Sent: Thursday, March 17, 2011 2:53 AM
> To: Stefan Fouant; juniper-nsp@puck.nether.net
> Subject: RE: [j-nsp] SRX 650 reth interface load balancing
>
> Hi Stefan
>
> I was testing the load balance by generating
Hello
sflow was introduced in JunOS 9.3 to EX platform.
I can not believe, that sflow is not really working in 10.0...
:(
Best regards
Giovanni
Von: Chris Evans
An: Richard A Steenbergen
CC: juniper-nsp@puck.nether.net; Giovanni Bellac
Gesendet: Dienstag,
$quoted_author = "Delian Delchev" ;
>
> You can not compare directly the products this way. The vendors are not
> copying always from each other the products.
While this is true, for the purposes of exploring the Juniper product range
the logical first step is to look for something which is simil
On Thu, Mar 17, 2011 at 5:23 AM, Delian Delchev wrote:
> You can not compare directly the products this way. The vendors are not
> copying always from each other the products.
> The solution is always a matter of design.
>
I agree but you have to make some sort of comparison when doing the design
You can not compare directly the products this way. The vendors are not
copying always from each other the products.
The solution is always a matter of design.
Let me tell you what I mean.
Cisco is not having equivalent to Extreme x650 (1RU 24 ports
10/100/1Gbps/10Gbps, wirespeed, 512Gbps stackin
On Thu, Mar 17, 2011 at 4:47 AM, Martin Barry wrote:
> We're a Cisco shop currently and I've been trying to identify the
> equivalent
> Juniper products but am struggling a little.
>
> We use 4900m in the core, 1GbE copper and fibre for up-links, 10GbE for
> inter-switch links. It's mostly a swit
Hi Ivan
Thanks a lot for your reply everything is fine now.
---
From: Ivan Ivanov [mailto:ivanov.i...@gmail.com]
Sent: Wednesday, March 16, 2011 2:26 PM
To: medrees
Cc: juniper-nsp@puck.net
We're a Cisco shop currently and I've been trying to identify the equivalent
Juniper products but am struggling a little.
We use 4900m in the core, 1GbE copper and fibre for up-links, 10GbE for
inter-switch links. It's mostly a switch but there is some layer 3, BGP
routing, VRFs. There doesn't app
Hi Doug
So, do you mean that there is no need to use the export policy on the
forwarding table and the traffic will be load balanced by default using
LACP? I am using this ECMP policy only for this purpose. as per my
knowledge Juniper is not load balancing the traffic by default unless
there is an
Hi Stefan
I was testing the load balance by generating two flows through the
firewall using ping to two different IP's and I was expecting to load
balance each flow on each link as I am using per-packet approach without
modifying the default has function.
BR,
-Original Message-
From: St
29 matches
Mail list logo
