From: Brian Dennis (bdennis@internetworkexpert.com)
Date: Tue Aug 15 2006 - 18:19:09 ART
Follow these 4 easy steps to fix your issue:
1) Unplug the Netscreen's power
2) Take the Netscreen out of the rack
3) Walk over to the nearest trashcan and throw the Netscreen in (see note below)
4) Call your local Cisco SE and get them to send you a Cisco PIX firewall
Note: Your trashcan may already be full of other Juniper products along with some Juniper stock so you may need to look for an empty trash can
HTH,
Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of sadia habib
Sent: Tuesday, August 15, 2006 1:19 PM
To: juniper-nsp@puck.nether.net
Cc: ccielab@groupstudy.com
Subject: ospf strange problem !!!
DEAR ALL
I am trying to configure ospf between router and netscreen I am facing little problem!! while its remain in init state for ospf !! can any body help me ?
i am copying the config
set protocol ospf
set enable
set area 0.0.0.144
set auth-server "Local" id 0
set auth-server "Local" server-name "Local"
set auth default auth server "Local"
set admin http redirect
set admin auth timeout 10
set admin auth server "Local"
set admin format dos
set zone "Trust" vrouter "trust-vr"
set zone "Untrust" vrouter "trust-vr"
set zone "DMZ" vrouter "trust-vr"
set zone "VLAN" vrouter "trust-vr"
set zone "Trust" tcp-rst
set zone "Untrust" block
unset zone "Untrust" tcp-rst
set zone "MGT" block
set zone "DMZ" tcp-rst
set zone "VLAN" block
set zone "VLAN" tcp-rst
unset zone "Untrust" screen tear-drop
unset zone "Untrust" screen syn-flood
unset zone "Untrust" screen ping-death
unset zone "Untrust" screen ip-filter-src unset zone "Untrust" screen land set zone "V1-Untrust" screen tear-drop set zone "V1-Untrust" screen syn-flood set zone "V1-Untrust" screen ping-death set zone "V1-Untrust" screen ip-filter-src set zone "V1-Untrust" screen land set interface "ethernet0/0" zone "Trust"
set interface "ethernet0/1" zone "DMZ"
set interface "ethernet0/2" zone "Untrust"
unset interface vlan1 ip
set interface ethernet0/0 ip
set interface ethernet0/0 route
set interface ethernet0/2 ip
set interface ethernet0/2 route
unset interface vlan1 bypass-others-ipsec unset interface vlan1 bypass-non-ip set interface ethernet0/0 manage-ip set interface ethernet0/2 manage-ip set interface ethernet0/0 ip manageable set interface ethernet0/2 ip manageable unset interface ethernet0/0 manage telnet unset interface ethernet0/0 manage snmp set interface ethernet0/0 manage mtrace set interface ethernet0/2 manage ping set interface ethernet0/2 manage ssh set interface ethernet0/2 manage ssl set interface ethernet0/2 manage web set interface vlan1 manage mtrace unset flow no-tcp-seq-check set flow tcp-syn-check set hostname DCK set dbuf size 1024 set ike respond-bad-spi 1 set nsrp cluster id 1 set nsrp cluster name DCK set nsrp rto-mirror sync set nsrp vsd-group id 0 priority 100 set nsrp vsd-group id 0 preempt set nsrp secondary-path ethernet0/2 set nsrp vsd-group id 0 monitor interface ethernet0/0 set nsrp vsd-group id 0 monitor interface ethernet0/2 set nsrp ha-link probe set pki authority default scep m!
