I'm a newbie to Juniper and SRX. We have just setup a cluster with 2 Juniper SRX 220 devices and I’m just struggling to setup reth interfaces. The Juniper's have to 2 uplinks to a Cicso ASA. At the moment interface ge-0/0/0, ge-3/0/0 and ge-0/0/1, ge-/0/01 are connected to the ASA. I have setup a VLAN 's 192 and added the reth1 interface to this VLAN. I can ping the reth1 interface but cannot ping interface on the ASA interface at the other end. Please can someone advise what i have done wrong. Config below.
chassis {
cluster {
reth-count 2;
redundancy-group 0 {
node 0 priority 100;
node 1 priority 1;
}
redundancy-group 1 {
node 0 priority 100;
node 1 priority 1;
preempt;
interface-monitor {
ge-3/0/1 weight 255;
ge-0/0/1 weight 255;
}
}
}
}
interfaces {
interface-range interfaces-fwtransit {
member ge-0/0/0;
member ge-3/0/0;
unit 0 {
family ethernet-switching {
vlan {
members fwtransit;
}
}
}
}
ge-0/0/1 {
gigether-options {
redundant-parent reth1;
}
}
ge-0/0/3 {
unit 0 {
family inet {
address 10.100.0.252/24;
}
}
}
ge-3/0/1 {
gigether-options {
redundant-parent reth1;
}
}
fab0 {
fabric-options {
member-interfaces {
ge-0/0/5;
}
}
}
fab1 {
fabric-options {
member-interfaces {
ge-3/0/5;
}
}
}
reth0 {
vlan-tagging;
redundant-ether-options {
redundancy-group 1;
}
}
reth1 {
vlan-tagging;
redundant-ether-options {
redundancy-group 1;
}
unit 192 {
description untrust;
vlan-id 192;
family inet {
address 192.168.2.252/24;
}
}
}
vlan {
unit 0 {
family inet {
address 192.168.1.1/24;
}
}
unit 162 {
family inet {
address 172.31.254.3/24;
}
}
unit 192 {
family inet {
address 192.168.2.3/24;
}
}
}
}
routing-options {
static {
route 10.100.0.0/24 next-hop 10.100.0.1;
}
}
protocols {
stp;
}
security {
zones {
security-zone trust {
interfaces {
ge-0/0/3.0 {
host-inbound-traffic {
system-services {
ping;
https;
ssh;
}
}
}
}
}
security-zone untrust {
host-inbound-traffic {
system-services {
ping;
}
}
interfaces {
vlan.162;
vlan.192;
}
}
}
}
vlans {
fwtransit {
vlan-id 162;
l3-interface vlan.162;
}
web_dmz {
vlan-id 192;
l3-interface vlan.192;
}
}
My understanding is you have something like this:
Topology:
As you already have the ICMP under the host-inbound-traffic you could check:
As an initial down/dirty test a security-policy permitting everything. A premise for this: "The Junos OS examines security policies if the traffic destination is any interface other than the incoming interface."
2.Monitor traffic on the interface, make sure that ICMP ECHOs are leaving the wire, if there is no reply, something on the ASA could be.
Have you checked interface statistics for drops or errors?
Please check that you have configured the correct policies with:
- show configuration security policies
You can configure a policy with:
set security policy from-zone xxx to-zone xxx policy my-policy match source-address any destination-address any application any
set security policy from-zone xxx to-zone xxx policy my-policy then permit
and try to ping the ASA-Interface by specifying the source Interface:
- ping x.x.x.xinterface ge-0/0/0
maybe you also want to define a loopback Interface and add this Interface to your: "trust"-security-zone
Related
I'm using Veins 5.0 framework version. Each node sends a self-message to send its own defined message to other nodes.
However, the following error log is output on the node. The error is output, but the following code seems to run fine.
APP: Error: Got Self Message of unknown kind! Name: mR_TQ Event
The code part of each file is structured as follows.
RSU.h
...
enum ApplMessageKinds
{
SEND_FRTQ_EVT,
SEND_ENTP_EVT,
SEND_ENTC_EVT,
SEND_MRTQ_EVT
};
...
RSU.cc
...
void RSU::initialize(int stage)
{
if(stage == 0)
{
...
frtqMsg = new cMessage("FR_TQ MSG", SEND_FRTQ_EVT);
entpMsg = new cMessage("EN_TP MSG", SEND_ENTP_EVT);
mrtqMsg = new cMessage("mR_TQ MSG", SEND_MRTQ_EVT);
}
else if(stage == 1)
{
if(frtqMsg -> isScheduled()) { cancelEvent(frtqMsg); }
else { scheduleAt(simTime() + 3.0, frtqMsg);
if(entpMsg -> isScheduled()) { cancelEvent(entpMsg); }
else { scheduleAt(simTime() + 2.0, entpMsg);
if(mrtqMsg -> isScheduled()) { cancelEvent(mrtqMsg); }
else { scheduleAt(simTime(), mrtqMsg);
}
}
void RSU::handleSelfMsg(cMessage* msg)
{
DemoBaseApplLayer::handleSelfMsg(msg);
switch(msg -> getKind())
{
case SEND_FRTQ_EVT:
{
...
break;
}
case SEND_ENTP_EVT:
{
...
break;
}
case SEND_MRTQ_EVT:
{
...
break;
}
}
}
Many nodes send and receive messages at the same time, but is this relevant? I think there is no grammatical problem, but I don't understand why the problem occurs.
