Free Network Tutorials Posts

Step1:Configure ECMP routing policy set policy-options policy-statement LBPOLICY then load-balance per-packet Step2: Export the policy to forwarding table set routing-options forwarding-table export LBPOLICY  Verification: (Use the command “show route forwarding-table”) user1@QFX-re0> show route forwarding-table Routing table: default.inet Internet: Enabled protocols: Bridging, Destination        Type RtRef Next hop           Type Index    NhRef Netif 192.168.200.0/24    user     0                    ulst  2097150  4215          …

Juniper

“We Love Oranges AS Oranges Mean Pure Refreshment” W Weight (Highest) L LOCAL_PREF (Highest) O Originate (local) routes that are advertise through the “network” command or redistributed from an IGP. AS AS_PATH (shortest) O ORIGIN Code (IGP > EGP > Incomplete) M MED (lowest) P Paths (External > Internal) R RID (lowest) Share this…FacebookPinterestTwitterLinkedinReddit

Networking

SNMPv2c community: snmpcomm123 management IP address: 192.168.10.100 SNMP Polling Server: 192.168.20.199 SNMP Trap Server: 192.168.20.200 SNMPv2c Polling Configuration: ipv4 access-list SNMP-ALLOW  10 permit ipv4 host 192.168.20.199 any snmp-server contact DC-ADMIN snmp-server location Datacentre snmp-server trap-source Loopback0 snmp-server community snmpcomm123 RO SystemOwner IPv4 SNMP-ALLOW   SNMPv2c Traps Configuration: configure snmp-server traps snmp-server host 192.168.20.200 traps snmpcomm123   Verify: /usr/bin/snmpwalk -M /usr/local/snmp/mibs -v2c -c snmpcomm123 192.168.10.100:161 sysDescr.0 SNMPv2-MIB::sysDescr.0 = STRING: Cisco IOS XR Software (Cisco ASR9K Series),  Version 6.2.3[Default] Copyright (c) 2018 by Cisco Systems, Inc. SNMPv3 user: snmpuser Security Level:…

Cisco

SNMPv2c community: snmpcomm123 management IP address: 192.168.10.100 SNMP Polling Server: 192.168.20.199 SNMP Trap Server: 192.168.20.200 Configuration: set snmp name JUNIPER-SNMP set snmp description “Juniper SNMP” set snmp location Datacentre set snmp community snmp routing-instance mgmt_junos set snmp community snmpcomm123  clients 192.168.10.100/32 Traps Configuration: set snmp trap-options source-address 192.168.10.100 set snmp trap-options agent-address outgoing-interface set snmp trap-group JUNOS_GROUP version v2 set snmp trap-group JUNOS_GROUP destination-port 162 set snmp trap-group JUNOS_GROUP categories authentication set snmp trap-group JUNOS_GROUP categories chassis set snmp trap-group…

Juniper

In related to configuring management interface in Juniper, NTP traffic should go via the management port and not through the data ports. Pre-requisite configuration can be found here: https://freenetworktutorials.com/configuring-management-interface-in-juniper-routers/ NTP Server1: 192.168.10.101 NTP Server1: 192.168.10.102 Configuration: set system ntp server 192.168.10.101 routing-instance mgmt_junos set system ntp server 192.168.10.102 routing-instance mgmt_junos set system ntp source-address 172.16.0.100 routing-instance mgmt_junos where: 172.16.0.100 is your management (em0) interface IP Sample Firewall configuration: set firewall family inet filter FIREWALL-RE term NTP-PERMIT from source-prefix-list NTP-LIST set…

Juniper

One of the best security practices in networking is separation of management traffic and data/control traffic. One way to achieve this is to use the management ports of Juniper devices to physically connect it preferably to different network. The management Ethernet interface is usually em0 or fxp0 in Juniper, and provides out-of-band(OOB)management network of the device. Assuming UTP cables are already connected to both management ports of both routing engine (RE) of the Juniper devices, here are the steps to…

Juniper

As per Cisco official site definition of FPD: An FPD refers to any programmable hardware device on a router, which includes a Field Programmable Gate Array (FPGA) and Read Only Memory Monitor (ROMMON). Cisco IOS® XR routers use a number of FPDs that are crucial for the function of route processors, line cards, shared port adapters (SPAs), SPA Interface Processors (SIPs), and fan trays. Sample of upgrading fpd in ASR9000 running in IOS-XR. Linecard used is 24x10GE Tomahawk linecard. A.…

Cisco Juniper

SSH Configuration Examples in Cisco (IOS,IOS-XE,NX-OS,IOS-XR) and Juniper(JunOS) Here are the configuration examples: whereas: 192.168.100.100 = Jumphost IP (Allowed IP to SSH into the device) Cisco: Prerequisites in configuring SSH for Cisco devices include SSH key generation, please refer to Cisco Official Documentation. command: crypto key generate rsa Preferably, RSA key bits at least 2048, else use 1024 for better security IOS: ip ssh version 2 line vty 0 4 access-class 101 in exec-timeout 5 0 password 7 01234ABC login…

Cisco

Configuring Cisco to authenticate (also including authorization and accounting) to Tacacs+ server 10.10.10.10 – Tacacs+ AAA server 20.20.20.2 –  Loopback IP Cisco: IOS: aaa authentication login VTY group tacacs+ line aaa authentication enable default group tacacs+ enable aaa authorization commands 1 default group tacacs+ none aaa authorization commands 15 default group tacacs+ none aaa accounting exec default start-stop group tacacs+ aaa accounting commands 1 default start-stop group tacacs+ aaa accounting commands 15 default start-stop group tacacs+ tacacs-server host 10.10.10.10 single-connection…

Cisco

Static Route Configuration Examples in Cisco (IOS-XR)  for BGP aggregated prefix advertisements In order to advertise the aggregated routes (and default routes) via BGP, it should exists in the routing table, that’s the #1 rule. If these summarized routes (/16) are not existing and only smaller subnets are learned via the IGP(e.g. OSPF,IS-IS), then configure static route and next hop e.g. Null0. Configuration: router static address-family ipv4 unicast 0.0.0.0/0 Null0 172.16.0.0/16 Null0 ! address-family ipv6 unicast ::/0 Null0 fd41:c8be:2153:f400::/64 Null0…

Cisco