ode "auto"
set pki x509 default cert-path partial
set url protocol sc-cpa
exit
set nsmgmt bulkcli reboot-timeout 60
set ssh version v2
set ssh enable
set config lock timeout 5
set dl-buf size 4718592
set vrouter "untrust-vr"
set source-routing enable
exit
set vrouter "trust-vr"
set router-id
set source-routing enable
exit
set interface ethernet0/0 protocol ospf area 0.0.0.144 set interface ethernet0/0 protocol ospf enable set interface ethernet0/0 protocol ospf priority 0 set interface ethernet0/0 protocol ospf cost 1 set vrouter "untrust-vr"
exit
set vrouter "trust-vr"
exit
## 15:54:09 : ospf: send hello pkt on ethernet0/0 len 44 ## 15:54:09 : ospf: process rx pak len 44 from 10.32.124.100 on ethernet0/0 in vr trust-vr router-id 10.32.124.100 ## 15:54:11 : ospf: process rx pak len 60 from 10.32.124.20 on ethernet0/0 in vr trust-vr router-id 10.32.134.10 ## 15:54:11 : ospf: recv pkt on ethernet0/0, 10.32.124.20->224.0.0.5 ## 15:54:11 : ospf: invalid IP pak len 80, should be (ospf 48 + lls 3072 + IP 20) ## 15:54:19 : ospf: send hello dr 0.0.0.0 bdr 0.0.0.0 active neighbors:
## 15:54:19 : ospf: send hello pkt on ethernet0/0 len 44 ## 15:54:19 : ospf: process rx pak len 44 from 10.32.144.10 on ethernet0/0 in vr trust-vr router-id 10.32.134.20 ## 15:54:21 : ospf: process rx pak len 60 from 10.90.10.1on ethernet0/0 in vr trust-vr router-id 10.132.134.10 ## 15:54:21 : ospf: recv pkt on ethernet0/0, 10.90.10.1->224.0.0.5 ## 15:54:21 : ospf: invalid IP pak len 80, should be (ospf 48 + lls 3072 + IP 20) ## 15:54:29 : ospf: send hello dr 0.0.0.0 bdr 0.0.0.0 active neighbors:
## 15:54:29 : ospf: send hello pkt on ethernet0/0 len 44 ## 15:54:29 : ospf: process rx pak len 44 from 10.32.144.10 on ethernet0/0 in vr trust-vr router-id 10.32.144.10 ## 15:54:31 : ospf: process rx pak len 60 from 10.90.10.1on ethernet0/0 in vr trust-vr router-id 10.32.144.10 ## 15:54:31 : ospf: recv pkt on ethernet0/0, 10.132.14.2->224.0.0.5 ## 15:54:31 : ospf: invalid IP pak len 80, should be (ospf 48 + lls 3072 + IP 20) ## 15:54:39 : ospf: send hello dr 0.0.0.0 bdr 0.0.0.0 active neighbors:
## 15:54:39 : ospf: send hello pkt on ethernet0/0 len 44 ## 15:54:39 : ospf: process rx pak len 44 from 10.102.12.1 on ethernet0/0 in vr trust-vr router-id 10.32.144.10 ## 15:54:41 : ospf: process rx pak len 60 from 10.90.10.1on ethernet0/0 in vr trust-vr router-id 10.32.144.10 ## 15:54:41 : ospf: recv pkt on ethernet0/0, 10.132.124.2->224.0.0.5 ## 15:54:41 : ospf: invalid IP pak len 80, should be (ospf 48 + lls 3072 + IP 20) ## 15:54:49 : ospf: send hello dr 0.0.0.0 bdr 0.0.0.0 active neighbors:
## 15:54:49 : ospf: send hello pkt on ethernet0/0 len 44 ## 15:54:49 : ospf: process rx pak len 44 from 10.132.124.10 on ethernet0/0 in vr trust-vr router-id 10.32.144.10 ## 15:54:51 : ospf: process rx pak len 60 from 10.90.10.1on ethernet0/0 in vr trust-vr router-id 10.132.142.10 ## 15:54:51 : ospf: recv pkt on ethernet0/0, 10.2.114.2->224.0.0.5 ## 15:54:51 : ospf: invalid IP pak len 80, should be (ospf 48 + lls 3072 + IP 20)
This archive was generated by hypermail 2.1.4 : Fri Sep 01 2006 - 15:41:57 ART