Re: [j-nsp] Juniper EX4550 load balancing of MPLS traffic

Thanks Mark. That's for a LAG, right? Not ECMP traffic. Luis On Wed, Jun 3, 2015 at 3:18 AM, Mark Tinka mark.ti...@seacom.mu wrote: On 2/Jun/15 20:54, Luis Balbinot wrote: Hi. If I have two EX4550s acting as P routers and they are connected by a LAG how will the MPLS traffic be load

[j-nsp] Juniper EX4550 load balancing of MPLS traffic

Hi. If I have two EX4550s acting as P routers and they are connected by a LAG how will the MPLS traffic be load balanced? How deep will the hashing algorithm look into the packets? Juniper says these EXs cannot do MPLS and ECMP. Is this still true? Luis

Re: [j-nsp] Juniper hardware purchasing and delivery time

Usually you'll get longer delays at the end of quarters due to a higher demand (great deals and price cuts). Someone from Juniper told me that large companies (with large orders) are to blame for some of these longer delays. Luis On Fri, Jun 26, 2015 at 7:35 AM, Paul Stewart

Re: [j-nsp] Cisco ME3600 migration to something with more 10 gig ports

Take a look at the EX4550. Just pay attention on the number of routes it supports and see if that suits you. It's not a core router, but neither is the ME3600. On Jul 13, 2015 11:54 AM, Aaron aar...@gvtc.com wrote: Hi everyone, I'm needing more 10 gig ports in my CO's for purposes of

Re: [j-nsp] RTBH

And remember that if you plan to accept prefixes from external neighbors and send to the black hole route you need "accept-remote-nexthop". On Fri, Jan 15, 2016 at 3:20 PM, Johan Borch wrote: > Thanks > > Setting route preference helped :) > > Johan > > On Fri, Jan 15,

Re: [j-nsp] setting named communities on static routes

+1M Or a policy rule if it makes sense. Like IOS that allows you to apply a route-map to every network statement under the BGP configuration. On Jan 28, 2016 18:56, "Chuck Anderson" wrote: > On Thu, Jan 28, 2016 at 02:30:52PM -0500, Jeff Haas wrote: > > > > > On Jan 28, 2016, at

Re: [j-nsp] Core network design for an ISP

A good practice on MX480s would be to keep upstream and downstream ports at separate MPCs if possible. Depending on your config the standard 256M RLDRAM from some cards might be an issue in the not so near future. I'm not sure how much RLDRAM those NG cards have though. I don't see any advantages

Re: [j-nsp] Best Place to Buy Used Juniper

I got a quote from them a while ago, it's not worth it. The MPC we quoted is available to us new from Juniper for $35k, used from Hula for $10k and they asked $50k. Their prices float according to the relationship you have with Juniper. On Mon, Mar 28, 2016 at 1:49 PM, Colton Conor

Re: [j-nsp] Communities on l2vpn instances

-nexthop lsp lsp-name: Use the "strict" option to enable > strict mode, which checks to see if any of the LSP next hops specified in > the policy are up. If none of the specified LSP next hops are up, the policy > installs the discard next hop. > > Best Regards, > Kras

[j-nsp] Communities on l2vpn instances

Hi. It's possible to set communities at the "protocol l2vpn" level in a l2vpn routing-instance at three different places: set interface xxx community yyy set site xxx community yyy set site xxx interface yyy community zzz But these don't seem to change anything. Documentation on these commands

Re: [j-nsp] RES: MX10 - BGP and LDP sessions flapping without a reason

An IGMP flood can easily bring the latest RE to it's knees. The default DDoS protection settings for IGMP is way too high (20kpps) on MX boxes and you should tweak it. On Nov 8, 2016 20:28, "Alexandre Guimaraes" wrote: > Niall, > Thank you for your help,

[j-nsp] Load balancing errors on 15.1R4

Hey. Is anyone else having issues with load-balancing on 15.1R4? I'm getting these FPC errors in multiple boxes: fpc0 LUCHIP(3) RMC 2 Uninitialized EDMEM[0x3ce333] Read (0x6db6db6d6db6db6d) fpc0 LUCHIP(3) PPE_2 Errors sync xtxn error fpc0 LUCHIP(3) PPE_15 Errors sync xtxn error fpc0 PPE Sync

