I had a couple over here, they seemed pretty good. I had L3VPN working and
l2circuit but didn't try VPLS and I was not aware of the limitation.
Now, I am a little surprised about this lack of feature parity. It is supposed
to be a Trio box, so shouldn't everything work?
All in all though the A
Hey All,
Does anybody know what the XE XFP socket on the SCBE-MX for? I cannot find any
documentation about it anywhere.
It's on the end of the card next to the clock interface.
--
Leigh
__
This email has been scanned by the S
around and around creating a
route that never gets anywhere because it's self sustained?
--
Leigh Porter
__
This email has been scanned by the Symantec Email Security.cloud service.
For more information pl
mamar...@mail.ru]
Sent: 06 November 2012 18:54
To: Leigh Porter
Cc: juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] MX80 MPLS L3VPN Fragment drops
On 06.11.2012 18:57, Leigh Porter wrote:
>> * Leigh Porter [2012-11-06 00:46]:
>>> A packet dump reveals that the TCP sender (FTP ser
> * Leigh Porter [2012-11-06 00:46]:
> > A packet dump reveals that the TCP sender (FTP server) will send a
> > segment, the LTE core will encap this segment and fragment the tunnel
> > packet, these fragments enter into an MX80 and into a L3VPN instance
> > but then
this?
--
Leigh Porter
__
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
> > Ethernet, IP, CCC, VPLS etc all seems supported, but when I specify
> family in any filter of forwarding-options for port-mirroring there is
> no family mpls available.
>
> I think we need ERSPAN IETF draft, so you can export the original l2,
> regardless what headers you have afterwards.
> Wh
mirroring MPLS traffic either..
Is this just not the done thing?
Thanks!
--
Leigh Porter
__
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
Yup it is a bug, it works fine in 11.4R1.6.
--
Leigh
> -Original Message-
> From: Ben Dale [mailto:bd...@comlinx.com.au]
> Sent: 20 March 2012 13:09
> To: Leigh Porter
> Cc: juniper-nsp@puck.nether.net
> Subject: Re: [j-nsp] Destination NAT on SRX cluster
>
>
> From: Ben Dale [mailto:bd...@comlinx.com.au]
>
> Hi Leigh,
>
> On 20/03/2012, at 10:53 PM, Leigh Porter wrote:
>
> >
> > error: The number of destination NAT pools exceeds limit of 0 [edit
> > security nat destination rule-set incoming-connections rule
&
"Therefore, you do not have to depend on the underlying Layer 2 QoS support."
So it sounds as though is the layer 2 QoS field is there you can use that.
--
Leigh
> -Original Message-
> From: juniper-nsp-boun...@puck.nether.net [mailto:juniper-nsp-
> boun...@puck.nether.net] On Behalf O
Did you try setting the 802.1p field and classifying based on that?
I'm about to do this also, but since this is a layer 2 service then you are
right, I don't think the IP header will be looked at. But I expect that it will
look at 802.1p and use that for QoS classification.
--
Leigh
>
: The number of destination NAT pools exceeds limit of 0
[edit security nat destination rule-set incoming-connections rule port-forward
then destination-nat]
'pool'
failed to get pool (wilderness)
error: configuration check-out failed
Does anybody know whats happening here?
Tha
pport?
We have been using SRX240s at the edge and in metro rings for some time, after
teething troubles they have all been solid. I also have some SRX220 using MPLS
over GRE over IP connected to the core using xDSL and this also works very
well. We use them for LTE/WiMAX/WiFi backhaul.
The only
Hello Rafal,
Its been a while since you posted this! Did you ever manage the 1500B
MTU with this?
I have some SRX boxes that correctly fragment the outgoing GRE packets
but the other Juniper does not reassamble them.
Thanks,
Leigh
-Original Message-
From: juniper-nsp-boun...@puck.nethe
actually make it in by default.
Interface routes for external interfaces only seem to propagate into the
table if there is a next-hop for a static of OSPF route in the same
subnet. They are available locally, but they never make it into the VPN
table.
--
Leigh Porter
I am afraid they have already lost business because of the J-series. I will
certainly not buy any more.
