e-buffer {
##
## Warning: statement ignored: unsupported platform (srx550)
##
large-scale;
}
}
}
Regards,
Gabriel Farias
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Please not response, Publishing again?
2016-06-16 16:18 GMT-03:00 Gabriel Farias :
> Message: health-monitor as the cause?
>
> Hello members,
>
>
> There are many options to monitor the health of Juniper equipment with
> Junos, the record of events usually are via snmp and l
onitor: RE 0 CPU utilization crossed falling threshold 30 (value:
23), (variable: jnxOperatingCPU.9.1.0.0)
Jun 16 13:20:14 RT0001AMZ snmpd[923]: SNMPD_HEALTH_MON_THRESH_CROSS:
Health Monitor: RE 0 CPU utilization crossed rising threshold 40 (value:
44), (variable: jnxOperatingCPU.9.1.0.0)
Regards
size bytes per packet.
I thank those who have the information.
Gabriel Farias
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Does anyone know what is the __jdhcpd_v4_count__ policer and what are the
default values? I configured dhcp relay on an MX router and I see the
policer counters increasing with an almost constant value of 4pps.
Thanks,
Mihai
___
juniper-nsp mailing list
On 13-10-23 11:59 AM, pkc_mls wrote:
> Le 23/10/2013 17:15, Gabriel Blanchard a écrit :
>> are the ciscos configured with a distributed port-channel as well? (On a
>> rethx from the SRX i'm assuming)
> Hi,
> Can you please indicate what a distributed port channel is ?
are the ciscos configured with a distributed port-channel as well? (On a
rethx from the SRX i'm assuming)
On 13-10-23 11:12 AM, pkc_mls wrote:
> Hi all,
>
> I'm running a cluster of srx 240 connected to a pair of cisco 2960
> switches with a port channel.
>
> ESXi servers are also connected to the
Hello,
You are always right :) Everything works as expected now.
Thanks,
Mihai
On Wed, Oct 23, 2013 at 2:04 AM, Antonio Sanchez-Monge
wrote:
> Agreed, that should do the trick too :)
>
>
> On 10/23/13 1:01 AM, "Stacy W. Smith" wrote:
>
> >Agreed.
> >
> >The lt-1/1/10.770 interface which is i
Hello,
I have a basic setup with 2 PE's (X and Z) , one multicast source attached
to X and one receiver attached to Z.
I configured a NG-MVPN with rsvp-te between PE's but X doesn't send SA
autodiscovery to Z so the traffic is dropped.
x> show configuration routing-instances
mvpn {
instance
You should enable the sap protocol for the group you want to generate join
messages.
On Tue, Sep 10, 2013 at 2:18 PM, Vladislav Vasilev <
vladislavavasi...@gmail.com> wrote:
> Robert,
>
> Just noticed you actually have "ip pim passive" under the interface...
>
> The "ip igmp join-group" in Cisco
Hello,
I use a simple topology to setup a Rosen 7 multicast vpn like this:
S1 -> R1 (PE) -> R3(P) -> R5(PE)->Rec
The multicast traffic always stay on the default MDT even though the data
MDT is configured.
Am I doing something wrong?
r1# top show protocols bgp
group mvpn {
type internal;
I'm attempting to turn up an VPLS circuit and it appears that only one
side is showing as Up while the other is showing as VC-Dn
I turned on a trace and seeing this error message
Jul 16 10:46:59.190366 [vc_intf_vc_status_update] Recomputing the status
of the VC for interface: vpls-7.2.3, flags 0x
We run pretty much exactly what you describe in the 100Gbps+ scale using
MX480s with RE-S-1800 and don't have any problems.
Contact me off list if you need any tips.
On 13-07-02 04:58 AM, Morgan McLean wrote:
> Hi,
>
> I've only really dealt with traffic levels under 20Gbps. I have a client
> tha
VPLS with RR works very well for me in a small lab (see the example below).
Make sure that your loopbacks are reachable through ldp and mpls is enabled
on the interfaces.
mx5t# top show logical-systems r1 protocols bgp
group rr-client {
type internal;
local-address 172.27.255.1;
family
chard Hesse [mailto:richard.he...@weebly.com<http://weebly.com>]
Sent: Friday, June 28, 2013 5:52 PM
To: Gabriel Blanchard
Cc: Drew Weaver; juniper-nsp@puck.nether.net<mailto:juniper-nsp@puck.nether.net>
Subject: Re: [j-nsp] Inline jflow AS Lookup Failures
Did you report the crash to Junip
I tried 12.3. Crashed within 24h
On 2013-06-28, at 2:59 PM, Drew Weaver
wrote:
> How much of a disaster (vs 11.4) are we guessing that 12.3R3 is going to be?
