Re: [j-nsp] MPC7E-MRATE in non-enhanced MX chassis?

On Thu, Sep 5, 2024 at 8:05 AM Chris Wopat wrote: > > They work fine, we had several in production in both newer and older > MX480/MX960. MPC10 requires the newer backplane. Correcting myself, even the MPC10 works but is limited to 800gbps "Line-rate throughput of up to 800 Gbps o

Re: [j-nsp] MPC7E-MRATE in non-enhanced MX chassis?

- the annual support price is stupid - if you're paying that. --Chris ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] ACX2200 logical tunnel

er technique the ACX needs which MX does not? Chris ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] dhcpv6 IA_PD syslogging

x27;t looked in a bit, but at one point Kea's built-in logging was pretty minimal, with "ISP level" logging done as a paid add-on module. They've got to pay the bills, but I dislike that model. -- Chris Adams ___ juniper-nsp mailing l

Re: [j-nsp] SRX Dynamic Address limits

just realised the datasheet doesn't list how much RAM they ship with as was mostly looking at them from the point of view of more throughput on interfaces, but hopefully they have been a bit more generous on the memory modules in the 1600's. Thanks, Chris On Sat, Mar 2, 2024 at 1:51 AM Er

[j-nsp] SRX Dynamic Address limits

ddress sets." but I'm not sure that this applies to dynamic address list entries as I figure that restriction may have more to do with the SRX having to parse a massive configuration file ? Thanks, Chris ___ juniper-nsp mailing lis

Re: [j-nsp] Thanks for all the fish

Shall we start taking bets on what stays, and what goes? Here’s my List: Stays: PE/Edge Routing (MX/Trio) - Stays and continues development. Reasons stated already in this thread. It’s the Swiss army knife to solve $things-you-didn’t-even-know-you-needed-to-do for some future corner case, and

Re: [j-nsp] Thanks for all the fish

On Wed, 10 Jan 2024 22:10:09 +, "Giuliano C. Medalha via juniper-nsp" wrote: > JUNIPER has 2 very powerful jewels that don't make any sense for HPe to throw > them away. you know every conpany that's acquired things this sort of thing about themselves... RARELY is it the reality that the o

[j-nsp] juniper fanless devices

are there any fanless devices that do layer 3 vpn, vlan-ccc, rsvp, ldp, and have more than two 10gbps ethernet ports? the acx2100/2200 are a little short on xe ports. are there other hardened devices i should be thinking about even if they have fans? __

Re: [j-nsp] QSA adapters and MTU

then speed 1g in the interface. -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] QSA adapters and MTU

could perhaps work harder on getting that config right later. it certainly lets me commit a ge config with that MTU though. when set as speed 10g, I can see the 1g optic inserted, as well as DOM, but it won't link. --Chris On Fri, Nov 3, 2023 at 10:16 AM Ola Thoresen via junip

Re: [j-nsp] QSA adapters and MTU

.0 upup aenet--> ae5.0 me@mx304> show interfaces ae5 | match mtu | match roto Protocol inet, MTU: 9000 Protocol inet6, MTU: 9000 Protocol mpls, MTU: 9166, Maximum labels: 3 Protocol multiservice, MTU: Unlimited Cheers Chris On Fri, Nov 3, 2023 at 8:01 AM O

Re: [j-nsp] Junos 21+ Killing Finger Muscle Memory - Resolved

that wants to smash that [TAB] key early - CK. > On 19 Oct 2023, at 15:11, Mark Tinka via juniper-nsp > wrote: > > > > On 10/18/23 19:05, Chris Wopat via juniper-nsp wrote: > >> Only complaint is Junos related, with auto tab complete problems as >> exten

Re: [j-nsp] MX304 - Edge Router

as extensively discussed in a different thread. --Chris On Wed, Oct 18, 2023, 08:47 Aaron1 via juniper-nsp < juniper-nsp@puck.nether.net> wrote: > I have an MX304 in the lab, evaluating it at the moment. Junos: 22.2R3.15 > > Telemetry is running and a little different than what I h

Re: [j-nsp] Q. Is anyone deploying TCP Authentication Option (TCP-AO) on their BGP peering Sessions?

