Thursday, 25 January 2024

Creating simple Juniper Plicier || Juniper

 Juniper Plicier:


set firewall policer 100M if-exceeding bandwidth-limit 100m

set firewall policer 100M if-exceeding burst-size-limit 256k

set firewall policer 100M then discard


set logical-systems ggc-rt firewall policer 900MB if-exceeding bandwidth-limit 900m

set logical-systems ggc-rt firewall policer 900MB if-exceeding burst-size-limit 1m

set logical-systems ggc-rt firewall policer 900MB then discard


set logical-systems fna-rt firewall policer 900MB if-exceeding bandwidth-limit 900m

set logical-systems fna-rt firewall policer 900MB if-exceeding burst-size-limit 1m

set logical-systems fna-rt firewall policer 900MB then discard


set logical-systems bdix-rt firewall policer 900MB if-exceeding bandwidth-limit 900m

set logical-systems bdix-rt firewall policer 900MB if-exceeding burst-size-limit 1m

set logical-systems bdix-rt firewall policer 900MB then discard



set logical-systems cdn-rt firewall policer 900MB if-exceeding bandwidth-limit 900m

set logical-systems cdn-rt firewall policer 900MB if-exceeding burst-size-limit 1m

set logical-systems cdn-rt firewall policer 900MB then discard


Juniper BGP Community simple use:

set policy-options community Upstream members 1400:991

set policy-options policy-statement Upstream-Out term 1 from community Upstream

set policy-options policy-statement Upstream-Out term 1 then accept

set policy-options policy-statement Upstream-Out term 5 then reject


set policy-options policy-statement CLIENT-INT-IN term 1 then community add Upstream

set policy-options policy-statement CLIENT-INT-IN term 1 then accept

Juniper to Cisco switch and mikrotik LACP configuration || Juniper || Cisco || Mikrotik

 Juniper to Cisco switch LACP configuration:


Juniper Side:

set chassis aggregated-devices ethernet device-count 20   

[Above line is Mandatory for First time LACP config in Juniper]

set interfaces ae0 description "Bundle-1"

set interfaces ae0 vlan-tagging

set interfaces ae0 aggregated-ether-options link-speed 1g

set interfaces ae0 aggregated-ether-options lacp active

set interfaces ge-0/0/0 gigether-options 802.3ad ae0

set interfaces ge-0/0/1 gigether-options 802.3ad ae0


Cisco Side: 

interface Port-channel1

 switchport trunk encapsulation dot1q

 switchport mode trunk

!

interface GigabitEthernet0/0

 switchport trunk encapsulation dot1q

 switchport mode trunk

 negotiation auto

 channel-group 1 mode active

!

interface GigabitEthernet0/1

 switchport trunk encapsulation dot1q

 switchport mode trunk

 negotiation auto

 channel-group 1 mode active


Juniper to Mikrotik LACP/Bonding configuration: 


Juniper Side: 

As above

Mikrotik Side: 


/interface bonding
add mode=802.3ad name=Juniper slaves=ether1,ether2

Juniper Configuration boiler Plate || VLAN, eBGP, P2P, Logical system, Firewall Policier, eBGP in/out Filter || Juniper

 Juniper Client Configuration boiler Plate:

set interfaces et-0/0/0 unit 2867 description "Mridha-Corpo-Patuakhali-F@H-IPT"
set interfaces et-0/0/0 unit 2867 vlan-id 2867
set interfaces et-0/0/0 unit 2867 family inet policer input 10MB
set interfaces et-0/0/0 unit 2867 family inet policer output 10MB
set interfaces et-0/0/0 unit 2867 family inet address 172.20.20.29/30

set logical-systems ggc-rt interfaces et-0/0/0 unit 2868 description "Mridha-Corpo-Patuakhali-F@H-GGC"
set logical-systems ggc-rt interfaces et-0/0/0 unit 2868 vlan-id 2868
set logical-systems ggc-rt interfaces et-0/0/0 unit 2868 family inet policer input 10MB
set logical-systems ggc-rt interfaces et-0/0/0 unit 2868 family inet policer output 10MB
set logical-systems ggc-rt interfaces et-0/0/0 unit 2868 family inet address 172.20.24.17/30

set logical-systems fna-rt interfaces et-0/0/0 unit 2869 description "Mridha-Corpo-Patuakhali-F@H-FNA"
set logical-systems fna-rt interfaces et-0/0/0 unit 2869 vlan-id 2869
set logical-systems fna-rt interfaces et-0/0/0 unit 2869 family inet policer input 10MB
set logical-systems fna-rt interfaces et-0/0/0 unit 2869 family inet policer output 10MB
set logical-systems fna-rt interfaces et-0/0/0 unit 2869 family inet address 172.20.28.17/30

set logical-systems bdix-rt interfaces et-0/0/0 unit 2870 description "Mridha-Corpo-Patuakhali-F@H-BDIX"
set logical-systems bdix-rt interfaces et-0/0/0 unit 2870 vlan-id 2870
set logical-systems bdix-rt interfaces et-0/0/0 unit 2870 family inet address 172.20.32.21/30

