Once you are familiar with one firewall, sometimes it is difficult to be comfortable on another firewall. Here I will list 2 things that you do differently on these firewalls. At least these were the first things I noticed. 1) PING On an SRX firewall, if you ping a remote address, command will be accepted.
Read More »
OSPF has slightly different way of removing routes compared to BGP. On this short post, I will present how a link failure is propagated to other routers on OSPF domain. For this test, I have the following topology section in which AREA3 is connected to AREA0 and we simulate a link failure on the Junos
Read More »
What happens when you change a BGP import routing policy in your neighbor configuration? Changes take effect immediately or we need to issue the soft-inbound command to request the routes? Let’s see by an example. We received the route 10.83.0.0/24 from 10.82.1.9 already as you see below. root@J29> show route protocol bgp terse 10.83.0.0/24 inet.0:
Read More »
On this micro post, I would like to show one reason why a BGP open message receives a TCP RST. For this test, I set up a BGP neighborship between two peers: PeerA(10.82.1.9) and PeerB(10.82.1.10) PeerA initiates the connection and look what happens in the packet capture. According to the sequence, TCP seems to have
Read More »
On this post, I will show an example of loop prevention on OSPF protocol. There is a nice document at here about the principles of loop prevention. What I will just do is to show this on Junos. In order to show this, I am using the following topology; On this topology, J40 and J32
Read More »
On this post, I will try to show how OSPF behaves when there are two equal cost paths towards a destination. To demonstrate this, I have prepared my usual topology. On this topology all routers are running OSPF but our focus is on the router J32 which is circled at the bottom and our destination
Read More »
OSPF sometimes can be a confusing protocol. For example if you turn on a light switch, you simply get the immediate result: Light is on. What if when you turn on the light switch but you see the shining light bulb after 40 seconds then it is more difficult to understand the result of your
Read More »
It can be annoying if you are new to SRX and your SSH connection towards the firewall keeps timing out. You can of course activate keep alive on your SSH client or play with the default ssh timeout on SRX itself. First let’s see how we can check the current timeout. root@J200> start shell user
Read More »
After a year of being away from SRX, I have noticed that I forgot the CLI command to set a static hostname to IP mapping. If you haven’t used this feature so far, it simply allows you to have a /etc/hosts file similar to what we have in Linux and here is how we set
Read More »
I think most of us watched the movie Inception in which there was dream within a dream. It was a bit of confusing at some point. There is a Linux version of it 🙂 terminal within terminal provided by the fantastic tool tmux (terminal multiplexer). I use this tool during some troubleshooting scenarios when I
Read More »
You must be logged in to post a comment.