Re: [j-nsp] In Search of the Optimal RE Protect Filter - A Journey

Hi Clarke, Lot's of good insight here. You've put together some pretty good stuff. Have you thought about putting it on a blog somewhere? Stefan Fouant JNCIE-ER, JNCIE-M, JNCIE-SEC, JNCI Technical Trainer, Juniper Networks http://www.shortestpathfirst.net http://www.twitter.com/sfouant On 8

[j-nsp] management daemon of M20(9.4R4.5) is not running

I have a Juniper M20 with Junos 9.4R4.5, which all of the sudden doesn't support SSH login: martint@martin:~> ssh 192.168.1.254 Enter passphrase for key '/home/martin/.ssh/id_dsa': --- JUNOS 9.4R4.5 built 2009-11-16 16:23:14 UTC could not open user interface connection: management daemon not run

Re: [j-nsp] In Search of the Optimal RE Protect Filter - A Journey

On (2011-08-09 16:25 -0400), Clarke Morledge wrote: > Well, I hope this all helps someone. If someone can clarify and/or > improve on this, please let me know. I had to learn the hard way. Nice pointers, thanks. People should also have forwarding-options filter in every routing-instance (inc

Re: [j-nsp] SRX 3G Support (was Re: hardware DS1s)

I think we are going to go back to cisco for this rollout it seems that wireless 3G/4G support with Juniper is just not on par. I am disappointed because I was looking forward to using Juniper. Cheers Ryan -Original Message- From: Ben Dale [mailto:bd...@comlinx.com.au] Sent: Monday,

Re: [j-nsp] BGP "Holdtime", " Active Holdtime" and "Preference" values

David, Stefan: I configured "hold-time 20" and BGP session came up with an "Active Holdtime: 20" as expected. Thank you for explanations! regards, martin 2011/8/9 Stefan Fouant : > On 8/9/2011 7:55 AM, Martin T wrote: >> >> Hi, >> in case one has following settings active with it's BGP peer: >>

[j-nsp] In Search of the Optimal RE Protect Filter - A Journey

I have posed a number of questions to the mailing list over the past couple of months about configuring RE protect filters for the MX platform. I'd like to summarize my experiences so that others do not have to go through the headaches I've had. An Introduction: In our campus environment we h

Re: [j-nsp] BGP "Holdtime", " Active Holdtime" and "Preference" values

On 8/9/2011 7:55 AM, Martin T wrote: Hi, in case one has following settings active with it's BGP peer: Holdtime: 90 Preference: 170 Active Holdtime: 90 Keepalive Interval: 30 ..then what do they mean? As I understand, "Holdtime" is the maximum number of seconds allowed to elapse betwee

Re: [j-nsp] Same netflow data to same collector but different ports

Emmanuel, We use the Unix tool samplicator at our Netflow collector to symplicate the Netflow packet to multiple UDP ports. Multiple collectors listening to different ports. This might work for you as well. Regards, Mark -Original Message- From: juniper-nsp-boun...@puck.nether.net

Re: [j-nsp] Same netflow data to same collector but different ports

Not in the router but you can use http://code.google.com/p/samplicator/ On Tue, Aug 9, 2011 at 20:14, Emmanuel Halbwachs < emmanuel.halbwa...@obspm.fr> wrote: > Hello, > > I would like to run more than one collector software on the same > host. The use case is: > > - benchmarking different tools

[j-nsp] Same netflow data to same collector but different ports

Hello, I would like to run more than one collector software on the same host. The use case is: - benchmarking different tools with the same netflow data - running simultaneously two tools with complementary features The idea was to send the same netflow data to different UDP ports, but on our MX

Re: [j-nsp] debugging inter-AS VPLS

I kinda went with option c here: http://www.juniper.net/techpubs/en_US/junos11.2/topics/example/mpls-vpn-option3-configuration.html But it seems that I need to establish an inter-AS LSP between two route reflectors. I do see that I can stitch two LSPs together to overcome the separate TE domains.

Re: [j-nsp] anti DDoS in trio MX'es ?

On (2011-08-09 15:11 +0200), bas wrote: Hey, > I don't see where this has any benefit over a properly configured re > input filter. I agree with this. I was VERY concerned upon seeing this feature, in what order it is processed, as DDOS policers can't differntiate good and bad traffic. Luckily l

Re: [j-nsp] snmp count for arp policer?

To bring some closure to this thread, it appears that the ARP policer counters for SNMP access have been fixed in Junos 10.4R6. However, this is still only helpful for tracking ARP events exceeding your policer threshold. As Stefan pointed out to me, if you have family bridge interface on an

[j-nsp] BGP "Holdtime", " Active Holdtime" and "Preference" values

Hi, in case one has following settings active with it's BGP peer: Holdtime: 90 Preference: 170 Active Holdtime: 90 Keepalive Interval: 30 ..then what do they mean? As I understand, "Holdtime" is the maximum number of seconds allowed to elapse between the time that a BGP system receives succ

Re: [j-nsp] good filter to protect RE

Especially using apply-path to build dynamic prefix-lists can help greatly and remove a lot of overhead from adding/removing when things change. Nick -Original Message- From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Kurt Bales Sent: 0