Jump to content


15
[Offer]

VSRX / Firefly



127 replies to this topic

#15 teamhardcore

teamhardcore

    Junior Member

  • Members
  • PipPip
  • 7 posts
  • 114 thanks

Posted 31 July 2013 - 08:49 AM

vsphere + junosv firefly's license is not cheap at all for production.

http://www.macmall.com/p/Juniper-Networks-Network-Software-Licensing/product~dpno~9539032~pdp.ibffggb

Thanked by 2 Members:
noobboon , eloobaby

#16 NetworkRambo

NetworkRambo

    Juniper TE

  • Technical Expert
  • PipPipPip
  • 142 posts
  • 4442 thanks
  • LocationInsane in the brain

Posted 31 July 2013 - 09:05 AM

For that kind of money you have the real stuff with guaranteed performance and without risk of creating problems for the rest of ur vhosts...
We are not even talking about the esx license... Also the interfaces that you have or would need... ASIC off-loading. Cp protection.

So many things...

Its a nice move and a certainly nice in junosphere, but lets be realistic. Who is going to pay this?

Cheers,j.

#17 shamc

shamc

    Junior Member

  • Members
  • PipPip
  • 1 posts
  • 9 thanks

Posted 01 August 2013 - 09:47 AM

thanks for sharing. do you have the documentation and release notes?

http://www.juniper.net/support/downloads/?p=firefly#docs

#18 NetworkRambo

NetworkRambo

    Juniper TE

  • Technical Expert
  • PipPipPip
  • 142 posts
  • 4442 thanks
  • LocationInsane in the brain

Posted 01 August 2013 - 09:49 AM

Am i like a nanny? :-p :-)  standard srx And release notes can be found and have been posted already for that matter...


#19 holodec

holodec

    Newbie

  • Members
  • Pip
  • 0 posts
  • 161 thanks

Posted 01 August 2013 - 01:24 PM

Anyway it`s interesting to read RN about this D20 release. Probably they added logical-systems support? :)

#20 r2d2

r2d2

    Advanced Member

  • Members
  • PipPipPip
  • 125 posts
  • 2019 thanks

Posted 02 August 2013 - 01:14 PM

that VM support MPLS ?

#21 tembit

tembit

    Member

  • Members
  • PipPip
  • 15 posts
  • 46 thanks

Posted 02 August 2013 - 01:38 PM

View Postr2d2, on 02 August 2013 - 01:14 PM, said:

that VM support MPLS ?

No, sadly it does not. That said it supports both l2circuits and l2vpns with ethernet-ccc and vlan-ccc encapsulation. l2vpns will get you close config-wise, as it uses BGP signalling, but you're stuck stiching them together if you want to emulate an E-LAN or E-TREE topology.

Thanked by 2 Members:
eloobaby , r2d2

#22 tembit

tembit

    Member

  • Members
  • PipPip
  • 15 posts
  • 46 thanks

Posted 02 August 2013 - 02:11 PM

Just noticed that they released 12.1X44-D20 on 29/7. Anybody able to find the release notes?

Thanked by 1 Member:
eloobaby

#23 Feb

Feb

    Member

  • Members
  • PipPip
  • 42 posts
  • 3500 thanks

Posted 03 August 2013 - 04:44 AM

having tried but still cannot make communication between image instance, communication between host and vm is ok, but how do we create connection between instances?, i assign same vmnet on ge-0/0/1.0 also tries vlan-tagging and assign particular vlan but no luck, still can not communicate each other, any clue?

Thanked by 1 Member:
eloobaby

#24 NetworkRambo

NetworkRambo

    Juniper TE

  • Technical Expert
  • PipPipPip
  • 142 posts
  • 4442 thanks
  • LocationInsane in the brain

Posted 03 August 2013 - 01:14 PM

It should be straightforward, really.  in VMware i just create additional LAN segement and use them to interconnect devices. You might want to try with a trial version just to be sure that there's no other problem on ur pc.
When adding interfaces, don't forget to restart your VM's.... Also, if you change segmens on interfaces... make sure that you reboot the vm's...(sounds stupid, but yeah, mistakes happen ;-)

Cheers,
J.

