Search this Blog

Wednesday, September 12, 2012

Juniper SSG5 Software Upgrade To or Beyond 6.2.0r4.0 Causes Constant Reboot/Crash

We are trying to upgrade the software on my SSG5.  I started with 6.2.0r2.  We wanted to go to the newest 6.2.0 release (6.2.0r10).  But the SSG keeps crashing after it's been up for about 10 seconds.  So, we started upgrading a release at a time.  We successfully get all the way up to 6.2.0r3.  But if we try 6.2.0r4 or newer (6.2.0r9, 6.2.0r10 or even 6.3.0r7) the SSG crashes. 

We thought maybe it was the bootloader, so we upgraded that to 1.3.3, but we get the same result.


Juniper fixed this issue in Release 6.2.0r12.Here are the Release Notes that talks about the fix :

"587433-Sometimes after OS upgrade, the firewall did not start up because of a certain condition in flash writing mechanism."

Upgrade your device to 6.2.0r12 or 6.3.0r9 to fix the issue.

If the device is crashing try to update the firmware using boot loader.

If you are still having issues install  the old firmware to the box through console/bootloader and then boot it up. Then take a backup of configuration and then erase  all configuration from the device. Then  upgrade it again to an empty device and check the new firmware. Then  copy/paste the installation of the old configuration and it should work correctly. 



Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Thursday, September 6, 2012

Choice of right interface encapsulation of VPLS in Juniper switching

We would like to configure the vlan-id blow 512 and we know that only the encapsulation that “extended-vlan-vpls” and “flexible-ethernet-services” can support it. Our case is without the special function ,so we are confused on which encapsulation to use. Can you suggest the best practice?


If you configure "flexible-ethernet-services" encapsulation for a physical interface,  the you can configure different encapsulations under the logical sub-interfaces.

xe-3/2/0 {
        flexible-vlan-tagging;
        encapsulation flexible-ethernet-services;
        unit 3401 {
            encapsulation vlan-vpls;
            vlan-id 3400;
            }
       unit 3400 {
            encapsulation vlan-ccc;
            vlan-id 3400;
            }
        }


That means you can configure different types of  services  ( VPLS, L2VPN etc ) under a single physical interface. But, this encapsulation is supported by certain types of hardware.

Please click here for documentation from Juniper Networks on encapsulation.


"flexible-ethernet-services—For Gigabit Ethernet IQ interfaces and Gigabit Ethernet PICs with small form-factor pluggable transceivers (SFPs) (except the 10-port Gigabit Ethernet PIC and the built-in Gigabit Ethernet port on the M7i router), use flexible Ethernet services encapsulation when you want to configure multiple per-unit Ethernet encapsulations."

On the other hand, if you configure "extended-vlan-vpls",  you will be able to configure VPLS services only in that interface / logical interfaces.


Also keep in mind that changing the encapsulation on the physical interface is going to bounce all logical interfaces associated with it, so you may want to do that in a maintenance window.



Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.
 
/* Google Analytics begin ----------------------------------------------- */ /* Google Analytics end ----------------------------------------------- */