Posts
I've been working and interacting with IBM Tunisia during a VOIP migration project. I'm responsible for LAN segmentation into VLANs. The equipement is mainly Nortel switches and few cisco ones.
I learned that, since they are a Cisco Gold partner, they have unlimited access to online cisco labs. A guy told me he uses these labs for his CCNP preparation and client testing.
Well, I'm not a Cisco partner. And I don't have online cisco lab time. But there's always a way to do things, thanks to the community out there :)
Saturday, July 11, 2009
Saturday, June 6, 2009
A Simple BGP Traceoptions
#set protocols bgp traceoptions file bgp
#set protocols bgp traceptions flag update detail
#set protocols bgp traceptions flag keepalive detail
#set protocols bgp traceptions flag open detail
Now in normal operation, we should only see keepalives:
Then I issued a clear bgp neighbor and that led to sending Notification messages:
Then we receive the OPEN messages:
Basic ATM Interface Configuration
I thought ATM interfaces are configured just like any other juniper interface. How stupid I was :)
I got this error message:
So JUNOS needs us to specify the ATM PIC type and the VPI/VCI number.
Configuring the ATM PIC Type
#set atm-options pic-type atm2
Configuring the VPI
#set atm-options vpi 0
Configuring the VCI
#set unit 100 vci 100
I chose the VCI number identical to the unit number; it's just a best-practice.
Configuring the IP address
#set unit 100 family inet address 10.0.16.2/24
and don't forget to commit.
I got this error message:
So JUNOS needs us to specify the ATM PIC type and the VPI/VCI number.
Configuring the ATM PIC Type
#set atm-options pic-type atm2
Configuring the VPI
#set atm-options vpi 0
Configuring the VCI
#set unit 100 vci 100
I chose the VCI number identical to the unit number; it's just a best-practice.
Configuring the IP address
#set unit 100 family inet address 10.0.16.2/24
and don't forget to commit.
CJNR Ended.
All I can say is that 5 days aren't enough. Juniper should reconsider the necessary time for the CJNR course. There are lots of knowledge to cover. Labs take a considerable amount of time if you want to assimilate the steps and not only copy what's requested.
We didn't cover the multicast course as we ran out of time. I need to study BGP, routing policy, multicast and firewall filter by myself.
We didn't cover the multicast course as we ran out of time. I need to study BGP, routing policy, multicast and firewall filter by myself.
Thursday, June 4, 2009
Default Routing Policy
import = receive into routing table
export = send to neighbors, or, redistribute (or not).
OSPF
------
Default import policy: accept all OSPF routes from neighbors
Default export policy: advertise all direct routes (including loopback interfaces).
Here's an example to illustrate it.
Dubai learned the 15.15.15.15/32 route through OSPF from Tokyo. In fact, the default export policy in Tokyo is to advertise its direct routes, one of which is 15.15.15.15/32.
The default export policy on Dubai is to export all direct routes.
Then MontReal learned 15.15.15.15/32 from Dubai, because the default import policy is to accept any OSPF routes.
Wait a minute, 15.15.15.15/32 is not a direct route in Dubai. So how does Dubai advertise it to MontReal?
I found the answer to it in JUNOS Enterprise Routing book. It says :
"The default LS export policy is to reject everything. LSA flooding is not affected by
export policy, and it is used to convey routing in an indirect manner in an LS proto-
col. The result of this flooding is the advertisement of local interfaces that are
enabled to run OSPF, as well as the readvertisement (flooding) of LSAs received from
other routers."
"As well as the readvertisement of LSAs received from other routers". This is the explanation.
So Dubai learned te 15.15.15.15/32 route from Tokyo, then reflooded it (as an LSA) to MontReal. And the default policy couldn't stop that :)
So in the figure, 15.15.15.15/32 along with other routes, are flooded to MontReal despite the default policy.
To sum up:
OSPF inbound behaviour: accept all OSPF routes from neighbors
OSPF outbound behaviour: advertise direct routes(=default policy)+advertise OSPF-learned routes
export = send to neighbors, or, redistribute (or not).
OSPF
------
Default import policy: accept all OSPF routes from neighbors
Default export policy: advertise all direct routes (including loopback interfaces).
Here's an example to illustrate it.
Dubai learned the 15.15.15.15/32 route through OSPF from Tokyo. In fact, the default export policy in Tokyo is to advertise its direct routes, one of which is 15.15.15.15/32.
The default export policy on Dubai is to export all direct routes.
Then MontReal learned 15.15.15.15/32 from Dubai, because the default import policy is to accept any OSPF routes.
Wait a minute, 15.15.15.15/32 is not a direct route in Dubai. So how does Dubai advertise it to MontReal?
I found the answer to it in JUNOS Enterprise Routing book. It says :
"The default LS export policy is to reject everything. LSA flooding is not affected by
export policy, and it is used to convey routing in an indirect manner in an LS proto-
col. The result of this flooding is the advertisement of local interfaces that are
enabled to run OSPF, as well as the readvertisement (flooding) of LSAs received from
other routers."
"As well as the readvertisement of LSAs received from other routers". This is the explanation.
So Dubai learned te 15.15.15.15/32 route from Tokyo, then reflooded it (as an LSA) to MontReal. And the default policy couldn't stop that :)
So in the figure, 15.15.15.15/32 along with other routes, are flooded to MontReal despite the default policy.
To sum up:
OSPF inbound behaviour: accept all OSPF routes from neighbors
OSPF outbound behaviour: advertise direct routes(=default policy)+advertise OSPF-learned routes
Monday, June 1, 2009
CJNR Begins
Tomorrow I'll begin my CJNR training. I'd rather consider it as my "reintegration into the company". Our instructor will be a JNCIP from Twine Networks.
This will be good.
This will be good.
Sunday, May 31, 2009
One Year and An Evaluation
It's been a year since I've been designated by my company as a resident network administrator within UBCI BNPParibas bank, which is one of my company's favourite clients.
This one year was:
- one year of improving social skills,
- almost 7 monthes of learning,
- 9 monthes of eating lunch outdoors,
- 4 monthes of wearing suits :)
- 3 monthes of absolute boredom and routine,
- 3 weeks of anxiety.
Overall, I was satisfied. I discovered how networking fits into business. I interacted with Packaging team, Systems team, Computer Support team, directors and learned how to talk to different categories of people within the bank.
However, I still feel that I can do and give better. I'm a person who's very influenced by the level of its collegues at work. So when my collegues are competent, I do my better to become one too. But if they're not, I lack motivation to get better.
Let's hope the better is to come.
This one year was:
- one year of improving social skills,
- almost 7 monthes of learning,
- 9 monthes of eating lunch outdoors,
- 4 monthes of wearing suits :)
- 3 monthes of absolute boredom and routine,
- 3 weeks of anxiety.
Overall, I was satisfied. I discovered how networking fits into business. I interacted with Packaging team, Systems team, Computer Support team, directors and learned how to talk to different categories of people within the bank.
However, I still feel that I can do and give better. I'm a person who's very influenced by the level of its collegues at work. So when my collegues are competent, I do my better to become one too. But if they're not, I lack motivation to get better.
Let's hope the better is to come.
Subscribe to:
Posts (Atom)