I recently read Junos Security book and Junos Security course materials, so I pretty confident in my knowledge of basic SRX security functions. For configuration examples use Security Zones and Interfaces Feature Guide and Security Policies Feature Guide. Complete SRX Security zones configuration hierarchy: security { zones { functional-zone { management { description text; …
Next topic – Layer 3 Underlay – Clos IP fabric. Please refer to Juniper QFX5100 Series book and this whitepaper. Pretty basic stuff if you already have some experience with BGP and policies. Make sure you know the differences between various IBGP and EBGP design options, although there is only EBGP option stated explicitly in JNCIE-DC lab exam topics. Learn different schemas of AS numbers assignment. BGP configuration example: bgp { log-updown; import bgp-clos-in; export bgp-clos-out; …
If you look for a comprehensive explanation of MC-LAG technology – Juniper MX Series book is the best choice. For all configuration details refer to MC-LAG Feature Guide. MC-LAG configuration can be broken up into four important pieces: Inter Chassis Control Protocol (ICCP), Inter Chassis Link (ICL), MC-LAG interface and IRB interface. So let’s start with ICCP: user@switch2 > show configuration protocols iccp local-ip-addr 10.2.2.2; peer 10.1.1.1 { session-establishment-hold-time 50; redundancy-group-id-list 1; backup-liveness-detection { …
To configure a block of 40-Gigabit Ethernet (et) ports on QFX3500, QFX3600, QFX5100, EX4600 switches to operate as 10-Gigabit Ethernet ports, specify a port range and channel speed: [edit chassis fpc fpc-slot pic pic-slot] user@switch# set port-range port–range-low port-range-high channel-speed speed For example, to configure ports 0 through 3 on PIC 1 to operate as 10-Gigabit Ethernet ports: [edit chassis fpc 0 pic 1] user@switch# set port-range 0 3 channel-speed 10g To configure just one single port to…
Juniper QFX5100 Series book has pretty good coverage of VCF related topics, but I think VCF feature guide is better suited for lab preparation. Unfortunately I don’t have real QFX5100 gear, so my VCF study would be completely theoretical. But the good news are that all that complexity of VCF has nothing to do with end user, and to just configure it is a pretty simple task. Definitely no rocket science… VCF can be configured in two different ways: autoprovisioned and…
ZTP process is well explained in the Data Center Swithing cource (DCX) – read about it there if you can find this material. Especially the lab module for ZTP. Also there is fine free ZTP Day One book. The core part of ZTP process is the configuration of DHCP server, that looks something like this: set vendor-string = option vendor-class-identifier; option space ZTPDEMO; option ZTPDEMO.image-file-name code 0 = text; option ZTPDEMO.config-file-name code 1 = text; option ZTPDEMO.image-file-type code 2 = text;…
In this post I tried to collect all useful links to technical documentation that I plan to use during my study for JNCIE-DC lab attempt. This materials will be used primarily for repetition and more focused, deep-dive study of lab topics – should be used only after studying Juniper DC base materials from previous post. So, the complete JNCIE-DC exam blueprint: Management On-box Scripts –>…
Once again I’m convinced by my own experience that Juniper tests a lot more interesting and practical than Cisco ones (I’m recently passed CCIE R&S written to update my cert – such a horrible experience that I don’t want to even look at Cisco for another two years). Not so long ago I passed JNCIP-DC and would like to save some notes about this exam. First of all, materials from recommended courses – Data Center Switching (DCX) and Advanced Data Center…
After careful look at JNCIE-DC exam objectives, I finally decided to go for it. Planning to take the lab in August. Why so soon? It’s simple. I just really want 2-digit number 🙂 In truth, the deciding factor is the size of DC lab blueprint – not so many new areas to study for me (given that I’m only recently passed my JNCIE-SP lab and therefore pretty confident in my knowledge of BGP, MPLS and QoS areas). And I already has…