[j-nsp] EX4550 QSFP bounce

Hello fellow Juniperers, I'm playing with some EX4550s as boxes for 1 and 10 Gbps breakouts. For uplinks I've installed the 2x QSFP expansion module in the front slot, and am using QSFP DACs. In testing I noticed that whenever something is inserted into et-0/1/0, et-0/1/1 stops working for a

Re: [j-nsp] vRR License Key

Thank you Michael, it does indeed! Have an excellent night! Cheers Ross From: Michael Hobl Sent: May 28, 2021 10:12 AM To: Ross Halliday Cc: juniper-nsp@puck.nether.net Subject: [EXTERNAL] Re: [j-nsp] vRR License Key Hi Ross, As far as I'm aware, vRR doesn't require any licensing within

[j-nsp] vRR License Key

Hello everyone, I'm hoping that someone here with vRR in production is able to answer me this simple question: After obtaining the appropriate license, is there a key that needs to be activated or installed? Is there a command like setting R or IR mode on a hardware MPC? Is this just a paper

Re: [j-nsp] MX204 and QSFP+ breakouts

Of Chris Adams Sent: April 30, 2021 6:50 PM To: juniper-nsp@puck.nether.net Subject: [EXTERNAL] Re: [j-nsp] MX204 and QSFP+ breakouts Once upon a time, Ross Halliday said: > Do FS QSFP+ breakout DACs and AOCs work on this platform? Is there some magic > sauce firmware I'm too daft to find?

[j-nsp] MX204 and QSFP+ breakouts

Dear list, On a lark we picked up 4x10GbE breakouts for our MX204. Currently we've tried a couple different versions, a plain ol' passive DAC, and one that breaks out into 8 multimode fibers. I see that QSFPP-4X10GE-SR is supported on MX204 since 17.4R1. We're running 19.4R3. *SHOULD* work,

Re: [j-nsp] Juniper support offline?

Seems to be back albeit a bit rocky - I could not get in with my previous password and had to reset. SRM and Downloads appear to be functioning Ross -Original Message- From: juniper-nsp On Behalf Of Thomas Scott Sent: January 26, 2020 6:14 AM To: Nathan Ward Cc: Juniper NSP

[j-nsp] Rock-solid JUNOS for QFX5100

Dear List, I'm curious if anybody can recommend a JUNOS release for QFX5100 that is seriously stable. Right now we're on the previously-recommended version 17.3R3-S1.5. Everything's been fine in testing, and suddenly out of the blue there will be weird issues when I make a change. I suspect

Re: [j-nsp] Going Juniper

al Message- From: Jared Mauch [mailto:ja...@puck.nether.net] Sent: Tuesday, April 17, 2018 7:39 PM To: Saku Ytti Cc: Ross Halliday; juniper-nsp@puck.nether.net Subject: Re: [j-nsp] Going Juniper > On Apr 17, 2018, at 7:02 PM, Saku Ytti <s...@ytti.fi> wrote: > > > DDoS protecti

Re: [j-nsp] Going Juniper

A little late to the party, but I've been accused of worse. We transitioned our network from Cisco 6500 platform to MX104s, and at the same time converged our Internet Edge onto those MXes too. It's the only Juniper router I'm aware of that actually fits *nicely* into a two-post rack, and they

Re: [j-nsp] Help needed regarding the Eompls tunnel in Juniper & Cisco

Hi Ahsan, A Catalyst 6500 and the ME 6500 are slightly different inside. The problem is with the Catalyst 6500: The feature you're trying to use requires you to set Gi2/2 as a switchport, you can then terminate your L3 using an SVI. Read more here:

Re: [j-nsp] QoS when there is no congestion

On Nov 17, 2016, at 8:07 AM, Jason Healy wrote: > > We're actually starting to experience this now. We have a QFX with 10g and > 1g links, and seeing significant drops on the 1g interfaces when traffic > arrives on a 10g. We have QoS enabled on our WAN connection, but

Re: [j-nsp] QoS when there is no congestion

> My opinion on QoS for networks with low bandwidth is to always implement > it. It's really not that difficult and you never know when microbursts > could be affecting things. Believe me, even if your upstream link is a > 1Gb/s circuit, and your outbound traffic is less than 10Mb/s, you can >

Re: [j-nsp] ACX for subscriber aggregation

> ACX as a BNG, hmmmh... > > Why don't you go virtual instead, e.g., vMX, CSR1000v or XRv? > > Mark. Unfortunately our towers aren't quite tall enough to reach the cloud and require some kind of intermediate device ;) > Ross, > > You might want to try searching the archives for ACX. A few

[j-nsp] ACX for subscriber aggregation

Hi list, We run a bunch of fixed wireless broadband towers where we bring MPLS right to the site. Subscribers are terminated right there. Today we use Cisco 7301 in a PPPoE LAC capacity for dynamic subscribers and deal with BGP sessions to higher end customers that have managed CE. We're