>
> From: Richard Hesse [mailto:richard.he...@weebly.com]
> Sent: Friday, June 28, 2013 2:58 PM
> To: Drew Weaver
> Cc: juniper-nsp@puck
anks, we are mainly looking at basic FW, VPN, and routing capability,
which we need to be rock solid. We do not intend to use the IPS and UTM
type features at the moment.
Thanks,
-Andrew.
On Wed, Jun 12, 2013 at 3:17 PM, Andrew Gabriel wrote:
> Hi,
>
> We are evaluating the SRX 3000
Hi,
We are evaluating the SRX 3000 series firewalls for our datacenter, and
would appreciate some feedback from folks who are already using/deploying
the SRX platform.
I understand that the initial software versions had a large number of bugs
and features that just wouldn't work reliably. Juniper
I don't have the book with me right now to check, but I tried your setup
without succes:)
A workaround for this would be a generated default route on R4 when
8.8.8.8 exists in customer.inet.0
mihai@mx#run show route table customer.inet.0 0.0.0.0/0 exact
customer.inet.0: 8 destinations, 8 routes
Same thing here, that or I had to
deactivate security vpn
commit
and reactivate.
commit
On 13-03-20 02:03 PM, Bjørn Tore wrote:
> As I mentioned offline - I once had to reboot an SRX 240 after changing IPSEC
> config, to make things come up. Might not be the case here, but with the code
> qual
If it's for a lab...why not run greatest and latest? if not, run the
recommended.
On 13-02-07 03:08 PM, Steve Feldman wrote:
> I have a couple of shiny new MX40s in my lab, and need to do some testing
> before we deploy them.
>
> They will be doing fairly vanilla BGP (~2 full feeds), IS-IS and/o
On 12-11-26 10:05 AM, Saku Ytti wrote:
>
> This is very new feature to JunOS. I think 12.1 for T4k. And maybe 12.2 for
> MX, unsure.
>
Thanks, I just got confirmation from Juniper that this is indeed
supported as of 12.2 on MX.
-Gabe
___
juniper-nsp
Has anyone on this list been able to implement uRPF to work in a
multi-homed environment? I'm trying to implement it so that it black
holes traffic based on source address and so far what I've read tells me
this is not supported.
-Gabe
___
juniper-nsp ma
Hello,
Is Juniper's implementation of next-hop self on a RR a violation of
RFC1966?
" In some implementations, modification of the BGP path attribute,
NEXT_HOP is possible. For example, there could be a need for a RR to
modify NEXT_HOP for EBGP learned routes sent to its internal peers.
Yes I have accounting configured but the deactivation of it doesn't help at
all.
On Mon, Nov 5, 2012 at 12:41 AM, Ben Dale wrote:
>
> On 04/11/2012, at 3:12 AM, Mihai wrote:
>
> > Hello,
> > I have an MX480 running 11.4R2.14 with a weird behavior of the
> pseudo-terminal (always ttyp3) allocat
sco side, VS vlan 601 on Juniper side?
>
> Is that my dyslexia, or yours?
>
>
> On Thu, Nov 1, 2012 at 8:49 AM, Mihai Gabriel wrote:
>
>> I configured something similar (vpls instead vlan-ccc) with something like
>> this on Juniper:
>>
>> Interfaces {
>&
I configured something similar (vpls instead vlan-ccc) with something like
this on Juniper:
Interfaces {
ge-1/1/6 {
unit 901 {
description "C-PE2 to S-CE2";
encapsulation vlan-vpls;
vlan-id 901;
I replaced some months ago a 7600-SUP32 with one Brocade CER2024 and I was
very satisfied about their performance.
Some features tested by me: bgp. Ospf, ldp, mpls, vrf, eompls,
spanning-tree,ipv6, wire speed 10G ports.
The olny feature not supported at that time was ipv6 in vrf,but they
promised
and move all the traffic through RR? :)
On Tue, Sep 4, 2012 at 4:47 PM, Olivier Benghozi <
olivier.bengh...@wifirst.fr> wrote:
> Maybe you could try to configure next-hop-self on the Cisco's side, on all
> AFI?
