that requested page is
unavailable on the server.
Thanks
Humair Ali
Sent from my iPhone
On 25-Oct-2012, at 1:21 AM, Chris Morrow morr...@ops-netman.net wrote:
On 10/24/2012 03:44 PM, Humair Ali wrote:
I have juniper srx 240 want to block http
how about just deny destination port 80
But what about the context i tried this with almost all of http-html
combination nothing works
Sent from my iPhone
On 25-Oct-2012, at 12:10 PM, Per Granath per.gran...@gcc.com.cy wrote:
The signature
HTTP:STC:SRVRSP:404-NOT-FOUND
should do that.
I have srx 240 want to block http 1.1
I have juniper srx 240 want to block http
Sent from my iPhone
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
I have srx 240 want to block http 1.1 404 not found replay from server to
client with IDP but not able to find context and pattern combination.
Thanks
Humair Ali
Sent from my iPhone
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https
What if you put the policy and check on the other end
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Actually CFM would be appropriate with what Chip is trying to achieve,
CFM monitor a maintenance session end to end and works a vlan or link level.
Why not monitor Cust Rtr interface to MX1 accross the bridge network via
CFM and have an action profile assign to it ?
or monitor Cust Rtr 1 to
Hi Ben
not sure if you raised it before, but if you are looking at QinQ, and
point-to-point is a viable solution, you should be able to do QinQ accross
L2circuit .
In regards to the Switched network between PE CE , why not use CFM to
monitor the service end to end.
but if you are planning to
Not sure about J-series, only dealt with MX for MVPN,
on PE1 (J-series), what state do you see in show mvpn c-multicast
extensive ?
can you post your output here ?
Thanks
On 13 February 2012 14:40, Stacy W. Smith st...@acm.org wrote:
I think we will need to see the configs.
Have you
Well debug says nothing except it is droping temp packets
Humair Ali
Sent from my iPhone
On Jan 19, 2012, at 1:28 AM, Asad Raza
asadgard...@gmail.commailto:asadgard...@gmail.com wrote:
any output of traffic log or debug?
regards,
Asad
On Thu, Jan 19, 2012 at 12:48 AM, Morgan McLean
2012 15:57, Sebastian Wiesinger
juniper-...@ml.karotte.org wrote:
* Humair Ali humair.s@gmail.com [2011-12-23 16:41]:
Sebastian,
you should be able to achieve what you want by using Virtual Switch Routing
instance instead of VPLS routing instance.
you can confirgure a Virtual Switch
...@revenuewire.comwrote:
On Tue, 3 Jan 2012 16:37:11 +
Humair Ali humair.s@gmail.com wrote:
Hi,
I have an IPSEC tunnel between an Juniper SRX (policy based)
running 10.4R6.5 and a Cisco ASA 5510, the SA's are established
but about once per
24h hours (but can also work
Yep , I stand corrected !
*DPD addresses the shortcomings of IKE keepalives- and heartbeats-
schemes by introducing a more reasonable logic governing message
exchange*
On 4 January 2012 22:08, Burkhard Ott b...@revenuewire.com wrote:
On Wed, 4 Jan 2012 21:58:10 +
Humair Ali humair.s
Hi Johan
I am guessing the 24hrs is also the lifetime of one of your phase 1 or
phase 2 ?
It could be a bug in that the Juniper does not rekeying the phase 1 or the
phase 2 (although the SA are up, the rekeying does not occur properly),
thiss wouldn't be uncommon especially when peering with a
difference.
Regards
Johan
On Tue, Jan 3, 2012 at 11:34 AM, Humair Ali humair.s@gmail.comwrote:
Hi Johan
I am guessing the 24hrs is also the lifetime of one of your phase 1 or
phase 2 ?
It could be a bug in that the Juniper does not rekeying the phase 1 or
the phase 2 (although
Sebastian,
you should be able to achieve what you want by using Virtual Switch Routing
instance instead of VPLS routing instance.
you can confirgure a Virtual Switch instance with protocol VPLS in it , and
create a bridge-domains to allow all vlans , that should allow you to be
able to create a
understood how JunOS will look at ARP output like above
(make sure there is no confusion) :)
-Original Message- From: Humair Ali
Sent: Friday, December 16, 2011 9:26 AM
To: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] DA rejects
Can you please share the show arp output.
Thanks
Can you please share the show arp output.
Thanks
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
I think it is cuz of bgp prefix size
Thanks
Humair Ali
Sent from my iPad
On Dec 15, 2011, at 11:38 PM, juniper-nsp-requ...@puck.nether.net
juniper-nsp-requ...@puck.nether.net wrote:
Send juniper-nsp mailing list submissions to
juniper-nsp@puck.nether.net
To subscribe or unsubscribe
Hi Harbor
It depends on the type of FPC you have,
To my knowledge, depending of the FPC type , you can have between 1Million
to 1.8 millions in the FIB for IPv4 unicast and 500 000 for IPv6 ( still
in the FIB)
Having said that , these numbers were what I gathered a while back so not
sure if
Dear please check the junos version as that can be the issue
Thanks
Humair Ali
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Hi Harbor
It depends on the type of FPC you have,
To my knowledge, depending of the FPC type , you can have between 1Million
to 1.8 millions in the FIB for IPv4 unicast and 500 000 for IPv6 ( still
in the FIB)
Having said that , these numbers were what I gathered a while back so not
sure if
arent you missing the interface in your bridge-domain ?
On 11 November 2011 11:46, saurabh sood saurabh...@gmail.com wrote:
Hello Experts,
During the configuration for vlan and vlan l3-interfaces we observed
error: device vlan not found.
Following is configuration which i did on MX80
Hi Guys
Anyone is aware when the LNS feature will be supported on the MX-series ?
