Traffic sent across RSVP-signaled LSPs without any additional configuration is susceptible to quite some down-time when a node or a link in the network fails. In a previous article here, I made an LSP more robust by configuring a primary and a secondary LSP. Let’s further enhance the LSP by... [Read More]
Primary and secondary LSPs for RSVP signaled LSPs
A failure somewhere in the network can cause for traffic traversing an RSVP-signaled LSP to drop. Several possibilities exist to reduce the impact a failure can have on RSVP-signaled LSPs. This article is about the creation of a secondary standby path in order to reduce downtime that is incurred upon... [Read More]
Juniper QFX vlan-swapping
This is a quick and short article on how to perform vlan-swapping on a Juniper QFX5100. I was used to tunneling vlans in a QFX5100 by using the push-operation available through a vlan-map. With this in mind I was struggling to get vlan translation on the QFX5100 working. I was... [Read More]
Basic RSVP signaled LSP on MX
This article is about the basic configuration on how to get an RSVP signaled MPLS LSP (label-switched path) working on a Juniper MX router. The focus will be on the minimum amount of configuration needed to create LSPs between the Tiberius and the Commodus router: [Read More]
Juniper MPLS VPN OSPF sham-link
This is an example on using the OSPF sham link in a BGP signaled MPLS VPN. The scenario is as follows: [Read More]
Juniper cos notes
These notes cover CoS on Juniper devices. The list of topics covered here correspond to the JNCIP-SP exam objectives. One objective is missing. I will cover the 'Given a scenario, demonstrate knowledge of how to configure and monitor CoS' somewhere else. [Read More]
Single-rate two-color policer on an EX.
Policing, also known as rate-limiting, can be used as an instrument to control how much traffic is allowed to flow in a certain direction. In Juniper, you can do this by using a policer as an action in a firewall filter. This article is about the configuration of two simple... [Read More]
Juniper multihomed IP VPN location.
This article offers some insight into how you could decide to build a multihomed Layer 3 IP VPN or Layer 3 MPLS VPN. First I’ll go over the topology. After this, you will find the PE and CPE configuration. I’ll end with some verification and show commands. The topology: [Read More]
QFX5100 802.1Q Tunneling (Q-in-Q)
A QFX5100 allows for dot1q-tunneling, or Q-in-Q. If you ever configured dot1q-tunneling on an EX-switch, this configuration differs a lot from what you may be used to. This article offers an attempt to clarify and explain the configuration of a dot1q-tunnel on a standalone QFX5100 without an enhanced feature license.... [Read More]
Juniper LDP, follow that label
This article explains how you can analyze the forwarding table on Junos. On this lab, I altered several metrics to make the traffic flow look like this: [Read More]
Juniper MPLS VPN basics.
For a little while now, I have been wanting to do a Juniper IP VPN lab. I wanted to gather most of the basics into one post. In this post, I will elaborate on the different protocols and how they are configured. The complete configuration is posted at the bottom... [Read More]
Juniper QFX and storm control
Recently, I deployed a VCF consisting of some QFX5100's and some EX4300's. I found that the default configuration did not really protect the network well enough and I thought I’d share it in this post. On the QFX, you’ll find that storm-control is enabled by default. The first thing you'll... [Read More]
Juniper OSPF authentication options.
In Junos , OSPF authentication can come in one of three ways; none, simple or MD5. The default is to have no authentication. This means that the router will form a neighbor relationship with a neighboring router as long as the proper fields in the OSPF Hello’s are matching. Another... [Read More]
Using apply-path in a prefix-list on Juniper.
Juniper's Junos offers a lot of flexibility as well as nifty little tricks. I recently ran into the situation in which 'apply-path' really came in handy. For a particular service, a different subnet was provisioned under the same interface over and over again. I wanted to advertise all of the... [Read More]