>
> Le 4 sept. 2012 à 13:12, Mihai Gabriel a écrit :
>
&
You are partially right. The bgp session is established without
inet6-unicast capability advertised by Juniper, but as soon as Juniper
receives an ipv6 prefix with a native ipv6 next-hop from Cisco, it will
immediately close the session .
My Cisco router is a route reflector with a lot of clients
-
>
> Based on the error message:
>
> "peer: (273) us:
> (257)"
>
> You need to enable the unicast address family under ipv6
>
> set protocols bgp group test family inet6 unicast
>
> -cb
>
> On Sep 3, 2012, at 11:04 AM, Mihai Gabriel wrote:
>
> >
Hello,
Did any of you manage to configure a bgp session between Cisco and Juniper
using family inet6 labeled-unicast on Juniper? I am trying to configure 6PE
but the bgp session does not come up because Juniper does not send
ipv6-unicast capabity to Cisco
Juniper config:
group test {
type intern
vrf-table-label missing?
On Thu, Aug 30, 2012 at 10:44 AM, Johan Borch wrote:
> Hi
>
> I have a problem with getting traffic to flow between L3VPN VRF's, I can
> see LSP's ingress & egress, routes are installed in both VRF's but I can't
> get any traffic got pass if I try to ping from on the VRF
Hello,
I am reading the bgp regexp examples on Juniper site (
http://www.juniper.net/techpubs/en_US/junos10.2/topics/usage-guidelines/policy-configuring-as-path-regular-expressions-to-use-as-routing-policy-match-conditions.html)
and I cannot understand this sentence:
Path whose second AS number
This is the topology:
http://img52.imageshack.us/img52/5512/avpn.png
Sorry
On Fri, Aug 10, 2012 at 11:57 AM, Mihai Gabriel wrote:
> Hello,
>
> I am trying to test the node-protection feature in a lab using an MX5
> router with logical-systems and I can't find the
Hello,
I am trying to test the node-protection feature in a lab using an MX5
router with logical-systems and I can't find the reason why is not
working.The topology I use is here:
http://imageshack.us/photo/my-images/849/avpn.png/
All routers are configured for mls,rsvp,ospf,link-protection, but
ogical tunnel interfaces. That's why
> you don't see R2 in the traceroute. They haven't released in which
> version they are going to fix it yet.
>
> Kindly
>
> Magnus
>
> On 2012-05-22 14:32, Mihai Gabriel wrote:
> > Hello,
> >
> > I am try
Hello,
I am trying to test some features with an MX5-T router with
logical-systems but my results are below expectations and I don't
understand what's wrong.
The topology and the config are very simple: R1 --- R2 ---R3 :
mx5t# run show version
Hostname: mx5t
Model: mx5-t
JUNOS Base OS boot [11
We have simple filters configured on our 10Gbps as well on our DPCs and
can definitely push more than 8gbps. Though mostly in one direction. Are
you saying it's limited to 8gbps in both directions?
I'm curious to know which Junos version you are running.
Gabriel Blanchar
/techpubs/en_US/junose9.3/information-products/topic-collections/broadband-access/service-definition-examples.html
Only thing is, you will need the service management license.
Gabriel Blanchard
Director, Information Technology
TekSavvy Solutions
On 11-10-20 01:40 PM, Paul Stewart wrote:
Thanks fo
mlppp
On 08/21/2011 08:11 PM, Martin T wrote:
Is it possible to load-balance traffic between a Juniper M10i and
Cisco 1812 using two different last-mile(ADSL2+) providers? Topology
should be like this:
http://img803.imageshack.us/img803/8766/loadb.png
Idea is to use both ADSL2+ links simultane
considering that the ERX series is being decommissioned soon and
"replaced" by the expensive E series I'm also very interested.
Somehow I doubt that the MX80s are as capable as the ERXes when it comes
to BRAS stuff.
-Gabe
On 08/18/2011 02:49 PM, Paul Stewart wrote:
We are just heading down
We have a very similar setup (for some obvious reason) and it works just
fine. We use Framed-IP-Address. No other attributes are required.
What I suggest is that you try the "test aaa" command in the ERX and try
to test the login that way from the console and see what's going on.
-Gabe
On 08
try turning on BGP debugging on the ERX. It's likely a timer expiry like you
pointed out but at least that way you'll be able to tell where the problem lies.
-Gabe
On 2011-05-02, at 7:19 PM, Paul Stewart wrote:
> Hi there.