FWIW -- We've asked for that feature now in any RFP/RFQs we send to the usual gang of $vendors. Thats our method to get adoption, else they get a black-mark/non-comply in the [BGP section] when it comes time to score the responses. - CK. > On 27 Sep 2023, at 10:49, Barry Greene via juniper-n

Re: [j-nsp] Junos 21+ Killing Finger Muscle Memory...

^ 'sy' is ambiguous. Possible completions: synchronous-ethernet Show synchronous ethernet related information system Show system information {master:0} root> Regards, Chris On Wed, Jul 12, 2023 at 11:45 PM Jeff Haas via juniper-nsp < juniper-nsp@puc

Re: [j-nsp] Junos 21+ Killing Finger Muscle Memory...

Hi Jeff I'll open it with my SE here in Australia (Mark Barrett). Will advise once complete. - CK. > On Jul 19, 2023, at 01:24, Jeff Haas via juniper-nsp > wrote: > > > Juniper Business Use Only > On 7/12/23, 12:11 PM, "Jeff Haas" > wrote: >> On 7/12/23, 11:46 AM

Re: [j-nsp] Junos 21+ Killing Finger Muscle Memory...

Another offender in 21. `protocols bgp` doesn't autocomplete as it did since `bgpmcast` was added. me@r-mx304-lab-re1# set protocols bgp? Possible completions: > bgp BGP options > bgpmcast BGP multicast options https://www.juniper.net/documentation/us/en/software/jun

Re: [j-nsp] Junos 21+ Killing Finger Muscle Memory...

+1 Mark! As any good problem begs for a solution, my suggestions to JNPR are as follows, as alternative places for this command: "show route transport-class ..." (or really, is it even a routing thing? might be better w/the segment-routing or spring commands)i.e.: "show segment-routing ..." "sh

Re: [j-nsp] JunOS RPKI/ROA database in non-default routing instance, but require an eBGP import policy in inet.0 (default:default LI:RI) to reference it.

here pushes the DB the way you > need. Certain versions of JunOS are quite broken going the other way, so I've > had to enumerate all of the routing-instances that I want to be sure have a > copy of the validation DB to get them to work correctly. Maybe the other way > will work

[j-nsp] JunOS RPKI/ROA database in non-default routing instance, but require an eBGP import policy in inet.0 (default:default LI:RI) to reference it.

Hi All Been scratching my head today. As per Juniper's documentation, you can indeed setup RPKI/ROA validation session inside a routing-instance. You can also have it query against that instance on an import policy for that VRF specifically, and if there's no session, it will revert to the defa

Re: [j-nsp] Multirate SFP+ in EX?

e, but if there is a way, it might be configured under "set chassis > pic ...", perhaps something like this: > > sst chassis pic fpc-slot 0 pic-slot 1 port 0 speed 10g > > > On Mon, Feb 13, 2023 at 09:23:10AM -0600, Chris Adams via juniper-nsp wrote: > > I

[j-nsp] Multirate SFP+ in EX?

set ether-options speed, but it'll only go to 1g on the ge-foo interface; I can set xe-foo ether-options speed 10g but it is ignored (since the EX doesn't think it has an xe-foo interface). -- Chris Adams ___ juniper-nsp mailing list j

Re: [j-nsp] MPC4E-3D-2CGE-8XGE

d chassis requirements, the MX204 is worth considering. Dario - Friendly heads up that the annual support costs on MPC7E is incredibly expensive. So high that pre-pandemic prices it would've been cheaper to just buy one off of eBay than pay for a year of

Re: [j-nsp] VRRP for IPv6

Once upon a time, Chris Adams said: > I'm trying to add VRRP for IPv6 to a pair of MX150s (that are already > running VRRP for IPv4). I've switched from VRRPv2 to VRRPv3, and the v4 > VRRP switched over, but both routers think they are master for the v6 > side. Looking a

Re: [j-nsp] VRRP for IPv6

t;virtual-link-local-address". > > -Jonas > > Am 2022-01-25 20:51, schrieb Chris Adams via juniper-nsp: > >I'm trying to add VRRP for IPv6 to a pair of MX150s (that are already > >running VRRP for IPv4). I've switched from VRRPv2 to VRRPv3, and > >the v4

