Re: [j-nsp] L3VPN/RR/PE on Same router

Hi, Le 17 août 2018 à 16:28, Robert Raszuk a écrit : >> and that thing would then crash BGP on RRs, can't afford that happening. > > Then best thing is to run two or three RRs in parallel each using different > BGP code base - even for the same AFI/SAFI pair > > I am seeing number of

Re: [j-nsp] Mixing v4/v6 neighbors in BGP groups

Hi, As far as the saying goes : divide to conquer ! Best regards. > Le 29 juin 2018 à 23:28, Rolf Hanßen a écrit : > > Hi, > > started with a "everything configured separately" network (on > Cisco/Quagga) but now I prefer both together in one group (started with it > during a vendor

Re: [j-nsp] Going Juniper

2018-04-18 14:07 GMT+02:00 Julien Goodwin : > On 18/04/18 17:52, Gert Doering wrote: > > Hi, > > > > On Wed, Apr 18, 2018 at 08:37:51AM +0100, adamv0...@netconsultings.com > wrote: > >> Ha, I really wish Juniper would look at what XR did on whole host of > things > >>

Re: [j-nsp] Broker contacts

Hi, Anyone ? Thanks. 2017-10-17 15:22 GMT+02:00 Youssef Bengelloun-Zahr <benge...@gmail.com>: > Hello j-nsp community, > > We are looking to part with an old SRX5600 clusters that we have migrated > from. > > Could you advice on some brokers please ? Preferably in Eu

[j-nsp] Broker contacts

Hello j-nsp community, We are looking to part with an old SRX5600 clusters that we have migrated from. Could you advice on some brokers please ? Preferably in Europe if possible as we are based in France. Thank you for your tips in advance. Best regards.

Re: [j-nsp] LDP VPLS - Multi-homing

Dear Aaron, I can't relate for MX product-line and LSYS interactions. Regarding SRX product-line and LSYS, it's mostly some functionnalities not being handled well by the firewall at the LSYS level. In the end, I know it forced my hosting colleagues to resort to some nasty workarounds that

Re: [j-nsp] LDP VPLS - Multi-homing

Hello Aaron, If I may, I would advice you to drop LSYS for two reasons : 1/ on a practical level, it's more constraints and limitations than it sounds on the paper. After 5 years of running it into production, we have phased it out two weeks ago. 2/ it is dying and replacement feature

[j-nsp] SRX4200 - Mysterious vlan interface

Hello j-nsp community, we have migrated to an SRX4200 cluster (running junos 15.1X49-D110), and I'm seeing since then a new interface call vlan but with no presence in the configuration : root@fw01-par01> show interfaces vlan Physical interface: vlan , Enabled, Physical link is Down

Re: [j-nsp] HA Configuration on SRX550M

Dear Sameer, There are tons of step-NYC-step documentations on juniper's website. Did you at least take the time to google it ? Best regards. > Le 26 sept. 2017 à 08:17, sameer mughal a écrit : > > Hi, > > Can anyone please share me the HA configuration on SRX550M?

[j-nsp] SRX HA ports and WDM transceivers

Hello J-nsp community, We are about to upgrade an SRX5600 cluster to a 4200 cluster. In the process, we would like to enhance resiliency and availability by using DWDM transceivers in the HA dedicated ports instead of MPLS pipes over our backbone. We've been over this with Juniper for years and

Re: [j-nsp] cheapest juniper router capable of lsys

Dear Aaron, Did you take a look at vMX or vSRX ? Not sure about l-sys support on those ? Best regards. 2017-06-27 13:52 GMT+02:00 Aaron Gould : > What is the cheapest juniper router I could get on ebay or whatever site > you > all suggest as a home/personal lab router that

Re: [j-nsp] vSRX feedback

Dear Tarko, We are using them in a VMWare environnement for internal and client purposes, quite happy with it... when you are finally able to spin them up and put them in a cluster. There are still some inconsistencies and lack of functionnalities, but it is being addressed slowly by Juniper.

Re: [j-nsp] flowspec in logical-systems

Hi, We use it to seperate production environnements between our different entities. I know that we have run into some odd limitations when using L-SYS. If it's only for testing purposes, I guess that spinning a VM with vSRX / vMX does the trick. HTH. Y. > Le 7 avr. 2017 à 20:43, Aaron

Re: [j-nsp] flowspec in logical-systems

Hi Michail, We have been bitten by L-SYS funky limitations as well a certain number of times. As you state, it's a pity. Best regards. 2017-03-23 15:33 GMT+01:00 Michail Litvak : > Hi Timur, > > It's pity. > > Thanks for the information. > > On Thu, Mar 23, 2017 at 4:28

Re: [j-nsp] SRX reboot time

I think I answered this one a bit too fast, ISSU wouldn't be useful OP's case. My bad. > Le 22 août 2016 à 21:55, Youssef Bengelloun-Zahr <yous...@720.fr> a écrit : > > One can always try ISSU, we performed it successfully on 5600 cluster > multiple times. > > HTH

Re: [j-nsp] SRX reboot time

One can always try ISSU, we performed it successfully on 5600 cluster multiple times. HTH. > Le 22 août 2016 à 21:33, Amos Rosenboim a écrit : > > Dovid, > > We just finished a project with 6 data centers, all with SRXs. > There was no downtime as we rebooted the

