http://tools.ietf.org/search/rfc6192
has an excellent example recipie for juniper and cisco control-plane
protection.
it's a good starting off point and it covers the rational behind the
various elements in detail.
some things like my l2 policer were meant to solve invidualized needs
there are p
Thanks Saku and Joel for detailed explanations,
Do You know any good resource to start with lo filters? Recommendations
about how much police several types of packets and so on. I don't want
to do much experiments on production network.
joel jaeggli wrote:
On 1/30/14, 6:46 AM, Saku Ytti wrot
On (2014-01-30 09:18 -0800), joel jaeggli wrote:
> A good solid control-plane protection acl with sensible rate limits is a
> good place to start.
Absolutely. But FW policers are only bps not pps (trio hw is fully pps capable
and microcode etc, just lacks CLI).
You want to give scp, http, bgp mor
On (2014-01-30 16:29 +), santiago martinez wrote:
> Hi Saku, agree with you, LPTS is doing a better job right now...
> If I'm not wrong or miss interpreting Juniper documentation, Junos ddos
> aready support per flow ddos (12.3 and later)
I haven't had chance to try out, as we've been on 11.4
On 1/30/14, 6:46 AM, Saku Ytti wrote:
> On (2014-01-30 14:35 +0400), Misak Khachatryan wrote:
>
>> Thanks Abhi, i saw this document, but i need real life experience
>> about hardening thresholds or implementing additional
>> filter/policers.
>
> In my experience there is some build-in unconfigura
Hi Saku, agree with you, LPTS is doing a better job right now...
If I'm not wrong or miss interpreting Juniper documentation, Junos ddos
aready support per flow ddos (12.3 and later)
Best regards
Santiago
url:
http://www.juniper.net/techpubs/en_US/junos12.3/topics/task/configuration/scfd-enable-gl
On (2014-01-30 14:35 +0400), Misak Khachatryan wrote:
> Thanks Abhi, i saw this document, but i need real life experience
> about hardening thresholds or implementing additional
> filter/policers.
In my experience there is some build-in unconfigurable policer to limit how
many packets can hit con
Hi All.
We are starting to implement a Wirelless broadband to telecom company.
Our B-RAS are Juniper E320.
This B-RAS has WISP support?
BR.
Jefferson
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/jun
Hi to all,
I would like to monitor storm-control events through SNMP on Ex2200/4200
and QFX 5100 switches
Are you aware of a storm control specific MIB in Juniper?
I am thinking of something like this
http://tools.cisco.com/Support/SNMP/do/BrowseMIB.do?local=en&step=2&mibName=CISCO-PORT-STORM-C
Thanks Abhi, i saw this document, but i need real life experience about
hardening thresholds or implementing additional filter/policers.
Abhi wrote:
can u check the link below
http://www.juniper.net/techpubs/en_US/junos13.2/topics/task/configuration/subscriber-management-ddos-packet.html
reg
can u check the link below
http://www.juniper.net/techpubs/en_US/junos13.2/topics/task/configuration/subscriber-management-ddos-packet.html
regards
abhijeet.c
On Thursday, January 30, 2014 2:57 PM, Misak Khachatryan
wrote:
Hello,
>
>I met very ugly problem yesterday. Consider following
Hello,
I met very ugly problem yesterday. Consider following scheme:
Cisco ASR 1006
|
Customer | Juniper EX4200 |
|
Juniper MX480
Customer connected by one VLAN to both
12 matches
Mail list logo