Re: [j-nsp] VRRP for IPv6

I do have a loopback filter on input, but it should be clear (and took it off just to double-check - no change). Even if it had been that, it wouldn't have prevented the outbound packets that I'm not seeing. Once upon a time, Rolf Hanßen via juniper-nsp said: > Hello Chris, >

Re: [j-nsp] VRRP for IPv6

Echoing Rolf’s comment. The lack of a permit statement in a loopback filter is often the most common “bug” people find in routing protocol configurations. -C > On Jan 25, 2022, at 12:41 PM, Rolf Hanßen via juniper-nsp > wrote: > > Hello Chris, > > do you have a loopback f

[j-nsp] VRRP for IPv6

} } } } } protocols { router-advertisement { interface ae1.101 { virtual-router-only; } } vrrp { version-3; } } -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether

Re: [j-nsp] upgrading an antique 240

Randy Bush via juniper-nsp [juniper-nsp@puck.nether.net] wrote: > > is there any sw upgrade i can usefully do? I was about to try 19.4R3 on basically the same hardware, seems to work well on my MX80s and ACX2200s. ___ juniper-nsp mailing list juniper-n

Re: [j-nsp] MX204 and QSFP+ breakouts

0G in JUNOS). I haven't had any trouble with any of them on 18.1 and 18.4 JUNOS. No magic sauce in use as far as I know. -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Jumbo frames / mismatch MTU

On Fri, Apr 23, 2021 at 8:35 AM Matthew Crocker wrote: > Currently the ACX interface is: > > xe-0/3/0 > mtu 1600; > unit 0 { > family inet { > sampling { > input; > output; > } > address 10.200.1.1/24; > } > family mpls; > } You could al

Re: [j-nsp] vlan-tagging on ospf interface

I also suspect that the OP is running "vMX"... due to the hostname on his routers. And If he's running vMX on ESXi, using vSwitch/VMXNET3, did you actually set the underlying vSwitch to MTU=9000 and VLANID=4095, such that the hypervisor will Pass VLAN Tags? The vSwitch will not pass inbound tag

Re: [j-nsp] [RESOLVED] MX204: 802.3ad LAG 2 x 1 G with a Palo Alto firewall

etting a 204 to talk 10gig to a Nexus 77K router. Apparently some issues in the Eagle chip in the 204. If you have access, look up PR 1463015. —Chris ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] MX Reboot with Reason, panic:data storage interrupt trap

Im aware that the MX80's Flash can get worn out over time. Ive had to replace a few MX80s flashes with a compatible 3rd party USB/Flash to get them back up and running. (yes, voids warranty field-stripping an MX80 to get at the 2 flash modules in the rear area of the motherboard) -- but it wor

[j-nsp] nfx350 reboot loop!

I've tried installing 19.4R3 and 20.4R1 on an NFX350. Here is the boot-up from 20.4R1 after the install. I'm used to seeing weird errors from bad arguments and commands in JunOS boot up, but this is a bit worse. Once the system is installed and it starts the jdm container, the system reboots and go

[j-nsp] Issue with support.juniper.net TLS

t's not a problem with my device, it's a problem with Juniper's. -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] QFX10002 Inline Flow

longer works on service provider style interfaces --Chris ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Fits with 10gig from MX-204 to Nexus 7700

he router was not yet in production, JTAC recommended a reboot, which has apparently solved the problem. JunOS version 18.3R3.8. —Chris ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] NFX250 run down ?

I have an NFX250 here to play with and I'm wondering how do I get a JunOS VM to start? There is some kind of start up documentation from Juniper that basically says to point the box to your Network Services Orchestrator or whatever, but I don't have one of those. I am still in the bespoke config

Re: [j-nsp] Appending customer ASN to BGP

routing-options { static { route xx.xx.xx.0/24 { next-hop yy.yyy.yy.yy; as-path { path 12345; origin igp; atomic-aggregate; } } } } Where: - xx.xx.xx.0/24 is their block - yy.yy.yy.yy is the

[j-nsp] Fits with 10gig from MX-204 to Nexus 7700

. —Chris ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] Traffic shaping on SRX340

policer policer-20m set firewall family inet filter customer-ZZZ-out term default then accept set firewall policer policer-20m if-exceeding bandwidth-limit 22m set firewall policer policer-20m if-exceeding burst-size-limit 625k set firewall policer policer-20m then discard Thanks, C

