orlik Опубликовано 1 июня, 2014 · Жалоба 12.3 для MX80 в качестве BNG вообще не самый лучший выбор , тут либо 11.4X27 либо 13.3. Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
h1vs2 Опубликовано 1 июня, 2014 · Жалоба Скриптик скинешь? Попробую препарировать... Я конечно поздно заметил, но, если еще надо - https://www.dropbox.com/s/6jpzvxk7cnlvhi5/secure_erase_RE-S-1800_V10.tgz Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
h1vs2 Опубликовано 1 июня, 2014 · Жалоба 12.3 для MX80 в качестве BNG вообще не самый лучший выбор , тут либо 11.4X27 либо 13.3. На 12.3 до сих пор все плохо? Остался баг с неудаляемыми access-internal роутами ? Сижу на 11.4X27.55, не вижу никакого смысла обновляться до 12.3/13.3 - я что-то упускаю ? Эт на брасе, на бордере - 11.4R7.5 Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
orlik Опубликовано 1 июня, 2014 · Жалоба на 12.3 все прекрасно , все работает :) но на старших версиях MX Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
martini Опубликовано 1 июня, 2014 · Жалоба аналогично, 11.4X27.45 - все шоколадно Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
orlik Опубликовано 1 июня, 2014 · Жалоба 12.3 для MX80 в качестве BNG вообще не самый лучший выбор , тут либо 11.4X27 либо 13.3. На 12.3 до сих пор все плохо? Остался баг с неудаляемыми access-internal роутами ? Сижу на 11.4X27.55, не вижу никакого смысла обновляться до 12.3/13.3 - я что-то упускаю ? Эт на брасе, на бордере - 11.4R7.5 Ну пока ничего не упускаете, но 11.4Х27 уже не развивается , а весь функционал влит в 12.3. Так что 12.3 рекомендуемая на данный момент. Да 80ки ситтуация немного отличается, как уже и писал выше Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
rdntw Опубликовано 18 апреля, 2015 · Жалоба Решил значит я обновить софт на коробке в режиме ISSU, опыт уже был, всё проходило гладко. Поэтому особо не переживал и начал подготовку... Это софт который стоял до обновления {master} admin@M9_mx480> show version invoke-on all-routing-engines re0: -------------------------------------------------------------------------- Hostname: M9_mx480 Model: mx480 Junos: 13.3R2.7 JUNOS Base OS boot [13.3R2.7] JUNOS Base OS Software Suite [13.3R2.7] JUNOS 64-bit Kernel Software Suite [13.3R2.7] JUNOS Crypto Software Suite [13.3R2.7] JUNOS Packet Forwarding Engine Support (M/T/EX Common) [13.3R2.7] JUNOS Packet Forwarding Engine Support (MX Common) [13.3R2.7] JUNOS Online Documentation [13.3R2.7] JUNOS Services AACL Container package [13.3R2.7] JUNOS Services Application Level Gateways [13.3R2.7] JUNOS AppId Services [13.3R2.7] JUNOS Border Gateway Function package [13.3R2.7] JUNOS Services Captive Portal and Content Delivery Container package [13.3R2.7] JUNOS Services HTTP Content Management package [13.3R2.7] JUNOS IDP Services [13.3R2.7] JUNOS Services Jflow Container package [13.3R2.7] JUNOS Services LL-PDF Container package [13.3R2.7] JUNOS Services MobileNext Software package [13.3R2.7] JUNOS Services Mobile Subscriber Service Container package [13.3R2.7] JUNOS Services NAT [13.3R2.7] JUNOS Services PTSP Container package [13.3R2.7] JUNOS Services RPM [13.3R2.7] JUNOS Services Stateful Firewall [13.3R2.7] JUNOS Voice Services Container package [13.3R2.7] JUNOS Services Crypto [13.3R2.7] JUNOS Services SSL [13.3R2.7] JUNOS Services IPSec [13.3R2.7] JUNOS platform Software Suite [13.3R2.7] JUNOS Runtime Software Suite [13.3R2.7] JUNOS 64-bit Runtime Software Suite [13.3R2.7] JUNOS Routing Software Suite [13.3R2.7] JUNOS py-base-i386 [13.3R2.7] re1: -------------------------------------------------------------------------- Hostname: M9_mx480 Model: mx480 Junos: 13.3R2.7 JUNOS Base OS boot [13.3R2.7] JUNOS Base OS Software Suite [13.3R2.7] JUNOS 64-bit Kernel Software Suite [13.3R2.7] JUNOS Crypto Software Suite [13.3R2.7] JUNOS Packet Forwarding Engine Support (M/T/EX Common) [13.3R2.7] JUNOS Packet Forwarding Engine Support (MX Common) [13.3R2.7] JUNOS Online Documentation [13.3R2.7] JUNOS Services AACL Container package [13.3R2.7] JUNOS Services Application Level Gateways [13.3R2.7] JUNOS AppId Services [13.3R2.7] JUNOS Border Gateway Function package [13.3R2.7] JUNOS Services Captive Portal and Content Delivery Container package [13.3R2.7] JUNOS Services HTTP Content Management package [13.3R2.7] JUNOS IDP Services [13.3R2.7] JUNOS Services Jflow Container package [13.3R2.7] JUNOS Services LL-PDF Container package [13.3R2.7] JUNOS Services MobileNext Software package [13.3R2.7] JUNOS Services Mobile Subscriber Service Container package [13.3R2.7] JUNOS Services NAT [13.3R2.7] JUNOS Services PTSP Container package [13.3R2.7] JUNOS Services RPM [13.3R2.7] JUNOS Services Stateful Firewall [13.3R2.7] JUNOS Voice Services Container package [13.3R2.7] JUNOS Services Crypto [13.3R2.7] JUNOS Services SSL [13.3R2.7] JUNOS Services IPSec [13.3R2.7] JUNOS platform Software Suite [13.3R2.7] JUNOS Runtime Software Suite [13.3R2.7] JUNOS 64-bit Runtime Software Suite [13.3R2.7] JUNOS Routing Software Suite [13.3R2.7] JUNOS py-base-i386 [13.3R2.7] {master} admin@M9_mx480> admin@M9_mx480> show chassis routing-engine Routing Engine status: Slot 0: Current state Master Election priority Master (default) Temperature 35 degrees C / 95 degrees F CPU temperature 29 degrees C / 84 degrees F DRAM 16350 MB (16384 MB installed) Memory utilization 19 percent CPU utilization: User 1 percent Background 0 percent Kernel 4 percent Interrupt 2 percent Idle 93 percent Model RE-S-1800x4 Serial ID 900xxx202 Start time 2014-08-13 15:33:35 MSK Uptime 246 days, 20 hours, 46 minutes, 8 seconds Last reboot reason 0x1:power cycle/failure Load averages: 1 minute 5 minute 15 minute 0.48 0.47 0.36 Routing Engine status: Slot 1: Current state Backup Election priority Backup (default) Temperature 34 degrees C / 93 degrees F CPU temperature 31 degrees C / 87 degrees F DRAM 16350 MB (16384 MB installed) Memory utilization 15 percent CPU utilization: User 0 percent Background 0 percent Kernel 1 percent Interrupt 0 percent Idle 99 percent Model RE-S-1800x4 Serial ID 900xxx202 Start time 2014-08-13 15:33:24 MSK Uptime 246 days, 20 hours, 46 minutes, 9 seconds Last reboot reason 0x1:power cycle/failure Load averages: 1 minute 5 minute 15 minute 0.54 0.60 0.32 {master} admin@M9_mx480> show task replication Stateful Replication: Enabled RE mode: Master Protocol Synchronization Status OSPF Complete OSPF3 Complete BGP Complete PIM Complete MSDP Complete MPLS Complete RSVP Complete LDP Complete {master} Так как стоит карточка MS-MPC которая не поддерживает данный режим обновления,шасси предупреждает что модуль уйдет в ребут. Соглашаемся, предварительно переводим нагрузку на другой NAT. {master} admin@M9_mx480> request system software in-service-upgrade /var/tmp/jinstall64-13.3R5-S1.1-domestic-signed.tgz reboot Chassis ISSU Check Done ISSU: Validating Image [edit services]: service-sets are configured; this operation may disrupt services processing [edit services]: service-sets are configured; this operation may disrupt services processing FPC 0 will be offlined (In-Service-Upgrade not supported) PIC 0/0 will be offlined (In-Service-Upgrade not supported) PIC 0/1 will be offlined (In-Service-Upgrade not supported) PIC 0/2 will be offlined (In-Service-Upgrade not supported) PIC 0/3 will be offlined (In-Service-Upgrade not supported) Do you want to continue with these actions being taken ? [yes,no] (no) yes Checking compatibility with configuration Initializing... Using jbase-13.3R2.7 veriexec: accepting signer: PackageDevelopmentEc_2014 Verified manifest signed by PackageDevelopmentEc_2014 Using /var/tmp/jinstall64-13.3R5-S1.1-domestic-signed.tgz Verified jinstall64-13.3R5-S1.1-domestic.tgz signed by PackageProductionEc_2015 Using jinstall64-13.3R5-S1.1-domestic.tgz Using jbundle64-13.3R5-S1.1-domestic.tgz Checking jbundle requirements on / Using jbase-13.3R5-S1.1.tgz Verified manifest signed by PackageProductionEc_2015 Verified jbase-13.3R5-S1.1 signed by PackageProductionEc_2015 Using /var/v/c/tmp/jbundle/jboot-13.3R5-S1.1.tgz Using jcrypto64-13.3R5-S1.1.tgz Verified manifest signed by PackageProductionEc_2015 Verified jcrypto64-13.3R5-S1.1 signed by PackageProductionEc_2015 Using jdocs-13.3R5-S1.1.tgz Verified manifest signed by PackageProductionEc_2015 Verified jdocs-13.3R5-S1.1 signed by PackageProductionEc_2015 Using jkernel64-13.3R5-S1.1.tgz Using jpfe-13.3R5-S1.1.tgz Verified SHA1 checksum of jpfe-M10-13.3R5-S1.1.tgz Verified SHA1 checksum of jpfe-M120-13.3R5-S1.1.tgz Verified SHA1 checksum of jpfe-M160-13.3R5-S1.1.tgz Verified SHA1 checksum of jpfe-M320-13.3R5-S1.1.tgz Verified SHA1 checksum of jpfe-M40-13.3R5-S1.1.tgz Verified SHA1 checksum of jpfe-M7i-13.3R5-S1.1.tgz Verified SHA1 checksum of jpfe-T-13.3R5-S1.1.tgz Verified SHA1 checksum of jpfe-X2000-13.3R5-S1.1.tgz Verified SHA1 checksum of jpfe-X960-13.3R5-S1.1.tgz Verified SHA1 checksum of jpfe-common-13.3R5-S1.1.tgz Using jplatform-13.3R5-S1.1.tgz Verified manifest signed by PackageProductionEc_2015 Verified jplatform-13.3R5-S1.1 signed by PackageProductionEc_2015 Using jroute-13.3R5-S1.1.tgz Verified manifest signed by PackageProductionEc_2015 Verified jroute-13.3R5-S1.1 signed by PackageProductionEc_2015 Using jruntime-13.3R5-S1.1.tgz Verified manifest signed by PackageProductionEc_2015 Verified jruntime-13.3R5-S1.1 signed by PackageProductionEc_2015 Using