tuations.
>
> As to the status of this BCOP, there will be no update at the coming RIPE
> meeting in Krakow. If you are interested in the framework or potentially
> would like to contribute with your research, please let me know.
>
> Kind regards,
>
> Alena Muravska
>
&
Hello friends.
We're amidst a significant natural disaster unfolding in southern Brazil,
marked by heavy rainfall and devastating floods. I'm collecting as much
information as possible in order to produce valuable feedback to other
communities in the future and warn them about all the unpredictabl
Hi.
A separate one for each customer. Allocate the /64 and use whatever you’d
like (/64, /126, /127, etc.)
Luis
On Thu, 23 Jun 2022 at 08:08 Xuo Guoto wrote:
> Hello all,
>
> I have a question about RIPE-690. In section 4.1.1 it says:
>
>
> Using a /64 prefix from a dedicated pool of IPv6 pre
That is a great idea! I won't be able to attend but I can contribute with
anything that is shared online.
We all fight, in different degrees, a daily war for the survival of our
networks and there's a lot of apocryphal knowledge that should be shared.
Cheers,
Luis
Em seg., 25 de abr. de 2022 às
I work with telecom companies for years and DC is the standard for pretty
much all of them. If you have a small shelter or container you can deploy
an UPS DC system with a handful of batteries that will last for hours and
will not take much space. Look inside a mobile node B station and you’ll
only
The MPC7E-MRATE is only good if you have to add a few 100G ports to a large
chassis (i.e. MX960) that has lots of 10G interfaces and/or service cards.
It's about 2/3 of the price of a new MX10003 with 12x100G.
On Wed, Mar 4, 2020 at 12:45 PM Mark Tinka wrote:
>
>
> On 4/Mar/20 17:18, Tom Beecher
The 5448 and the 5048 are quite different. I have several 5048 in my plant
and when we questioned Juniper about a replacement with 100G interfaces
their engineers compared the config template from our 5048s and said the
5448 wasn't capable of doing some of the RSVP and RPM stuff we were doing
on th
Hey.
Anyone else using ALB on PTX boxes (10K)? We ran into some balancing issues
on a specific link and looking at the counters we don't see any counters
incrementing. Is this expected somehow? It's a regular p2p circuit, no
vlans or anything.
> show interfaces ae4 extensive | match Adapt
Ada
Hey.
Anyone here using PTX1Ks with multiple 100G LR4 links and third party optics?
We recently started deploying a few PTX1K routers in some locations
and we are getting some weird PCS errored blocks on LR4 interfaces. We
haven't tested with the official Juniper QSFP28 module yet, but we
tried wi
Same. Juniper is running WAY too late on an ACX5048 replacement with
100G interfaces. We had great expectations for the ACX5448 until we
saw the price list being 3-4x higher than the 5048.
Regarding the original question, I'd also check the MPC5 if your
budget is restricted and you have slots to s
Ask your SE, it might be faster.
But sometimes the piece of software that actually control those LEDs
(and the whole chassis) runs on the OS that you have just powered off.
Maybe the red LED means that there's no chassis mgmt at all. That's
why we get extremely loud fans on power up and they calm
VP all the way to the PEs.
Luis
On Tue, 29 Jan 2019 at 07:03 wrote:
> > From: Luis Balbinot
> > Sent: Monday, January 28, 2019 1:39 PM
> >
> > I have many LSPs from P1 to P4 and all have FRR protection (Juniper FRR,
> 1:1).
> > Even with two distinct paths from
lthough I haven't tested this in forever) if you enable
> no-node-protection under RSVP , that will prevent those interfaces from being
> available for any node or link bypass LSP to use.
>
> On Fri, Jan 25, 2019 at 11:51 AM Luis Balbinot wrote:
>>
>> Please let me
> On Jan 24, 2019, at 3:24 PM, Luis Balbinot wrote:
> >
> > That’s a good idea. I’m not 100% sure that this will prevent the creation
> > of bypass LSPs but I’ll give it a try.
> >
> > Thanks!
> >
> > Luis
> >
> > On Thu, 24 Jan 2019 at
his approach or just keep using a very
large metric on those links.
Luis
On Fri, Jan 25, 2019 at 7:02 AM Mark Tinka wrote:
>
>
>
> On 24/Jan/19 22:24, Luis Balbinot wrote:
>
> > That’s a good idea. I’m not 100% sure that this will prevent the creation
> > of bypass LSPs b
An explicit path that avoids the interfaces you are worried about
> Set the RSVP cost for the interfaces really high
>
> Dave
>
> On Thu, 24 Jan 2019 at 17:01, Luis Balbinot
> wrote:
>
> > It's a permanent thing.
