Tag: Junos

Junos: vSRX Interface Un-Alignment Recovery

Junos: vSRX Interface Un-Alignment Recovery

Please follow the below steps to perform re-alignment of the network interfaces on the vSRX appliance this can happen if you have been using a release older than D62

How to recover.
1.Shutdown node0 and node1
2. Remove all NICs
3. Power up node0 and node1 , when it reaches config loading power off node0 and node1
4. Add 3 NIC to node0 and node 1 and power on the nodes
5.Check the cluster status , node0 and node1 should see each other and fabric link should be up and working
If you require more network interfaces to be added to your appliance please follow the KB in the link below

http://www.juniper.net/techpubs/en_US/vsrx15.1×49/topics/task/configuration/security-vsrx-vmware-adding-interfaces.html#jd0e206

If you are making changes to network firewalls ensure that you have a backup and a revert plan as a pro-cautionĀ 

Junos: SRX Cluster Software Update

Junos: SRX Cluster Software Update

I have had the wonderful joy of performing a SRX software update and it was pretty painless so here is the procedure

  • Run the following command on each of the nodes
    • request system software add no-copy unlink
  • Once the above command has completed on all nodes complete by performing a reboot of the nodes
    • request system reboot
  • Allow the nodes to reboot and you are done!

If you are using the virtual model of the SRX appliance please ensure that you have a snapshot before performing any firmware / software updates

junosupdate

Junos: vSRX D62 Update Released

Junos: vSRX D62 Update Released

Okay the clustering bug fix has now been released please use the following links to download the update

https://download.juniper.net/cust-svc/srx/junos-vsrx-15.1X49-D62-domestic.tgz
https://download.juniper.net/cust-svc/srx/junos-vsrx-15.1X49-D62-domestic.tgz.md5

 

PR 1181269 – vSRX: Vmware interface reordering issues

PR 1201267 – High CPU % on httpd over Multiple Jweb sessions

PR 1228547 – SRX is not sending serial number to Policy Enforcer

PR 1214802 – Web Filter may crash with black or whilte lists

PR 1210689 – Anti-Malware connection failures after several RG0/RG1 failover

PR 1213584 – Reth interfaces that have only one link on one node may break sessions on failover and fail back

Junos: vSRX Cluster Gremlins

Junos: vSRX Cluster Gremlins

Okay so you can probably tell from the rest of the blog I work with Junos on a regular basis and I have found a bug that has been logged with Juniper that effects there current vSRX releases upto version D60. It would only effect your SRX if you running in chassis cluster mode and what would happen is that it would fail to detect the network interfaces

Anyway Juniper have agreed that it is an issue on there virtual appliance and a work around will be released hopefully the first week of December 2016

 

Junos: Hidden Commands Monitor Interface Traffic

Junos: Hidden Commands Monitor Interface Traffic

Found a useful command today that allows you to capture interface traffic and dum it into a pcap file and you can even view the content of the file within the SRX CLI

To Start Traffic Monitoring

user@srx>monitor traffic interface ge-0/0/1.0 write-file test.pcap

To View Capture File

user@srx>monitor traffic read-file test.pcap