On 26-Aug-24 15:43, Gustavo Santos via juniper-nsp wrote:
Awesome, thanks for the info!
Rules are like the one below.
after adjusting the detection engine to handle as /24 network instead of
/32 hosts the issue is gone..
As you said the issue was not caused by pps as the attack traffic was just
a
Hi Joerg,
On 23-Mar-24 15:24, Joerg Staedele via juniper-nsp wrote:
Hi,
No traceoptions ... and meanwhile i've tested even with no configuration and
after a zeroize it also does the same. I guess it’s a bug. I will try another
version (maybe some 19.x)
And I believe it will be the same bec
On 24-Jun-22 9:28, Saku Ytti via juniper-nsp wrote:
Tunnel interfaces are not supported on PE/Paradise, I don't think this
changed in BT/Triton either.
>
> However you can decapsulate/encapsulate on ingress firewall filter, e.g.:
On the other hand, there is fti (flexible tunnel interface) con
--- Begin Message ---
It does exist:
> show version | match model:
Model: qfx10002-72q
> show system configuration database usage
Maximum size of the database: 406.99 MB
Current database size on disk: 10.50 MB
Actual database usage: 10.48 MB
Available database space: 396.52 MB
> request syste
--- Begin Message ---
Hi there,
Have a look
https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/request-system-configuration-database-resize.html
On 29/10/2020 17:05, Vincent Bernat wrote:
Hey!
With a configuration file around 5 MB, we get a pretty bi
--- Begin Message ---
Perhaps you just needed to add (to your original config)
routing-instance vrf-name
under forwarding-options sampling family inet output flow-server x.x.x..x
and not to overdo everything under vrf
On 09-Apr-20 10:03, Liam Farr wrote:
Seems I cant just drop the forwardin
--- Begin Message ---
On 09-Apr-20 08:20, Liam Farr wrote:
Hi,
changed to a loopback address on one of the VRF's,
...
Not sure specifically what I am doing wrong here, it seems to be collecting
the flows ok, but exporting is the issue?
I'd appreciate any advice or pointers thanks :)
ma
--- Begin Message ---
On 23-Mar-20 14:03, Robert Raszuk wrote:
Hi,
Would anyone have any idea why IP packets with options are forwarded via
MX104 20x faster then regular IP packets ?
"fast" PFE path - 24-35 ms
"slow" RE path - 1-4 ms
24 ms is ages in terms of PFE.
I hardly can imaginethat
/en_US/junos/topics/reference/configuration-statement/shaping-rate-edit-class-of-service.html
On 21-Feb-20 10:59, Chen Jiang wrote:
Hi!
QFX10008 w/ JUNOS 15.1X53 and 18.4R2.3
Thanks!
On Fri, Feb 21, 2020 at 4:53 PM Timur Maryin <mailto:timamar...@mail.ru>> wrote:
What is exact
--- Begin Message ---
What is exact model you have?
And junos version?
On 20-Feb-20 13:43, Chen Jiang wrote:
Hi! Experts
Sorry for disturbing, we found the "set class-of-service interfaces xxx
shaping-rate" is missing in QFX platform, is there any other method could
do port shaping ?
Thanks f
--- Begin Message ---
On 14-Nov-19 14:19, adamv0...@netconsultings.com wrote:
There are several places where you can run your keepalieve
a) RPD
b) RE PPMd
c) LC CPU PPMd
d) NPU (dispatch block in the LU/XL)
And it depends on config where you run it.
... and on hardware and on defaults of t
Is it the same on 19.2?
On 20-Aug-19 10:39, Sebastian Wiesinger wrote:
Hi,
JunOS 19.1 brings support for the BGP graceful shutdown mechanism
(RFC8326):
does nothing on my setup. I tried to specify it in every BGP group
which did do nothing and I tried to explicitly set it to local-pref 0
whi
https://kb.juniper.net/KB33515
If i recall correctly what i heard about it.
There is some third party(or smth) search engine which is(was) used and
it had issues. And there is no way to upgrade/fix that engine as it out
of support/development.
So i has to be replaced or re-written from scratc
This is not applicable to MX80 (as platform was mentioned by topic starter).
On 12-Mar-19 15:38, adamv0...@netconsultings.com wrote:
Upgrading from 12.3 to 15.1 upgrades the FreeBSD version from 6.1 to
10.0.
Upgrading from 12.3xxx to 15.1xxx reformats the file system. Only specific
fil
On 11-Jan-19 17:50, Clarke Morledge wrote:
A couple of questions:
(a) Is this default behavior across all Junos platforms, including MX,
SRX, and EX?
I would expect so.
What is also possible in this case is to configure huge arp timeout:
set system arp interfaces xe-1/1/0 aging-timer ?
Perhaps encapsulation vlan instead may help.
On 27-Dec-18 23:40, Fraser McGlinn wrote:
Further to this, and to clarify I do already have tunnel-services enabled and
after configuring I get output packets on each unit, but no input packets. It
seems like the PFE is just eating the packets.
