In this post we use both Cisco IOS and Juniper Junos config to see the difference between route-distinguishers and route-targets in MPLS VPNs. Why do we need both of them? Click here to find out!
In Part 2 of this series we look at how you make configuration changes in Junos – and how you can very easily scrap your changes without doing any damage o your network. Very clean!
This post assumes ZERO Python knowledge on your part! You don’t even need Junos knowledge: I’ll do my best to make this useful for folks of ALL skill levels. If you’ve ever wanted to learn Python, but never knew where to start… read on!
In this first part of my new series, I explain why a Junos config looks the way it does. What’s wth the curly brackets and the spacing? Click to find out!
Today we’re looking at what advantages IGMPv3 brings to the table! Give this a read to see packet captures and full config for the whole topology.
If you’re thinking about taking Juniper’s excellent Professional Enterprise exam, give this post a read – I’ve hooked you up with a ton of useful links to help you to succeed!
IGMP is a really simple protocol – but if you want to be an expert, you’ll want to know what’s happening at a packet level. That’s why in this post we have lots of fun with packet captures. If you’re studying for JNCIP or even JNCIE, you won’t want to miss this post!
This is the first in my new series of posts about multicast! In later posts we’ll focus on Junos configuration. But first, let’s get nice and comfortable with the theory. Click here to learn all about it!
Oh boy, studying for networking can be overwhelming! There’s so much to learn, and so little time. If you feel that way, hopefully some of the tips in this post will help you to study smart, not hard.
Hey there: this is part 3 in my series on hub-and-spoke MPLS VPNs! In this post we see the dangers of commands like as-override and independent-domain – and then, we see how to fix the problems they cause. Strap in!
There’s a few different ways of configuring a hub-and-spoke MPLS VPN. In this blog post we learn all about the “one interface” approach. Whether you’re an architect or a student of the JNCIE, you’ll want to know this one inside out!
Hub-and-Spoke VPNs work a little differently than your regular full-mesh MPLS VPN. Want to learn the extra config required for this unique topology? Then click this post for some good learning!
TERMINATING ACTIONS IN JUNOS ROUTING POLICY (Sample Chapter from Juniper’s Ambassadors Cookbook 2019)
Routing policy in Junos can be a little confusing for beginners – but when it clicks, you’ll see that you can do some truly powerful stuff! Give this post a read to learn all about it!
INTERPROVIDER OPTION C, ON JUNIPER JUNOS ROUTERS – PART 3: USING RSVP, AND PUTTING BGP-LU INTO INET.0
In this third and final post on Interprovider Option C, we replace LDP with RSVP. Plus, we see the impact of putting BGP-LU in Juniper’s inet.0 table. Put your science hat on, and click here!
INTERPROVIDER OPTION C, ON JUNIPER JUNOS ROUTERS – PART 2: THE THREE LABEL STACK, AND THE USE CASE VS OPTION B
In Part 2 of this series we take a look at the label stack in Interprovider Option C. Plus, we look at the use case, and compare it to Option B. Plus: win a trillion pounds! (Not true)
INTERPROVIDER OPTION C, ON JUNIPER JUNOS ROUTERS – PART 1: CONFIGURATION WITH LDP (INCLUDES FULL TOPOLOGY CONFIG!) (JNCIP-SP, JNCIE-SP)
The first in a three-part series explaining Interprovider Option C on Juniper routers! In this post: what is it, and how is it configured? Click here to obtain that 420-69 IQ you’ve always dreamed of.
Traceroute seems such an obvious tool. Who would ever have thought there were so many gotchas? Give this post a read to learn a new one you probably didn’t know!
BGP Labeled-Unicast is the key to making Interprovider Option C work. So, before we learn how to use Option C to extend an MPLS VPn between two ISPs, let’s learn all about this interesting address family. And if you like, we can even hold hands while we learn!
INTERPROVIDER OPTION B, ON JUNIPER JUNOS ROUTERS (INCLUDES FULL TOPOLOGY CONFIG!) (JNCIP-SP, JNCIE-SP)
Let’s learn how to stretch an MPLS VPN between ISPs using a thing called “Option B”. It involves a little bit of trust between the ISPs – but as we’ll see, it greatly reduces the complexity in configuration!
INTERPROVIDER OPTION A, ON JUNIPER JUNOS ROUTERS (INCLUDES FULL TOPOLOGY CONFIG!) (JNCIP-SP, JNCIE-SP)
Ever wondered whether it’s possible to stretch an MPLS VPN across two ISPs? Well, indeed it is! In fact, there’s three ways to do it, and in this post we learn all about the method officially known as “Option A”.
Hey there: you smell good! That’s probably because you just read Part 1 of this two-part blog post, where we learned all about BGP communities, and how route-targets are used in MPLS VPNs. Well, now you know the theory, let’s look at a problem ticket. Click here to read Part 2!