#25 Feb

Feb

    Member

  • Members
  • PipPip
  • 42 posts
  • 3500 thanks

Posted 04 August 2013 - 07:29 AM

no luck, had tried with either vlan segments or vmnet, i used vmware 9 on win 7, also did l2vpn works on this image?

Thanks

#26 NetworkRambo

NetworkRambo

    Juniper TE

  • Technical Expert
  • PipPipPip
  • 142 posts
  • 4442 thanks
  • LocationInsane in the brain

Posted 04 August 2013 - 08:24 AM

Sorry to hear

Do you have an Intel NIC (i know it's emulation, but maybe ne needs to detect something anyways...)

A few posts above there's an answer to that ;-)

#27 teamhardcore

teamhardcore

    Junior Member

  • Members
  • PipPip
  • 7 posts
  • 114 thanks

Posted 04 August 2013 - 09:03 AM

View PostFeb, on 03 August 2013 - 04:44 AM, said:

having tried but still cannot make communication between image instance, communication between host and vm is ok, but how do we create connection between instances?, i assign same vmnet on ge-0/0/1.0 also tries vlan-tagging and assign particular vlan but no luck, still can not communicate each other, any clue?

Can you show us the output of "show | display set"?

Thanked by 2 Members:
eloobaby , Feb

#28 Feb

Feb

    Member

  • Members
  • PipPip
  • 42 posts
  • 3500 thanks

Posted 04 August 2013 - 03:57 PM

View Postteamhardcore, on 04 August 2013 - 09:03 AM, said:

Can you show us the output of "show | display set"?

R1 ge-0/0/1.0 - vlan_segments - R2 ge0/0/1.0
R1 ge-0/0/0.0 dhcp & R2 ge-0/0/0.0 dhcp bridged to connect to physical networks

host -> R1 ok
host -> R2 ok

R1 -> R2 not ok

[email protected]> show route

inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0   *[Access-internal/12] 00:03:08
    > to 192.168.0.1 via ge-0/0/0.0
10.10.10.0/30   *[Direct/0] 00:03:11
    > via ge-0/0/1.0
10.10.10.1/32   *[Local/0] 00:03:11
  Local via ge-0/0/1.0
192.168.0.0/24 *[Direct/0] 00:08:28
    > via ge-0/0/0.0
192.168.0.123/32   *[Local/0] 00:08:28
  Local via ge-0/0/0.0



[email protected]> show route

inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0   *[Access-internal/12] 00:03:00
    > to 192.168.0.1 via ge-0/0/0.0
10.10.10.0/30   *[Direct/0] 00:03:02
    > via ge-0/0/1.0
10.10.10.2/32   *[Local/0] 00:03:02
  Local via ge-0/0/1.0
192.168.0.0/24 *[Direct/0] 00:08:30
    > via ge-0/0/0.0
192.168.0.124/32   *[Local/0] 00:08:30
  Local via ge-0/0/0.0


[email protected]> ping 10.10.10.2 rapid
PING 10.10.10.2 (10.10.10.2): 56 data bytes
.....
--- 10.10.10.2 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss

[email protected]> ping 192.168.0.124 rapid
PING 192.168.0.124 (192.168.0.124): 56 data bytes
.....
--- 192.168.0.124 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss


[email protected]> ping 10.10.10.1 rapid
PING 10.10.10.1 (10.10.10.1): 56 data bytes
.....
--- 10.10.10.1 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss

[email protected]> ping 192.168.0.123 rapid
PING 192.168.0.123 (192.168.0.123): 56 data bytes
.....
--- 192.168.0.123 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss

my ethernet adapter is : Intel® 82579LM Gigabit Network Connection



thank you

[email protected]> show configuration | display set
set version 12.1X44.4
set system host-name R1
set system root-authentication encrypted-password "$1$QlqgGewy$J0agH4CVhJZ5eeghAax1R0"
set system services ssh
set system services web-management http interface ge-0/0/0.0
set system syslog user * any emergency
set system syslog file messages any any
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
set interfaces ge-0/0/0 unit 0 family inet dhcp
set interfaces ge-0/0/1 unit 0 family inet address 10.10.10.1/30
set security screen ids-option untrust-screen icmp ping-death
set security screen ids-option untrust-screen ip source-route-option
set security screen ids-option untrust-screen ip tear-drop
set security screen ids-option untrust-screen tcp syn-flood alarm-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood attack-threshold 200
set security screen ids-option untrust-screen tcp syn-flood source-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood destination-threshold 2048
set security screen ids-option untrust-screen tcp syn-flood queue-size 2000
set security screen ids-option untrust-screen tcp syn-flood timeout 20
set security screen ids-option untrust-screen tcp land
set security policies from-zone trust to-zone trust policy default-permit match source-address any
set security policies from-zone trust to-zone trust policy default-permit match destination-address any
set security policies from-zone trust to-zone trust policy default-permit match application any
set security policies from-zone trust to-zone trust policy default-permit then permit
set security policies from-zone trust to-zone untrust policy default-permit match source-address any
set security policies from-zone trust to-zone untrust policy default-permit match destination-address any
set security policies from-zone trust to-zone untrust policy default-permit match application any
set security policies from-zone trust to-zone untrust policy default-permit then permit
set security policies from-zone untrust to-zone trust policy default-deny match source-address any
set security policies from-zone untrust to-zone trust policy default-deny match destination-address any
set security policies from-zone untrust to-zone trust policy default-deny match application any
set security policies from-zone untrust to-zone trust policy default-deny then deny
set security zones security-zone trust tcp-rst
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services http
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services https
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services ssh
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services telnet
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services dhcp
set security zones security-zone untrust screen untrust-screen



[email protected]> show configuration | display set
set version 12.1X44.4
set system host-name R2
set system root-authentication encrypted-password "$1$.ouPncKi$sq1nsANKhn5VQsz3XfhLv1"
set system services ssh
set system services web-management http interface ge-0/0/0.0
set system syslog user * any emergency
set system syslog file messages any any
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system license autoupdate url https://ae1.juniper.net/junos/key_retrieval
set interfaces ge-0/0/0 unit 0 family inet dhcp
set interfaces ge-0/0/1 unit 0 family inet address 10.10.10.2/30
set security screen ids-option untrust-screen icmp ping-death
set security screen ids-option untrust-screen ip source-route-option
set security screen ids-option untrust-screen ip tear-drop
set security screen ids-option untrust-screen tcp syn-flood alarm-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood attack-threshold 200
set security screen ids-option untrust-screen tcp syn-flood source-threshold 1024
set security screen ids-option untrust-screen tcp syn-flood destination-threshold 2048
set security screen ids-option untrust-screen tcp syn-flood queue-size 2000
set security screen ids-option untrust-screen tcp syn-flood timeout 20
set security screen ids-option untrust-screen tcp land
set security policies from-zone trust to-zone trust policy default-permit match source-address any
set security policies from-zone trust to-zone trust policy default-permit match destination-address any
set security policies from-zone trust to-zone trust policy default-permit match application any
set security policies from-zone trust to-zone trust policy default-permit then permit
set security policies from-zone trust to-zone untrust policy default-permit match source-address any
set security policies from-zone trust to-zone untrust policy default-permit match destination-address any
set security policies from-zone trust to-zone untrust policy default-permit match application any
set security policies from-zone trust to-zone untrust policy default-permit then permit
set security policies from-zone untrust to-zone trust policy default-deny match source-address any
set security policies from-zone untrust to-zone trust policy default-deny match destination-address any
set security policies from-zone untrust to-zone trust policy default-deny match application any
set security policies from-zone untrust to-zone trust policy default-deny then deny
set security zones security-zone trust tcp-rst
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services http
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services https
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services ssh
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services telnet
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services dhcp
set security zones security-zone untrust screen untrust-screen

Thanked by 1 Member:
eloobaby



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

Organization

Community

Downloads

Test Providers

Site Info


Go to top