Re: [j-nsp] SRTBH

ert Doering via > juniper-nsp" juniper-nsp@puck.nether.net> wrote: > > [External Email. Be cautious of content] > > > Hi, > > On Thu, Jul 07, 2022 at 08:41:56AM -0400, harbor235 via juniper-nsp > wrote: > > Since Flowspec arrived, are there an

[j-nsp] SRTBH

Since Flowspec arrived, are there any uses for SRTBH? Anyone using TrinityCyber, them use a different approach to IDS and is not strictly signature based but more TTPs? Write up appear to be good, curious if anyone is using their products? Mike ___

[j-nsp] Test Labs

Hi all, Anybody out there integrating production environments (real-time service delivery), test, and development labs into a single architecture? I do not like this idea if it is avoidable. I understand supposed savings, but the cost of an unplanned event negates the implied savings. thoughts?

Re: [j-nsp] IPv6 hardening

Thanks for the follow up Rob, I have really loved your site over the years, first started using the site while at Digex in late 90s early 2000s. Mike On Mon, Dec 30, 2019 at 2:08 PM Rabbi Rob Thomas wrote: > Dear Mike, > > > Does anyone have any updated router hardening guidelines, some of the

[j-nsp] IPv6 hardening

Does anyone have any updated router hardening guidelines, some of the sites I reference have not been updated for some time. e.g. www.team-cymru.org thanks in advance, Mike ___ juniper-nsp mailing list juniper-nsp@puck.nether.net

[j-nsp] NFV

Looking for real word experiences virtualizing router and firewall services with rates above 1Gbps on x86 platforms. Most testing I have been involved with virtualizing routers and firewalls, performance drops dramatically above 1Gbps. Connections per second are critical for a firewall in

[j-nsp] multi services

Is anyone using the ms-mpc for large scale IPSEC termination? above 10G? Data shows 16-24Gps per card 4-6 per NPU. I am interested in real world performance with IMIX. The new SPC3 cards look promising - 40Gbps per slot IMIX juniper marketing data, I dont think these cards are released yet for

[j-nsp] MX480 Filter based forwarding performance

I am hoping someone can provide a good link to FBF performance, is it handled by the PFE in hardware or is it handled in software, limitations if any? I have a design that is using FBF extensively, currently we are not routing much traffic but that could change soon. thanks in advance, Mike

[j-nsp] SRX 5600 IDP database update

I am preparing to perform a production/live IDP database update on my SRX5600. Unfortunately my google-foo is eluding me and cannot find reference to how the IDP database update affects traffic routed through the SRX while the update is in process. The 5600 has separate FW and IDP processes so

[j-nsp] multi services cards - MX

My google-fu is preventing me from finding performance data on the various MS-MPC linecards for the MX router series. I am looking for IPSEC capabilities e.g. max tunnels, max bandwidth per tunnel, etc ... Different versions of the ms-mpc support different performance and tunnel sizes? Can anyone

Re: [j-nsp] SRX performance

Great information, thanks for all the input. Mike On Tue, Dec 22, 2015 at 12:10 PM, Payam Chychi wrote: > Hi Mike, > > Here is what i got so far, from the testing i had done in the past using > the SRX240H, no issues with 800Mbps and 90K pps... also, no issues with 300 >

[j-nsp] SRX performance

Can anyone share real world SRX performance? ?I am looking at the SRX220 or SRX240 for a small website ~150-200Mbps in a co-location environment. The performance charts state the SRX220 can do 300Mbps with a mix of traffic and up to 900Mbps with mostly large packet sizes. thanks in advance,

[j-nsp] Discard Interface

I am having issues updating interface stats via the discard interface, dsc.0 I have successfully setup a trigger router for injecting routes I need discarded at the edge. The Edge router is a J series router (J2350) I have configured S/RTBH routing and I am using dsc.0 for discarded traffic,