Re: [j-nsp] EX4600 Vs QFX 5100 VS ACX 5048

ps port density. > As I stated last week, such a model might be available some day. Best regards. > > Mark. > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/m

Re: [j-nsp] EX4600 Vs QFX 5100 VS ACX 5048

it. A small 1U box with say 24 10G ports would > kill the rest of their offerings, so I don't expect it to be low cost which > is needed for metro deployments. > >> On Sun, May 1, 2016 at 12:21 AM, Youssef Bengelloun-Zahr <yous...@720.fr> >> wrote: >> He

Re: [j-nsp] EX4600 Vs QFX 5100 VS ACX 5048

Hence a 1U "mini" version of the MLXe. It wouldn't be a CER box. Let's see what the futur holds. BR. > Le 1 mai 2016 à 00:02, Mark Tinka <mark.ti...@seacom.mu> a écrit : > > > >> On 30/Apr/16 21:14, Youssef Bengelloun-Zahr wrote: >> >> >

Re: [j-nsp] EX4600 Vs QFX 5100 VS ACX 5048

Hi, Last Time I went to meet the NETIRON PM in San Francisco HQ, we were part of a brainstorming session around "building a 1U MLXe BOX with high port density". I don't know if this has moved passed the conception phase, I do hope so. But the MLXe platform is a very capable Metro-E box with

Re: [j-nsp] MX80 vs MX40

Even if that is not the OP's question, pay also attention for the same ROHS2 crap compliance regarding the SRX series. I fan tell about it, we have been bitten by it. My 2 cents. > Le 17 avr. 2016 à 04:30, Olivier Benghozi a > écrit : > > By the way, if you

Re: [j-nsp] Monitor SRX "Invalidated Session"

d then stopped all > traffic until a reboot was actioned. > > Mike > > On 1 March 2016 at 06:34, Florian Lohoff <f...@zz.de> wrote: > >> On Mon, Feb 29, 2016 at 04:52:34PM +0100, Youssef Bengelloun-Zahr wrote: >> > Here is JTAC feedback regarding this

Re: [j-nsp] Monitor SRX "Invalidated Session"

nn <mgehrm...@atlassian.com>: > No but I strongly suggest getting in touch with JTAC and running the debug > code. Only way forward at the moment. > > Mike > > On 29 Feb 2016, at 21:32, Youssef Bengelloun-Zahr <yous...@720.fr> wrote: > > Hello Michael, > >

Re: [j-nsp] Monitor SRX "Invalidated Session"

Hello Michael, Any other details you could share regarding affected platforms / junos versions ? BR. 2016-02-29 7:21 GMT+01:00 Michael Gehrmann <mgehrm...@atlassian.com>: > Nothing public yet. > > > On 29 Feb 2016, at 17:11, Youssef Bengelloun-Zahr <yous...@720.fr> w

Re: [j-nsp] Monitor SRX "Invalidated Session"

> Cheers > Mike > >> On 29 February 2016 at 09:35, Youssef Bengelloun-Zahr <yous...@720.fr> wrote: >> Hello, >> >> Could you please both share model and running code versions ? >> >> Best regards. >> >> >> >> > Le 28 févr

Re: [j-nsp] Monitor SRX "Invalidated Session"

Hello, Could you please both share model and running code versions ? Best regards. > Le 28 févr. 2016 à 23:27, Michael Gehrmann a écrit : > > We have had the same issue on branch series. Juniper is asking us to run a > debug version of code. I suggest you contact

Re: [j-nsp] MX960 Power Options

> > Juniper recommend? > > ___ > > juniper-nsp mailing list juniper-nsp@puck.nether.net > > https://puck.nether.net/mailman/listinfo/juniper-nsp > > > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > -- Youssef BENGELLOUN-ZAHR ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

Re: [j-nsp] MX960 Power Options

phase? Not sure if this > matters, but the 208V/30A/3-Phase Power is double the cost > of 208V/30A/Single Phase Power. > > On Tue, Jan 26, 2016 at 9:57 AM, Youssef Bengelloun-Zahr <yous...@720.fr> > wrote: > >> Hello Colton, >> >> For that kind of devices using

Re: [j-nsp] SRX Is 12.3X48 already mature?

e upgrade? Safety net working? > > BR > Christian > > > On 25.01.2016 18:35, Youssef Bengelloun-Zahr wrote: > >> Hi, >> >> Just upgraded an SRX5600 HA cluster from 12.1X46-D20 to 12.3X48-20 >> without any problem... so far (3 weeks ;-). >> &g

Re: [j-nsp] SRX Is 12.3X48 already mature?

Hi, Just upgraded an SRX5600 HA cluster from 12.1X46-D20 to 12.3X48-20 without any problem... so far (3 weeks ;-). Only issue we encountered was with ISSU not accepting too much lt interfaces between multiple L-SYSs, there is a listed PR in junos 12.3X48 release notes. No matter what we tried

Re: [j-nsp] SRX cluster across L2 vlan issue

real experience and comments, what to check, any help, etc. > > > Cheers, > > James > ___ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp -- Youssef BENGELLOUN-ZAH

Re: [j-nsp] SRX firewall virtualization

on made for some specific limitations, you keep the exact some set of features and all. Ressources are just split over the multiple L-SYS plus you get seperte management. > > Cheers > > 2015-10-02 14:36 GMT+02:00 Youssef Bengelloun-Zahr <yous...@720.fr>: > >> Hello, >>