My bet is that is an example of poorly written external description.
Besides "Resolved-In" has only one version.
On 21-Dec-18 00:22, Anderson, Charles R wrote:
Can anyone shed some light on WHY this change was made? I much prefer the old
behavior.
From PR1281947:
"The behavior of the "int
Hi Jason,
The loss upon restoration could easily be due to microloop. Which is
caused by different convergence speed of neighboring.
When you leave only one type of routers they converge at the same speed
so no microloops.
On 13-Dec-18 02:47, Jason Lixfeld wrote:
Hi all,
I’ve been pl
Hi Pierfrancesco,
Timur> 2. commit script which checks presence of certain parts of config.
I'll need to refresh myself on this and see if I can use this
technique.
There is an example on github which can be used as starting point:
https://github.com/Juniper/junoscriptorium/blob/maste
Hello!
On 11-Dec-18 15:33, Pierfrancesco Caci wrote:
I have not found a way to prevent a user from accidentally delete entire
bgp config, but still allowing him to operate on single neighbors. Or
other similar situation involving top level configuration vs details
inside each block.
There a
Hi Phil,
On 18-Jun-18 20:40, Phil Shafer wrote:
"!" and "not" are identical. The "!" is just syntactic sugar that
turns "! x " into "not(x)", as you can see in the code:
Was it always like this?
___
juniper-nsp mailing list juniper-nsp@puck.neth
Hi Martin,
There is not() :
https://www.juniper.net/documentation/en_US/junos/topics/reference/scripting/junos-script-automation-function-xslt-not.html
On 14-Jun-18 23:39, Martin T wrote:
Hi!
I have quite often used "!" negation operator familiar from other
languages. For example:
/* If
Hi Jeffrey,
I'm under impression that
(quote from
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/junos-kernel-freebsd-upgraded.html
)
"ISSU is not supported from an older version of FreeBSD to an upgraded
FreeBSD"
On 28-May-18 04:01, Jeffrey Nikoletich wrote:
Hello
Hi Pierre,
Maybe specified amount was reached and crossed before you configured
maximum-prefixes?
What if you bounce the session?
On 28-Mar-18 12:55, Pierre Emeriaud wrote:
Gents,
I just noticed an issue on a couple of option B gateways in our
network. The max-prefix within routing-instanc
Hi Karl,
DDOS subsystem applies only to the traffic destined to the host (router
itself) and not transit traffic.
When you announce that /18 have you got all destinations of that /18
reachable by the router? Have you got default route ?
The graceful way to handle those messages is to figur
Hi Johan,
Yes, it works fine.
On 10-Aug-17 09:59, john doe wrote:
Hi
Will 15.1 work well on MX boxes with old DPC cards? Anyone running 15.1 on
MX with DPC?
Johan
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/ma
Hi Michael,
I believe it's not supported.
On 22-Mar-17 20:07, Michail Litvak wrote:
Hi all,
Did anybody tried to use flowspec in the logical-system ?
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listin
Hi Adam,
On 01-Aug-16 10:02, Adam Vitkovsky wrote:
Now I have realized that there might be a problem which BGP PIC can't really
solve.
And that's when the primary edge link/PE comes back online advertises it's
prefixes to the rest of the AS and ingress PEs will actually install and start
usi
Hi Adam,
On 25-Apr-16 17:16, Adam Chappell wrote:
Currently in a situation troubleshooting consequences of high CPU usage
with a number of aggravating factors. Most sensitive to the scarcity of CPU
resources however is a number of BGP sessions with aggressive timers.
skip
I'm aware of PR10
Hi Jackson,
It appears in 15.1F5:
http://www.juniper.net/techpubs/en_US/junos15.1/information-products/topic-collections/release-notes/15.1F5/topic-104251.html#jd0e2762
On 15-Jan-16 13:33, Jackson, William wrote:
Hi
have been reading cisco documentation on this topic.
I was wondering i
Hi Alexander,
On 18-Feb-16 10:30, Alexander Marhold wrote:
Why do you need to enable MPLS and LDP for PIC ?
IMHO this is a documentation error , or do I miss something ?
Considering you refer to this doc:
http://www.juniper.net/techpubs/en_US/junos15.1/topics/task/configuration/bgp-con
junctions of your network, with such amateur messages as troubleshooting
triggers, sometimes seems to me as owning a Porsche with controls taken
from Ford model T.
Definitely not good starting point when the time comes for deciding on
new boxes for your network.
בתאריך 17 בפבר' 2016 17:12,
Hi Alex,
Maybe this
http://kb.juniper.net/KB23173 ?
On 16-Feb-16 10:31, Alex K. wrote:
As for the documentation, let begin with some knowledge base article
outlining initial steps for alarms troubleshooting steps for MX. I'd like
to read that one, to begin with.
33 matches
Mail list logo