The mentioned error comes from DemoBaseApplLayer::handleSelfMsg(msg). Involving this method must be done only when in your switch the matched kind is not found, i.e.:
void RSU::handleSelfMsg(cMessage* msg)
{
switch(msg -> getKind())
{
case SEND_FRTQ_EVT:
{
...
break;
}
case SEND_ENTP_EVT:
{
...
break;
}
case SEND_MRTQ_EVT:
{
...
break;
}
default: {
DemoBaseApplLayer::handleSelfMsg(msg);
break;
}
}
}
I'm starting to do some tests with nomad and I could use a bit on help on the easiest way to add networking to a group task. Basically my questions are:
Which is the easiest way to add internal networking between tasks?
and
Shouldn't the tasks on the same group have default access to each other? Or there is something I'm doing wrong?
I have this configuration:
job "job" {
datacenters = [ "dc1" ]
type = "service"
group "group" {
count = 1
task "db" {
kill_timeout = "120s"
driver = "docker"
config {
image = "dbimage"
port_map {
db = 3306
}
}
env {
MYSQL_DATABASE = "db"
MYSQL_ROOT_PASSWORD = "pass"
}
service {
name = "db"
port = "db"
}
resources {
memory = 256
network {
mode = "host"
port "db" {}
}
}
}
task "app1" {
driver = "docker"
kill_timeout = "120s"
config {
image = "app1"
port_map {
app1 = 5000
}
}
service {
name = "app1"
port = "app1"
}
resources {
memory = 128
network {
mode = "host"
port "app1" {}
}
}
}
task "app2" {
driver = "docker"
kill_timeout = "120s"
config {
image = "app2:image"
port_map {
app2 = 4000
}
}
env {
.....
}
service {
name = "app2"
port = "app2"
}
resources {
memory = 256
network {
mode = "host"
port "app2" {}
}
}
}
}
}
and I would like that my app1 and app2 could talk internally to each other and to the db. I have read about the the nomad ADDRESS variables that are passed to each container and I tried to reach connectivity but I get connection refused.
Is the only way to accomplish this behaviour with connect ? Or there is a simpler way? Appreciate the help :)
You can use NOMAD_ADDR_task_port variable for connect to another task in job group.
For example, use $NOMAD_ADDR_db_db environment variable in app1 and app2 tasks to get ip:port pair of db task.
For more info, look https://www.nomadproject.io/docs/runtime/environment
If we have an Author with no beacons to Articles and thus WroteArticles was null and we wanted to only return Authors who had non-empty/non-null WroteArticles, how could that be done?
As an example we can use the Weaviate demo site
I've tried filter operations using where and various operators, but I must be missing something obvious. Example of a query I've tried on my own data set below, where I did have a Thing with no beacons.
{
Get {
Things {
Author (where:{
operator:Equal,
path:["WroteArticles"]
valueString:" "
}){
name
WroteArticles {
... on Article {
InPublication {
... on Publication {
name
}
}
}
}
}
}
}
}
You can now do this as follows (also in the documentation):
{
Get {
Things {
Author(
where:{
valueInt: 2
operator:GreaterThanEqual
path: ["WroteArticles"]
}
) {
name
WroteArticles {
... on Article {
title
}
}
}
}
}
}
I'm trying to write a declarative pipeline code that accepts a map and create a pipeline. I can able to achieve sequential stages or parallel stages but facing problems while making a pipeline that contains sequential stages inside parallel stages.
The input data would be Map. Each list in the map should run parallel and the items inside the list corresponding to each key should run in sequentially.
example data : [1:[11,12], 2:[21,22], 3:[31,32]]
The output should be of image. Could someone give some idea?
