Yes. JTAC is already aware of the issue.
> On 11 Apr 2017, at 02:25, Jonathan Call wrote:
>
> Anyone had that happen to them before? Should I bother JTAC with it?
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman
On 11 April 2017 at 00:42, wrote:
> Nope ASR9k is using LPTS to cya :)
Some problems with LPTS
a) LPTS punted packets are not subject to MQC, so you cannot use
interface policers to limit say say ICMP, BGP etc
b) LPTS only has 'aggregate' (NPU) level policing, ddos-protection has
aggregate =>
> Aaron Gould
> Sent: Monday, April 10, 2017 5:12 PM
>
> Junos ddos protect capabilities is new to me. I was pleasantly surprised
to
> learn about ddos protection in Junos and that it seems to be built-in to
Junos
> with Trio chip capabilities (like ACX5048 broadcomm-based doesn't seem to
> suppo
show chassis cfeb0 (or alike) is the most interesting info since it
shows the SRAM usage on this very, very old machine. This is what
actually limits the number of routes in the FIB. But 96% on the RE is
not funny either and a replacement should be scheduled on short notice.
Best is to skip the
Hi Robert,
This output is from a M7i:
usr@rtr> show version
Hostname: rtr
Model: m7i
Junos: 13.3R8.7
usr@rtr> show route summary
Autonomous system number: x
Router ID: x.x.x.x
inet.0: 641678 destinations, 1301206 routes (641372 active, 19
holddown, 3258 hidden)
Restart Complete
Hi
What is supported FIB size for M7i router with CFEB-E ?
Is it will handle 1M of routes in FIB ?
Rob
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
I installed multiple QSFP+-40G-SR4 modules into a QFX5100-24Q. Port 5 changed
to "break out" mode (i.e. xe-0/0/5:0, 1, 2, 3 instead of et-0/0/5) I tried
swapping out QSFP modules and the problem persisted with just that port. I had
to manually disable auto negotiation (set chassis fpc 0 pic 0 p
Junos ddos protect capabilities is new to me. I was pleasantly surprised to
learn about ddos protection in Junos and that it seems to be built-in to
Junos with Trio chip capabilities (like ACX5048 broadcomm-based doesn't seem
to support ddos protect). In comparison to Cisco IOS-XR ASR9000, I'm pr
On 10/04/17 15:03, Jason Healy wrote:
What's depressing is that it looks like the 2300/3400 are the only EX
switches that support any IPv6 on layer 2 filters (Phil, you
mentioned the 4300, but the docs list that as unsupported as well).
That must be a doc error. We have these working in produc
Thanks Thomas, good info, I'll proceed wiser now.
-Aaron
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
On Apr 10, 2017, at 7:51 AM, Phil Mayers wrote:
>
> My memory is hazy, but I think we saw the CLI accept but ignore partial v6
> config, same as you are seeing, so I'd guess CLI bug on that score.
Ugh. I whipped up a quick filter with anything ipv6 that would commit. I was
hopeful for a seco
On 10 April 2017 at 09:49, Mark Tees wrote:
Hey,
> Ytti will probably pop up and comment on this but we have
As summoned.
> flow-detection configured under global for ddos-protection which
> create flows then actions when under DDOS like conditions rather than
> hitting static policers. Only a
On 10/04/17 02:10, Jason Healy wrote:
I've been burned plenty of times by the (lack of) IPv6 feature
parity, so I'm hoping the list's collective wisdom can save me from a
lot of extra testing and phone calls with JTAC...
TL;DR: are ANY layer 3 match conditions supported for IPv6 in family
ethern
> James Jun
> Sent: Monday, April 10, 2017 7:17 AM
>
> Hello Folks,
>
> We had a strange DoS attack against a customer attached to an MX104 router
> that caused the device to completely stop forwarding all legitimate
traffic
> (routing protocols both igp and bgp timed out across all adjacencies a
Dear james ,
Do you face sth. Like that ?
http://gorselpaylas.com/image/5
http://gorselpaylas.com/image/7
http://gorselpaylas.com/image/A
http://gorselpaylas.com/image/D
On 10/04/17 10:14, "Felix Schüren" wrote:
>From memory, the MXes by default have a single shared policer across all
>
15 matches
Mail list logo