Re: [j-nsp] Junos OS Evolved

ew times over the years, but each time it tended to be a "big deal" upgrade (versions you couldn't skip, no downgrades without a full reload, changed behvaior, etc.). -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Junos OS Evolved

work). It's my understand that the Linux kernel tends to have broader support for new hardware than the FreeBSD kernel, but I haven't really looked in a long time (I run Linux, not FreeBSD, so I could be wrong). -- Chris Adams ___ juniper-ns

Re: [j-nsp] MX204 port 1G

not tweaking autoneg or fec or the like). Have you tried alternate optics or such? -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] How to pick JUNOS Version

ill have my deck of Juniper playing cards somewhere. -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] DHCP relay monitoring

s, so you could monitor UDP-MIB::udpLocalAddress.0.0.0.0.67. If dhcp-relay is running, that variable should return 0.0.0.0; if not, the variable won't exist. -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.neth

[j-nsp] MX routers and DAC cables?

ponse was that no DAC cables are supported on any MX routers. That seems a little odd to me... I thought DAC cables are a part of the various specs, so saying they're not supported is saying those aren't actually Ethernet ports to me.

Re: [j-nsp] Rate selectability on MPC7E-MRATE

On Wed, May 6, 2020 at 9:41 AM Brian Johnson wrote: > > So you have a 4x10G breakout and a 100G QSFP28 in the same group of 3 > interfaces and they are all working? Just because I can install and configure > the optics, doesn’t mean they will function. This would conflict with what is > coming

Re: [j-nsp] Autonegotiation woes with EX-3400

e have no ether-options set at all. Cheers, Chris ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] Flex licensing on MPC10

hings won't function without a license. Does it just throw a red alarm (for now)? Would it be unusable to lab test on various configs without a license? Cheers --Chris ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] Trouble with 100G link MX204 <-> Dell S4100F-ON

Once upon a time, Mark Tinka said: > We've had to go all the way to Junos 19 for 1Gbps optics on the MX204. I'm using 1G optics on MX204 with 18.1. Not sure why you need to go to 19... -- Chris Adams ___ juniper-nsp mailing lis

Re: [j-nsp] SRX100H

SRX100H is EOL. They don't even list the software for it anymore on that main "recommended versions" page anymore as of this month. >From memory, the max version you can load is JunOS 12.1X46-something due to >the lower memory versus the H2 variant. If you can find the H2 variant, you can use Ju

Re: [j-nsp] MX960 vs MX10K

Only question is if it needs stateful-ness or not (IPSEC, CGNAT etc...), but only the OP can answer that. - CK. > On 5 Mar 2020, at 2:39 pm, Mark Tinka wrote: > > > > On 5/Mar/20 05:32, Chris Kawchuk wrote: > >> Just to chime in --- for scale-out, wouldn't y

Re: [j-nsp] MX960 vs MX10K

Just to chime in --- for scale-out, wouldn't you be better offloading those MS-MPC functions to another box? (i.e. VM/Dedicated Appliance/etc..?). You burn slots for the MSMPC plus you burn the backplane crossing twice; so it's at worst a neutral proposition to externalise it and add low-cost no

Re: [j-nsp] QFX10K port shaping

Assuming all your traffic is BE, (which is how I generally setup all my QFXes and ensure I never oversubscribe) and after adjusting all the ingress and egress shared-buffers from the defaults, (and just go down to a few HQ queues), you can create a scheduler with a shaper on the BE queue, + sche

Re: [j-nsp] arp from correct IP address

Ran into the same bug. $junos-preffered-source-address for an unnumbered for BNG functions does NOT return the "closest/must suitable address" based on the IP+Subnet that was given the subscriber... contrary to the BNG template doucmentation. It just defaults the actual loopback of the router.

