source system services from a routing instance

Let me start with couple of statements that would explain the issue in broader terms. JUNOS is system based on fairly old version of FreeBSD UNIX (I think something like version 4.X). The BSD serves as the underlying layer for services that run like daemons on top of the OS. This is great for many reasons as you can do thing like separate various functions completely in daemons. Or you can use some existing BSD packages without much work allowing for faster implementation of needed features. Also BSD in general is quite good for for the way it treats the kernel/network stack (which is different from Linux). So how does this look like? In the traditional JUNOS the logic would be something like this: read more

SLA probe IP-monitoring default route withdrawal

When an SRX is your wan facing router/firewall you might want to continuously test your connectivity. That is when the RPM probes do come in handy. The RPM probes are very similar to ip-sla from cisco but way more limited. On their own they just provide statistics which is nice but not very helpful. Juniper also has a feature called ip-monitoring that works in conjunction with the rpm probes and can take a result of an rpm probe and take some action on it. read more

ex3300 – removing virtual chassis (autobonding)

The ex3300 has a feature out of the box  which is that specific ports are by default used for virtual chassis function. This might be handy in some situations but most of the time it is annoying and bit obscure. This short article will explain how to disable this feature completely and permanently. read more

DHCP option 82 and DHCP relay

I was actually playing with DHCP relay and what I did find out is kind of interesting. For what is DHCP relay look for rfc3046 .
In short it is when the client sends a DHCP a broadcast message (discover) some device  – usually the switch that is the client directly connected to – intercepts the packet and sends a unicast discover instead of it to remote server over L3. The advantage is that the amount of boadcasts in the networks drops and secondly the DHCP server can be in different subnet. This is great because you can now use centralised dhcp server for all networks. read more

Unlocking cisco devices for unsupported SFPs

Cisco as well as many other vendors locks their equipment to only work with their own branded SFPs. The problem is that none of the big vendors actually manufactures the modules themselves – they use 3rd parties like avago or finisar. This extremely shameful practice is wide spread so almost everyone does this – Cisco, Juniper, Brocade or NetApp all are guilty of this. One issue is price – the aforementioned companies are willing to ask you 10 or even 100 times more for a branded sfp under the pretense of supportability.  read more