> >
> > Th
like the one we
have with OSPF LFA would be nice.
Luis
On Thu, Jan 24, 2019 at 2:53 PM wrote:
>
> > Luis Balbinot
> > Sent: Thursday, January 24, 2019 4:45 PM
> >
> > Hi.
> >
> > How could I prevent a device from getting transit RSVP LSPs being
> &
Hi.
How could I prevent a device from getting transit RSVP LSPs being
established through it? I only want it to accept ingress LSPs destined
to that box.
Luis
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listi
>From 16.1R1 and up you should also configure the ip flow table sizes
as the default is 1024 entries for v4 if I'm not mistaken. Not sure if
this is your current issue but is something to consider as well. Also
check flex-flow-sizing as an option.
Luis
On Wed, Jan 2, 2019 at 7:51 AM A. Camci wro
Mini heart attacks :-)
Now seriously, I’ve seen none so far.
On Mon, 3 Sep 2018 at 07:40 Sebastian Wiesinger
wrote:
> * Phil Shafer [2018-09-01 20:28]:
> > "commit full" helps when daemons miss config changes (which they
> > shouldn't) or if you just want to say "because I said so", but it
> >
As root you can “mgd -I” to fix that. We also had the same issue and it’s
been fixed on 16.1R7. We never opened a JTAC case for that because we knew
the answer would be software upgrade since 16.1R7 was already out. The
cause was Netconf and it randomly occurred.
Strangely this was caused by the s
Sometimes carriers protect optical circuits using inexpensive optical
switches that have longer switching delays (>50ms). In these cases I'd
understand their request for a longer hold-time. But 3 seconds is a lot.
On Wed, 15 Aug 2018 at 20:02 Jonathan Call wrote:
> Anyone have experience with ho
How many flows are there in total? Is there a test appliance involved? We
had many issues with those in the past during service delivery tests.
Also I assume you are using MPCs and not DPCs and also that you are talking
about IP traffic. Please correct me if not.
Luis
On Wed, 8 Aug 2018 at 20:32
> I look into a preso I had and also this site…
> https://packetpushers.net/juniper-enterprise-serious-campus-networking/
>
> …and I see mention of the chip for the ACX5448 possibly being Qumran-based.
> Not sure if that helps y’all.
Yes, it is Qumran-based. 1M FIB, deep buffers, HQoS.
*Sounds
Hey.
Is anyone using PTX1Ks or 10Ks to terminate L2VPN/L3VPN services? I
have a very specific situation on some sites where I have to terminate
a few of those for my own management services and I don't really want
to deploy another PE just for that.
Are there any limitations besides some CoS stuf
> This issue is my turning up new MX960's that are simply connected together
> with Ciena 6500 DWDM for me to have an MTU issue via DWDM is actually a
> surprise to me. I pretty much always envisioned wave/lamda dwdm as darn near
> like having an actual fiber cable... no, not the case appar
> My understanding is that "ingress" and "transit" in relation to CCNHs is
> just a very misleading nomenclature.
> If you want to go by definition CCNHs are pointers between VPN and NH label
> -and transit boxes have no knowledge of VPN labels so go figure...
>
> But there are still several levels
only supports) its specific
> CCNH flavour:
> CCNH for ingress: MX
> CCNH for transit: PTX (I didn't asked for QFX10k).
> Olivier
>
> > On 10 feb. 2018 at 19:17, Luis Balbinot wrote :
> >
> > I was reading about composite chained next hops and it was not cle
Hi.
I was reading about composite chained next hops and it was not clear to me
whether or not MX routers support them for transit traffic. According to
the doc bellow it's only a QFX10k/PTX thing:
https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/transit-e
Hi.
Anyone else having issues with stalled counters on the Aggr counters
from MPLS-MIB? My LSPs are resignalled a few times a day because of
auto-bandwidth/reoptimization and after an event where the path gets
rerouted elsewhere sometimes the SNMP process stops updating those
objects until the pa
It's not the same chip, as Alexander pointed out. And it's not even
brand new, it's been around for 2 years now.
We are deploying our first 3 units next month and the only "bad" thing
is that you have to use Junos 17.3, so be prepared for an adventure.
But MX10003 is not better than MX960, it's d
Yeah, these are not the people you are looking for. Talk to operators, they
will let you know how IGP metrics are useless in today's networks, even the
enhanced metrics you are proposing.
