Re: [j-nsp] VC-port over Ethernet

2013-04-23 Thread Nick Kritsky
Graham, short answer is - yes, EX-3300 can form VC when connected via 3rd switch. No special settings are required on the uplink switch. However without special configuration (q-in-q? jumbo frames?) VC is unstable (see below in test results). here is the test setup. 1. Topology: ASW13 ASW11

[j-nsp] overload bit for MPLS LSPs?

2013-04-23 Thread James Jun
Hey folks, Is there a way to set overload bit on RSVP signaled LSPs? I've got OSPF-TE setup with overload timer set to 120 seconds. Obviously the problem here is that LSPs get established sooner than that with CSPF metrics getting set really high. I believe on IS-IS, LSPs get recomputed

[j-nsp] SRX3600 weirdness

2013-04-23 Thread James S. Smith
Just in the process of finishing a project of migrating subnets behind an SRX3600, and we've run into some odd behavior. We have a database subnet outside the firewall, and an exchange server subnet behind the firewall. A database server uses IMAP4 over SSL (TCP 993) to send emails to

Re: [j-nsp] SRX3600 weirdness

2013-04-23 Thread Jonathan Lassoff
On Tue, Apr 23, 2013 at 1:56 PM, James S. Smith jsm...@windmobile.cawrote: Just in the process of finishing a project of migrating subnets behind an SRX3600, and we've run into some odd behavior. We have a database subnet outside the firewall, and an exchange server subnet behind the

Re: [j-nsp] SRX3600 weirdness

2013-04-23 Thread Andrew Miehs
Sent from a mobile device On 24/04/2013, at 6:56, James S. Smith jsm...@windmobile.ca wrote: We have a database subnet outside the firewall, and an exchange server subnet behind the firewall. A database server uses IMAP4 over SSL (TCP 993) to send emails to Exchange. The connection

Re: [j-nsp] SRX3600 weirdness

2013-04-23 Thread James S. Smith
I found that a bit strange myself, but we log all traffic flows through the firewall and the only communication going on was on port 993. -Original Message- From: Andrew Miehs [mailto:and...@2sheds.de] Sent: April-23-13 7:40 PM To: James S. Smith Cc: juniper-nsp@puck.nether.net Subject:

Re: [j-nsp] SRX3600 weirdness

2013-04-23 Thread OBrien, Will
It there a possibility of a flapping route? Will O'Brien On Apr 23, 2013, at 7:02 PM, James S. Smith jsm...@windmobile.ca wrote: I found that a bit strange myself, but we log all traffic flows through the firewall and the only communication going on was on port 993. -Original

Re: [j-nsp] SRX3600 weirdness

2013-04-23 Thread Pavel Lunin
2013/4/24 James S. Smith jsm...@windmobile.ca I found that a bit strange myself, but we log all traffic flows through the firewall and the only communication going on was on port 993. Traffic log is a bad clue for that sort of issues, really. You'd need to use flow traceoptions to check out 1)