I’ll keep this one simple and put here two schemas that I found on the Internet for the concept of redo and undo logs in Oracle. I don’t know about other people but I work must easier with schemas and a few words rather than 100 pages long documents filled with just text.

Continue reading

What this is? Pretty simple…Juniper started off automating stuff via SLAX, something that did not get too much traction and then Python took the lead in front of it. It is an XML/Xpath based language and for simple things you can find it pretty useful and not so complicated to learn. What the script below does is effectively enabling a MIC upon its insertion into an MX5. Previously someone from operations would have to go manually on the device and enable it.

Continue reading

Scapy - examples / usage

A customer asked me at some point if we could evaluate how the CoPP DDOS automated filters on a Juniper MX are triggered and how fast they respond to different types of packets. As such I needed to craft custom traffic. I was not very good at coming up with it for Ostinato or Spirent so I used Scapy to craft the packet. Afterward I took the packet hexdump and input it into Spirent / Ostinato as what the streams from there should generate (that hexdump has indeed all data needed, source/dst addresses included which meant of course that it needs to match what Spirent thinks it has on the interface facing the Juniper device).

Examples of generated packets:

  • OSPFv3 IPSEC Encrypted Packets
  • BGP Open Packet
  • BGP IPv6 Open Packet
  • IPSEC ESP Packet
  • BGP Update Packet
  • ICMP Echo Request
  • BFD echo

Continue reading

A current customer test desired to see how well the AVI Load Balancer scales and as such they used Ixia BreakingPoint to determine the behavior. The point was to see when exactly the AVI Controller tells Openstack to spawn a new Instance of an AVI SE (Avi Load Balancer VM that holds a VIP and pool members reachable behind it) and how this process goes.

Following setups were tested:

  • AVI LB VMs doing BGP (BGPaaS) with the Contrail vRouter and announcing VIPs
  • AVI Controller being configured to spawn AVI SEs / LB VMs but using the inbuilt ECMP/AAP features of Contrail (yes, if you are asking yourselves, the VIP does not have to be from the same subnet as the AVI LB directly connected one to the vRouter)
  • AVI LB VMs doing BGP Multihop with the SDN GW inside a VRF (this means that the SDN GW learns the prefixes and reuses the same LSP/label for transport/VPN as it already has for the directly connected IP of the AVI LB VM that originated the prefix)

Continue reading

Have you ever found yourself in a strange situation where:

  • you had a Juniper device with a factory default JunOS
  • it came with no-export version -> just telnet available, no SSH
  • you have the fxp0 or em0 interface configured for remote access
  • you do not have the device next to you and need to upgrade its software so that you can finally have full functionality and SSH?

Let’s say that with a big of creativity you can always find a way in. Here we go:

Continue reading

Sometimes it may happen that when you look in Contrail at the interfaces on a vRouter (on a Compute host) that some of them appear down. This you can also see on the Compute Node itself with vif –list. There can be some leftovers and this is the way to clean them up:

Continue reading

Sometimes when playing in the Contrail GUI (eg. with EVPN-VXLAN settings via the Router object) you might trigger some problems with the objects in the internal contrail api database and then end up in an inconsistent state. This article aims at showing a simple way of cleaning that one up (in my case changing the VNI triggered a bug).

Continue reading

Author's picture

Mihai Tanasescu

All Rounder and Jack of all trades (master of none? :) ).
Sailing the Cloud world with my fantastic team@Aviatrix, former Network, Systems Engineer (Cisco, Juniper, Linux, Openshift, Openstack).
A flavor of Security added to the mix (Offensive Security OSCE).
If there’s anything new and cool, then I like to learn about it. I’m also a fan of deep diving under the hood of a product to see what makes it tick as well as what breaks it.

Solutions Architect @ Aviatrix

Switzerland