Objective: The PBR policy will be removed facing Uplink-Router once it detected that the server is unreachable. Policy-based routing (PBR) is a method used to make routing decisions based on policies. Scenario: Server1 providing web caching to customers for faster web page loading. Since there is route-map in place to route their http/https traffic to the next hop which is Server1, what if this server suddenly goes down?, the expected behaviour is the customer won’t be able to access websites.…
Free Network Posts
These are the steps in upgrading Juniper Routers. This was tested using the JunOS SRX router. Assumption: JunOS is downloaded and stored in an FTP server. Step1: Download the necessary image from the FTP server. Save it in the /var/tmp folder. user1@SRX-Router1> file copy ftp://user1@172.25.11.254/junos-vsrx-x86-64-19.2R1.8.tgz /var/tmp/ Password for user1@172.25.11.254: /var/home/user1/…transferring.file………ush100% of 1127 MB 5426 kBps 00m00s Step2: Verify the software package user1@SRX-Router1> file list /var/tmp | match junos junos-vsrx-x86-64-19.2R1.8.tgz user1@SRX-Router1> file list detail /var/tmp | match junos -rw-r–r– 1 user1 …
Objective: To configure port-channel and associate it to vlan. Servers will use Juniper-Router as their gateway and uplink to Internet. Server-switch have Layer 2 (access mode) connectivity to Juniper-Router. (see Fig.1) Fig.1 1. Configure the Vlan (interface vlan will be the server’s gateway) Juniper-Router# configure set vlans VLAN-8 description Server-Farm set vlans VLAN-8 vlan-id 8 set vlans VLAN-8 l3-interface irb.8 set interfaces irb unit 8 description “Server Farm Vlan” set interfaces irb unit 8 family inet address 192.168.8.1/24 2. Configure…
Objective: To configure port-channel and associate it to vlan. Servers will use Cisco-NXOS as their gateway and uplink to Internet. Server-switch have Layer 2 (access mode) connectivity to Cisco-NXOS router. (see Fig.1) Fig.1 1. Configure the Vlan (interface vlan will be the server’s gateway) Cisco-NXOS# configure vlan 8 name Server-Farm interface Vlan8 description Server Farm Vlan no shutdown ip address 192.168.8.1/24 2. Configure port-channel interface port-channel10 description Port-channel to Server-Switch switchport access vlan 8 3. Configure…
Objective: To separate management traffic from data/customer traffic in your Cisco XR routers. Preferably, Data and Management are into 2 separate network domains. Pre-requisite: UTP cables (for each RSP management port in case for switchover) are connected to a network switch to access the OOB management gateway * * Management IP Configuration* * 1. Configure the vrf for management vrf management description VRF for Out-of-Band address-family ipv4 unicast 2. Set the physical IP address on each RSP management port. There are total of…
Cisco IOS e.g. Vlan10 = interface management vlan NTP Server = 192.168.10.100 1. Configure ACL to deny NTP requests and query conf t access-list 100 remark to block NTP requests and query access-list 100 deny any 2. Configure ACL to allow only the NTP servers to peer or synch with access-list 200 remark NTP to peer access-list 200 permit 192.168.10.100 access-list 200 deny any 3. Configure NTP conf t ntp source Vlan10 ntp access-group peer 200 ntp access-group serve 100 ntp access-group…
By default in Juniper, LACP timer is fast which is 1 sec, while in Cisco the default setting is slow which is 30 secs. If connecting Juniper devices to non-Juniper routers or switches, the LACP timer will have mismatch thus it can cause LACP timing out due to not receiving PDU packets in a timely manner. show log messages | match lacp Sample error logs: user1@QFX-Router1-re0> show log messages | match lacp Sep 6 08:23:10.002 2020 QFX-Router1-re0 lacpd[7292]: %DAEMON-5-LACPD_TIMEOUT: xe-0/0/0:…
Tacacs/AAA/ISE Server: 192.168.10.222 Tacacs Password: tacpassword1 Router’s Management IP: 192.168.0.4 (under mgmt_junos routing instance) Assumption: There’s an existing local account e.g. “user1” set system login user user1 class super-user set system login user user1 authentication plain-text-password (passwordhere) 1. Configure the tacacs server IP set system tacplus-server 192.168.10.222 routing-instance mgmt_junos set system tacplus-server 192.168.10.222 secret tacpassword1 set system tacplus-server 192.168.10.222 single-connection set system tacplus-server 192.168.10.222 source-address 192.168.0.4 2. Configure authentication order (if tacacs cannot authenticate, will ask for local access user1) set system…
Here are the steps of configuring Equal cost multipath (ECMP) in Juniper routers for Load balancing purposes. Step1:Configure ECMP routing policy set policy-options policy-statement LBPOLICY then load-balance per-packet Step2: Export the policy to forwarding table set routing-options forwarding-table export LBPOLICY Verification: (Use the command “show route forwarding-table”) user1@QFX-re0> show route forwarding-table Routing table: default.inet Internet: Enabled protocols: Bridging, Destination Type RtRef Next hop Type Index NhRef Netif 192.168.200.0/24 user 0 …
Here is the most popular Mnemonic for Border Gateway Protocol (BGP) for Best Path Selection. This helps to easily remember on how BGP choosing its best path instead of memorizing it. “We Love Oranges AS Oranges Mean Pure Refreshment” W Weight (Highest) L LOCAL_PREF (Highest) O Originate (local) routes that are advertise through the “network” command or redistributed from an IGP. AS AS_PATH (shortest) O ORIGIN Code (IGP > EGP > Incomplete) M MED (lowest) P Paths (External > Internal) R RID (lowest)
Leave a Comment