jruntime64-13.3R5-S1.1.tgz Verified manifest signed by PackageProductionEc_2015 Verified jruntime64-13.3R5-S1.1 signed by PackageProductionEc_2015 Using jservices-13.3R5-S1.1.tgz Using jservices-crypto-13.3R5-S1.1.tgz Hardware Database regeneration succeeded Validating against /config/juniper.conf.gz mgd: commit complete Validation succeeded ISSU: Preparing Backup RE Pushing /var/tmp/jinstall64-13.3R5-S1.1-domestic-signed.tgz to re1:/var/tmp/jinstall64-13.3R5-S1.1-domestic-signed.tgz Installing package '/var/tmp/jinstall64-13.3R5-S1.1-domestic-signed.tgz' ... Verified jinstall64-13.3R5-S1.1-domestic.tgz signed by PackageProductionEc_2015 Verified jinstall64-13.3R5-S1.1-domestic.tgz signed by PackageProduction_13_3_0 Adding jinstall64... Verified manifest signed by PackageProductionEc_2015 WARNING: This package will load JUNOS 13.3R5-S1.1 software. WARNING: It will save JUNOS configuration files, and SSH keys WARNING: (if configured), but erase all other files and information WARNING: stored on this machine. It will attempt to preserve dumps WARNING: and log files, but this can not be guaranteed. This is the WARNING: pre-installation stage and all the software is loaded when WARNING: you reboot the system. Saving the config files ... NOTICE: uncommitted changes have been saved in /var/db/config/juniper.conf.pre-install Installing the bootstrap installer ... WARNING: A REBOOT IS REQUIRED TO LOAD THIS SOFTWARE CORRECTLY. Use the WARNING: 'request system reboot' command when software installation is WARNING: complete. To abort the installation, do not reboot your system, WARNING: instead use the 'request system software delete jinstall' WARNING: command as soon as this operation completes. Saving state for rollback ... Backup upgrade done Rebooting Backup RE Rebooting re1 ISSU: Backup RE Prepare Done Waiting for Backup RE reboot GRES operational Initiating Chassis In-Service-Upgrade Chassis ISSU Started ISSU: Preparing Daemons ISSU: Daemons Ready for ISSU ISSU: Starting Upgrade for FRUs Ну и через 10 минут доступ к роутеру пропал, отвалились все сессии, lsp, порты ушли в Down. Консоль с флешкой и бегом на площадку. Визуально модуль FPC1 был вообще в дауне, RE1 был MASTER. подключаемся.. {backup} admin@M9_mx480> show chassis routing-engine Routing Engine status: Slot 0: Current state Backup Election priority Master (default) Temperature 35 degrees C / 95 degrees F CPU temperature 29 degrees C / 84 degrees F DRAM 16349 MB (16384 MB installed) Memory utilization 9 percent CPU utilization: User 0 percent Background 0 percent Kernel 1 percent Interrupt 0 percent Idle 99 percent Model RE-S-1800x4 Serial ID 9009190202 Start time 2015-04-17 07:58:14 MSK Uptime 2 hours, 32 minutes, 54 seconds Last reboot reason Router rebooted after a normal shutdown. Load averages: 1 minute 5 minute 15 minute 0.00 0.00 0.00 Routing Engine status: Slot 1: Current state Master Election priority Backup (default) Temperature 34 degrees C / 93 degrees F CPU temperature 30 degrees C / 86 degrees F DRAM 16349 MB (16384 MB installed) Memory utilization 15 percent CPU utilization: User 0 percent Background 0 percent