Category Archives: Juniper

Renew your Expired Juniper Certification until March 2017

The JNCP is offering a recertification grace period to candidates whose certifications expired in 2016. Expired certifications may be renewed between January 1, 2017 and March 31, 2017 by taking the same or higher level exam or using the Continuing Education option. This means candidates with Specialist through Expert-level certifications that have expired do not have to start at the JNCIA-level.

To renew an expired certification, candidates must pass the appropriate exam or attend an appropriate course by March 31, 2017. See the Recent News section of the Certification Website for instructions on how to take advantage of this offer

Juniper new Champion Program Design Track

Juniper launched the new Champion Program Design Track through the Innovative Level! This new track complements their existing program for Routing, Switching, Security, Enterprise, and Service Provider, featuring the same program policies and reward structure.

Current components of the track are available to achieve Aspiring and Innovative Champion levels; the Ingenious tier is planned for 2017 when the professional-level design certifications become available.

You can find the design track by logging into your Learning Academy account and navigating to the new offering in the “My Curriculum” section.

My status today:



Champion Partner Program

New Juniper Service Provider Routing and Switching JN0-661 Exam

On July 7, 2016 the JN0-660 Service Provider Routing and Switching exam will be replaced with the JN0-661 Service Provider Routing and Switching exam.

Detailed exam information for the  Service Provider Routing and Switching exam can be found here.

“Automation” piece is no covered on new exam

Detailed Exam Objectives include:

  • OSPF
  • IS-IS
  • BGP
  • Class of Service (CoS)
  • IP Multicast
  • MPLS
  • Layer 3 VPNs
  • Layer 2 VPNs

BGP Free Core

“BGP Free Core” is a typical topology in MPLS Service Provider Networks where you run IGP+Label. This allows traffic to transit over devices which don’t know traffic final destination, instead they look only for labels, bring more performance at the end. MPLS allow applications such as L2VPN, L3VPN and much more.


Normal Forwarding

In normal forwarding traffic towards to destination will go hop-by-hop (lookup next-hop) until reach destination

R4#show ip route
Codes: L – local, C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route, H – NHRP, l – LISP
a – application route
+ – replicated route, % – next hop override

Gateway of last resort is not set is variably subnetted, 20 subnets, 2 masks
i L2 [115/30] via, 00:13:18, GigabitEthernet1.412
[115/30] via, 00:13:18, GigabitEthernet1.24
i L2 [115/20] via, 00:13:18, GigabitEthernet1.24
i L2 [115/30] via, 00:13:18, GigabitEthernet1.412
[115/30] via, 00:13:18, GigabitEthernet1.24
i L2 [115/20] via, 00:15:50, GigabitEthernet1.412
i L2 [115/20] via, 00:13:18, GigabitEthernet1.24
C is directly connected, GigabitEthernet1.24
L is directly connected, GigabitEthernet1.24
i L2 [115/20] via, 00:13:18, GigabitEthernet1.24
i L2 [115/20] via, 00:13:18, GigabitEthernet1.412
[115/20] via, 00:13:18, GigabitEthernet1.24
i L2 [115/20] via, 00:13:18, GigabitEthernet1.413
[115/20] via, 00:13:18, GigabitEthernet1.24
C is directly connected, Loopback0
C is directly connected, GigabitEthernet1.412
L is directly connected, GigabitEthernet1.412
C is directly connected, GigabitEthernet1.413
L is directly connected, GigabitEthernet1.413
i L2
[115/30] via, 00:13:18, GigabitEthernet1.412
[115/30] via, 00:13:18, GigabitEthernet1.24
i L2 [115/20] via, 00:15:50, GigabitEthernet1.412
i L2
[115/20] via, 00:15:50, GigabitEthernet1.412
i L2 [115/20] via, 00:15:50, GigabitEthernet1.413
[115/20] via, 00:15:50, GigabitEthernet1.412
i L2
[115/20] via, 00:15:50, GigabitEthernet1.413

R4#show ip cef
Prefix               Next Hop             Interface            no route            drop           receive             GigabitEthernet1.24           GigabitEthernet1.412             GigabitEthernet1.24             GigabitEthernet1.24           GigabitEthernet1.412           GigabitEthernet1.412             GigabitEthernet1.24          attached             GigabitEthernet1.24          receive              GigabitEthernet1.24          attached             GigabitEthernet1.24          receive              GigabitEthernet1.24        receive              GigabitEthernet1.24             GigabitEthernet1.24

What is the exact path(or multiple)?