--
Humair
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
If you need a shorter mac timeout,
you can set the mac aging timer to a lower value than the default 300ms
timeout
On 20 October 2011 20:28, Sebastian Wiesinger juniper-...@ml.karotte.orgwrote:
* Phil Bedard phil...@gmail.com [2011-10-13 02:01]:
Coming soon to at least one platform, but
Hi Tim
not sure what you mean by using LACP/AE accross the multiple network to R2 ,
as LACP PDU does not go beyond the first physical interface it encounters,
unless as mention by David, you use some kind of tunneling, but then again I
am not sure how it works accross providers.
But David is
Would something like this work ?
lt-0/0/0 {
unit 0 {
encapsulation vlan-ccc;
vlan-id 100;
peer-unit 1;
}
unit 1 {
encapsulation vlan-bridge;
vlan-id 100;
peer-unit 0;
}
}
ge-0/1/5 {
flexible-vlan-tagging;
encapsulation flexible-ethernet-services;
unit 100 {
Hi Keegan
As far as I know , in VPLS, it uses split horizon as loop avoidance
mechanism , and you should not see any loop occurring in a VPLS
setup,(pending the rest of config is correct)
The only way you could have a loop in VPLS is when you start having your CE
dual homed , where in that case
*Is there interest in:
- VPLS Multihoming scenarios?
- Enabling Spanning Tree on the PE towards the CE per VPLS instance?
- Enabling the use of P2MP LSPs for BUM traffic*
Definitely yes for all the 3 above,
regarding the P2MP LSP for BUM traffic, I would ideally like to see some
best
just to clarify ,
you have :
PE2 with 2 link , 1 to RR1 (let's call it link 1) and 1 to RR2 (link 2)
PE3 with 2 link , 1 to RR1 (let's call it Link 3) and 1 to RR2 (link4)
you could set local pref to link to PE2 to 150 (RR1 to PE2 will be
preferred), and link 2 (PE2 to RR2) as standard 100
Dear Walaa,
Try to use redundancy-group 0 for same purpose
Thanks
Humair Ali
From: juniper-nsp-boun...@puck.nether.net [juniper-nsp-boun...@puck.nether.net]
On Behalf Of juniper-nsp-requ...@puck.nether.net
[juniper-nsp-requ...@puck.nether.net]
Sent
Hi Keegan
this is actually the case, this is one of the limitations of CCC setup, is
that it requires it's own LSP for each CCC connection ,
this is the main difference with the l2circuit/l2vpnwhere u can us the same
LSP for multiple traffic
On 7 February 2011 21:03, Keegan Holley
have you consider using a specific routing instance for each of your 2
client organisation and have ospf configure accordingly under these routing
instance ?
On 14 September 2010 12:36, Henri Khou henri.k...@ehess.fr wrote:
Hello,
I'm trying to find the best way to redistribute BGP default
you could use the allow-command
might be faster for you than searching through which permission gives you
this commands
On 11 August 2010 14:45, Jeroen Valcke jeroen.val...@belnet.be wrote:
Hello,
I've created a restricted user class. Basically users in this class
should only be able to
you can look into smartoptics as well.
On 25 July 2010 11:13, Eric Van Tol e...@atlantech.net wrote:
We buy MRV SFPs. Same quality at a tenth the price.
-evt
Eric Van Tol
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Atlantech Online, Inc. | http://www.atlantech.net
phone:
Hey Heath
I assume you met the stripper in a... supermarket in the Whisky drinks
section ...;-)
She might even have a stripper friend called Cisco with whom she doesn't get
along with ;-)
On 23 July 2010 10:41, Heath Jones hj1...@gmail.com wrote:
On 23 July 2010 08:03, Pavel Lunin
Hi All
MX480
Junos 9.6 R3
We are experiencing some MTU issue on one of our circuit.
We have been provided a circuit by a 3rd party provider that only supports
MTU size 1518,
Unfortunately it seems they cannot provide Jumbo Frames,
However for our backbone we required to have Jumbo Frames
locally. that might get you bye. good luck
rgds,
--r
On Jul 7, 2010, at 1:59 AM, Humair Ali wrote:
Hi All
MX480
Junos 9.6 R3
We are experiencing some MTU issue on one of our circuit.
We have been provided a circuit by a 3rd party provider that only
supports
MTU size
On top of what Dale just requested in terms of info,
here what else you could do:
1. create an any any any allow policy, place at top of the rule based, to
see if SMTP now reaches the mail server, this would eliminate any policy
problem.
2.
you said the tunnel is up , and that non SMTP traffic
what I think, and it might actually be worth only 2 cents , but
that's my 2 cents ;-)
On 30 June 2010 11:08, Mark Tinka mti...@globaltransit.net wrote:
On Wednesday 30 June 2010 03:38:45 am Humair Ali wrote:
i think most implementation use inclusive P-tunnels, as
it easier to manage
Hi David,
Mark is absolutely correct, his example is specific to NG MVPN, although
technically you can also have
L3VPN P2MP, but yeah now best to move to NG MVPN if you can , and get the
benefits of a BGP based core.
Regarding Mark comments that most are using inclusive P-tunnels, we are
using
yep , I dont know wha's wrong but I keep agreeing with Mark today ;-)
I would start with JNCIA, because if you come from a Cisco background, there
are some chapter in the JNCIA that talk about the hardware architecture of
Juniper router (not in depth but it's good to know) , and cover somes junos
HI Tarique
what type of TCC are you talking about ? VLAN -TCC ?
I guess it depends on how JKING wants to do his VLAN mapping,
from what I remember VLAN-CCC only supports one type of TPID, whereas
vlan-rewrite can support all 3 types of the TPID.
now don't ask what the 3 TPID 0x8... are as I
42 matches
Mail list logo