The default is actually to clear the df-bit, which I have verified on the
srx, however, if this is case, then the traffic should be fragmenting when I
ping with large packets setting the df-bit. This setting should stay within
the encapsulated packet and then the outer ipsec packet is set to clear
It should be dependent on the "df-bit" setting on the VPN. I don't
remember which behavior is default, but setting it to "clear" may do
what you want.
:w
On Fri, Aug 10, 2012 at 12:36 PM, Terry Jones wrote:
> Greetings All,
>
>
>
> Could someone please point me in the direction of some good in
Greetings All,
Could someone please point me in the direction of some good information for
a current setup I have and would like to know what the expected behavior is.
I have a site-to-site VPN setup between two SRX's. I'm in a development lab
that has a static NAT out to the internet throu
Unless I'm missing a trick, apply-paths in a prefix list pulls the netmask in
when applied to interface ips. This is ok for lo0 filters, but not those on
transit interfaces.
Wayne Tucker wrote:
>You can probably achieve that using apply-path. This book has several
>good examples:
>
>http://ww
Should be a good turn out. For those of you interested and thinking about
scheduling some other business in Sunnyvale so that you can attend, we had
about 130 members for the first BAJUG meeting.
Thanks,
Doug
On 8/10/12 11:11 AM, "Stefan Fouant" wrote:
>On 8/10/2012 2:00 PM, Doug Hanks wrote:
On 8/10/2012 2:00 PM, Doug Hanks wrote:
It's time for the Bay Area Juniper Users Group again. October 16th 5.30pm.
Sign up for free at http://bajug.eventbrite.com
Kudos Doug, really good stuff... maybe I'll have to schedule some
training related travel to Sunnyvale so I can attend.
Thanks
It's time for the Bay Area Juniper Users Group again. October 16th 5.30pm.
Sign up for free at http://bajug.eventbrite.com
Thanks,
Doug
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/juniper-nsp
I solved the problem by removing the no-cspf statement from
label-switched-path configuration:
mumulox@mx5t> show route table inet.3 logical-system PE1 extensive
inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
192.168.1.2/32 (1 entry, 1 announced)
State:
*RSV
Annotate.
Regards,
Ken
-Original Message-
From: juniper-nsp-boun...@puck.nether.net
[mailto:juniper-nsp-boun...@puck.nether.net] On Behalf Of GIULIANO (WZTECH)
Sent: Friday, August 10, 2012 09:45
To: juniper-nsp@puck.nether.net
Subject: [j-nsp] Static Route Names
People,
Besides the u
Annotate. It is your friend.
Sent from my HTC on the Now Network from Sprint!
- Reply message -
From: "GIULIANO (WZTECH)"
Date: Fri, Aug 10, 2012 11:44 am
Subject: [j-nsp] Static Route Names
To:
People,
Besides the use of groups feature on JUNOS, how can name a static route ?
IOS has
On 8/10/12 11:33 AM, "Wayne Tucker" wrote:
>You can probably achieve that using apply-path. This book has several
>good examples:
>
>http://www.juniper.net/us/en/community/junos/training-certification/day-on
>e/fundamentals-series/securing-routing-engine/
>
>:w
>
>
>On Thu, Aug 9, 2012 at 7:37
It doesn't show up anywhere but the configuration, but what about annotate?
edit routing-options static
annotate route 10.0.0.0/8 "insert comment here"
:w
On Fri, Aug 10, 2012 at 8:44 AM, GIULIANO (WZTECH)
wrote:
> People,
>
> Besides the use of groups feature on JUNOS, how can name a static
People,
Besides the use of groups feature on JUNOS, how can name a static route ?
IOS has an option 'name' for static routes ... how can we do the same
thing in junos ?
Is it possible ?
There is some kind of description ?
Thanks a lot,
Giuliano
_
You can probably achieve that using apply-path. This book has several
good examples:
http://www.juniper.net/us/en/community/junos/training-certification/day-one/fundamentals-series/securing-routing-engine/
:w
On Thu, Aug 9, 2012 at 7:37 AM, Mark Menzies wrote:
> Yup, we can do selective packe
I've never tried to use node-protection in conjunction with a strict
path - but I suspect the two features are incompatible since the
protection path would disregard the strict path.
Try changing the path from strict to loose. That allows some
flexibility (though I believe every node in the path
Use an LT to crones-connect the bridge-domain with the vlan access interfaces
(which you do a push-vlan-tag on ingress), and stitch the LT into the VPLS
instance.
I was going to say "sure, put the access ports into a VPLS and do a vlan-push
on ingress; and a pop on egress" but yes, that raises
Hello
I want to setup an MX with multiple access ports in VLAN, I then want to bridge
that vlan into a VPLS instance.
So all L2, no interface vlan.XX stuff, is this possible?
thanks
___
juniper-nsp mailing list juniper-nsp@puck.nether.net
https://puck
This is the topology:
http://img52.imageshack.us/img52/5512/avpn.png
Sorry
On Fri, Aug 10, 2012 at 11:57 AM, Mihai Gabriel wrote:
> Hello,
>
> I am trying to test the node-protection feature in a lab using an MX5
> router with logical-systems and I can't find the reason why is not
> working.The
Hello,
I am trying to test the node-protection feature in a lab using an MX5
router with logical-systems and I can't find the reason why is not
working.The topology I use is here:
http://imageshack.us/photo/my-images/849/avpn.png/
All routers are configured for mls,rsvp,ospf,link-protection, but
19 matches
Mail list logo