--
Leigh
-Original Message-
From: juniper-nsp-boun...@puck.nether.net on behalf of Richard A Steenbergen
Sent: Fri 7/23/2010 9:05 AM
To: Pavel Lunin
Cc: juniper-...@punk.nether.net
I absolutely agree with the posts on the J-series boxes. I need lots of
small(ish) boxes that will do a reasonable throughput of MPLS (PWEs, L3VPN etc)
and I was really liking the J-series, but I need some QinQ stuff that they dont
support, so I thought about the SRX would be ideal, but these
Oh... Would anybody mind telling me why this was a good idea?
--
Leigh
* Leigh Porter:
> I thought that as soon as you turn MPLS on the flow mode was diabled
> and you were back to good old packet mode?
No, packets targeted at the device itself are still processed in flow
mode. Accord
Has anybody had memory problems after upgrading to a flow based Junos release?
(i.e. the router was perfectly speced before, load the new code and you
suddenly need to uprade everything?)
Perhaps this is just another bug to add to the Junos 10 list ;-)
--
Leigh
-Original Message-
Fr
Just install Linux on the box ;-)
-Original Message-
From: juniper-nsp-boun...@puck.nether.net
[mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of Heath Jones
Sent: 21 July 2010 11:05
To: Christopher E. Brown
Cc: juniper-...@punk.nether.net
Subject: Re: [j-nsp] J series users bitten
requirements of something that is not used.
I'll be mentioning this in our requirements report for any equipment we
order for this project.
--
Leigh Porter
-Original Message-
From: Shane Short [mailto:sh...@short.id.au]
Sent: 21 July 2010 08:32
To: Leigh Porter
Cc: Jay Hanke; Christop
m
I don't suppose this trick works on the SRX as well? *grin*
-Shane
On 21/07/2010, at 2:54 PM, Leigh Porter wrote:
>
> I thought that as soon as you turn MPLS on the flow mode was diabled and you
> were back to good old packet mode?
>
> --
> Leigh
>
>
>
I thought that as soon as you turn MPLS on the flow mode was diabled and you
were back to good old packet mode?
--
Leigh
-Original Message-
From: juniper-nsp-boun...@puck.nether.net on behalf of Jay Hanke
Sent: Tue 7/20/2010 11:26 PM
To: 'Christopher E. Brown'; juniper-...@punk.nether.
This flow mode thing has (IMO) to be one of the most annoying and quite useless
features.
Perhaps it is useful for firewall/enterprise apps, but please, what else?
--
Leigh
-Original Message-
From: juniper-nsp-boun...@puck.nether.net on behalf of Christopher E. Brown
Sent: Tue 7/20
Yeah it seems OK with 1GB in the box. How do they manage to make use so
much RAM? My Linux box with 8 DSL ports does very well on 512MB :)
--
Leigh
Manu Chao wrote:
sorry to tell you need a memory upgrade (512 is the minimum no?)
On Wed, Jul 15, 2009 at 12:38 PM, Leigh Porter
wrote
and usually I only see 3 DSL PIMs, even though a 'sh chassis hardware'
declares they are all there. All the memory seems to be eaten up by fwdd.
The box has 512Mb of RAM, more then enough for 4 DSL ports and a few routes.
What's happening here? Is 9.x broken?
Thanks,
Hi,
These seems to be a common issue here with SFPs working in one rel and
suddenly not in the next rel. This really sucks quite a lot, why is this
happening?
Rather than ask if there is a supported SFP for this release/hardware, I'd
like to know why SFPs that worked fine suddenly break with a po
Duplicate packets received?
SunnyDay wrote:
hello anyone can explain this output has 200% success?
bras01:(config)#run ping x.x.x.x Sending 5 ICMP echoes to x.x.x.x,
timeout = 2 sec.
!Success rate = 200% (10/5), round-trip min/avg/max = 0/1/9 ms
bras01:(config)#
Thank you
,
Leigh Porter
UK Broadband
Masood Ahmad Shah wrote:
> I guess you have two static routes. If this is the case, as you know first
> of all the 2 routes should have the same prefix length (10.0.0.0/24,
> 0.0.0.0/0 etc) and Preference. You need to make these preferences equal
> either by
peer with your test device...Voila.