Type escape sequence to abort.
Tracing the route to
VRF info: (vrf in name/id, vrf out name/id)
1 3 msec 4 msec 3 msec
2 3 msec 3 msec 2 msec

CSR-4#show mpls forwarding-table
no MPLS apps enabled or MPLS not enabled on any interfaces

MPLS Forwarding

On MPLS we have LIB and LFIB. LIB essentially holds all the labels and associated information, while LFIB do the forwarding based on incoming labeled packets. CEF is a pre-requirement to run MPLS.
For MPLS the routing table (RIB) still the same as we see on Normal Forwarding.

This is the LFIB table….

R4#show mpls forwarding-table
Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop
Label      Label      or Tunnel Id     Switched      interface
16         Pop Label   0             Gi1.412
17         Pop Label   0             Gi1.413
18         Pop Label     0             Gi1.412
19         Pop Label     0             Gi1.24
Pop Label     0             Gi1.412
20         Pop Label    0             Gi1.412
21         Pop Label    0             Gi1.412
Pop Label    0             Gi1.413
22         Pop Label     0             Gi1.24
Pop Label     0             Gi1.413
23         22   0             Gi1.24
24001   0             Gi1.412
24         16      0             Gi1.24
24003      0             Gi1.412
25         17     0             Gi1.24
24004     0             Gi1.412
26         Pop Label     0             Gi1.24
27         Pop Label      0             Gi1.24
28         Pop Label      0             Gi1.24

Doing a trace to R1 we get a labeled path

Type escape sequence to abort.
Tracing the route to
VRF info: (vrf in name/id, vrf out name/id)
1 [MPLS: Label 16 Exp 0] 3 msec [MPLS: Label 24003 Exp 0] 10 msec [MPLS: Label 16 Exp 0] 3 msec
2 3 msec 3 msec *

JNCP Increases Active Status For Technical Certifications

This is good news :) from Juniper about Inactive Certifications

Hello Champions,


We have some good news. The Juniper Networks Certification Program (JNCP) is increasing the Active status for all Juniper Networks technical certifications from 2 years to 3 years, and eliminating the 1 year Inactive status grace period. This includes t certifications. This is good news for partners as it means the recertification cycle will be 3 years rather than 2 years, and certification benefits such as Champions Program compliance are aligned with certification Active Status. This also means that partner certifications that are currently Inactive or due to turn Inactive will be converted to Active to align with the new 3 year certification life.


Here is How it Works:


  • Today a certification is Active for 2 years, Inactive for 1 year and on the 3rd year it expires if not renewed. The Inactive status has provided a 1-year grace period to recertify, however, in the Inactive status the candidate receives no certification benefits, including lack of Champion Program compliance. If a certification expires, the candidate is required to start again at the JNCIA level.
  • With this change, a certification will be in the Active status for 3 years with candidates receiving all benefits including Champion Program compliance for the entire time. The grace period has been removed, so before the end of the 3rd year, the candidate is required to recertify, or their certification will expire and they’ll be required to start again at the JNCIA level. To provide advance notice to candidates, CertManager (JNCP Certification database) does send automatic 90, 60, and 30-day notices when certifications are about to expire.


When Does This Occur?

  • In early October all certifications that are in the Inactive status now will be converted to the Active status and those that will turn Inactive in the next 12 months will have their expiration date extended by one year in CertManager.
  • In roughly a week’s time after the change occurs in CertManger, the new Active statuses will then be imported into the Learning Academy to update the certification records for partners, including those partaking in the Champion Program.