You must take into consideration that almost all traffic engineering on
large networks is actually done using
Saku Ytti wrote:
> On 21 November 2017 at 14:12, Luis Balbinot wrote:
>
>> The DDoS protection factory defaults are very low in some cases. The
>> Juniper MX Series book has a nice chapter on that.
>
> Do you have an example? Most of them are like 20kpps, which ismore
> th
Most likely spoofed traffic or you don't have full tables or a default
route. A /18 will pull a lot of unwanted traffic.
The DDoS protection factory defaults are very low in some cases. The
Juniper MX Series book has a nice chapter on that.
On Tue, 21 Nov 2017 at 09:02 Karl Gerhard wrote:
> Hel
you might as well assign same number to every
> interface and use strict hop count.
>
> On 25 October 2017 at 22:41, Luis Balbinot wrote:
> > Never underestimate your reference-bandwidth!
> >
> > We recently set all our routers to 1000g (1 Tbps) and it was not a
> > tr
Never underestimate your reference-bandwidth!
We recently set all our routers to 1000g (1 Tbps) and it was not a
trivial task. And now I feel like I'm going to regret that in a couple
years. Even if you work with smaller circuits, having larger numbers
will give you more range to play around.
Lui
If possible try aiming for a full system restart, it will be less
painful and very straightforward (you'll need at least a one hour
window). Your PFEs will go through a warm reboot anyway if you upgrade
the software on the new REs. But please confirm that with your SE.
On Wed, Oct 18, 2017 at 2:47
Even on newer Junos if you don't enable the indirect-next-hop toggle
you'll still see krt entries with 0x2 flags.
On Tue, Apr 18, 2017 at 6:30 PM, Dragan Jovicic wrote:
> As mentioned on mx trio indirect-nh is enabled and can't be disabled.
> You could check with > show krt indirect-next-hop prot
In fact looking at JNPR market cap, I'm worried of long term
survivability of JNPR right now.
I agree with you Saku. All they talk about is SDN and software solutions.
We are trying to get a quote on PTX1Ks for a long time and they keep
pushing back and want more details on our network, as if th
Depending on your arrangement with Juniper the price for a backup RE
is negligible compared to the rest of the chassis (we got them for
free several times). There's really no reason to leave a blank RE slot
considering you have redundant SCBs.
Luis
On Tue, Nov 22, 2016 at 2:19 PM, Michael Hare w
Check out Observium. I don't know about this specific MIB, but it correctly
detects vlan memberships for me.
On Dec 9, 2015 14:32, "Chuck Anderson" wrote:
> Has anyone tried to use or implement polling of the Q-BRIDGE-MIB on
> any Juniper products, using either commercial or open source NMS
> so
An IGMP flood can easily bring the latest RE to it's knees. The default
DDoS protection settings for IGMP is way too high (20kpps) on MX boxes and
you should tweak it.
On Nov 8, 2016 20:28, "Alexandre Guimaraes"
wrote:
> Niall,
> Thank you for your help, I will review carefully your
> co
this? Have you opened a case for this maybe?
>
> Best
> Dragan
>
> On Tue, Oct 18, 2016 at 4:14 PM, Luis Balbinot
> wrote:
>
>> Hey.
>>
>> Is anyone else having issues with load-balancing on 15.1R4? I'm
>> getting these FPC errors in
Hey.
Is anyone else having issues with load-balancing on 15.1R4? I'm
getting these FPC errors in multiple boxes:
fpc0 LUCHIP(3) RMC 2 Uninitialized EDMEM[0x3ce333] Read (0x6db6db6d6db6db6d)
fpc0 LUCHIP(3) PPE_2 Errors sync xtxn error
fpc0 LUCHIP(3) PPE_15 Errors sync xtxn error
fpc0 PPE Sync XTX
e: Use the "strict" option to enable
> strict mode, which checks to see if any of the LSP next hops specified in
> the policy are up. If none of the specified LSP next hops are up, the policy
> installs the discard next hop.
>
> Best Regards,
> Krasi
>
>
>
Hi.
It's possible to set communities at the "protocol l2vpn" level in a
l2vpn routing-instance at three different places:
set interface xxx community yyy
set site xxx community yyy
set site xxx interface yyy community zzz
But these don't seem to change anything. Documentation on these
commands i
I got a quote from them a while ago, it's not worth it. The MPC we
quoted is available to us new from Juniper for $35k, used from Hula
for $10k and they asked $50k. Their prices float according to the
relationship you have with Juniper.
