You are not connected via IPv6

Playing with BGP graceful restart on SRX

February 18, 2013

Have you ever wanted to do a transparent failover with Juniper SRX cluster firewalls? When the redundancy group 0 switch from one box to the other, the route-engine has to be restarted and all the dynamic routing protocols have to be restarted. Usually this means huge impact on the traffic… [Read more]

Filed Under Networking · Leave a Comment  

Cold ACE ?

August 13, 2012

Ever seen an ACE in standby cold state? This means the standby ACE has not been able to synchronize properly with the active ACE. It usually happen when the standby ACE is missing some certificates, keys or script files referrenced by the active ACE. This usually happen after an RMA. In that state, the ACE won’t be able to perform a stateful failover and all the sessions would be lost should a failover occur. [Read more]

Filed Under Networking · 1 Comment  

World IPv6 Launch

June 6, 2012

World IPv6 LaunchTonight, 6th of June at midnight, one year after the World IPv6 day, major Internet service providers (ISPs), home networking equipment manufacturers, and web companies around the world are coming together to permanently enable IPv6 for their products and services for the World IPv6 Launch.

One year after the World IPv6 day, our website is still IPv6 enabled. There is no reasons for us to stop the IPv6 adventure…

This Time It is For Real! Happy IPv6!

Filed Under Company news, Networking · Leave a Comment  

Playing with BGP Local-AS

May 19, 2012

In some situation you might have to change the BGP AS number used by a router. When the router peers with several other routers it is not always easy to change all the peering at the same time… Luckily you may do it one by one with the “local-as” neighbor command under bgp process.

This small article shows the different options of local-as command and their impact on the received and advertised routes. [Read more]

Filed Under Networking · Leave a Comment  

BGP between ScreenOS and IOS

October 26, 2011

There are some times where using static routing on firewalls is simply not scalable… As long as the routing is inside a trusted network, I do not see any reason to avoid dynamic routing. Juniper devices (Junos and ScreenOS) can even use virtual routers to split the routing domain into several domains. In the example here below, we will only show how to build a BGP peering between a ScreenOS cluster and two Cisco routers.

[Read more]

Filed Under Networking, Security · Leave a Comment  

Next Page »