[j-nsp] NSRP and igmp-snoop

Does anybody experience problems on SSG320 NSRP cluster (remain Master and Master) when enabled IGMP-SNOOPING on the EX4200 connecting the two firewalls ? Any reason ? Tks ___ juniper-nsp mailing list juniper-

Re: [j-nsp] DDoS protection for J-series and SRX

On Apr 11, 2013, at 3:57 PM, James Howlett wrote: > Is there anything i can do here? S/RTBH, flowspec, iACLs, GTSM, et. al. --- Roland Dobbins // Luck is the residue of opportunity and

Re: [j-nsp] Config changes on VC with member down

On 11/04/2013, at 10:08 PM, Luca Salvatore wrote: > HI, > Quick question just for my own sanity :-/ > > If i make some config changes on a VC when one of the members is down, what > happens to the config on the down member when it comes back up? I'm assuming > it will just sync with the mas

[j-nsp] Logical tunnels on MPC2 and MICs

I am a little confused about logical tunnel-services configuration on the MPC2, for both the chassis platform and MX-80. Do you really need a MIC installed in the MPC if you want to configure a logical-tunnel (lt)? Part of me says you do not simply because the tunnel is happening on the PFE.

Re: [j-nsp] DDoS protection for J-series and SRX

On Thu, Apr 11, 2013 at 10:57:55AM +0200, James Howlett wrote: > I have a small network with J6350 as a border router (BGP) and two > SRX240H in a cluster. Since few days my network is a victim of DDoS > attacks. Majority of them are high pps count attacks. > Are there any methods to protect my ne

[j-nsp] Config changes on VC with member down

HI, Quick question just for my own sanity :-/ If i make some config changes on a VC when one of the members is down, what happens to the config on the down member when it comes back up? I'm assuming it will just sync with the master right? thanks Luca.

Re: [j-nsp] port mirror on EX causing crash

For anyone who is interested turns out we hit this bug PR658614 "When you configure both sFlow monitoring technology and port mirroring features, parity errors might occur, which might cause the switch to crash and then reboot." We had sflow running, then turned on port mirrioring... two days l

Re: [j-nsp] DDoS protection for J-series and SRX

The SRX definitely supports screen options and you can upgrade the J series to something newer. I think it was in 9.4 that Juniper got rid of the 2 versions of software for J series, ie the router and enhanced services versions, so all newer versions have the security stuff built in. Upgrading th

Re: [j-nsp] DDoS protection for J-series and SRX

Hello, I think I can't use screen on my J-series in 9.x software / router context. Will SRX be able to handle it alone? all best, jim Date: Thu, 11 Apr 2013 10:10:18 +0100 Subject: Re: [j-nsp] DDoS protection for J-series and SRX From: m...@deimark.net To: jim.howl...@outlook.com CC: juniper-nsp

Re: [j-nsp] DDoS protection for J-series and SRX

Have a look at the screen options on both kits, we can apply basic DDoS protection there and limit stuff like max connections over a short period etc On 11 April 2013 09:57, James Howlett wrote: > Hello, > > I have a small network with J6350 as a border router (BGP) and two SRX240H > in a clust

[j-nsp] DDoS protection for J-series and SRX

Hello, I have a small network with J6350 as a border router (BGP) and two SRX240H in a cluster. Since few days my network is a victim of DDoS attacks. Majority of them are high pps count attacks. Are there any methods to protect my network against such attacks. My J-series can handle quite a lo