Re: [j-nsp] Long communities (for 4-byte ASN) and static routes

Once upon a time, Chris Adams said: > We have some route policy applied based on communities set directly on > static routes. That works fine for us (with a 2-byte ASN), but doesn't > appear to accept 4-byte ASN long communities. I just get an error about > an invalid com

[j-nsp] Long communities (for 4-byte ASN) and static routes

this? -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] trying to add double tagged interface and getting errors

Remove the pop-pop and push-push statements against unit xe-0/1/1.300. JunOS will auto magically "remove" and "add" the VLAN tags to the VPLS attachment circuit; since you have declared "vlan-id none" in the VPLS definition. (no tags) It's basically saying "don't try to do manual vlan tag manip

Re: [j-nsp] VLAN in SNMP Interface Table

Using the basic SNMP IfMib for per-vlan stats on a switching interface: EX - No. Just per-port stats. QFX - You can declare a sub-unit but per-vlan, but the unit's counters dont increase MX - Yes, per sub-unit stats, but you need to declare the units as encapsulation vlan-bridge and manually de

[j-nsp] DC power lugs part numbers?

tion, so I can't just use the included lugs. -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] EX2300-C-12P PoE issues

on does make more sense to me however as that appeared to be what I was seeing where we still weren't quite at the max PoE budget and at least one or two more cameras should have come online by my calculations but wouldn't which must be that additional ~10% reserve keeping it offline. Cheers

Re: [j-nsp] EX2300-C-12P PoE issues

lag even after committing the configuration, seems to take a minute or two for the config change to flow onto the PoE controller and reflect the change from class to static management with max power of 12 watts defined. z@z> show configuration poe management static; interface all { maximu

[j-nsp] EX2300-C-12P PoE issues

after a minute or so interface ge-0/0/7 will then magically start providing power, and as soon as I rollback the config and commit it will revert right back to port ge-0/0/7 providing no power, and ge-0/0/0 powering up. Thanks, Chris --- End Message --- ___ juni

Re: [j-nsp] vMX and SR-IOV, VFP xml dump

Hi, On 22/08/2019 6:34 pm, adamv0...@netconsultings.com wrote: For some reason mine is acting as if there's some kind of throttling or pps rate performance issue. This is pinging not to the vMX but rather through the vMX so only VFP is at play. Interesting, how much traffic are you talking a

Re: [j-nsp] vMX and SR-IOV, VFP xml dump

Hi On 21/08/2019 3:32 pm, adamv0...@netconsultings.com wrote: Thank you, much appreciated. Out of curiosity what latency you get when pinging through the vMX please? It's less than 1/10th of a millisecond (while routing roughly 3gbit of traffic and this via a GRE tunnel running over IPSEC ter

Re: [j-nsp] vMX and SR-IOV, VFP xml dump

Hi, On 19/08/2019 6:59 pm, adamv0...@netconsultings.com wrote: Wondering if anyone would share their xml dump from VFP -the interface config for a working SR-IOV setup please. (not sure if vCPU related info is needed as well, probably if cpu pinning is used) Sure. This is with 4 x Intel X710 N

Re: [j-nsp] prsearch missing in inaction

n fire. On Tue, Aug 6, 2019 at 5:29 PM Karl Gerhard wrote: > Yeah, thanks Juniper for taking a year to fix a critical tool for network > engineers. > > I'll be right back, I just upgraded one of my Juniper devices and now my > network is on fire. > > > > > >

Re: [j-nsp] prsearch missing in inaction

And it's 5th August and as promised in the last KB update PR Search functionality is now back online! Thank you all at Juniper who worked on restoring this to service! On Fri, Aug 2, 2019 at 11:58 PM Richard McGovern wrote: > I am doing some new checking. I am like 99.9% sure the floppy disk id

[j-nsp] JUNOS upgrade annoyance...

that my UID existed and is a super-user. :facepalm: In other words, commit scripts (at least in python) must be owned by root if you want them to work after an upgrade, because no other user exists until after the script runs. This seems like a shortcoming... -- Chris

Re: [j-nsp] 100G DAC issue between MX204 and QFX5110

We have tested flexoptix 3rd party DAC between MX204 and QFX5120/QFX10002 with mixed results. Per release notes/ HCL, DAC isn't supported on MX204 until 18.2 https://apps.juniper.net/hct/product/#prd=MX204 We couldn't link anything with mx204 dac on anything below 18.2. There are also a few DAC r

Re: [j-nsp] Silly question for a Friday

ion and picks what to look up before it gets to looking at what table you've asked for (so adding "table inet6.0" doesn't work). -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] Silly question for a Friday

I can "show route " and JUNOS will do a DNS lookup and show the route for the resolved IP. Is there any way to control that for hosts with multiple IPs, especially IPv6? -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether

Re: [j-nsp] 4x1G QSFP?