>
> Cheers,
>
> HH
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Leigh Porter
> Sent: Wednesday, February 20, 2008 9:58 AM
> To: [EMAIL PROTECTED]
> Cc: juniper-nsp; [EMAIL PROTECT
Notepad can handle 25000 lines?
;-0
--
Leigh
[EMAIL PROTECTED] wrote:
> There are several products that can generate routes for testing depending
> on your budget. IXIA devices for example will do this and more. I wanted
> to the same thing a few months ago and I ended ip logging into a fe
Ask a friendly ISP to send you a complete routing table. I would be
willing to do this.
Else get a quagga on Linux to do it.
--
Leigh
wang dong bei wrote:
> Hi talented minds,
>
> I want to do some testing with BGP and I need to inject a lots of routes,
> preferably the entire Internet routing
happen?
Thanks,
Leigh Porter
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
Hey Folks,
Do you know if I can do simple IP address translation with 8.4 ?
For example, if I see a datagram with a source address of 1.1.1.1 I want
to change the destination address of the datagram to something of my
choice (note, not the next-hop but the actual destination IP address of
the dat
> ... then the answer becomes clearer.
>
>
>
> danno
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Leigh Porter
> Sent: Monday, January 07, 2008 11:29 AM
> To: NAIDOO Kesva ROSI/I-BNF
> Cc: juniper-nsp@puck.
L PROTECTED] On Behalf Of Chris Morrow
> Sent: Monday, January 07, 2008 9:31 AM
> To: Leigh Porter
> Cc: juniper-nsp@puck.nether.net
> Subject: Re: [j-nsp] AS-PAth Prepend and Loop Command
>
>
>
> On Mon, 7 Jan 2008, Leigh Porter wrote:
>
>
>> Here here.. Who
Here here.. Who's idea was that?
Scott Morris wrote:
> >From a technical standpoint, yes. BGP sees a loop whenever it sees its own
> AS in the path.
>
> >From a political/personal standpoint, you need to reach out and smack the
> brainchild that is prepending YOUR AS into their BGP records. It
Also with GRE tunnels you may run into MTU problems. At last with MPLS
you won't have that pro
Chuck Anderson wrote:
> On Thu, Nov 08, 2007 at 08:39:23AM -0800, Hamid Ahmed wrote:
>
>
>> 2) You are giving the explanation for equal cost paths. However in
>> my case there are two unequal co
Phil Mayers wrote:
> So,
>
> On our M7i we use the 100meg management port to connect into our OOB
> network. This network is a physically separate, flat addressed private
> IP /16.
>
> On the J-series, one does not have an fxp0 with the associated
> protection from accidentally switching packets. W
Perhaps 802.11x ?
M.Mihailidis wrote:
> so what do you suggest?
> username and password authentication?
> - Original Message - From: "Leigh Porter"
> <[EMAIL PROTECTED]>
> To: "M.Mihailidis" <[EMAIL PROTECTED]>
> Cc:
> Sent: Friday, Oc
What happens if they change their MAC as well?
M.Mihailidis wrote:
> hello all
> i have a netscreen 5gt and users in the company lan are configured with
> static ip addresses.
> Is there any way that i can bind their static addresses with their
> mac-address so if they configure another ip they
Hi Folks,
Does the JUNOS Starefull firewall (on J series and M series with AS-PIC)
support PPTP passthrough?
Thanks,
Leigh Porter
UK Broadband
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
On a similar note, does anybody know if Junipers will be any good at
load balancing multiple GRE tunnels between two devices?
--
Leigh
David Ball wrote:
> The following URL may help to explain:
>
> http://juniper.cluepon.net/index.php/Load_Balancing
>
> as would the official JUNOS doc on
This is what I did, worked fine..
Stacy W. Smith wrote:
> There are definitely issues with the "junos-jseries-cf" images
> working on any CF that's not on the supported list. See: http://
> www.juniper.net/techpubs/software/jseries/junos84/rn-jseries-84/rn-
> supported-IIIparty-hw.html#rn-su
An Ethernet port that does not do ARP?