Kernel 4 percent Interrupt 0 percent Idle 96 percent Model RE-S-1800x4 Serial ID 9009190205 Start time 2015-04-17 07:35:14 MSK Uptime 2 hours, 55 minutes, 58 seconds Last reboot reason Router rebooted after a normal shutdown. Load averages: 1 minute 5 minute 15 minute 0.03 0.04 0.00 {backup} делаем RE0 мастером. admin@M9_mx480> request chassis routing-engine ? Possible completions: master Set Routing Engine mastership {backup} admin@M9_mx480> request chassis routing-engine master ? Possible completions: acquire Attempt to become master Routing Engine release Request that other Routing Engine become master switch Toggle mastership between Routing Engines {backup} admin@M9_mx480> request chassis routing-engine master switch Toggle mastership between routing engines ? [yes,no] (no) yes Resolving mastership... Apr 17 10:32:14 init: l2cpd-service (PID 3819) started Apr 17 10:32:14 init: tunnel-oamd (PID 3820) started Apr 17 10:32:14 init: ethernet-link-fault-management (PID 3821) started Apr 17 10:32:14 init: ethernet-connectivity-fault-management (PID 3822) started Apr 17 10:32:14 init: mpls-traceroute (PID 3823) started Apr 17 10:32:14 init: database-replication (PID 1758) terminate signal 15 sent Apr 17 10:32:15 init: secure-neighbor-discovery (PID 3824) started Apr 17 10:32:15 init: local-policy-decision-function (PID 3785) sending signal usr2: due to "proto-mastership": 0x1 Apr 17 10:32:15 init: iccp-service (PID 3825) started Apr 17 10:32:15 init: subscriber-management (PID 1761) terminate signal 15 sent Apr 17 10:32:15 init: relay-process (PID 1792) terminate signal 15 sent Apr 17 10:32:15 init: stats-agent (PID 2655) terminate signal 15 sent Apr 17 10:32:15 init: alarm-management (PID 2656) terminate signal 15 sent Apr 17 10:32:16 init: mountd-service (PID 3832) started Apr 17 10:32:16 init: nfsd-service (PID 3833) started Apr 17 10:32:16 init: subscriber-management-helper (PID 3836) started Apr 17 10:32:16 init: resource-management (PID 2660) sending signal hup: due to "chas-mastership": 0x1 Apr 17 10:32:16 init: charged (PID 2659) sending signal hup: due to "chas-mastership": 0x1 Apr 17 10:32:16 init: mobiled (PID 2658) sending signal hup: due to "chas-mastership": 0x1 Apr 17 10:32:16 init: local-policy-decision-function (PID 3785) exited with status=0 Normal Exit Apr 17 10:32:16 init: local-policy-decision-function (PID 3837) started Apr 17 10:32:16 init: mib-process (PID 2657) exited with status=0 Normal Exit Apr 17 10:32:16 init: mib-process (PID 3838) started Apr 17 10:32:16 init: alarm-management (PID 2656) terminated by signal number 15! Apr 17 10:32:16 init: alarm-management (PID 3839) started Apr 17 10:32:16 init: stats-agent (PID 2655) exited with status=0 Normal Exit Apr 17 10:32:16 init: stats-agent (PID 3840) started Apr 17 10:32:16 init: internal-routing-service (PID 2654) exited with status=0 Normal Exit Apr 17 10:32:16 init: internal-routing-service (PID 3841) started Apr 17 10:32:16 init: pfed (PID 2653) exited with status=0 Normal Exit Apr 17 10:32:16 init: pfed (PID 3842) started Apr 17 10:32:16 init: sntpsync (PID 2652) terminated by signal