Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides

FAQ
It is currently Fri Dec 15, 2017 1:21 am


News News of Routing and dynamic routing protocols

Site map of Routing and dynamic routing protocols » Forum : Routing and dynamic routing protocols


 [ Total topics 23 Go to page 1, 2, 3

Message
 Post subject: BGP Notification Message (3), length: 21, OPEN Message Error (2), subcode Authentication Failure
PostPosted: Fri Nov 03, 2017 8:24 am 
When Junos is configured for an external BGP session with a neighbor not directly connected, without the "multihop ttl 2" configuration statement, it will fail to accept the neighbor with a notification message following the open message:
Code:
   Notification Message (3), length: 21, OPEN Message Error (2), subcode Authentication Failure (5)


There is no fix, but correct configuration: if ebgp neighbor is not directly connected, it's mandatory to:
# set protocols bgp group <GROUP> multihop ...

Read more : BGP Notification Message (3), length: 21, OPEN Message Error (2), subcode Authentication Failure | Views : 68 | Replies : 0

Top
 Post subject: JUNOS BGP: How to drain a BGP peering router gracefully without bgp session reset
PostPosted: Thu Sep 14, 2017 10:09 am 
As many of us found out the hard way, certain export policy changes at neighbor level will hard reset the bgp session due to Junos internal architecture of update groups.

When a peering BGP router (or any bgp router for that matter) needs to be drained for maintenance, there aren't many obvious options:
1. disable bgp.
2. set import/export policies at neighbor level that reject everything.
3. disable interfaces towards bgp neighbors.

1st resets BGP ...

Read more : JUNOS BGP: How to drain a BGP peering router gracefully without bgp session reset | Views : 152 | Replies : 0

Top
 Post subject: Junos "show bgp summary" shows different outputs for neighbors
PostPosted: Tue Jun 14, 2016 2:56 pm 
The "show bgp summary" in Junos shows all configured or established neighbors (there can be RR clients that are not configured, but are established).

More information about output of "show bgp summary" is documented on Juniper website: http://www.juniper.net/documentation/en_US/junos15.1/topics/reference/command-summary/show-bgp-summary.html

The output includes both internal and external neighbors with a small difference. Internal neighbors (even they only use ipv4 unicast AFI/SAFI) show up as "ESTABL" and a line below shows the RIB and statistics.

For external BGP ...

Read more : Junos "show bgp summary" shows different outputs for neighbors | Views : 900 | Replies : 0

Top
 Post subject: BGP question
PostPosted: Thu Jun 02, 2016 1:14 pm 
Hello Everyone,

i have situation where i'm receiving a /26 subnet via CPE router and i only want to advertise /29 subnet to EBGP. is there any way to do that? i can't advertise whole /26 as it breaks other customer. Note: /29 prefix does not live on the box so i can't advertise them directly. Any help would be highly appreciated.

Note: Using Juniper MX box

so far what i did is

static { ...

Read more : BGP question | Views : 567 | Replies : 6

Top
 Post subject: Injecting a default route in an OSPF NSSA area from a Juniper device
PostPosted: Sun Mar 15, 2015 5:24 pm 
OSPF not-so-stubby area is described in RFC 3101 (https://tools.ietf.org/html/rfc3101) and it’s main characteristics are that it does not accept OSPF external LSAs (Type 5) as a stubby area, but it allows injection of AS external prefixes, as a normal area. It makes use of Type 7 LSAs that get translated into Type 5 External LSAs by the ABR into the rest of the OSPF domain. Section 1.3 of the RFC describes NSSA areas better than ...

Read more : Injecting a default route in an OSPF NSSA area from a Juniper device | Views : 3303 | Replies : 0

Top
 Post subject: Understanding the OSPF External NSSA LSA Metric Type 1 with JunOS examples
PostPosted: Sun Mar 15, 2015 1:51 pm 
This week, an interesting deployment was presented by a colleague where one SRX device was deployed as a central device (enterprise HUB / customer edge) with a link towards managed MPLS service in OSPF area 0 and two ipsec tunnels in OSPF area 1(NSSA). One IPSEC tunnel (st0.0) flowing through the internet and the other (st0.1) through the provider MPLS service as in the above diagram. This is typical deployment of site-to-site connectivity that Enterprises ...

