[j-nsp] 10.0 or 10.4?
Chris Morrow
morrowc at ops-netman.net
Tue Mar 15 14:34:42 EDT 2011
On 03/15/11 13:57, Steve Feldman wrote:
> On Mar 15, 2011, at 9:14 AM, Richard A Steenbergen wrote:
>
>> ...
>> We recently spent a fair bit of time trying to decide between 10.3R3 and
>> 10.4R2 for a lot of MX960 and EX8200 upgrades, and came to the
>> conclusion that 10.4R2 was significantly buggier.
>
> What sorts of bugs did you see in 10.4R2?
>
> JTAC is recommending 10.4R2 on our EX8200s to fix a bug (PR581625 in
> 10.1R4) where some of our firewall filter rules were being silently
> ignored.
ex + firewall ... 'silently ignored' is the norm no? ;(
here's a fav of mine. Loopback filters drop traceroute THROUGH the
device (unless you permit all traceroute of course) because, you know..
separating the 'control plane' traffic from the 'data plane' traffic is
something we all figured out 10 years ago. :(
(to be fair, this 'bug' is fixed in 11.X... 'please load this daily code
image on your production network, kthxbi!')
-grumpy-in-north-america
More information about the juniper-nsp
mailing list