Lev Garantin wrote:
> Hello,
>
> looking at the following page, I have a couple questions.
>
> http://www.juniper.net/techpubs/hardware/m320/m320-pic/gigabit-ethernet-sfp.html
>
> I'm not sure what to make of
> "The 10-port Gigabit Ethernet PIC with SFP
Yeah well it's fudge marketing.. Cisco could do the same if they had
90Mb images too I am sure. Then you'd just have to tral through all the
myriad of variations of feature-sets and releases...
I agree though, I am sure I can work out what's an M10 and thats a M160
myself..
--
Leigh
Richard
8.3 was withdrawn last time I looked due to 32bit ASN bugs..
Paolo Autore wrote:
> 8.3 rev 1.7 is very stable
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL
> PROTECTED]
> Sent: Tuesday, July 24, 2007 18:21
> To: juniper-nsp@puck.nether.net
MrPaul wrote:
> On 6/25/07, *Leigh Porter* <[EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>> wrote:
>
>
> Thats nice. Now what I would like next is for it to run `screen`
> on each
> RS232 port. The I can log in and see what happened and scro
Thats nice. Now what I would like next is for it to run `screen` on each
RS232 port. The I can log in and see what happened and scroll back a few
k lines.
--
Leigh
Joe Freeman wrote:
> Actually, Cyclades (now Avocent) makes a dedicated console server as well...
> Check out the ACS series...
> h
irix!
Matt Yaklin wrote:
> old computone ras server with a control card that does ssh.
>
> basically a 3-4U box that has an ethernet port and 48+
> ports for terminals.
>
> runs irix.
>
> On Mon, 25 Jun 2007, Doug Marschke wrote:
>
>
>> I have used cyclades term servers with open source OS wi
So the vrf-table-label stick ALL routes in the vrf into the bgp.l3vpn
table to be propagated to other PE routers?
What happens if you want to originate a default route in say OSPF from a
PE router to the CE router using OSPF and a static route with discard?
The route will be propagated throughout
into bgp.l3vpn.0
Is there a way of changing this behavior? I would like to plug some
servers directly into a PE router routing-instance and have then
reachable, but the interface routes do not make it to the l3vpn table,
even if I explicitly ask them to be with a policy.
Thanks, folks,
Leigh
If an LSP were to fail shouldn't it be torn down anyway (unless it's all
statically provisioned I guess)
--
Leigh
alaerte vidali wrote:
> Have you used BFD for detecting failure on LSP?
> If so, do you get false positives?
>
> tks,
> Alaerte
>
> part of feature text in Juniper page:
> ==
This is a little off-topic but what's the best practice for this
configuration? Do you usually leave some room for expansion (say 50% so
a range of 10 will become 15)..
Also a range of 50-60 or 60-80 will be a range of 11 ;-)
--
Leigh Porter
UK Broadband
Monika M wrote:
> The
Hey All,
The idea of JNCIE boot is great. If anybody would like to do the same
for JNCIP then I and my company will be willing to arrange this.
--
Leigh Porter
UK Broadband
Umar Ahmed wrote:
> All,
>
> Many thanks for the great responses I've received, currently three
Erwin D wrote:
> There are some guy that I know passing JNCIE, by using the junos manual and
> read from page 1 to finish while trying every command or feature there.
>
>
> thanks,
>
> ~Erwin
>
It also helps if you have a nice network to practice on.. ;-)
Does anybody else have a special script
I have some 140s here and they work well. The older boxes (NS50) have
been in production for about two years now and have never had any issues
whatsoever.
--
Leigh
Peter E. Fry wrote:
>> Looking for comments from anyone using the Juniper SSG
>> line of security appliances, specifically model
Guy Davies wrote:
>> Hi,
>>
>>
>>> As Chuck pointed out, though, the separation is far from complete.
>>> For example, if user A logs into logical-router A and starts modifying
>>> the config for logical-router A, then user B logs into logical-router
>>> B and modifies the config for logical-r
Do it without these resources.
Write some excelent study guides.
Sell them.
