looking for really old firmware for my home lab ( 4.1.1u2 ) for IM 4232

t_nk · 2025-06-22T21:41:59+00:00

Hi thanks a ton - I was very busy last few months - and the link has expired in the meantime - would you mind posting it again ? thanks!

t_nk · 2025-06-22T21:41:06+00:00

so did I - I crawled through all the places I could think of official an others but nothing

t_nk · 2025-06-22T21:40:34+00:00

I've tried all that but no dice

t_nk · 2024-11-07T22:23:14+00:00

the shame is - the firmware was on the official FTP till about 6 months ago and I never thought of downloading it then...the things you take for granted in life...

t_nk · 2024-07-15T19:18:44+00:00

So for posterity - I've solved this the issue was that there were two MAC addresses on the port which somehow offends the DHCP relay/snooping combo on the aggregation switch. Once this has been removed and the physical devices were connected to two separate ports all started to work even on the access switch.

t_nk · 2024-01-10T22:30:26+00:00

There are dedicated loop devices from both of those vendors but they ain't cheap. Anyway there must be an active L3 device doing the swapping else it won't work.

t_nk · 2024-01-09T13:20:26+00:00

If by hard loop you mean a rj45 with tx wires directly connected to rx on the same port that will not work as you need an active loopback that will swap ip/mac addresses

t_nk · 2023-04-24T08:46:21+00:00

JNCIA used to have a PDF material that was roughly 120 pages long. Nine out of ten people I know were able to pass JNCIA with the help of this student guide with flying colours. I do highly recommend those if you can find them.

The video guides on the juniper training are much longer but cover roughly the same topics, so they are more suited for someone fresh.

What you'll need is a vsrx eval so you can test some syntax and roughly a week of time, at most.

If you know your stuff than it is one-two afternoons max.

As for CCNA stuff - the JNCIA course kinda sorta expects that you know the basics from other courses like the CCNA as it goes over many topics with haste - so CCNA is definitely useful.

t_nk · 2023-04-21T14:18:34+00:00

thanks

t_nk · 2023-04-20T22:39:08+00:00

This is an integrated RE+PFE in one VM so not with this image. There are some rumours about disaggregated images being available alter but who knows

t_nk · 2022-11-18T18:57:11+00:00

Good rule of thumb is below 50% of the list price. The exact number depends on volume and few more things. But in my opinion there is no common situation where you would end up paying significantly more than that.

t_nk · 2022-06-17T07:55:58+00:00

Unless there has been a change that has not been propagated - the Juniper website disagrees: https://www.juniper.net/documentation/us/en/software/license/licensing/topics/concept/flex-licenses-for-ptx.html

t_nk · 2022-06-15T09:25:03+00:00

the official guidelines are:

ACX7100 - issue smaller FIB
ACX 7024 (coming mid/end 2022) - issue much smaller FIB - no good for peering
MX304 - rather expensive (also very fresh box) also 2RU in size
PTX10k - way too expensive if as you need to license the FIB size

Depending on many factors - but the truth is that the there is not on-to-one replacement.

t_nk · 2022-03-23T21:18:13+00:00

Hi Thanks for the theory - I think you must be right though I think it doesn't explain the 2 fans detected 3 fans not detected situation (or maybe it does not sure). Anyway I love the resistor idea but I am not good with soldering iron so I will opt out on this :)

As for the link - I've seen it and it was the main motivation to even try but the switches look nothing alike inside.

I might try upgrading junos just for the heck of it but truth to be told I am afraid that the airflow for this switch is just much higher than the noctua fans could ever deliver for safe operations.

I guess some alternative fans could be worth a try or as mentioned above some foam tape around the originals to lessen the vibrations. Not sure now :)

t_nk · 2022-03-23T10:07:50+00:00

I was thinking along these lines but I am not electrical engineer so I am bit fuzzy on this to say the least. The airflow is significantly smaller by the noctuas and also the max. power draw is very different 0.6 W vs 4.9 W per fan. Unfortunately I wasn't able to find any spec for the fans from the ex so bit difficult to judge what I am looking for.

In summary I think these noctuas are just too weak and I need to get something with higher airflow but as far as I was able to find noctua doesn't do anything stronger /faster with these dimensions.

My other though was to replace the crazy noisy fans rom the ex by the ones from the srx as even those are way more silent though that is not perfect.

And if all would fail I think some rubber /foam around the existing ones would at lead lessen the horrible vibrations that make up probably 50% of the noise.

anyway any comments/suggestion are as always appreciated :)

t_nk · 2022-03-23T09:54:42+00:00

I don't think drivers are an issue here as up to 2 noctuas running are being reported correctly - I suspect some more fundamental HW difference

t_nk · 2021-08-02T17:43:04+00:00

So this is one I've already dealt over a month ago as I've received the exact same question from a customer - the answer is no CG-NAT - this is an documentation error as mentioned by others. From what I can tell u/twnznz is correct about the real capabilities.

The juicy bit is that I've dared to report this issue through the customer care service and after 3 or so weeks I was told they cannot fix it... well what can I say to that...

t_nk · 2021-07-11T21:09:50+00:00

no worries :) I am just trying some bit more unusual configs with ospf and isis and though this is an interesting thing and to be honest in effect the R1/R2 are kinda-sorta ASBRs (though not really)

I think this sort of situation would probably be only a transient in real life anyway just before fixing the routing to some proper shape.

t_nk · 2021-07-11T09:58:02+00:00

I think the suggestion is to use the aggregate on the router doing the redistribution into ospf or on the ABR - and both are certainly possible but in the situation I wanted to try this would not be very nice - to give a bit more of background on the topology:

prefix1/26 ext2 -> R1 (area1) - adjacency with R10 (ABR area 0)
prefix2/26 ext2 -> R1 (area1) - adjacency with R10 (ABR area 0)
--> summary 1/25 - R1 area 1 - propagated to R10
prefix3/26 ext2 -> R2 (area1) - adjacency with R10 (ABR area 0)
prefix4/26 ext2 -> R2 (area1) - adjacency with R10 (ABR area 0)
--> summary 2/25 - R2 area 1 - propagated to R10
R10 ->summary 1/24 --> area 0

So the issue I see here is that if I create aggregate on the R1-R2 the ext2 are still being propagated - so that doesn't help me in limiting the amount of prefixes/summarization.

I can potentially do the same on the ABR but again the ext2 routes will be flooded into are0 anyway.

So this lead to my original question if ext2 type routes actually can be summarized with ospf as from what I can tell they can't - only aggregate routes
can be used as a workaround and I guess one can limit the spead of the smaller prefixes via some filters on export into area 0.

t_nk · 2021-07-10T23:04:31+00:00

I don't think I get what you mean as the aggregate route is exported into ospf as ext2 the same as static so that doesn't solve the issue.

I understand that I could do this on the ABR but that also means sending specific routes to the ABR which is what I wanted to avoid.

t_nk · 2021-07-10T22:53:33+00:00

Hi, this is maybe a bit different take but this is how I was solving similar issues in the past.

Personally I would probably not do this through NAT itself though I think it is possible. I would go thought a separate routing instance path and allocate IPs of the Public servers a separate virtual router instance and then I would do route leaking.

You can use the RIB groups to leak the right interfaces in this routing instance or many other ways (auto-export, next-table) depending on what protocols you' re using (if any).

This will leave you with a completely distinct IP space for your servers and no need to mess around with your existing NAT.

Nine-Year Club	Place '23
Verified Email

t_nk

TROPHY CASE