Re: [j-nsp] Load balancing errors on 15.1R4

t; Do you have any update on this? Have you opened a case for this maybe? > > Best > Dragan > > On Tue, Oct 18, 2016 at 4:14 PM, Luis Balbinot <l...@luisbalbinot.com> > wrote: > >> Hey. >> >> Is anyone else having issues with load-balancing on 15.1R4? I'm >

Re: [j-nsp] SNMP NMS support of Junos VLAN MIBs

Check out Observium. I don't know about this specific MIB, but it correctly detects vlan memberships for me. On Dec 9, 2015 14:32, "Chuck Anderson" wrote: > Has anyone tried to use or implement polling of the Q-BRIDGE-MIB on > any Juniper products, using either commercial or open

Re: [j-nsp] RE-S-X6-64G & ISSU?

Depending on your arrangement with Juniper the price for a backup RE is negligible compared to the rest of the chassis (we got them for free several times). There's really no reason to leave a blank RE slot considering you have redundant SCBs. Luis On Tue, Nov 22, 2016 at 2:19 PM, Michael Hare

Re: [j-nsp] Juniper PTX1000

In fact looking at JNPR market cap, I'm worried of long term survivability of JNPR right now. I agree with you Saku. All they talk about is SDN and software solutions. We are trying to get a quote on PTX1Ks for a long time and they keep pushing back and want more details on our network, as if

Re: [j-nsp] improving global unicast convergence (with or without BGP-PIC)

Even on newer Junos if you don't enable the indirect-next-hop toggle you'll still see krt entries with 0x2 flags. On Tue, Apr 18, 2017 at 6:30 PM, Dragan Jovicic wrote: > As mentioned on mx trio indirect-nh is enabled and can't be disabled. > You could check with > show krt

Re: [j-nsp] Syslog getting spammed by DDOS_PROTOCOL_VIOLATION_SET

Ytti <s...@ytti.fi> wrote: > On 21 November 2017 at 14:12, Luis Balbinot <l...@luisbalbinot.com> wrote: > >> The DDoS protection factory defaults are very low in some cases. The >> Juniper MX Series book has a nice chapter on that. > > Do you have an example? Most o

Re: [j-nsp] Syslog getting spammed by DDOS_PROTOCOL_VIOLATION_SET

Most likely spoofed traffic or you don't have full tables or a default route. A /18 will pull a lot of unwanted traffic. The DDoS protection factory defaults are very low in some cases. The Juniper MX Series book has a nice chapter on that. On Tue, 21 Nov 2017 at 09:02 Karl Gerhard

Re: [j-nsp] Best practice for igp/bgp metrics

g this design, you might as well assign same number to every > interface and use strict hop count. > > On 25 October 2017 at 22:41, Luis Balbinot <l...@luisbalbinot.com> wrote: > > Never underestimate your reference-bandwidth! > > > > We recently set all our ro

Re: [j-nsp] Best practice for igp/bgp metrics

Never underestimate your reference-bandwidth! We recently set all our routers to 1000g (1 Tbps) and it was not a trivial task. And now I feel like I'm going to regret that in a couple years. Even if you work with smaller circuits, having larger numbers will give you more range to play around.

[j-nsp] PTX as a PE

Hey. Is anyone using PTX1Ks or 10Ks to terminate L2VPN/L3VPN services? I have a very specific situation on some sites where I have to terminate a few of those for my own management services and I don't really want to deploy another PE just for that. Are there any limitations besides some CoS

Re: [j-nsp] RES: QFX5100 vs ACX5048

> I look into a preso I had and also this site… > https://packetpushers.net/juniper-enterprise-serious-campus-networking/ > > …and I see mention of the chip for the ACX5448 possibly being Qumran-based. > Not sure if that helps y’all. Yes, it is Qumran-based. 1M FIB, deep buffers, HQoS.