Profit :)
--
Leigh Porter
Mark Tinka wrote:
> Hello all.
>
> Would appreciate if anyone could recommend excellent
> purpose-written study guides for the JNCIA, JNCIS and JNCIP
> M/T-series certi
This should address it :-)
7573:6561:6369:7363:6f69:6e73:7465:6164
--
Leigh
Paul Goyette wrote:
>> Or, if someone from Juniper could pipe in with a "We're
>> working on it
>> for the next release" sorta thing. :)
>>
>
> Non-official statement:
>
> Juniper are aware of the issue an
anybody on this group has implemented this scenario? than please share
> your sample configuration and comments.
>
> Regards
>
> Fahad
>
>
Are there any MTU issues with this?
--
Leigh Porter
___
juniper-nsp mailing list junip
Hey all,
I would like to configure NAT incoming port forwarding on a J series
router. The outbound NAT works correctly but I can not find any
documentation about incoming port forwarding. Can anybody give me some
hints please?
Thanks,
Leigh Porter
UK Broadband
Hiya all,
We have a J6350 doing outbound NAT just fine after upgrading to 8.2 to
fix a bug.
Does anybody know how to configure incoming port forwarding on a J-series?
Thanks,
Leigh Porter
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https
,
Leigh Porter
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGCS23Z0chUame06wRAgdDAJ429BqIxi8jG85D/2eB2TRYgD/0ZgCgxyqG
vFUMjIGnHRJlQzXhzUQX7TE=
=SZvH
-END PGP SIGNATURE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The LSP should be re-built unless RSVP has signaled that the path be
torn down.
Of course, a native IPv4 lookup would break if you do not have the
routes on all your routers so sending the traffic using native IPv4
lookups could be entirely pointless
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I'd say um summary that trying to load-balance multiple full BGP transit
connections is a pain in the ass and really best avoided unless it's
some simple prepend work either by prepending entire peers or using
their BGP community toys to prepend i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You can put JunOS on them?
Doesn't it become a router then?
- --
Leigh
Affan Basalamah wrote:
> Hi all,
>
> I just want to know what is the advantages for SSG520M and SSG550M to
> be upgradeable to JunOS 8.0 rather than ScreenOS. What about all
I can do this maybe tomorrow if you can email me to remind me ;-)
-Original Message-
From: [EMAIL PROTECTED] on behalf of Ed Ronayne
Sent: Tue 2/20/2007 4:21 PM
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Transparent Proxy
Hi all,
Long time reader first time poster.
Sorry folks, not sure where this hid for all that time!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Leigh Porter
Sent: 20 February 2007 14:17
To: Pekka Savola; juniper-nsp@puck.nether.net
Subject: Re: [j-nsp] Optical integration - optical IMUX
It is
It is crazy pricing I am seeing even for 10G interfaces. I'm stuck with
trunked 1G interfaces and it makes my racks look all messy.
What happened to the super-cheap optics for 10G?
--
Leigh
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Pekka Savola
Se
a few hundred thousand
terminations..
Thanks,
Leigh Porter
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFF0Za0Z0chUame06wRAqPIAJ9wkA4GP47aOE/CKwwMD8qvU/55BgCfe+jd
VrkjsuO5S4gQGGmNTZhd4sk=
=8+Re
-END PGP SIGN
Get a juniper sales person in and pretend you're going to spend $800,000 and
then say how much your son loved the Juniper shirt and how sad he was that it
got broken. You'll soon have another ;-)
In fact, I'll ask our suppliers for one and post it over to you. What size
would you like?
--
Lei
-encrypted), encrypts it, and then maps it into a 2547 VPN.
--
Leigh
-Original Message-
From: Peder Christian Bach [mailto:[EMAIL PROTECTED]
Sent: Fri 1/5/2007 9:37 PM
To: Leigh Porter; juniper-nsp@puck.nether.net
Subject: SV: [j-nsp] Encrypted LSP
Hi.
Take a look at this.
http
Hiya,
Does anybody know if you can encrypt traffic on a LSP?
i.e. have encrypted LSPs ?
Thanks,
Leigh Porter
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
75 matches
Mail list logo