[j-nsp] ex4200 egress filter
Richard A Steenbergen
ras at e-gerbil.net
Thu Apr 28 11:33:30 EDT 2011
On Thu, Apr 28, 2011 at 05:17:46PM +0200, Tore Anderson wrote:
> * Richard A Steenbergen
>
> > We hit this issue while testing 11.1R1, and oh what a mighty big screwup
> > it was on Juniper's part too (that it even tries to parse the packets
> > that are killing it in the first place, when NOT CONFIGURED TO DO SO,
> > simply boggles the mind). Unfortunately it's also not the only "packet
> > of death which crashes the FPCs" issue in 11.1 on EX, we also discovered
> > another one which DIDN'T get fixed in 11.1S1, so you're taking your life
> > into your own hands if you try to run that code in production.
>
> Hi Richard,
>
> Could you be a bit more specific about this issue that remains
> outstanding in 11.1S1? Is there a PSN for it?
>
> I have a pair of EX4500s in my lab for setup currently, and any older
> release isn't an option due to the lack of IPv6 and VC support.
No comment on how to reproduce it, at least until they fix it and ok the
release of details. No PSN yet, but basically it's just another magic
packet of death which crashes the FPCs, similar to the last NetBIOS
issue. Almost all of our testing is on EX8200, but often times these
things behave similarly across the smaller EX's too. I'm just warning
people not to jump into 11.1S1 expecting everything to work great,
because it most certainly does not. :)
--
Richard A Steenbergen <ras at e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
More information about the juniper-nsp
mailing list