Tag: Juniper

Junos: SRX Cluster Software Update

Junos: SRX Cluster Software Update

I have had the wonderful joy of performing a SRX software update and it was pretty painless so here is the procedure

  • Run the following command on each of the nodes
    • request system software add no-copy unlink
  • Once the above command has completed on all nodes complete by performing a reboot of the nodes
    • request system reboot
  • Allow the nodes to reboot and you are done!

If you are using the virtual model of the SRX appliance please ensure that you have a snapshot before performing any firmware / software updates

junosupdate

Junos: vSRX D62 Update Released

Junos: vSRX D62 Update Released

Okay the clustering bug fix has now been released please use the following links to download the update

https://download.juniper.net/cust-svc/srx/junos-vsrx-15.1X49-D62-domestic.tgz
https://download.juniper.net/cust-svc/srx/junos-vsrx-15.1X49-D62-domestic.tgz.md5

 

PR 1181269 – vSRX: Vmware interface reordering issues

PR 1201267 – High CPU % on httpd over Multiple Jweb sessions

PR 1228547 – SRX is not sending serial number to Policy Enforcer

PR 1214802 – Web Filter may crash with black or whilte lists

PR 1210689 – Anti-Malware connection failures after several RG0/RG1 failover

PR 1213584 – Reth interfaces that have only one link on one node may break sessions on failover and fail back

Junos: Hidden Commands Monitor Interface Traffic

Junos: Hidden Commands Monitor Interface Traffic

Found a useful command today that allows you to capture interface traffic and dum it into a pcap file and you can even view the content of the file within the SRX CLI

To Start Traffic Monitoring

user@srx>monitor traffic interface ge-0/0/1.0 write-file test.pcap

To View Capture File

user@srx>monitor traffic read-file test.pcap

 

 

 

Junos: Adding a new node to Chassis Cluster

Junos: Adding a new node to Chassis Cluster

Today I have been playing with the vSRX range from juniper and I had broken one of the nodes and instead of repairing the VM it was much easier to re-provision the vSRX VM and add it back into the configured cluster

So First of all spin up a new vSRX VM and run the following

# Enter Configuration Mode
Edit
# Goto Top of Configuration File
top
# Delete Entire Configuration
delete
# Add root password on the appliance
set system root-authentication plain-text-password
# Save empty configuration
Commit
# Exit to operational mode
exit
# Join node to cluster
set chassis cluster cluster-id <0-255> node <0-1>
# Perform Node Reboot
Request System Reboot

 

Once the node has rebooted check the cluster status by running the following command

show chassis cluster status