Software Features; Advertising Bandwidth For Neighbors On A Broadcast Link Support; Group Vpn Interoperability With Cisco's Get Vpn - Dell PowerConnect J-8208 Release Note

Release notes junos version 10.3
Hide thumbs Also See for PowerConnect J-8208:
Table of Contents

Advertisement

Advertising Bandwidth for Neighbors on a Broadcast Link Support

Group VPN Interoperability with Cisco's GET VPN

Software Features

Security
Policy usability—This feature is supported on all J-SRX Series devices.
In a Junos OS stateful firewall, security policies enforce rules for transit traffic, in terms
of what traffic can pass through the firewall, and the actions that need to take place
on the traffic as it passes through the firewall. Periodically, traffic does not pass for a
number of reasons. For example, traffic does not match a correct policy configuration
or the source of the traffic is incorrect. The source of the problem can sometimes be
difficult to identify. The
troubleshoot traffic problems in the five tuples: source port, destination port, source
IP address, destination IP address, and protocol. The command works offline to identify
where the exact problem in the transit traffic exists. It uses the actual search engine
to identify the problem and thus enables you to use the appropriate match policy for
the traffic.
This feature is supported on all J-SRX Series devices.
You can now advertise bandwidth for neighbors on a broadcast link. The network link is
a point-to-multipoint (P2MP) link in the OSPFv3 link state database. This feature uses
existing OSPF neighbor discovery to provide automatic discovery without configuration.
It allows each node to advertise a different metric to every other node in the network to
accurately represent the cost of communication. To support this feature, a new
interface-type under the OSPFv3 interface configuration has been added to configure
the interface as p2mp-over-lan. OSPFv3 then uses LAN procedures for neighbor discovery
and flooding, but represents the interface as P2MP in the link state database.
The interface type and router LSA are available under the following hierarchies:
[
protocols ospf3 area area-id interface interface-name
[
routing-instances routing-instances-name protocols ospf3 area area-id interface
]
interface-name
[LN1000 Mobile Secure Router User Guide]
Cisco's implementation of GDOI is called Group Encryption Transport (GET) VPN. While
group VPN in Junos OS and Cisco's GET VPN are both based on RFC 3547, The Group
Domain of Interpretation, there are some implementation differences that you need to
be aware of when deploying GDOI in a networking environment that includes both Dell
security devices and Cisco routers. This topic discusses important items to note when
using Cisco routers with GET VPN and Dell security devices with group VPN.
Group servers and group members on Dell security devices cannot interoperate with
Cisco GET VPN members. Group members on Dell security devices can interoperate with
Cisco GET VPN servers, with the following caveats:

Advertising Bandwidth for Neighbors on a Broadcast Link Support

show security match-policies
command allows you to
]
5

Advertisement

Table of Contents
loading

Table of Contents