Read more : Understanding the OSPF External NSSA LSA Metric Type 1 with JunOS examples | Views : 1631 | Replies : 0

Top
 Post subject: How to configure Junos ipv6 default route
PostPosted: Mon Feb 16, 2015 6:29 pm 
IPv6 traffic is classified as “inet6” family in Junos routing operating system. The default routing table holding ipv6 routes is named inet6.0.

IPv4 default route is formed of four 0 octets with a zero mask: 0.0.0.0/0 or 0/0 in Junos. In the same manner, rhe IPv6 default route expressed as sixteen 0 octets expressed by a zero subnet mask. But all sixteen bytes can be compressed into two consecutive colons - ::/0.

Check IPv6 prefixes/routes ...

Read more : How to configure Junos ipv6 default route | Views : 3418 | Replies : 0

Top
 Post subject: OSPF neighbors stuck in ExStart - case 1 - interface type mismatch
PostPosted: Wed Dec 10, 2014 5:42 am 
OSPF neighbors stuck in ExStart - case 1 - interface type mismatch


So we know that on a broadcast segment, two neighborship between two OSPF routers will allways be FULL given that all conditions are met. When there are more than two neighbors, the Designated Router and Backup Designated Router form a FULL adjacency with all routers on the segment and the DROthers will remain in 2-way state with each other. This is to avoid ...

Read more : OSPF neighbors stuck in ExStart - case 1 - interface type mismatch | Views : 4284 | Replies : 0

Top
 Post subject: Significance of "receive" next-hop static routes in JunOS
PostPosted: Tue Dec 02, 2014 6:17 pm 
Significance of "receive" next-hop static routes in JunOS

One of the many next-hop options for static routes in Junos is the "receive" next-hop.

Based on Juniper manual for static routes:

http://www.juniper.net/techpubs/en_US/junos13.2/topics/reference/configuration-statement/static-edit-routing-options.html,
Quote:
Quote:
receive—Install a route for this next-hop destination into the routing table.
The receive option forces the packet to be sent to the Routing Engine.

The receive option can be useful in the following cases:

For receiving MPLS packets destined to a VRF ...

Read more : Significance of "receive" next-hop static routes in JunOS | Views : 2746 | Replies : 0

Top
 Post subject: BGP: Multihomed AS with more specific prefixes geographically split
PostPosted: Mon Nov 24, 2014 12:17 pm 
BGP: Multihomed AS with more specific prefixes geographically split
Attachment:
BGP-AS-multihomed-dual-ISP1.png


In the following lab, I tried to confirm if what some case studies available on the internet state is true regarding a dual-ISP multihomed

organization.

Let's say AS100 is geographically split. It owns 10.1.20/23 prefix. The requirement is to have incoming traffic for 10.1.20/24 via

location A and incoming traffic for 10.1.21/24 via location B.

Until recently, I was thinking this ...

Read more : BGP: Multihomed AS with more specific prefixes geographically split | Views : 572 | Replies : 0

Top
 [ Total topics 23 Go to page 1, 2, 3


Last 10 active topics


Shell Scripting and Programming

No new posts BASH shell script to mointor a directory and move file without overwriting destination
View the latest post
No new posts FreeBSD: Install python package manager (pip)
View the latest post
No new posts Shell scripting
View the latest post

OpenLDAP - Lightweight Directory Access Protocol

No new posts Synchronize OpenLDAP and Microsoft Active Directory
View the latest post

Routing and dynamic routing protocols

No new posts BGP Notification Message (3), length: 21, OPEN Message Error (2), subcode Authentication Failure
View the latest post
No new posts JUNOS BGP: How to drain a BGP peering router gracefully without bgp session reset
View the latest post

TCP/IP Networking

No new posts Problem pinging and using server with mobile hotspot
View the latest post

Memory, Storage, Backup and Filesystems

No new posts FreeBSD: List disk drives and re-scan after adding hot-add disk (in virtual environments)
View the latest post

Apache, Nginx, Lighttpd and other web server software

No new posts NGINX: 413 Request Entity Too Large
View the latest post

System administration

No new posts MAC OS X: read image/jpeg EXIF information on command line
View the latest post

Login

Username:   Password:   Log me on automatically each visit  

Statistics

Statistics

Total posts 612 | Total topics 982 | Total members 1192



News News Site map Site map SitemapIndex SitemapIndex RSS Feed RSS Feed Channel list Channel list


Delete all board cookies | The team | All times are UTC - 5 hours [ DST ]



phpBB SEO