What does this mean for Champions and JPA Compliance?

  • Once the conversion into the Learning Academy is complete, partner administrators from Elite and Select partners should re-run their JPA compliance tool. There may be instances where Champions who have an Inactive certification today, may return to Active, and this may have a positive impact on JPA compliance.


For questions about this change, or for assistance with the JPA compliance tool, please email

Blaming myself!Failed JNCDA

The first feeling i have in mind is frustration! After read Juniper Networks Design Fundamentals (JNDF) courseware, and did practise test (passed with 80%) i was confident to take exam JNCDA (JN0-1100) and pass.
I reviewed my exam twice, before submit it i closed my eyes !After i read Failed, i closed and opened my eyes again looking for a different result, but it didn’t come. But against the odds i failed, Yes! I failed with 66% (70% to pass).

Something went wrong at Pearson VUE Center, because i was not able to see my detailed report or received a printed copy about my weaknesses (areas). After open a ticket requesting a detailed report, Pearson VUE spoke out saying it’s not possible have a detailed report and this is not a case of a future enhancement!


Sorry, but this is what i call a bad user experience!

Anyway, I would like to say thank you Julie Wider for the opportunity.

Now it’s time to wait 14 days to take this exam again. I leave my notes here if you want take this exam soon.



White box with Cumulus Networks

Probably you heard about “white box” term or Open Networking, which is a new move in the Networking Industry. It’s pretends decouple hardware from software in network device sold by vendor. Have you imagined running NX-OS in x86 server for a network fabric (leaf?) purpose? What do you earn doing this? It would be cheaper off course but you will need Network/Ops teams evolve with that (skill gap?). Some Service Providers like AT&T are moving on white box solutions, they are testing Provider Edge (PE) modes in  MPLS network, replacing expensive boxes from vendors which doing basic functions. At the moment Cisco is not getting there with any product! Juniper is doing some advances, his new product OCX 1100 you can run Cumulus. But what is Cumulus? It’s full-featured Linux OS for networking hardware!
I’ve had an opportunity to play with Cumulus (2 spines/leafs with OSPF, BGP, VXLAN, Bridging), and it seems interesting, but i would expect a more readable CLI. Are we be able to learn another CLI? Absolutely!

Recently Cumulus Networks launch a Virtual Edition called Cumulus VX , it’s available for different Hypervisors, so Network Engineers  will not be in the dark any more. Another benefit with Virtual editions is run a demonstration to customers is a few clicks.


Juniper vSRX 2.0 is out

Juniper released a new version of vSRX (formerly known as Firefly Perimeter) running Junos OS 15.1X49-D15) with more features, and forwarding capacity. The latest version was Junos 12.1 , so moving to 15.1 code is a big jump…I hope it doesn’t hurt!

New Features

The following features are new in Junos OS Release 15.1X49-D15 for vSRX:

  • Naming update: the product formerly known as Firefly Perimeter is now vSRX.
  • vSRX includes DPDK packet I/O support for higher throughput.
  • SCSI virtual disk support has been added to existing IDE support for improved performance and to permit network-attached storage (NAS) integration.
  • vSRX includes SR-IOV vNIC and VMXNET3 vNIC support for greater performance and hypervisor compatibility.
  • vRAM has been increased to 4 GB and vDisk to 16 GB.
  • vSRX includes KVM Ubuntu 14.04 and CentOS 7.0 support to take advantage of Linux improvements and tools enhancements.
  • KVM images are downloaded in qcow2 format instead of the self-extracting .jva script used in previous releases.
  • vSRX includes VMware vSphere 5.1 and 5.5 support to take advantage of ongoing VMware improvements.
  • vSRX includes new architecture based on Linux and Junos OS for performance and flexibility.



vSRX Tech Library Release Notes

SRX Series Features Not Supported on vSRX