[j-nsp] large subnet/no memory
The Drifter
prophecy_68 at hotmail.com
Mon Feb 11 13:44:39 EST 2013
Phil, thanks.
Sounds great. Now need to get a buy-in from the ops folks :)
How would you weigh the effectiveness of using your suggestion versus Cristian's?
Regards,
Jimmy
> To: prophecy_68 at hotmail.com
> CC: juniper-nsp at puck.nether.net
> Subject: Re: [j-nsp] large subnet/no memory
> Date: Mon, 11 Feb 2013 13:29:59 -0500
> From: phil at juniper.net
>
> The Drifter writes:
> >One of our ops team configured a /3 by mistake instead of /30 and resulted in an ARP sto
> >rm and FPCs running out of memory!
> >Any filter or policer that can be used to prevent such an error?
>
> A great use case for commit scripts. Something like:
>
> version 1.0;
>
> import "../import/junos.xl";
>
> match configuration {
> for-each (interfaces/interface/unit/family/inet
> /address[substring-after(name, '/') < 16) {
> <xnm:error> {
> call jcs:edit-path();
> call jcs:statement();
> <message> "prefix length must be >= 16";
> }
> }
> }
>
> Thanks,
> Phil
More information about the juniper-nsp
mailing list