Once upon a time, Simon Lockhart said: > On Thu May 23, 2019 at 03:15:11PM -0500, Chris Adams wrote: > > > I've seen 10G SFP+ modules inserted in 1G SFP ports, and work just fine at > > > 1G, but I suspect it depends on using an SFP+ that's multirate. > > &

Re: [j-nsp] 4x1G QSFP?

Once upon a time, Simon Lockhart said: > On Thu May 23, 2019 at 03:07:00PM -0500, Chris Adams wrote: > > Ah, okay. This may be a dumber question then: do SFP+ optics typically > > support a 1G mode as well? I've never actually tried that (just plugged > > a 1G SFP in

Re: [j-nsp] 4x1G QSFP?

Once upon a time, Simon Lockhart said: > On Thu May 23, 2019 at 02:41:34PM -0500, Chris Adams wrote: > > While looking at the Juniper port configurator for MX204 and MX10003, I > > noticed a 4x1G selection for the QSFP+/QSFP28 ports. I haven't seen a > > 4x1G QSFP; i

[j-nsp] 4x1G QSFP?

such a Juniper part either). It's something that might be of use to me, as I'm considering a MX10003 for an application, but I'd need a small number of 1G ports as well (and would rather not add a switch if I don't have to). -- Chris Adams _

Re: [j-nsp] SNMP OIDs for Yellow/Red Alarm on MX204

> > They don't seem to exist on either MX10003 or MX204... What about the other newer REs that run the RE in a VM? I wonder if that's the change. -- Chris Adams ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] About Secure Transport for RPKI on JUNOS

At Thu, 27 Dec 2018 11:57:54 +0100, Bjørn Mork wrote: > > Chris Morrow writes: > > > tls brings with it cert issues. > > Well. How bad does it have to be? Yes, you have to manage private > keys. That's the same for TCP-AO, SSH and TLS. Or any other transport

Re: [j-nsp] About Secure Transport for RPKI on JUNOS

At Thu, 27 Dec 2018 11:43:58 +0100, Bjørn Mork wrote: > > Chris Morrow writes: > > On Wed, 26 Dec 2018 14:11:19 -0500, > > sth...@nethelp.no wrote: > >> > >> Now if Juniper could implement TCP-AO and then donate the implementation > >> to FreeBS

Re: [j-nsp] About Secure Transport for RPKI on JUNOS

On Wed, 26 Dec 2018 14:11:19 -0500, sth...@nethelp.no wrote: > > Now if Juniper could implement TCP-AO and then donate the implementation > to FreeBSD? :-) This was sort of my point, yes. Thanks, as always for your cogent point(s). -chris (without something to break the ao logjam w

Re: [j-nsp] About Secure Transport for RPKI on JUNOS

On Wed, 26 Dec 2018 13:36:49 -0500, Bjørn Mork wrote: > > Chris Morrow writes: > > On Sun, 23 Dec 2018 16:15:24 -0500, > > Melchior Aelmans wrote: > >> > >> Hi Pyxis, > >> > >> On Sat, Dec 22, 2018 at 8:58 AM Pyxis LX wrote: > >>

Re: [j-nsp] About Secure Transport for RPKI on JUNOS

On Mon, 24 Dec 2018 02:38:35 -0500, Melchior Aelmans wrote: > > Hi Chris, > > > Op 24 dec. 2018 om 05:11 heeft Chris Morrow het > > volgende geschreven: > > > > On Sun, 23 Dec 2018 16:15:24 -0500, > > Melchior Aelmans wrote: > >> > >&

Re: [j-nsp] About Secure Transport for RPKI on JUNOS

On Sun, 23 Dec 2018 16:15:24 -0500, Melchior Aelmans wrote: > > Hi Pyxis, > > On Sat, Dec 22, 2018 at 8:58 AM Pyxis LX wrote: > > > Does JUNOS support any secure transports mentioned in RFC6810 for rpki-rtr > > protocol? (SSHv2/IPsec or TLS for rpki-rtr-tls?) > > > > We are discussing interna

Re: [j-nsp] dhcp relay fail between VRFs

Anderson, Charles R [c...@wpi.edu] wrote: > > bootp helper requires you to specify the routing-instance. Have you done > that? > > set forwarding-options helpers bootp interface irb.2287 server 10.0.1.10 > routing-instance FOO > set forwarding-options helpers bootp interface irb.2287 server 10

