DDOS_PROTOCOL_VIOLATION_SET warning
All of a sudden things may start go wrong in your juniper switches and when you examine the logs you see the followings;
All of a sudden things may start go wrong in your juniper switches and when you examine the logs you see the followings;
I am currently deploying a Viptela vEdge 17.2.x series in my ESX lab however as soon as I fired up multiple vEdges I noticed CPU utilisation went through the roof. Server couldn’t handle 4-5 instances as each consumes around 8GHz. This was very familiar to me from virtual SRX experience due to continuous polling and
Read More »
Check that stupid interface statistics first if things are god damn wrong One network guy says I thought it is better to write the summary of the ports first. I have had multiple layer 2 loops in my career and they were mostly disastrous. I think there is nothing more scary than a layer 2
Read More »
As a network engineer, you might receive a request from your colleagues probably Desktop team to configure network devices for PXE server. If you don’t know what PXE, how it works and configured, I will try to answer those questions on this post. Mostly I will focus on Windows imaging which I mostly configured devices
Read More »
Normally if you want to advertise a route to your BGP neighbor, the route you want to announce must be available in your routing table but in Palo Alto Networks there is a nice trick which is quite handy. Where can it be really handy? For example you have a subnet which you only use
Read More »
SRX platform has two types of security policy: Zone Based and Global and you can mix these two but when mixed it is also posing some challenges. If you want to convert all zone based policies to global, normally there is no builtin tool. Maybe Junos Space provides such tool but I am not aware
Read More »
When I need to configure SNMPv2 on a Juniper device and routing instance is involved, I always forget to enable some knobs. Here is a quick one which allowed me to query an EX switch through its VR (in my example VR name is ISP1). You can also specify your specific VR name under “routing-instance-access”
Read More »
Have you ever wanted to list the trunk ports on a Juniper EX switch? Unfortunately there doesn’t seem to exist a single dedicated command for this purpose. In the past I used to use the following command: > show ethernet-switching interfaces detail | match Trunk but this is not working on new releases. Juniper keeps
Read More »
I have written a small python3 script to convert SRX address books which are in zone base format to global. There was already a ready script on juniper forums but I saw they lack duplicate address checks and it couldn’t connect to some SRX devices. Below is the link to the code and how it
Read More »
Recently I upgraded dozens of SRX240H2 and SRX340 series Juniper firewalls and around %10 of SRX240H2 boxes either crashed during upgrade or after upgrade and none on 340 series. Although 340 is a newer platform, I would like to be positive and believe the fact that Juniper has improved both hardware and software quality. What
Read More »