I fixed a ticket recently that I wanted to share with you, because it hits on three big topics at once: BGP communities, MPLS VPNs, and Junos routing policy. In this first of two posts, we’re going to learn about the theory. Click here to read all about BGP communities!
(DISCLAIMER: This blog post was written at the end of 2018, and was accurate to the JNCIA-Cloud syllabus at the
If you’re thinking about taking Juniper’s excellent Service Provider exam, give this a read – I’ve hooked you up with a ton of useful links!
Regular readers of this blog probably see me as an extremely clever, flawless hunk who knows a lot, never makes mistakes, and is traditionally handsome but with a modern style. And of course, you’re not wrong. Except, here’s the twist: you’re dead wrong.
This is a post about the different ways, and reasons why, we might move prefixes between the inet.3 and inet.0 tables on a Juniper router. You know: like George Clooney does in his spare time. Probably. Don’t look that up.
In this first of a two-part post, I’m going to take you on a magical journey. And by “take you on a magical journey” I mean “teach you what the inet.3 table does on a Juniper router.” Which is basically the same thing as a magical journey, right?
Network engineers often find they need a way to test something, and then take some action if that test fails. Well, you can do these tests oh-so-easily in Junos with a thing called Real-Time Performance Monitoring. RPM is what “other vendors” might call IP SLA. How do they work? Good question, Andrew! Let’s find out.
Imagine a user who says they’re only able to access even-numbered IPs in a destination subnet. “Help!”, they say. “I can’t leave the office until this is fixed, and I need to leave now because my seven large sons require their tri-daily feed of protein shakes. They will whither and die unless I nourish them immediately. The fate of my powerful sons is in your hands, and yours alone.” This exact problem came in to us recently. Well, apart from the bit about the large sons.
This is the third and final part of my whistle-stop tour of IS-IS, for people studying for their Juniper JNCIS-SP and JNCIS-ENT exams. In this post, we learn how to troubleshoot IS-IS. Are you wearing your safety hat? Then, let’s go!
In Part 2 we take a deeper-dive into IS-IS. We do packet captures of LSAs, we look at the metrics, the Designated Intermediate-System, and we even explore our feelings together, so that we can finally find inner-peace with ourselves. Great!!!
Here’s the first of our three-part beginners guide to IS-IS. We’ll compare it to OSPF; we’ll talk about Level 1 and Level 2; we’ll explain the bizarre addressing system; we’ll look at a basic config, and we’ll talk about why Googling for IS-IS is very different from Googling for ISIS.
In the 90s, the big fashion was Tamagotchis. In 2017 it was fidget spinners. And of course, in 2018 there’s only one trend on everyone’s lips: route summarisation. In Junos there’s three ways to summarise routes. Want to know what they are? Well gosh damn, you’ve come to the right place!
Want to learn how to configure Chassis Cluster, which lets you configure high-availability failover on Juniper firewalls? Good luck with the official documentation – it weighs in at precisely 638 pages long. 638 pages! That’s the length of two good books! Or one badly edited one. Anyway, this article is my attempt at boiling those 638 pages down into something a bit more manageable. You can thank me by emailing me £700,000.
When I first heard that OSPFv3 introduced even more link-state advertisement (LSA) types, I despaired. As if the original seven didn’t take us long enough to memorise! Then I actually learned what they do – and honestly, it’s hard to imagine why we ever did it any differently. Let’s learn about them together!
There’s two handy Cisco troubleshooting tips I’ve learnt during my time as a network engineer. The first is to just ignore a problem and go to the pub. The other tip is the debug condition command, which helps you to troubleshoot by limiting debug messages to certain interfaces, IP addresses, MAC addresses, and a whole lot more.
Big-ups to the designers of OSPF for giving very similar names to two totally different things. In this post, we clarify the difference between stub areas and stub networks.
When you’re first getting to grips with your router’s OSPF database, you might see mention of something called a “stub network”. And let me tell you: never before have I seen a phrase so clumsily defined. Let’s take a look, and find out what a stub network actually is.
Stub areas are a very easy concept to understand, but it comes with a ton of specific jargon that can make it super-daunting. So, in this post I’ll take time to explain these concepts, and to define just enough jargon to make you feel like you’re part of the elite. We’ll take it slow, like new lovers, or someone cooking an expensive turkey.
When you’re configuring a router for IPv6, what subnet mask should you use on your point-to-point links?
I’ve seen some people use /64s, I’ve seen other people using /127s – and even subnet masks in between. Do any of these people know what they’re doing? Almost certainly not. But hey, that doesn’t mean we can’t work out the pros and cons of both subnet masks – because it turns out that the question of which one to use is actually a bit tricky.