Your single source for Juniper Networks news, information and expert advice! (beta)
Posts by author:
Not a day that goes by since having passed the JNCIE-SEC exam that I don’t receive an inquiry in one form or another regarding how I prepared for the exam. It seems that there is an incredible amount of interest in this exam, especially from all those die-hard ScreenOS folks that are now converting to [...]
{ 0 comments }
In our previous article, we looked at using apply-groups to alter all the security policies uniformly on an SRX device such that they would all have an implicit logging statement. And while this is fine for all existing policies, it doesn’t log traffic which doesn’t match any explicitly defined security policy.
The reason for this is [...]
{ 0 comments }
Often there are instances where we want to affect all security policies configured on an SRX device. For example, let’s say that we have thousands of policies configured on our firewall, and we want to enable logging for every single policy. Obviously this would take some time if we were to do this manually on [...]
{ 0 comments }
Today we’ll start with a series of articles covering tips and techniques that might be utilized by JNCIE candidates, whether pursuing the JNCIE-SP, JNCIE-ENT, or even the JNCIE-SEC. The tips and techniques I will be covering might prove to be useful during a lab attempt but could also be used in real-world scenarios to save time [...]
{ 0 comments }
I am happy to announce that Juniper has just released a new Day One Guide entitled “Junos Tips, Techniques, and Templates 2011″. For this particular Day One Guide, Juniper Networks Books and J-Net joined forces and requested the best and brightest Junos tips and techniques from the Junos user community. In fact, the book was created [...]
{ 0 comments }
As many of you know, Juniper is currently undergoing a massive effort to update their certification program. The previous track in ‘Enterprise Routing’ is now changing to ‘Enterprise Routing and Switching’ incorporating elements from the previous certification track in addition to some new elements essential to Enterprise switching such as Spanning-Tree, VLANs, Layer 2 Security, [...]
{ 0 comments }
Spend a little time in Juniper, ARIN or a wide variety of other networking forums, and you’ll likely see the name Chris Grundemann. Recently, we had the opportunity to catch up with him, and discuss the nature of his involement in deploying IPv6 at tw telecom, as well as his recently published Juniper booklet entitled “Day One: Exploring [...]
{ 0 comments }
JUNOS High Availability: Best Practices for High Network Uptime
by James Sonderegger, Orin Blomberg, Kieran Milne, Senad Palislamovic
Paperback: 688 pages
Publisher: O’Reilly Media
ISBN-13: 978-0596523046
High Praises for JUNOS High Availability
Building a network capable of providing connectivity for simple business applications is a fairly straightforward and well-understood process. However, building networks capable of surviving varying degrees of failure and [...]
{ 0 comments }
Many networks today are striving for “five nines” high availability and beyond. What this means is that network operators must configure the network to detect and respond to network failures as quickly as possible, preferably on the order of milliseconds. This is in contrast to the failure detection inherent in most routing protocols, which is [...]
{ 0 comments }
Undoubtedly, one of the coolest features in JUNOS is the apply-path statement. Using apply-path, an operator can configure a prefix-list which comprises IP prefixes linked to a defined path within JUNOS. This facilitates tasks like configuring firewall filters to allow traffic from configured BGP neighbors, making them highly dynamic.
For example, suppose we have the following [...]
{ 0 comments }
So it’s been a while since I’ve posted, and I’m just now getting to a point where I can start writing a bit more, not to mention feeling quite a bit more well rested after a grueling month of December. I was quite busy during the last month as I was doing last minute preparations [...]
{ 0 comments }
MPLS/BGP Provider-Provisioned VPNs, such as those proposed in RFC 4364 (formerly RFC 2547) or draft-kompella variants, suffer from some scalability issues due to the fact that all PE routers are required to have a full iBGP mesh in order to exchange VPN-IPv4 NLRI and associated VPN label information. In a modern network consisting of a large number of [...]
{ 0 comments }
IS-IS: Deployment in IP Networks
by Russ White, Alvaro Retana
Hardcover: 320 pages
Publisher: Pearson Education
ISBN-13: 978-0201657722
Better off choosing an alternative selection
As IS-IS is one of the more esoteric protocols, understood only by a few people in large scale ISP environments, I thought this book would be a welcome addition to my library as there isn’t much else [...]
{ 0 comments }
MPLS-Enabled Applications: Emerging Developments and New Technologies
by Ina Minei, Julian Lucek
Paperback: 526 pages
Publisher: Wiley
ISBN-13: 978-0470986448
Excellent coverage of VPLS, and Multicast over Layer 3 VPNs
Recently I had to work on a project which involved demonstrating Multicast over Layer 3 VPN interoperability between Cisco and Juniper. I spent several days reading through all the RFCs and working-group [...]
{ 0 comments }