>
>
>
> Turning up an ERX-310 for a customer - it's multihomed to 2 d
The policer is dropping packets in order to slow down your connection to
10mbps. In my opinion this is working perfectly.
On 2011-04-04, at 8:30 AM, "Martin T" wrote:
> With such configuration: http://img135.imageshack.us/img135/3162/iperftest.png
>
> ..there is still packet loss present:
>
How much if I may ask?
-Gabe
On 2011-03-24, at 12:41 PM, Giuliano Medalha wrote:
> You can take more advantage with MX80-5 new promotional bunde.
>
> It supports 20 x SFP Interfaces, came with ADC-R License , TRIO3D chipset
> and 2GB DRAM (4m rib routes).
>
> It came with 4 x XFP slots (blocke
flow-tools
On 2011-03-22, at 2:03 PM, Michael Lee wrote:
> Hello:
>
> I am trying to eval netflow collector for multi-vendor hardwares, anyone
> could suggest any good commercial netflow collector running on Linux?
>
> Thanks,
>
> ~mike
> ___
> junip
I had the same problem... I couldn't figure it out a few years back
What you need to do is just feed it with the appropriate .rel file and the ERX
will automatically pull all the other required files on it's own via ftp.
-Gabe
On 2011-01-07, at 3:17 PM, Paul Stewart wrote:
> Hi folks.
>
>
>
interface lo0.501;
protocols {
bgp {
log-updown;
group PEER-1
How we set it in logical systems, or it is done globally?
Gabriel Farias
___
juniper-nsp mailing list juniper-nsp@p
Hey,
I'm attempting to dynamically tunnel switch some of our users.
The requirement is that the tunnel is initiated from a different virtual router
and it appears that the radius attribute that I'm using simply doesn't work.
t...@teksavvy.com Cleartext-Password := "test123"
On 2010-10-25, at 5:05 PM, Richard Zheng wrote:
> Hi,
>
> A juniper reseller came back with a suggestion of J-4350. The price is
> similar to a used M7i. I was surprised by this option first. Then
> considering that the application is for a small ISP, it might not be bad.
> The DRAM may be upgra
Hi members,
I need to do traffic engineering in backbone IP/MPLS from point A to point
B, but just need some prefixes, part of the traffic is sent via TE and I'm
seeing all traffic exiting via TE from point A to B. *What do I need to send
only the prefix 10.152.42.0/25 via TE and not all traffic*
gt;>>>>>>>>>>>>>>>
Jun 17 16:35:32 snmpd[5709] >>> Get-Next-Request
Jun 17 16:35:32 snmpd[5709] >>> Source: 10.31.0.236
Jun 17 16:35:32 snmpd[5709] >>> Destination: 10.251.42.230
Jun 17 16:35:32 snmpd[5709
needed?
Thanks,
Gabriel Farias
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Thanks, I'll use the suggestion Mohan, established neighborhoods EBGP
between Ls1 and LS2 to LS3
Gabriel.
2010/5/29 Alan Gravett
> Gabriel,
>
> You cannot copy routes between Logical Systems, as there is a separate RPD
> instance
> for each LS. (unlike VRs where rib-gr
Thanks this would be the only option?
Best regard,
Gabriel Farias
2010/5/28 Mohan Nanduri
> you can configure bgp session between the logical systems, as they are like
> a true separate router.
>
> On Fri, May 28, 2010 at 3:27 PM, Gabriel Farias > wrote:
>
>> Hel
with J-net and also in part of Juniper support site and
found much documentation, but nothing talking about this specific issue.
Thanks,
Gabriel Farias
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo
Gabriel Farias
2010/4/5 Serge Vautour
> Hello,
>
> eBGP shouldn't come into play here. Your physical interfaces are bundled as
> 1 logical interface (ae0). Load balancing over L3 LAG interfaces works the
> same as ECMP links. You have to configure this:
>
>
> ht
Stefan,
This configuration has no effect, because the connection (PE x CE) uses EBGP
routing within the VRF dados.
What I need is to balance the outbound traffic of physical interfaces of
RT110, you have any other suggestions?
Thanks
Gabriel Farias
2010/4/5 mail-list
> try this and see
Stefan,
Any suggestions to correct this imbalance?
Thanks,
Gabriel Farias
2010/4/1 Gabriel Farias
> Sorry for my bad translation, follows the configuration:
>
> *Interfaces*:
> show configuration interfaces ge-3/0/0
> description "*BA* G2/47 - SW001";
> gigether
alance.