Below is the code i have tried.
def stageData = [1:[11,12], 2:[21,22], 3:[31,32]];
def getDeployStages1(stageData){
Map deployStages = [:]
stageData.each{ key, stgValue ->
List stgs = []
stgValue.each{ value ->
deployStages.put("${value}", {
echo "${value}"
})
}
}
return deployStages;
}
def getDeployStages2(stageData){
Map deployStages = [:]
stageData.each{ key, stgValue ->
List stgs = []
stgValue.each{ value ->
stgs.add(stage("${value}"){
echo "${value}"
})
}
deployStages.put("${key}", stgs)
}
return deployStages;
}
pipeline {
agent any
stages {
stage ("deploy1") {
steps {
script {
parallel getDeployStages1(stageData)
}
}
}
stage ("deploy2") {
steps {
script {
parallel getDeployStages2(stageData)
}
}
}
}
}
According to this documentation you can nest the stages in this way
pipeline {
agent none
stages {
stage("build and deploy on Windows and Linux") {
parallel {
stage("windows") {
agent {
label "windows"
}
stages {
stage("build") {
steps {
bat "run-build.bat"
}
}
stage("deploy") {
when {
branch "master"
}
steps {
bat "run-deploy.bat"
}
}
}
}
stage("linux") {
agent {
label "linux"
}
stages {
stage("build") {
steps {
sh "./run-build.sh"
}
}
stage("deploy") {
when {
branch "master"
}
steps {
sh "./run-deploy.sh"
}
}
}
}
}
}
}
}
This should result in the following flow
To apply this in your case, you can simplify your functions to return just elements that need to be sequential (just the values).
pipeline {
agent any
stages {
stage ("parallel") {
parallel {
stage ("deploy1") {
stages {
def list = getDeployStages1(stageData)
for (int i=0; i < list.size(); i++) {
stage(i) {
echo("${list[i]}")
}
}
}
stage ("deploy2") {
stages {
//similar
}
}
}
}
}
I'm implementing a BLE protocol between a central (iPhone) and peripheral (custom device). The protocol works as follows:
central connects to peripheral and sets up notification
peripheral sends data on notification characteristic
central processes data and sends response on separate characteristic
peripheral sends addtnl data on notification characteristic
central process data and disconnects.
I'm attempting to implement this in a clean way using RxBluetoothKit. It currently works, but I'd like to solve the following challenges:
What is the best way to cleanly disconnect in step 5. I'm hoping to not have to dispose the overall observable, but rather just have it 'complete'. I'm currently using 'takeUntil', but not sure if that's the best way.
Allow for the notification to cleanup gracefully prior to disconnect. With my current code, I receive an 'API MISUSE can only accept commands while in the connected state' because I believe the notification is cleaning up while the disconnect is occurring.
Thanks.
enum TestPeripheralService: String, ServiceIdentifier {
case main = "CED916FA-6692-4A12-87D5-6F2764762B23"
var uuid: CBUUID { return CBUUID(string: self.rawValue) }
}
enum TestPeripheralCharacteristic: String, CharacteristicIdentifier {
case writer = "CED927B4-6692-4A12-87D5-6F2764762B2A"
case reader = "CED9D5D8-6692-4A12-87D5-6F2764762B2A"
var uuid: CBUUID { return CBUUID(string: self.rawValue) }
var service: ServiceIdentifier { return TestPeripheralService.main }
}
fileprivate lazy var centralManager: CentralManager = {
RxBluetoothKitLog.setLogLevel(.verbose)
return CentralManager(queue: .main)
}()
func executeConnectionAndHandshake() {
let disconnectSubject = PublishSubject<Bool>.init()
var peripheral: Peripheral?
var packetNum = 0
_ = centralManager
.observeState()
.startWith(centralManager.state)
.filter { $0 == .poweredOn }
.flatMap { _ in self.centralManager.scanForPeripherals(withServices: [TestPeripheralService.main.uuid]) }
.flatMap { $0.peripheral.establishConnection().takeUntil(disconnectSubject) }
.do(onNext: { peripheral = $0 })
.flatMap { $0.discoverServices([TestPeripheralService.main.uuid])}
.flatMap { $0[0].discoverCharacteristics(nil)}
.flatMap { _ in
Observable<Bool>.create { event in
let disposables = CompositeDisposable()
let readSubject = PublishSubject<Data>.init()
_ = disposables.insert(peripheral!.observeValueUpdateAndSetNotification(for: TestPeripheralCharacteristic.reader)
.subscribe(onNext: {
packetNum += 1
let packet = $0.value!
if (packetNum <= 1) {
readSubject.onNext(packet)
} else {
event.onNext(true)
event.onCompleted()
}
}, onError: { event.onError($0) })
)
_ = disposables.insert(readSubject
.flatMapLatest { data -> Single<Characteristic> in
var writeData = Data(capacity: 300)
for _ in 0..<300 {
writeData.append(0xFF)
}
return peripheral!.writeValue(writeData, for: TestPeripheralCharacteristic.writer, type: .withResponse)
}
.subscribe(onError: { event.onError($0) })
)
return Disposables.create {
disposables.dispose()
}
}
.do(onCompleted: { disconnectSubject.onNext(true) })
}
.subscribe(onError: { print($0) },
onCompleted: { print("Connection and handshake completed") })
}