[j-nsp] Firewall Policy Description !!

Tyler Christiansen tyler at adap.tv
Wed Nov 5 10:58:32 EST 2014 

You can use the Junos annotate feature if the description nob is
unavailable.

--tc
On Nov 5, 2014 7:50 AM, "Harri Makela via juniper-nsp" <
juniper-nsp at puck.nether.net> wrote:

>
> Hi There
>
>
>
>
> is there anyway that we can add description of firewall policies. Firewall
> policy name is restricted to 63 chracters on Junos which is not sufficient
> to review the firewall policies on periodic basis. I can only add flows
> related information with policy name and description is required to add
> further details like who requested it, when it was added, quarterly review
> if this flow is required not etc. to comply with AUDIT requirements
>
>
>
>
>
> Thnaks
>
>       On Wednesday, 29 October 2014, 16:05, "
> juniper-nsp-request at puck.nether.net" <juniper-nsp-request at puck.nether.net>
> wrote:
>
>
>  Send juniper-nsp mailing list submissions to
>     juniper-nsp at puck.nether.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
>     https://puck.nether.net/mailman/listinfo/juniper-nsp
> or, via email, send a message with subject or body 'help' to
>     juniper-nsp-request at puck.nether.net
>
> You can reach the person managing the list at
>     juniper-nsp-owner at puck.nether.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of juniper-nsp digest..."
>
>
> Today's Topics:
>
>   1. Re: CoS on iSCSI ports (Eugeniu Patrascu)
>   2. EX4600 third party optic (Johan Borch)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 29 Oct 2014 01:09:49 +0200
> From: Eugeniu Patrascu <eugen at imacandi.net>
> To: Mike Gonnason <gonnason at gmail.com>
> Cc: "juniper-nsp at puck.nether.net" <juniper-nsp at puck.nether.net>
> Subject: Re: [j-nsp] CoS on iSCSI ports
> Message-ID:
>     <CALgc3C64g8g5JrnN+uzkLUu-=UmsdYQN_kz2Wqt7E+Br1_KUdg at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> If memory serves me right, the 5% bandwidth is actually prioritized when
> you do something on the switch via SSH/Telnet/J-Web so that in case your
> switch is running line-rate, you can actually log into it.
>
> Also, disable flow-control, it's not helping.
>
> Regards,
> Eugeniu
>
> On Wed, Oct 15, 2014 at 2:49 AM, Mike Gonnason <gonnason at gmail.com> wrote:
>
> > For my iSCSI stuff, I have been disabling pause frames as they are not
> > really beneficial for my situation. I had a NetApp (forget what model)
> that
> > would saturate a 10Gb link and the Juniper would send a pause frame with
> > the result of dropping all connections across that trunk. Not very
> helpful.
> >
> > You can try modifying the NC class and alter how the scheduling is
> > performed. in section 21 you can see 5% is specified for the NC
> scheduler.
> >
> >
> >
> http://www.juniper.net/documentation/en_US/junos13.2/topics/example/cos-ex-series-configuring.html
> >
> >
> > -Mike Gonnason
> >
> > On Tue, Oct 14, 2014 at 3:39 PM, Josh Farrelly <Joshf at originit.co.nz>
> > wrote:
> >
> > > Hi all.
> > >
> > > We have 2x EX4550's in VC that provide switching for an iSCSI network.
> > > There are 3 Dell SANs and 4 Dell R820 ESXi hosts connected via twinax @
> > > 10Gbps. Jumbo frames and flow control is enabled.
> > >
> > > My knowledge around Juniper tech is a little vague, but what's with the
> > > default CoS settings on the switch? It seems they will automatically
> > > reserve 5% for network control traffic. Is there anyway to disable CoS
> > > entirely? AFAIK Brocade & Cisco don't have this type of default, and 5%
> > of
> > > a 10Gbps is actually a rather significant chunk of bandwidth.
> > >
> > > The reason I'm asking is that we've seen some performance issues
> lately.
> > > We have a hybrid-SSD tray of storage that can saturate a link, so we're
> > > seeing MAC pause frames being received by the switch as well as
> discards
> > on
> > > some of the queues.
> > >
> > > Thanks for any pointers.
> > >
> > > Regards,
> > >
> > > Josh.
> > > _______________________________________________
> > > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > > https://puck.nether.net/mailman/listinfo/juniper-nsp
> > >
> > _______________________________________________
> > juniper-nsp mailing list juniper-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/juniper-nsp
> >
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 29 Oct 2014 09:51:15 +0100
> From: Johan Borch <johan.borch at gmail.com>
> To: "juniper-nsp at puck.nether.net" <juniper-nsp at puck.nether.net>
> Subject: [j-nsp] EX4600 third party optic
> Message-ID:
>     <CAB_jNCR9BeSeNO2ER_+5LrO2WTT=vg5GbYjPvvhUxKfJsS7f3Q at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> Hi!
>
> Do anyone have experience with third party optics (SFP/SFP+) in EX4600?
>
> Johan
>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> juniper-nsp mailing list
> juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
> ------------------------------
>
> End of juniper-nsp Digest, Vol 143, Issue 27
> ********************************************
>
>
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list