set logical-systems cdn-rt interfaces et-0/0/0 unit 2871 description "Mridha-Corpo-Patuakhali-F@H-CDN"
set logical-systems cdn-rt interfaces et-0/0/0 unit 2871 vlan-id 2871
set logical-systems cdn-rt interfaces et-0/0/0 unit 2871 family inet policer input 30M
set logical-systems cdn-rt interfaces et-0/0/0 unit 2871 family inet policer output 30M
set logical-systems cdn-rt interfaces et-0/0/0 unit 2871 family inet address 172.20.36.25/30

set policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-IPT-IN" term 1 from protocol bgp
set policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-IPT-IN" term 1 from route-filter 103.61.240.130/31 exact
set policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-IPT-IN" term 1 then accept
set policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-IPT-IN" term 10 then reject

set protocols bgp group "Mridha-Corpo-Patuakhali-F@H-IPT" neighbor 172.20.20.30 description "Mridha-Corpo-Patuakhali-F@H-IPT"
set protocols bgp group "Mridha-Corpo-Patuakhali-F@H-IPT" neighbor 172.20.20.30 local-address 172.20.20.29
set protocols bgp group "Mridha-Corpo-Patuakhali-F@H-IPT" neighbor 172.20.20.30 import "Mridha-Corpo-Patuakhali-F@H-IPT-IN"
set protocols bgp group "Mridha-Corpo-Patuakhali-F@H-IPT" neighbor 172.20.20.30 export clients-default-out
set protocols bgp group "Mridha-Corpo-Patuakhali-F@H-IPT" neighbor 172.20.20.30 peer-as 64500

set logical-systems ggc-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-GGC-IN" term 1 from protocol bgp
set logical-systems ggc-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-GGC-IN" term 1 from route-filter 103.61.240.130/31 exact
set logical-systems ggc-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-GGC-IN" term 1 then accept
set logical-systems ggc-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-GGC-IN" term 10 then reject

set logical-systems ggc-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-GGC-IN" neighbor 172.20.24.18 description "Mridha-Corpo-Patuakhali-F@H-GGC"
set logical-systems ggc-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-GGC-IN" neighbor 172.20.24.18 local-address 172.20.24.17
set logical-systems ggc-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-GGC-IN" neighbor 172.20.24.18 import "Mridha-Corpo-Patuakhali-F@H-GGC-IN"
set logical-systems ggc-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-GGC-IN" neighbor 172.20.24.18 export clients-ggc-out
set logical-systems ggc-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-GGC-IN" neighbor 172.20.24.18 peer-as 64500

set logical-systems fna-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-FNA-IN" term 1 from protocol bgp
set logical-systems fna-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-FNA-IN" term 1 from route-filter 103.61.240.130/31 exact
set logical-systems fna-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-FNA-IN" term 1 then accept
set logical-systems fna-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-FNA-IN" term 10 then reject

set logical-systems fna-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-FNA" neighbor 172.20.28.18 description "Mridha-Corpo-Patuakhali-F@H-FNA"
set logical-systems fna-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-FNA" neighbor 172.20.28.18 local-address 172.20.28.17
set logical-systems fna-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-FNA" neighbor 172.20.28.18 import "Mridha-Corpo-Patuakhali-F@H-FNA-IN"
set logical-systems fna-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-FNA" neighbor 172.20.28.18 export clients-fna-out
set logical-systems fna-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-FNA" neighbor 172.20.28.18 peer-as 64500

set logical-systems bdix-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-BDIX" term 1 from protocol bgp
set logical-systems bdix-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-BDIX" term 1 from route-filter 103.61.240.130/31 exact
set logical-systems bdix-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-BDIX" term 1 then accept
set logical-systems bdix-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-BDIX" term 10 then reject

set logical-systems bdix-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-BDIX" neighbor 172.20.32.22 description "Mridha-Corpo-Patuakhali-F@H-BDIX"
set logical-systems bdix-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-BDIX" neighbor 172.20.32.22 local-address 172.20.32.21
set logical-systems bdix-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-BDIX" neighbor 172.20.32.22 import "Mridha-Corpo-Patuakhali-F@H-BDIX"
set logical-systems bdix-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-BDIX" neighbor 172.20.32.22 export BDIX-NEW-OUT
set logical-systems bdix-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-BDIX" neighbor 172.20.32.22 peer-as 64500

set logical-systems cdn-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-CDN" term 1 from protocol bgp
set logical-systems cdn-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-CDN" term 1 from route-filter 103.61.240.130/31 exact
set logical-systems cdn-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-CDN" term 1 then accept
set logical-systems cdn-rt policy-options policy-statement "Mridha-Corpo-Patuakhali-F@H-CDN" term 10 then reject

set logical-systems cdn-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-CDN" neighbor 172.20.36.26 description "Mridha-Corpo-Patuakhali-F@H-CDN"
set logical-systems cdn-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-CDN" neighbor 172.20.36.26 local-address 172.20.36.25
set logical-systems cdn-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-CDN" neighbor 172.20.36.26 import "Mridha-Corpo-Patuakhali-F@H-CDN"
set logical-systems cdn-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-CDN" neighbor 172.20.36.26 export clients-cdn-out
set logical-systems cdn-rt protocols bgp group "Mridha-Corpo-Patuakhali-F@H-CDN" neighbor 172.20.36.26 peer-as 64500

Comprehensive IP Calculator: Supporting Both IPv4 and IPv6

Download:  Download Whether you're a network engineer, IT professional, or simply a tech enthusiast, understanding IP addresses is cruci...