MRU (Maximum Receive Unit) has a close relation to MTU but as far as I can see it has different effects in various active devices. For example setting an MTU value of 1000 on an Ethernet interface of a Linux machine or an SRX box doesn’t prevent the larger packet from being accepted. However if
Read More »
I would like to talk about couple of things in this post about MTU on JunOS; Why do we have two different MTU settings i.e at interface and logical level? What is the meaning of path mtu discovery on a junos box How MTU is important for OSPF? Actually all started with my OSPF tests
Read More »
I will configure GRE (Generic Routing Encapsulation) between two Juniper SRX firewal devices. If you want to learn more about the protocol see RFC2784. I will just demonstrate how two networks can be connected to each other via a tunnel. I will also show how SRX security policy should be configured in order to pass
Read More »
I will briefly write about Branch SRX alarm led and reset button in this post. 1) Alarm led Today when I deleted my rescue configuration via; > request system configuration rescue delete command, then minutes later I noticed that alarm led on the front panel turned to amber. First I couldn’t guess that alarm is
Read More »
If you want to capture some icmp traffic destined for a Junos router by using “monitor traffic“, you must re-think what you are doing. For example you issued the following command and you started ping from another host towards this Junos router. admin@host> monitor traffic interface ge-0/0/1 matching "icmp or tcp" verbose output suppressed, use
Read More »
There is a very handy feature in junos which you may find very useful if you have lots of junos devices. JunOS can send your active configuration after every commit to a configured remote destination server by using scp,http or ftp protocols. A small configuration is sufficient to achieve this. For example with the configuration
Read More »
When I was looking at one of my earlier posts, I noticed that sometimes I do repeat cli commands manually instead of scripting. Life is short! If you can’t find any other shell, junos has also C shell and following is a simple loop which generates several commands following a similar pattern. For example I
Read More »
If you want to prevent root user being used in ssh logins, one command is sufficient to accomplish this. After commit, root user will be rejected and you can login with any other super-user. #set system services ssh root-login deny
DHCP configuration is very straight forward in junos. However if you are like me, you can even forget that gateway address must be within the advertised pool. Here is a simple config set system services dhcp default-lease-time infinite set system services dhcp domain-name rtoodtoo.net set system services dhcp name-server 8.8.8.8 set system services dhcp name-server
Read More »
When I booted my SRX device I saw the following output on the console; WARNING: THIS DEVICE HAS BOOTED FROM THE BACKUP JUNOS IMAGE It is possible that the primary copy of JUNOS failed to boot up properly, and so this device has booted from the backup copy. Please re-install JUNOS to recover the
Read More »