I use something like this so the same firewall filter is applied on all lo0.*
interfaces of all VRFs and logical-systems:
set groups RE-FILTER logical-systems <*> interfaces lo0 unit <*> family inet
filter input ROUTING-ENGINE
set groups RE-FILTER logical-systems <*> interfaces lo0 unit <*>
We've not had any issues (so far) with either 15.1X53-D51, or 18.2R2.6.
Only using them for L2 distribution or QinQ, though. So your mileage may vary.
-Original Message-
From: juniper-nsp [mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of
Philippe Girard
Sent: Monday, December
A note on that.
Not only does the switch stop responding and needs to be power cycled, but in
our case while this happens uplink ports on a redundant ring bridge BPDUs from
working switches and you get a nice linerate traffic loop going.
We also use those as OOB management for our MX routers
See this:
https://www.juniper.net/documentation/en_US/junos/topics/reference/configura
tion-statement/multicast-router-interface-igmp-snooping.html
-Original Message-
From: juniper-nsp On Behalf Of Norman
Elton
Sent: Monday, December 9, 2019 06:03
To: juniper-nsp@puck.nether.net
Subject:
Hello Mike,
if you're using that lo0.0 in a routing-instance or use more than one
loopback you could also run into these restrictions:
- If you configure Filter A on the default loopback interface and
Filter B on the VRF loopback interface, the VRF routing instance uses
Filter B.
- If you
What hardware and software version? There were some bugs/limitations with
certain combinations.
On Mon, Dec 09, 2019 at 07:42:02AM -0800, Mike wrote:
> Hello,
>
> I have a problem getting junos to filter out admin access to my router
> from unauthorized addresses.
>
> I have some addresses
If Juniper provides a version which is stable for more that a few weeks
let me know. I've been chasing version upgrades for months now.
Brian Nelson
On 12/9/19 5:15 AM, William wrote:
> Hi,
>
> I am in the process of getting our first stack of EX2300s ready for
> production, can anyone recommend
You can try moving the IGMP querier function from the router to a switch. Also
refrain from using multicast-router-interface on the uplink port to the router.
These may help, although they mention QFX and SRX. I'm not sure if EX-series
is supported for this feature (but the command is there
Hello,
I have a problem getting junos to filter out admin access to my router
from unauthorized addresses.
I have some addresses bound to lo0.0 which I am advertising internally
in my igp, and which are the 'official' addresses used for SNMP, SSH and
BGP to the router.
I have firewall filters
Hello,
In a fairly large EX switching environment, we're using IGMP snooping
to constrain some AV-over-IP multicast traffic. It's quite
bandwidth-intensive, so we obviously don't want it broadcasting over
our L2 network.
According to The Rules, multicast traffic gets sent to any subscribed
host
On Mon, Dec 09, 2019 at 11:15:01AM +, William wrote:
> Hi,
>
> I am in the process of getting our first stack of EX2300s ready for
> production, can anyone recommend any specific versions of junos to run
> on them?
>
> I'm not taking advantage of any advance features, just after something
>
--- Begin Message ---
This appears to be a SW issue, as MX204 does NOT have any MACsec support. As
Chuck said, SW sure error in some manner, like non-supported platform etc.
Even though the config is allowed, nothing will happen in terms of MACsec - no
HW support.
Rich
Richard McGovern
Sr
--- Begin Message ---
Use 18.2R3-S2
Richard McGovern
Sr Sales Engineer, Juniper Networks
978-618-3342
I’d rather be lucky than good, as I know I am not good
I don’t make the news, I just report it
On 12/9/19, 6:15 AM, "William" wrote:
Hi,
I am in the process of getting our
Hi,
I am in the process of getting our first stack of EX2300s ready for
production, can anyone recommend any specific versions of junos to run
on them?
I'm not taking advantage of any advance features, just after something
stable :)
Cheers,
William
14 matches
Mail list logo