Re: [j-nsp] Discard Interface

, harbor235 wrote: I am having issues updating interface stats via the discard interface, dsc.0 I have successfully setup a trigger router for injecting routes I need discarded at the edge. The Edge router is a J series router (J2350) I have configured S/RTBH routing and I am using dsc.0

Re: [j-nsp] Assistance needed

John, I juts read your email, let me know if you are still looking for someone. I am a CCIE and well versed with JUNOS. Mike On Mon, Oct 28, 2013 at 6:34 PM, John pp luklaupda...@gmail.com wrote: Looking for some quick help with my MX router, maybe an hour or two of work.. Willing to pay

[j-nsp] Level3 L2VPN service

Anybody have any experiences they want to share with Level3's L2VPN service? I am looking for performance, stability, and support issues? thank you, Mike ___ juniper-nsp mailing list juniper-nsp@puck.nether.net

Re: [j-nsp] IP address

Is this a test? Usable IPs are .0 and .1, no broadcast and no net address Mike On Wed, May 18, 2011 at 10:58 AM, Murphy, Jay, DOH jay.mur...@state.nm.uswrote: 10.8.0.1/31 What are the useable IPs. What is the broadcast and network address in this subnetwork? ** ** Thanks.

[j-nsp] juniper cisco switch interconnection

Has anyone connected a Juniper EX series switch with a Cisco switch (I have a 3550)? Do you use a standard crossover cable? MDIX? Any Layer 2 issues with RSTP and PVST+? Any specific configuration required to make it work? Stability? thanks in advance, Mike

[j-nsp] T640

Looking for the maximum V4 and V6 routes a T640 can support? Finding the appropriate docs via my googlefu has eluded me. Hopefully someone will not direct me to lmgtfy.com thanx, Mike ___ juniper-nsp mailing list juniper-nsp@puck.nether.net

Re: [j-nsp] SRX100

on the SRX100: http://forums.juniper.net/t5/Routing/VLANs-confusing/m-p/55740#M3340 On 18/03/2011, at 10:43 PM, harbor235 wrote: Does anyone have an example config for an SRX100 they could share? I understand JUNOS a bit but the vlan configuration is a bit confusing. harbor235

[j-nsp] SRX100

Does anyone have an example config for an SRX100 they could share? I understand JUNOS a bit but the vlan configuration is a bit confusing. harbor235 ;} ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo

[j-nsp] snmp trap BGP

Is there an snmp trap for a BGP authentication failure? I have found OSPF easily mike ___ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp

[j-nsp] Network Monitoring and trap generation

I am looking to generate alarms based upon a backward transition of a BGP peer, e.g. from established to the not established state using HPOV. This is easy enough with the jnxBgpM2BackwardTransition object. However, the problem is that this message is generated after each attempt to reestablish

Re: [j-nsp] monitor interface rate

you could do this by writing an event-script that takes interface stats, does some trivial math and populates Utility MIB (jnxUtil). Rgds Alex - Original Message - From: harbor235 harbor...@gmail.com To: juniper-nsp@puck.nether.net Sent: Thursday, August 13, 2009 2:06 PM Subject: [j

[j-nsp] monitor interface rate

To all, I would like to monitor a juniper router interface via snmp, simple enough. However, I do not want bps, I want to monitor the interface as a percentage of it's total capacity. In the end I want to be notified if my interface exceeds 70% of capacity so I can initiate capacity management

Re: [j-nsp] monitor interface rate

Do you know ho wit does it? I am using HP OpenView, cannot change that. ;{ mike On Thu, Aug 13, 2009 at 9:26 AM, Bit Gossip bit.gos...@chello.nl wrote: cacti (http://cacti.net/) does it out-of-the box... On Thu, 2009-08-13 at 09:06 -0400, harbor235 wrote: To all, I would like

[j-nsp] High CPU and interrupts

I am trying to configure a monitoring system to alarm using thresholds for CPU utilization and interrupts. Junos has separation in the control and data planes so i would assume brief spikes in CPU should not be a problem. However, sustained high COU should be an indicator for a investigation and