Re: [j-nsp] Dealing with multihomed customer BGP primary/backup links

If I had no control over the far end I would enforce received routes with a prefix-list/routemap/policy (which you should be doing anyway), use metrics/localpref internally, and lock it down with strict uRPF. However, my preferred approach is to place a CPE on site. We've never sold links on

Re: [j-nsp] MX104 capabilities question

Hi Saku, > I don't see how this makes it any less of a box, in my mind this makes > it superior box. You lost single PFE/linecard, which happens to be > only linecard you have. > In my mind fabricless single-linecard design is desirable, as it > reduces delay and costs significantly. Not only can

Re: [j-nsp] MX104 capabilities question

We made the same move, from a network of SUP720-3CXLs up to MX104, over the last two years. Our busiest MX104 ingests 3 full feeds and around 100k prefixes via an IXP. I'll echo Mark's sentiments: The MX104 has similar problems in that the CPU must update the FIB when the RIB changes. Small

[j-nsp] MX104 ISSU

Dear List, I'm trying to practice upgrades on my MX104s with the least amount of network explosion. This KB article (showing the error I get) claims that ISSU is only supported 14.1R1 and higher: https://kb.juniper.net/InfoCenter/index?page=content=KB29381 ...but the ISSU feature page,

Re: [j-nsp] MX punting packets to RE - why?

Hey again, > No, something like this: > edit system ddos-protection protocols resolve mcast-v4 > set bandwidth 100 > set burst 100 > set flow-level-bandwidth logical-interface 20 > set flow-level-detection subscriber off > set flow-level-detection logical-interface on > > So we allow on

Re: [j-nsp] MX punting packets to RE - why?

Thanks Michael. Looks like I'm at 66 pps like Dragan mentioned. Some night I'll set up a maintenance window and play with this knob... Cheers Ross -Original Message- From: Michael Hare [mailto:michael.h...@wisc.edu] Sent: Monday, February 01, 2016 10:19 PM To: Ross Halliday Cc

Re: [j-nsp] MX punting packets to RE - why?

Hello, > > If I am understanding what you guys are saying correctly, this would cause > > everything to get punted to the CPU until a new hardware shortcut is > > created, and in the meantime - since our entire channel lineup is in there > > - this would hammer the DoS protection mechanism? >

Re: [j-nsp] MX punting packets to RE - why?

:dragan...@gmail.com] Sent: Sunday, January 31, 2016 7:44 AM To: Saku Ytti Cc: Ross Halliday; juniper-nsp@puck.nether.net Subject: Re: [j-nsp] MX punting packets to RE - why? Correct me if I'm wrong, this looks like MX doesn't have multicast cache for all those S,G routes (in inet.1). So first packet o

[j-nsp] MX punting packets to RE - why?

Hi list, I've run into an oddity that's been causing us some issues. First, a diagram! EX1EX2 | | | | MX1MX2 EX1 and EX2 are independent switches (not VC) that run a ton of video traffic. EX4200 on 12.3R8.7 MX1 and MX2 are MPLS PEs that ingest video and send it out to our

Re: [j-nsp] Breaking an EX cluster?

Since you want to nuke the config anyway, break the switch out of the VC and use request system zeroize You may want to assign the soon-to-be-former member an RE role, if it's not an automatically elected cluster, just to make things a little easier. Cheers Ross -Original

[j-nsp] Firewall filter with apply-path

Hi list, Would someone be so kind as to apply a working example configuration to protect the RE using apply-path to generate prefix lists? I *THINK* I have the actual apply-path part working, as show configuration ... inheritance shows what should be in there, but when I set the firewall

Re: [j-nsp] MX104 Limitations

Saku Ytti wrote: 1) It’s 3.5U high, making rack planning a little weird, and requiring me to buy a hard to find half-U blank panel It is targeting metro applications, where racks often are telco racks. job-1 and job-2 were thrilled to get MX104 form-factor, MX80 was very problematic and

Re: [j-nsp] RE switch master to backup

Gents, has anybody seen a dual RE MX gear switch the routing engine master to backup due to a “possibly bad console cable” ? Jul 1 11:21:29.941 2015 MX480LON_0 init: getty repeating too quickly on port /dev/ttyd0, sleeping 30 secs Did you happen to find a resolution for this? That

Re: [j-nsp] Q-in-Q with VSTP

I'm bashing away at a conundrum here. I'm trying to lab a setup for a multi-VLAN subscriber over some GPON gear. The setup is: MX104 --2x-- OLT -- ONT -- subscriber The ONT is able to strip the outer VLAN tag facing the subscriber, so the CE can hit all of the inner VLANs directly. The

[j-nsp] Q-in-Q with VSTP

Hi list, First time caller, long time admirer (okay so we're a mostly Cisco shop and just got some Juniper stuff in the last few months - whatever...) I'm bashing away at a conundrum here. I'm trying to lab a setup for a multi-VLAN subscriber over some GPON gear. The setup is: MX104 --2x--