http://cozumkablo.com.tr/page_facebook.php?xnx=wu&uxgfg=0&whpdtz=296
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
http://maryknoll.macrored.net/site.twitter.page.php?w=b2o2x5s2y7
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
There are two ways to populate a routing-instance: rib-groups and
instance-import policy. Both work the same to me. But for interface routes, it
is recommanded to used rib groups.
What does your filter look like? If you are using FBF, since BGP in configed in
your main routing instance, you mi
What I meant was the M120 stopped receiving routes(IGP) from its upstream
router;
I've tried the term "everything else" thing but didn't work out. Also tried
this, didn't work either. Looks like the last term has to use master routing
instance.
filter classify-customers {
term isp1-customers
Hi list,
Tried to use source-based forwarding on a M120. I created two OTHER routing
instances: instance-1 and instance-2. Then apply a filter on an M120 interface
which connected to an upstream router.
If I do this:
filter classify-customers {
term isp1-customers {
f
Hi list,
I am new to ScreenOS. A seeming easy task in JUNOS doesn't look so easy in
ScreenOS. I am sure I missed something here:
Network topology:
Router A -- Firewall -- Router B
FW learned 100 routes from Router A, and will announce all of them to router B
except one route 20.1/16. How to ch
Just curious, if use "filter-based forwarding" with multiple bgp routing
tables from multiple ISPs, in case ISP-1 peer is down, will the other ISPs
become backup links for these prefixes used to destine to ISP-1?
Thanks.
- Original Message -
From: "Boyd, Benjamin R" <[EMAIL PROTECTED]>
Tuesday, October 28, 2008 3:51 PM
Subject: Re: [j-nsp] TCP SYN attack causing BGP peer down?
--- [EMAIL PROTECTED] wrote:
From: ying zhang <[EMAIL PROTECTED]>
We experienced a TCP SYN attack from internet today (about 350,000 pps).
Our internet pipe with ISP is 300Mb/s. The attack caus
We experienced a TCP SYN attack from internet today (about 350,000 pps). Our
internet pipe with ISP is 300Mb/s. The attack caused our BGP peer to be tear
down. Just wondering why this could happen if our pipe is not fully saturated?
Shouldn't the BGP packets have the highest priority? Is there
Hi list,
Just wondering, if an area is configured as NSSA with no summaries, in case any
router in OSPF area 0 reboots or fails, will it cause SPF algorithm to re-run
in this NSSA? Of course, routing across area 0 will be affected, but will
routing WITHIN the NSSA be affected as well? Thanks.
Just wondering to do traffic monitoring/mirroring on Juniper M-series (not just
sampling, logging and accounting), do we have to purchase special hardware? Can
we just use an available port to receive all mirrored traffic, like some
vendors do? Thanks in advance.
C.
Thanks all for the reply. Sometimes it's faster to get an answer here than
from JTAC.
I've tried RSVP MTU signalling already. It didn't work for our case since we
have all Junipers. There should not be MTU mismatch on the LSP.
On the note of doing 9k frame on the core, for JUNOS, is it just to
Hello,
we are having a wired MPLS problem. Here is how the network looks like:
end users M7i M120 ISP
The mpls lsp is between M7i and M120. The problem is the end users have
problems accessing certain websites, very slow or not accessible, some websites
no problem at all. With MP
Hehe, that was my first thought when I tried to solve it, obviously not
available on JUNOS.
BTW, filtering on lo0 works well for me. Thanks everyone!
- Original Message -
From: "Daniel Roesen" <[EMAIL PROTECTED]>
To:
Sent: Friday, February 22, 2008 9:24 AM
Subject: Re: [j-nsp] SSH attac
Thank you all for the kind reply. I will test it in the lab.
- Original Message -
From: "Ying Zhang" <[EMAIL PROTECTED]>
To:
Sent: Wednesday, February 20, 2008 4:15 PM
Subject: [j-nsp] SSH attack
> Hello, all,
>
> On our Juniper router, we constantly see
Hello, all,
On our Juniper router, we constantly see people trying to connect through SSH.
I've tried everything I can find to eliminate it. The following is what I've
done so far. Just wondering if there is a better way to stop it on the router
(we do block port ssh on every link). Thanks in a
we have a M120 with dual REs. I noticed error messages on the log file
On the Master RE:
Jan 9 10:02:22 XX/kernel: pfe_listener_disconnect: conn dropped: listener
idx=4, tnpaddr=0x5, reason: none
Jan 9 10:02:53 XX/kernel: pfe_listener_disconnect: conn dropped: listener
idx=4, tnpaddr=0x5, re
17 matches
Mail list logo