Re: [j-nsp] Routing Engine upgrade

If possible try aiming for a full system restart, it will be less painful and very straightforward (you'll need at least a one hour window). Your PFEs will go through a warm reboot anyway if you upgrade the software on the new REs. But please confirm that with your SE. On Wed, Oct 18, 2017 at

Re: [j-nsp] Experience with MX10003

It's not the same chip, as Alexander pointed out. And it's not even brand new, it's been around for 2 years now. We are deploying our first 3 units next month and the only "bad" thing is that you have to use Junos 17.3, so be prepared for an adventure. But MX10003 is not better than MX960, it's

[j-nsp] MPLS statistics SNMP issues

Hi. Anyone else having issues with stalled counters on the Aggr counters from MPLS-MIB? My LSPs are resignalled a few times a day because of auto-bandwidth/reoptimization and after an event where the path gets rerouted elsewhere sometimes the SNMP process stops updating those objects until the

Re: [j-nsp] Transit composite next hops

ch family supports (and only supports) its specific > CCNH flavour: > CCNH for ingress: MX > CCNH for transit: PTX (I didn't asked for QFX10k). > Olivier > > > On 10 feb. 2018 at 19:17, Luis Balbinot <l...@luisbalbinot.com> wrote : > > > > I was reading about

[j-nsp] Transit composite next hops

Hi. I was reading about composite chained next hops and it was not clear to me whether or not MX routers support them for transit traffic. According to the doc bellow it's only a QFX10k/PTX thing:

Re: [j-nsp] LACP hashing algorithm

How many flows are there in total? Is there a test appliance involved? We had many issues with those in the past during service delivery tests. Also I assume you are using MPCs and not DPCs and also that you are talking about IP traffic. Please correct me if not. Luis On Wed, 8 Aug 2018 at

Re: [j-nsp] Carrier interfaces and hold timers

Sometimes carriers protect optical circuits using inexpensive optical switches that have longer switching delays (>50ms). In these cases I'd understand their request for a longer hold-time. But 3 seconds is a lot. On Wed, 15 Aug 2018 at 20:02 Jonathan Call wrote: > Anyone have experience with

Re: [j-nsp] Configuration database stuck with mgd crashing

As root you can “mgd -I” to fix that. We also had the same issue and it’s been fixed on 16.1R7. We never opened a JTAC case for that because we knew the answer would be software upgrade since 16.1R7 was already out. The cause was Netconf and it randomly occurred. Strangely this was caused by the

Re: [j-nsp] mx960 to mx960 via ciena 6500 - mtu smaller in the middle

> This issue is my turning up new MX960's that are simply connected together > with Ciena 6500 DWDM for me to have an MTU issue via DWDM is actually a > surprise to me. I pretty much always envisioned wave/lamda dwdm as darn near > like having an actual fiber cable... no, not the case

Re: [j-nsp] Transit composite next hops

> My understanding is that "ingress" and "transit" in relation to CCNHs is > just a very misleading nomenclature. > If you want to go by definition CCNHs are pointers between VPN and NH label > -and transit boxes have no knowledge of VPN labels so go figure... > > But there are still several

Re: [j-nsp] inline-jflow monitoring

>From 16.1R1 and up you should also configure the ip flow table sizes as the default is 1024 entries for v4 if I'm not mistaken. Not sure if this is your current issue but is something to consider as well. Also check flex-flow-sizing as an option. Luis On Wed, Jan 2, 2019 at 7:51 AM A. Camci

Re: [j-nsp] Avoid transit LSPs

n explicit path that avoids the interfaces you are worried about > Set the RSVP cost for the interfaces really high > > Dave > > On Thu, 24 Jan 2019 at 17:01, Luis Balbinot > wrote: > > > It's a permanent thing. > > > > These boxes

Re: [j-nsp] QFX5100 red alarm after power-off

Ask your SE, it might be faster. But sometimes the piece of software that actually control those LEDs (and the whole chassis) runs on the OS that you have just powered off. Maybe the red LED means that there's no chassis mgmt at all. That's why we get extremely loud fans on power up and they calm