>
> Thanks,
>
>
> Stefan Fouant
>
> Sent from my Verizon Wireless BlackBerry
> --
> *From: * Gabriel Farias
> *Date: *Wed, 31 Mar 2010 18:51:04 -0300
> *To: *
> *Cc: *;
> *Subject: *Re: [j-nsp] Load Balance in VRF by Junos
>
> I'm not using E
I'm not using EBGP external type in PE (M120)
Reagards,
Gabriel Farias
2010/3/31 Stefan Fouant
> Do you have multi-path enabled on your EBGP sessions?
>
> Stefan Fouant
>
> Sent from my Verizon Wireless BlackBerry
> ------
> *From: * Gabriel
configuration
routing-instance not have all the options.
Thanks
Gabriel Farias
2010/3/31 Stefan Fouant
> You need the following:
>
> 'set routing-option forwarding-table export load-balance'
>
> and
>
> 'set policy-options policy-statement load-balance then load-bal
-balance {
indexed-next-hop;
}
hash-key {
family inet {
layer-3;
layer-4;
}
}
Thanks,
Gabriel Farias
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
>
>
> to use a DHCP-server to do the address-management should work in
> general. The docs say so:
>
> http://www.juniper.net/techpubs/software/erx/junose82/swconfig-broadband/html/dhcp-server-config6.html
>
Thanks. I happen to have found this information just today.
>
>
> and I've heard about it
cause we need to manage different types of IP pools.
If anyone could throw in suggestions, would be appreciated.
-Gabriel
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
on
I get a full list of all the subscribers while walking the OID tree of
1.3.6.1.2.1.31.1.1.1.18 . I would like to be able to only see the physical
interfaces without the subscribers with the description included.
-Gabriel
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Hi,
I have been unable to find what is the OID for Junose (E-Series) for the
interfaces ip description. All I've been able to get is the name of the
interfaces which is not exactly what I want. Can anyone help me here?
-Gabriel
___
juniper-nsp ma
My understanding is that if ppp
fragmentation is enabled and you don't specify the fragment size, it
will use the customer's provided MRRU...thus should not affect the
customers that don't actually use MLPPP...is that correct?
-Gabriel
> I'll bet you have a
> problem that fits the NS50 bandwidth, policy, and session
> limitations, but requires more VLANs, eh?
>
Exactly...we would need about 30 VLANs and it limits to 16...
Thanks anyway
-Gabriel
___
juniper-nsp mai
else.
-Gabriel
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
t;
> Joe
>
Omg It works! Thanks!
Gabriel
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
ed to learn routes or defaults from your ISPs.
>
I'm advertising the routes through OSPF and I control the router on the
other end so that's not a problem.
Thanks
-Gabriel
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
sically you are saying the only way to have this work is to have a
second device do the nat? There is no other way arround right?
-Gabriel
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
some reason this doesn't work. The only way I have been able to make
it work is by binding the NAT IP to one of the external interfaces...but
this is not what I want since I would like my configuration to be
redundant so that if one of my external interface fails...I'm still
online.
Thank
On the same note, we have experimented with VLAN tagging with Olives
here as well and noticed that we are unable to get an MTU of 1500. The
Olive automaticaly reduces the MTU to something lower (forgot the exact
number). Is there anything that can be done about that?
-Gabriel
> -Origi
re is increasing and
decreasing randomly everytime I check, shouldn't that just be
increasing? This doesn't seem right. Either way, is dropped packets an
indication that there is too much load on the router here on the
fabric-queue?
Thanks
Gabriel
ing: 1
cpu MHz : 2800.307
The accounting logs are first logged into a text file, then relayed
through a script to a MS-SQL database. We are thinking one installed 2
or even 3 of those servers that will load balance everything. The MS-SQL
server itself is a dual-xeon 3.0ghz.
-Gabrie
We have an ERX310 router with over 10,000 sessions of ADSL customers and
would like to enable Interim-Updates through radius to have it send
updates every x minute to update accountingmy concern is that this
may add a LOT of load on the radius accounting server. Does anyone know
what would be
Just to let you guys know I subscribed to this list as it seems to be a
good one and we own an ERX (soon 2) and an M7i.
Gabriel Blanchard
Network Administrator/Development
TekSavvy Solutions Inc.
330 Richmond Street, Suite 205
Chatham, ON, N7M 1P7
Toll Free: 877-779-1575
Tel: 519-360-1575
Fax
80 matches
Mail list logo
