Re: [j-nsp] Juniper and Cisco - BGP MPLS L2VPN VPLS interoperability

Thanks folks, Maybe you all weren't aware of what happened What happened was , I brought up two juniper PE's (acx5048 and mx104) into my bgp environment... actually 5048 and 104 were already part of the bgp environment , and participating nicely in vpnv4 (l3vpn). I then enabled bgp mpls

Re: [j-nsp] Juniper and Cisco - BGP MPLS L2VPN VPLS interoperability

Hi Aaron, Capabilities are advertised in the OPEN message which is sent during the session initialization so naturally when you enable new capability on an existing session the session needs to be reset for the OPEN messages to be exchanged again. Unfortunately BGP does not support dynamic

Re: [j-nsp] inet6 ttl filter / equivalent of hop-limit on non MX series

Hi Scott, I would drop that accept-traceroute-tcp term. It will allow any TCP traffic with a TTL of 1. If you can fudge your TTL (Simple on linux, just write the value to /proc/sys/net/ipv4/ip_default_ttl) then you can connect to any open TCP port. Additionally I don't think I've seen a

Re: [j-nsp] Mx Policy routing problem

Hi Cahit, > root@mx80-core# show interfaces ae0 > aggregated-ether-options { > minimum-links 1; > lacp { > active; > periodic fast; > } > } > unit 0 { > family inet { > filter { > input FWDirect; > } > address 10.32.35.14/30; > } > } > Request timeout for icmp_seq 14714 > 36 bytes

[j-nsp] Mx Policy routing problem

Hello friends ; We have an MX80 router which has connection on ae0 to our isp root@mx80-core# show interfaces ae0 aggregated-ether-options { minimum-links 1; lacp { active; periodic fast; } } unit 0 { family inet { filter { input FWDirect; } address 10.32.35.14/30; } } [edit]

Re: [j-nsp] licence keys for MX104

You will need to install the license to use the onboard SFP+ ports (2 o 4 options) Giuliano Cardozo Medalha Systems Engineer +55 (17) 3011-3811 +55 (17) 98112-5394 JUNIPER J-PARTNER ELITE giuli...@wztech.com.br http://www.wztech.com.br/ ​ WZTECH is registered trademark of WZTECH NETWORKS.

Re: [j-nsp] licence keys for MX104

The keys came together with the box inside a letter in a box. Did you check the manuals ? Giuliano Cardozo Medalha Systems Engineer +55 (17) 3011-3811 +55 (17) 98112-5394 JUNIPER J-PARTNER ELITE giuli...@wztech.com.br http://www.wztech.com.br/ ​ WZTECH is registered trademark of WZTECH

Re: [j-nsp] licence keys for MX104

On 23 November 2015 at 15:51, Matthias Brumm wrote: > After struggling a week with JTAC they have told me, it may be a licence > issue and I have to install the key. How should I got the keyon purchase? > paper, email? It should be in envelope shipped with the kit. Keys are

Re: [j-nsp] licence keys for MX104

Hi! now, that is also a strange thing: License usage: Licenses Licenses LicensesExpiry Feature name usedinstalled needed scale-subscriber 0 1000 0 permanent scale-l2tp0

Re: [j-nsp] licence keys for MX104

Yeah you're missing the license. On 23 November 2015 at 15:56, Matthias Brumm wrote: > Hi! > > now, that is also a strange thing: > > License usage: Licenses Licenses > LicensesExpiry Feature name usedinstalled needed >

Re: [j-nsp] Juniper and Cisco - BGP MPLS L2VPN VPLS interoperability

Hi Aaron, On Tue, Nov 24, 2015 at 6:58 AM, Aaron wrote: > [...] > p.s. besides, bringing up l2vpn AF on the 5048 and 104 , as I understand it, SHOULD NOT, cause any other PE's to renegotiate capabilities and AF's on their bgp neighbor sessions with the RR. What is your RR

Re: [j-nsp] Juniper and Cisco - BGP MPLS L2VPN VPLS interoperability

Hi Aaron, > From: Aaron [mailto:aar...@gvtc.com] > Sent: Monday, November 23, 2015 7:58 PM > I then enabled bgp mpls l2vpn, and BAMMO ! now listen closely... this > brought down about 20 other bgp neighbor sessions with 20 different cisco > me3600's all over my network . now please, listen

Re: [j-nsp] User Identity Awareness on SRX

http://www.juniper.net/documentation/en_US/junos12.3x48/topics/example/example-userfw-ad.html From: james list [mailto:jameslis...@gmail.com] Sent: Monday, November 23, 2015 8:35 PM To: Syed Iftikhar Ahmed Cc: juniper-nsp@puck.nether.net Subject: Re: [j-nsp] User Identity Awareness on SRX Could

Re: [j-nsp] Juniper and Cisco - BGP MPLS L2VPN VPLS interoperability

Thanks Dale, RR’s are (2) cisco asr9000’s (one is a 9006 and the other is a 9010), configured in a RR cluster. Both run IOS XR 4.1.2 Aaron From: dale.s...@gmail.com [mailto:dale.s...@gmail.com] On Behalf Of Dale Shaw Sent: Monday, November 23, 2015 4:47 PM To: Aaron Cc: Adam Vitkovsky;

Re: [j-nsp] Juniper and Cisco - BGP MPLS L2VPN VPLS interoperability

Thanks Dave and Adam, et al, Interestingly I just found the following... I looked at the bgp l2vpn vpls all summary uptimes of my ME3600's and I saw lots of them that have been up longer than Nov 19th when the outage occurred. So I went and looked at those ME3600's that have been up longer

Re: [j-nsp] Juniper and Cisco - BGP MPLS L2VPN VPLS interoperability

Also, I'm pretty sure the way I have my ME3600's configured is, RFC4762 (bgp ad w/ldp sig) and my Juniper's are configured as RFC4761 (bgp ad w/bgp sig). I pretty much understood this as I was config'ing it the other day, but I didn't think it would matter since all I wanted to do was get the

Re: [j-nsp] User Identity Awareness on SRX

Yes, If you need to have user ids populated in logs. 12.1X45-D10 and other support it. Sent from my iPhone > On Nov 23, 2015, at 8:29 PM, james list wrote: > > Dear experts, > > is SRX supporting the User Identity Awareness feature as Checkpoint does ? > > >

Re: [j-nsp] User Identity Awareness on SRX

Could you please send me a reference url ? Cheers Thanks 2015-11-23 17:32 GMT+01:00 Syed Iftikhar Ahmed : > Yes, If you need to have user ids populated in logs. > 12.1X45-D10 and other support it. > > Sent from my iPhone > > > On Nov 23, 2015, at 8:29 PM, james list

[j-nsp] Policy Based Routing

Our network Topology as this : http://forums.juniper.net/t5/image/serverpage/image-id/12913i3A1C52D8896D0604/image-size/original?v=mpbl-1=-1​ We have an MX80 router which has connection on ae0 to our isp root@mx80-core# show interfaces ae0 aggregated-ether-options { minimum-links 1;