Re: [j-nsp] Avoid transit LSPs

or just keep using a very large metric on those links. Luis On Fri, Jan 25, 2019 at 7:02 AM Mark Tinka wrote: > > > > On 24/Jan/19 22:24, Luis Balbinot wrote: > > > That’s a good idea. I’m not 100% sure that this will prevent the creation > > of bypass LSPs but I’ll g

Re: [j-nsp] Avoid transit LSPs

gt; > On Jan 24, 2019, at 3:24 PM, Luis Balbinot wrote: > > > > That’s a good idea. I’m not 100% sure that this will prevent the creation > > of bypass LSPs but I’ll give it a try. > > > > Thanks! > > > > Luis > > > > On Thu, 24 Jan 201

[j-nsp] Avoid transit LSPs

Hi. How could I prevent a device from getting transit RSVP LSPs being established through it? I only want it to accept ingress LSPs destined to that box. Luis ___ juniper-nsp mailing list juniper-nsp@puck.nether.net

Re: [j-nsp] Avoid transit LSPs

ven't tested this in forever) if you enable > no-node-protection under RSVP , that will prevent those interfaces from being > available for any node or link bypass LSP to use. > > On Fri, Jan 25, 2019 at 11:51 AM Luis Balbinot wrote: >> >> Please let me know if you find some ot

Re: [j-nsp] Avoid transit LSPs

. Luis On Tue, 29 Jan 2019 at 07:03 wrote: > > From: Luis Balbinot > > Sent: Monday, January 28, 2019 1:39 PM > > > > I have many LSPs from P1 to P4 and all have FRR protection (Juniper FRR, > 1:1). > > Even with two distinct paths from P1 to P4 (both with much

Re: [j-nsp] Avoid transit LSPs

ne we have with OSPF LFA would be nice. Luis On Thu, Jan 24, 2019 at 2:53 PM wrote: > > > Luis Balbinot > > Sent: Thursday, January 24, 2019 4:45 PM > > > > Hi. > > > > How could I prevent a device from getting transit RSVP LSPs being > > establ

[j-nsp] PCS errors with PTX box

Hey. Anyone here using PTX1Ks with multiple 100G LR4 links and third party optics? We recently started deploying a few PTX1K routers in some locations and we are getting some weird PCS errored blocks on LR4 interfaces. We haven't tested with the official Juniper QSFP28 module yet, but we tried

Re: [j-nsp] 40Gig Ether for MX480

Same. Juniper is running WAY too late on an ACX5048 replacement with 100G interfaces. We had great expectations for the ACX5448 until we saw the price list being 3-4x higher than the 5048. Regarding the original question, I'd also check the MPC5 if your budget is restricted and you have slots to

[j-nsp] ALB on PTX

Hey. Anyone else using ALB on PTX boxes (10K)? We ran into some balancing issues on a specific link and looking at the counters we don't see any counters incrementing. Is this expected somehow? It's a regular p2p circuit, no vlans or anything. > show interfaces ae4 extensive | match Adapt

Re: [j-nsp] MX960 vs MX10K

The MPC7E-MRATE is only good if you have to add a few 100G ports to a large chassis (i.e. MX960) that has lots of 10G interfaces and/or service cards. It's about 2/3 of the price of a new MX10003 with 12x100G. On Wed, Mar 4, 2020 at 12:45 PM Mark Tinka wrote: > > > On 4/Mar/20 17:18, Tom

Re: [j-nsp] ACX5448 & ACX710

The 5448 and the 5048 are quite different. I have several 5048 in my plant and when we questioned Juniper about a replacement with 100G interfaces their engineers compared the config template from our 5048s and said the 5448 wasn't capable of doing some of the RSVP and RPM stuff we were doing on

Re: [j-nsp] ACX5448 & ACX710 - Update!

I work with telecom companies for years and DC is the standard for pretty much all of them. If you have a small shelter or container you can deploy an UPS DC system with a handful of batteries that will last for hours and will not take much space. Look inside a mobile node B station and you’ll