Re: [j-nsp] dhcp relay fail between VRFs

Aaron1 [aar...@gvtc.com] wrote: > I use the per-vrf dhcp-relay in ACX5048 Yeah when I use that I have both 1. a similar problem (replies are not sent to the destination vrf) and 2. the router won't forward replies to destination PE routers anymore. ___ j

Re: [j-nsp] dhcp relay fail between VRFs

Nathan Ward [nw...@daork.net] wrote: > Hi Chris, check out the forward-only-replies option, pretty sure there was > some stuff there I had to fiddle with. > > Can you post your config? > I'm using the bootp helper instead of the dhcp-relay feature. I don't know if &

Re: [j-nsp] dhcp relay fail between VRFs

up in the inet.0 route table in my first example. That's weird here, inet.0 has the "Direct" route. Chris ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] ftp.juniper.net

Tom Beecher [beec...@beecher.cc] wrote: > Lots of people (for better or for worse) may have hard linked / referenced > KB15585 in their documentation, so IMO it's a good idea to leave it up with > a bolded note of depreciation, which is what they did. > Just erase the rest of the KB after this te

[j-nsp] dhcp relay fail between VRFs

I have no trouble with dhcp relay between VRFs across MPLS PE routers, but across VRFs on the same router, the relay daemon fud fails. If I turn on debugging, I am always getting: Dec 18 19:49:06 FUD_RTSOCK_MSG_FAILURE: Unable to get prefix match: No such file or directory Dec 18 19:49:06 reply

Re: [j-nsp] Silly command?

Once upon a time, Simon Lockhart said: > On Thu Dec 13, 2018 at 10:41:49AM -0600, Chris Adams wrote: > > Oh yeah, that of course makes sense... I didn't think of checking that. > > On an MX204, the "power-on" option has no additional completions, so > > proba

Re: [j-nsp] MX480 AC Power Supply fan replacement problem?

Kevin Wormington [kw...@missouri-telecom.com] wrote: > Are the replacement fans the -R00 model of FFB0412SHN? > > I recently replaced the fans in two MX480 supplies and they worked fine and > the alarms cleared. > Oh crap. I have the -F00 versions. I'm having a hard time finding the difference

[j-nsp] MX480 AC Power Supply fan replacement problem?

, we are ok? But, JunOS still detects fan failure, and the alarm light on the front of the router goes on. Is there something that can be reset in the power supply? Or perhaps the sensor wire is sending a different signal? Any ideas? Chris ___ juniper

Re: [j-nsp] Silly command?

Once upon a time, Thomas Bellman said: > On 2018-12-13 16:10, Chris Adams wrote: > > While configuring a new MX204, I noticed this: > > > > admin@newrouter> request vmhost power-o? > > Possible completions: > > power-offPower o

[j-nsp] Silly command?

While configuring a new MX204, I noticed this: admin@newrouter> request vmhost power-o? Possible completions: power-offPower off the software on RE power-on Power on the system Umm, why is there a CLI command to turn the router ON? -- Chris Ad

Re: [j-nsp] SRX100 u-boot

Mohammad Khalil [eng.m...@gmail.com] wrote: > Dears > I have formatted the USB using FAT32 , placed the image > Physical reset took place and now the nand_format is repeating itself ! > see https://kb.juniper.net/InfoCenter/index?page=content&id=KB14175 assuming your TFTP server is at 192.168.1.

Re: [j-nsp] SRX550 Memory upgrade

Chris Cappuccio [ch...@nmedia.net] wrote: > Travers Stark [trav...@starkie.net] wrote: > > HI, > > > > Just seeing if anyone has upgraded a SRX550 to 4Gb? > > > > I know they have a 4gb version now and was hoping we could upgrade the > > older versions.

Re: [j-nsp] SRX550 Memory upgrade

Travers Stark [trav...@starkie.net] wrote: > HI, > > Just seeing if anyone has upgraded a SRX550 to 4Gb? > > I know they have a 4gb version now and was hoping we could upgrade the older > versions. > This guy appears to have made it work https://www.ebay.com/itm/Juniper-SRX550-Security-Gatew

  1   2   3   4   5   6   7   8   9   >