number 15! Apr 17 10:32:16 init: sntp (PID 2651) terminated by signal number 15!Apr 17 10:32:17 init: subscriber-management (PID 3850) started Apr 17 10:32:17 init: database-replication (PID 1758) exited with status=0 Normal Exit Apr 17 10:32:17 init: database-replication (PID 3851) started Complete. The local routing engine becomes the master. Проверяем статус модулей и видим что повисла 16-ти портовая 10GE карточка куда собственно всё воткнуто. {master} admin@M9_mx480> {master} admin@M9_mx480> show chassis fpc Temp CPU Utilization (%) Memory Utilization (%) Slot State (C) Total Interrupt DRAM (MB) Heap Buffer 0 Online Testing 4 0 1024 14 26 1 Ready Testing 100 0 2048 3 12 2 Empty 3 Empty 4 Empty 5 Empty {master} admin@M9_mx480> show bgp summary Groups: 13 Peers: 31 Down peers: 31 Table Tot Paths Act Paths Suppressed History Damp State Pending inet.0 0 0 0 0 0 0 inetflow.0 0 0 0 0 0 0 inet.2 0 0 0 0 0 0 bgp.l3vpn.0 0 0 0 0 0 0 bgp.l2vpn.0 0 0 0 0 0 0 inet6.0 0 0 0 0 0 0 Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped... 10.142.255.7 2 0 0 0 0 2:36:28 Idle 10.142.255.8 2 0 0 0 0 2:36:28 Idle 10.142.255.9 2 0 0 0 0 2:36:28 Idle 10.142.255.10 2 0 0 0 0 2:36:28 Idle 10.142.255.11 2 0 0 0 0 2:36:28 Idle 10.142.255.15 2 0 0 0 0 2:36:28 Idle 31.28.XX.1 29X76 0 0 0 0 2:36:28 Idle 31.28.XX.254 29X76 0 0 0 0 2:36:28 Idle 62.105.XXX.1 3216 0 0 0 0 2:36:28 Idle 72.14.XXX.81 15169 0 0 0 0 2:36:28 Idle 77.94.XXX.113 8641 0 0 0 0 2:36:28 Idle 80.85.XXX.209 41842 0 0 0 0 2:36:28 Idle 85.112.115.131 64600 0 0 0 0 2:36:28 Idle 172.16.16.3 29XXX 0 0 0 0 2:36:28 Active 172.16.16.4 29XXX 0 0 0 0 2:36:28 Active 172.16.16.6 29XXX 0 0 0 0 2:36:28 Active 172.16.16.7 29XXX 0 0 0 0 2:36:28 Active 172.16.16.8 29XXX 0 0 0 0 2:36:28 Active 172.16.16.9 29XXX 0 0 0 0 2:36:28 Active 172.16.16.10 29XXX 0 0 0 0 2:36:28 Active 172.16.16.12 29XXX 0 0 0 0 2:36:28 Active 185.66.XX.156 64558 0 0 0 0 2:36:28 Idle 193.232.244.XXX 86X1 0 0 0 0 2:36:28 Idle 193.232.246.XXX 86X1 0 0 0 0 2:36:28 Idle 195.128.XX.2 29XXX 0 0 0 0 2:36:28 Connect 195.128.XX.30 48939 0 0 0 0 2:36:28 Idle 2001:7f8:20:101::244:XXX 8631 0 0 0 0 2:36:28 Idle 2001:7f8:20:102::246:XXX 8631 0 0 0 0 2:36:28 Idle 2001:4860:1:1:0:718d:0:X 15169 0 0 0 0 2:36:28 Idle 2a00:13c0:3:1::1f1c:XXXX 29076 0 0 0 0 2:36:28 Idle 2a00:13c0:3:1::1f1c:XXXX 29076 0 0 0 0 2:36:28 Idle Делаем рестарт карты и всё поднимается. {master} admin@M9_mx480> admin@M9_mx480> show bgp summary | match 29XXX 172.16.16.3 29XXX 21 17 0 0 2:04 Establ 172.16.16.4 29XXX 16 18 0 0 2:30 Establ 172.16.16.6 29XXX 19 120095 0 0 2:45 Establ 172.16.16.7 29XXX 12 15 0 0 2:44 Establ 172.16.16.8 29XXX 10 15 0 0 2:42 Establ 172.16.16.9 29XXX 14 18 0 0 2:41 Establ 172.16.16.10 29XXX 12 18 0 0 2:39 Establ 172.16.16.12 29XXX 18 18 0 0 2:26 Establ 195.128.XX.2 29XXX 7 9 0 0 2:23 Establ {master} admin@M9_mx480> в итоге логи собраны, кейс создан. Пока думаю что я сделал не так. Теперь буду прошивать только традиционными методами и находясь на площадке :) Вставить ник Цитата Ответить с цитированием Поделиться сообщением Ссылка на сообщение Поделиться на других сайтах More sharing options...
