In this post I will show two flavours of configuring a LAN-to-LAN IPsec VPN tunnel with Juniper SRX: policy-based and route-based. I have been under impression that those ways are mutually exclusive so that only one way is valid for a given endpoint in the opposite side. How wrong have I been. Here is the […]
Category: Networking
Juniper SRX Traffic Processing
Some pointers to documentation in juniper.net that describe the traffic processing in Juniper SRX platform: Juniper Networks Devices Processing Overview (Junos 12.1X47) Flow-Based Processing Feature Guide for Security Devices (Junos 12.1X47) SRX Getting Started — Troubleshooting Traffic Flows and Session Establishment (KB16110) Short version of the processing order: Per packet policer Per packet filter For […]
Setting Up a Syslog Server
In the field of networking it is very useful to have a centralized location for your logs as the system itself (the network) is distributed. Syslog is the usual method of collecting the logs. There are lots of different solutions to collect syslogs, ranging from general-purpose servers or virtual machines running some syslog daemon software […]
Juniper SRX Old and New DHCP, with Problems
At some point I tried to configure Juniper SRX100 with DHCPv6 server, with no luck. The configurations didn’t just work. I gave up at that time, but returned to the matter some days ago. I realized something in Junos DHCP configurations: people are talking about “old” and “new” ways to configure DHCP server and client […]
Cisco Nexus FEX Lineup
Cisco has had Fabric Extenders in their Nexus datacenter switch portfolio since 2009. Since there are various models and they all are still appearing in the datacenters here is a summary of all the different FEX models. Updated on 12-Oct-2014: Added Nexus 2348TQ. Updated on 22-Apr-2015: Added Nexus 2332TQ. Nexus 2148T Nexus 2148T was the […]
Cat6500/6800 IOS 15SY Feature and Packaging Information
Have you ever wanted to find out what are the differences in Cisco Catalyst 6500/6800 IOS packages (or feature sets)? This is apparently the best source I’ve ever found: Cisco IOS Software Major Release 15SY on Cisco Catalyst 6500 Series Switches (cisco.com) It has a clear table of all the packages (IP Base, IP Services, […]
Hostname or Path? Does It Matter?
I was recently taken to a discussion: Should the online service or application name be included in the hostname or the path of the site address? The actual discussion went a bit differently but the basic idea was just that. The customer has an own domain name (like majornetwork.net) which is also a well-known brand […]
Home Computing History
I did some inventory once again in my cabinets and found some remains of my previous computers and old accessories. The old hard disks are being wiped as I write this (IDE-USB adapter FTW!) so that I can throw them away. I stopped for a moment to refresh my memory about my home computing history […]
QSFP+ Specifics on Nexus 5500 and Nexus 6000 Series Switches
Some of you may be interested in QSFP+ connections with Cisco Nexus 5500 and Nexus 6000 series switches. The scope of this post is not to present all the different flavors of QSFP+ pluggables or all QSFP+ capable devices but I’ll present some special features that need to be understood and considered when deploying QSFP+ […]
Originating Default Route in OSPF in Junos
I have a Junos router (Juniper SRX) with the default route pointing to the ISP (IP and default route assigned by DHCP) and a pair of Cisco Nexus switches with OSPF routing between all the boxes. I needed to originate a default route from SRX to Nexus switches. First, in order to be able to […]