On Mon, Mar 28, 2016 at 1:49 PM, Colton Conor wrote:
> Graha
A good practice on MX480s would be to keep upstream and downstream ports at
separate MPCs if possible. Depending on your config the standard 256M
RLDRAM from some cards might be an issue in the not so near future. I'm not
sure how much RLDRAM those NG cards have though.
I don't see any advantages
+1M
Or a policy rule if it makes sense. Like IOS that allows you to apply a
route-map to every network statement under the BGP configuration.
On Jan 28, 2016 18:56, "Chuck Anderson" wrote:
> On Thu, Jan 28, 2016 at 02:30:52PM -0500, Jeff Haas wrote:
> >
> > > On Jan 28, 2016, at 2:16 PM, Chuck A
And remember that if you plan to accept prefixes from external
neighbors and send to the black hole route you need
"accept-remote-nexthop".
On Fri, Jan 15, 2016 at 3:20 PM, Johan Borch wrote:
> Thanks
>
> Setting route preference helped :)
>
> Johan
>
> On Fri, Jan 15, 2016 at 12:23 AM, Charles v
Take a look at the EX4550. Just pay attention on the number of routes it
supports and see if that suits you. It's not a core router, but neither is
the ME3600.
On Jul 13, 2015 11:54 AM, "Aaron" wrote:
> Hi everyone,
>
>
>
> I'm needing more 10 gig ports in my CO's for purposes of upgrading my FTT
Usually you'll get longer delays at the end of quarters due to a
higher demand (great deals and price cuts).
Someone from Juniper told me that large companies (with large orders)
are to blame for some of these longer delays.
Luis
On Fri, Jun 26, 2015 at 7:35 AM, Paul Stewart wrote:
> It can dep
Thanks Mark.
That's for a LAG, right? Not ECMP traffic.
Luis
On Wed, Jun 3, 2015 at 3:18 AM, Mark Tinka wrote:
>
>
> On 2/Jun/15 20:54, Luis Balbinot wrote:
>> Hi.
>>
>> If I have two EX4550s acting as P routers and they are connected by a
>> LAG how will
Hi.
If I have two EX4550s acting as P routers and they are connected by a
LAG how will the MPLS traffic be load balanced? How deep will the
hashing algorithm look into the packets?
Juniper says these EXs cannot do MPLS and ECMP. Is this still true?
Luis
__
Hi.
I'm resurrecting the topic from 2011. I'm working on a DDoS mitigation
tool and also needed a better resolution for my flows. The 300 seconds
default interval is hardcoded in several files but it's not that hard
to find and replace. The RRD structure is fine but could be better
tuned for bette
Thank you all for the help. I was really hoping there was more to it
and a BCOP on the matter would make sense. But it seems that today it
is pretty straightforward and easy without many caveats and
undocumented features.
I was also hoping for 4PE/4VPE one day...
Thanks.
Luis
On Thu, Oct 30, 20
4 10:23 PM, "Barry Greene" wrote:
>>
>>
>>
>>
>> On Nov 2, 2014, at 10:49 AM, Luis Balbinot wrote:
>>
>> > This is not something we see a lot in the LACNIC region. This might be
>> > a perfect example of a BCOP that is only good insid
like something that was pushed down on us from the sales
dept and not a good operational decision.
Luis
On Sat, Nov 1, 2014 at 10:28 PM, Chris Woodfield wrote:
>
> On Nov 1, 2014, at 16:26, Luis Balbinot wrote:
>
> Well, you shouldn't allow your AS customer advertise your prefi
Well, you shouldn't allow your AS customer advertise your prefixes on
transit links other than the ones he has with you. Actually, the other ISP
from which your customer buys transit shouldn't accept prefixes from your
CIDR originated by another AS in the first place, at least not without
consultin
How do I do it?
Really. I need it!
Luis
___
BCOP mailing list
BCOP@nanog.org
http://mailman.nanog.org/mailman/listinfo/bcop
I share the same opinion. The use of RPKI is *not* a current practice
and I still see it as experimental, even though the standards are
there and I see a bunch of "validation-state" flags in my routers
running stable software releases. The current adoption rate is too
low to consider it as genera
Hi.
I think we should try to get someone from PTT Metro in Brazil joining this.
In PTT Metro there are some peculiar situations, including large transit
providers exchanging freely with all members of the switching fabric. I'd
like to understand how they manage to avoid being exploited for free
tr
I would be glad to help too!
I think it would be relevant to include a topic on good manners.
Yesterday I had a transit customer with a /21 advertising 15 prefixes
to the global table. After a while I convinced him that a couple /22s
would be enough.
Luis
On Wed, May 21, 2014 at 12:40 PM, Bill A
63 matches
Mail list logo