Hi,
If you use the MX as subscriber access dhcp server/relay it will populate
the host routes(access-internal) and arp entries automatically upon dhcp
negotiation. In that setup usually the ethernet interface(segment) is
unnumbered and only /32 host routes to subscribers are installed - no
network
On Fri, 1 Feb 2019 at 01:32, Clarke Morledge wrote:
> Specifically, what would be nice, is if there was a way to manipulate that
> ARP retry mechanism, from 4 retries, down to 2, to cut down on the noise.
> So far, I have not found a knob in Junos on the MX to do this.
> Am I missing something?
Thank you for the input thus far, folks.
Let me explain just a bit more about what I am dealing with. Because we
get so much garbage scanning, if the scanner tries to hit an IP address,
that does not have an ARP resolution, it really clutters up traffic
unnecessarily. A simple case from my lab
On Thu, 31 Jan 2019 at 18:45, Krasimir Avramski wrote:
> At least It will not flood ARPs under segment network probes.
>
> In the past these punts were throttled in the PFE . This was done with
> default values of 66 pps per segment with an upper merit of 500 per PFE. You
> would had seen the f
At least It will not flood ARPs under segment network probes.
In the past these punts were throttled in the PFE . This was done with
default values of 66 pps per segment with an upper merit of 500 per PFE.
You would had seen the following entry in the syslog: "NH: resolutions from
iif 90 throttled
On Thu, 31 Jan 2019 at 16:22, Krasimir Avramski wrote:
> Yes, you can for ipv4/ipv6:
> https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/arp-learning-neighor-discovery-disabling.html
>
> With the ability to set static ARP/ND you definitely could offload host route
> pro
Hi,
I don't think you can turn it off in JunOS. So they'd have to change
> code anyhow, at which point, I'd rather take translation than static
> config.
>
Yes, you can for ipv4/ipv6:
https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/arp-learning-neighor-discovery-disab
> Can you do static ARP entries on JunOS?
Yes. Lightly redacted example:
family inet {
address a.b.c.193/30 {
arp a.b.c.194 mac 78:e3:b5:05:24:18;
}
}
Steinar Haug, Nethelp consulting, sth...@nethelp.no
___
juniper-nsp mailing list juni
hey,
Huawei VRP has magic feature to enable periodic ARP for static route,
so that static route is not installed if far_end does not resolve or
stops resolving. Cisco and Juniper do not.
So does Nokia SROS:
[no] static-route {ip-prefix/prefix-length | ip-prefix netmask }
[validate-next-hop]
Hi,
On Thu, Jan 31, 2019 at 10:00:59AM +0100, Robert Raszuk wrote:
> + also including static routes. That's why as some of you for sure remember
> static to multiaccess interfaces say /8 without giving explicit next hop
> are very dangerous ;)
Yes, of course.
Any sort of "indirect" routes cros
On Thu, 31 Jan 2019 at 10:57, Gert Doering wrote:
> I think Robert is talking about router-to-router LANs, where you have
> "prior knowledge" in your FIB.
>
> Like, OSPF neighbours, or BGP next-hops pointing to LAN adjacencies - so
> the router could go out and start the ARP process the moment it
Spot on Gert !
+ also including static routes. That's why as some of you for sure remember
static to multiaccess interfaces say /8 without giving explicit next hop
are very dangerous ;)
On Thu, Jan 31, 2019, 09:57 Gert Doering Hi,
>
> On Thu, Jan 31, 2019 at 10:51:01AM +0200, Saku Ytti wrote:
Hi,
On Thu, Jan 31, 2019 at 10:51:01AM +0200, Saku Ytti wrote:
> On Thu, 31 Jan 2019 at 10:34, Robert Raszuk wrote:
>
> > As mentioned on the other thread decent routers should resolve peer's IP to
> > mac when creating FIB adj and building rewrite entries.
> > There is no "first packet" notion
We are talking about transit - right ?
So regardless of subnet mask you know your next hop IP from control plane.
Then you creating adj in FIB/CEF without waiting for any packet to arrive.
End hosts on directly connected LANs are different but my impression was
that we are discussing case of tra
On Thu, 31 Jan 2019 at 10:34, Robert Raszuk wrote:
> As mentioned on the other thread decent routers should resolve peer's IP to
> mac when creating FIB adj and building rewrite entries.
> There is no "first packet" notion nor any ARPing driven by packet reception.
> This should apply to p2p ad
Hi,
On Thu, Jan 31, 2019 at 10:33:20AM +0200, Saku Ytti wrote:
> And while I'm asking for things that won't happen. Give us
> 'point-to-point' ethernet. If you configure 'point-to-point' keyword
> in interface, it'll just use all-zero MACs or some reserved MAC and
> never punts for ARP. There are
As mentioned on the other thread decent routers should resolve peer's IP to
mac when creating FIB adj and building rewrite entries.
There is no "first packet" notion nor any ARPing driven by packet
reception. This should apply to p2p adj as well as p2mp - classic LANs.
Are you guys saying that sa
On Thu, 31 Jan 2019 at 10:26, Gert Doering wrote:
> Can you do static ARP entries on JunOS? You can do that on Cisco - while
> not exactly what you might have had in mind, it would be theoretically
> possible to have management system turn off ARP resolution for certain
> VLANs and put static AR
Hi,
On Thu, Jan 31, 2019 at 10:10:32AM +0200, Saku Ytti wrote:
> I wish some vendor would implement static DIP=>DADDR resolution, there
Can you do static ARP entries on JunOS? You can do that on Cisco - while
not exactly what you might have had in mind, it would be theoretically
possible to have
Hey Clarke,
On Thu, 31 Jan 2019 at 02:19, Clarke Morledge wrote:
> I am trying to wrap my head around how the MX handles ARP resolution,
> and how it stores packets waiting to be transmitted, while waiting for ARP
> to resolve.
This might answer some of your questions
http://blog.ip.fi/2014/02/
20 matches
Mail list logo
