Welcome to Next Header

A networker's blog

Proxy ARP on Junos

In this post I will discuss about Proxy ARP feature on Junos, more exactly on EX4200 platform. When a host sends an ARP Request to a switch configured with Proxy ARP, the switch send its own MAC address to resolve the ARP for the destination host and the source host starts to used the switch… Keep reading »

Short Reach Mode on QFX5100-48T

In this post I will discuss about short reach mode feature that is present on QFX5100-48T platform. QFX5100-48T-6Q platform has 48 10BASE-T ports and 6 QSFP+ ports. The short reach mode feature allows to save up to 5W of power usage in case it is activated on the 10BASE-T ports that use cables that are… Keep reading »

Recovery installation on EX9200

The recovery installation is used to restore the factory default installation in case the device software gets corrupted. Once the software gets restored, the device will have the default configuration and it will be needed to either recreate manually the configuration that was running on the device prior the software corruption or to use a… Keep reading »

Health monitoring of hard drives in Juniper switches and routers

The are two ways to monitor the health of HDD in Junos: Using Self-Monitoring Analysis and Reporting Technology (SMART) system Using iostat Using the SMART system, HDDs incorporate a suite of advanced diagnostics that monitor the internal operations of a drive and provide an early warning for many types of potential problems. The SMART system… Keep reading »

Workaround to enable DHCP Snooping in Juniper ELS CLI

DHCP Snooping allows a network device to monitor the DHCP messages received from untrusted devices connected to the network device. The DHCP Snooping is enabled per VLAN and the router or the switch where DHCP snooping is enabled checks the DHCP messages received from untrusted devices from that VLAN and builds the DHCP snooping database… Keep reading »

Virtual Chassis Fabric – Part II – Control and Forwarding Plane

In the Virtual Chassis Fabric – Part I – Overview we saw the high level details of VCF technology proposed by Juniper for small to mid-size datacenter. In this post we are going to discuss about the control and forwarding planes of VCF. The strong ties between forwarding plane and its discovery mechanism and the… Keep reading »

Virtual Chassis Fabric – Part I – Overview

In this post I will cover the basics of Virtual Chassis Fabric technology that Juniper recommends to deploy small and medium-sized datacenters. Virtual Chassis Fabric(VCF) allows to build a plug-and-play Ethernet fabric that scales up to 32 members and provides deterministic latency and over-subscription with an internal 3-stage Clos topology. A VCF is constructed using… Keep reading »

Link aggregation between Juniper and Linux

I had recently to configure link aggregation between a Linux host and a Juniper device. On Linux this is called bonding and the logical interface is usually called bondX. On Juniper this is called link aggregation and the logical interface is called aggregated ethernet, aeX. For this example I used Ubuntu and based on the… Keep reading »

MACsec on Linux

Starting with kernel 4.6, support for MACsec has been added in Linux so it won’t be needed to use a release candidate to test this feature. There are two ways to implement MACsec: manually configure secure channel(SC), security association(SA) and the keys(this is what we are going to see) use dot1x with MACsec extensions that… Keep reading »

MACsec over l2circuit

In two older posts, Media Access Control Security(MACsec IEEE 802.1AE) – static secure association keys and Media Access Control Security(MACsec IEEE 802.1AE) – static connectivity association key we saw how you can configure MACsec on EX4550 switches. In both examples, the two devices where MACsec was configured were directly connected. But what happens when you… Keep reading »