SRX

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



Expand all | Collapse all

How to use maximum RIB/FIB sizein SRX340/345?

Jump to Best Answer
This thread has been viewed 6 times
  • 1.  How to use maximum RIB/FIB sizein SRX340/345?

    Posted 05-11-2017 22:22

    I want to know two things.

     

    1. How to confirm current size of RIB/FIB.
    2. How to enhance these size to max. (SRX340/345)


    According to datasheet (*), It is described as follows.

    =====
    Route scaling numbers are with enhanced route-scale features turned on
    =====

    (*)
    https://www.juniper.net/assets/us/en/local/pdf/datasheets/1000550-en.pdf


    I searched for the setting method for SRX, but I found only the one for the router as below.

    [[Configuring the Junos OS to Allocate More Memory for Routing Tables, Firewall Filters, and Layer 3 VPN Labels]]
    http://www.juniper.net/documentation/en_US/junos/topics/task/configuration/junos-software-jtree-memory-repartitioning.html

    I searched for the command by referring to the above, but it seems that it can not be set with this method with SRX.

     

    Best Regards,

    GENC

     

    ======================================================

    [edit]
    root@srx-01# run show version
    Hostname: srx-01
    Model: srx340
    Junos: 15.1X49-D75.5
    JUNOS Software Release [15.1X49-D75.5]

     

    [edit]
    root@srx-01# set chassis ?
    Possible completions:
    > aggregated-devices Aggregated devices configuration
    > alarm Global alarm settings
    + apply-groups Groups from which to inherit configuration data
    + apply-groups-except Don't inherit configuration data from these groups
    > cluster Chassis cluster configuration
    > config-button Config button behavior settings
    > disk-partition Chassis disk monitor configuration
    > fpc Flexible PIC Concentrator parameters
    > pseudowire-service Pseudowire L3 termination device configuration
    > routing-engine Routing Engine settings
    slow-pfe-alarm Enable slow (potential) PFE alarm
    > usb USB control flags

     

    [edit]
    root@srx-01# help apropos enhanced

     

    <<< snip >>>

     

    set chassis memory-enhanced
    Enhance memory allocation

     

    << snip >>>

     

    [edit]
    root@srx-01# set chassis memory-enhanced ?
    Possible completions:
    <[Enter]> Execute this command
    | Pipe through a command
    [edit]
    root@srx-01# set chassis memory-enhanced route
                                                                                     ^
    syntax error

     

    [edit]
    root@srx-01# set routing-options rib ?
    Possible completions:
    <rib_name> Routing table name
    inet.0 Routing table name
    [edit]
    root@srx-01# set routing-options fib
                                                                ^
    syntax error.
    root@srx-01# set routing-options forwarding-table ?
    Possible completions:
    + apply-groups Groups from which to inherit configuration data
    + apply-groups-except Don't inherit configuration data from these groups
    + export Export policy
    indirect-next-hop Install indirect next hops in Packet Forwarding Engine
    indirect-next-hop-change-acknowledgements Request acknowledgements for Indirect next hop changes
    krt-nexthop-ack-timeout Kernel nexthop ack timeout interval (1..100)
    no-indirect-next-hop Don't install indirect next hops in Packet Forwarding Engine
    no-indirect-next-hop-change-acknowledgements Don't request acknowledgements for Indirect next hop changes
    unicast-reverse-path Unicast reverse path (RP) verification

     

    [edit]
    root@srx-01# set forwarding-options ?
    Possible completions:
    > accounting Configure accounting of traffic
    + apply-groups Groups from which to inherit configuration data
    + apply-groups-except Don't inherit configuration data from these groups
    > dhcp-relay Dynamic Host Configuration Protocol relay configuration
    > family Protocol family
    > hash-key Select data used in the hash key
    > helpers Port forwarding configuration
    > load-balance Configure load-balancing attributes on the forwarding path
    no-load-balance-label-capability Disable load balance label capability
    > packet-capture Packet capture options
    > port-mirroring Configure port mirroring of traffic
    > sampling Statistical traffic sampling options
    > storm-control-profiles Storm control profile for this instance


    #SRX
    #15.1X49
    #branch


  • 2.  RE: How to use maximum RIB/FIB sizein SRX340/345?
    Best Answer

    Posted 06-01-2017 20:09

    I asked about this to the Japan Pre-sales team and received a response from them.

     

    =========================================================================
                      <RIB/FIB> <RIB/FIB>
    the feature: Disable -> Enable
    SRX340: 600K / 400K --> 1M / 600K
    SRX345: 600K / 400K --> 1M / 600K


    <Inportant>

    If the feature will be change to turn on or to turn off, The device is needed to reboot.

     

    If licenses (UTM/IDP) are already installed, this feature can not be turn on (can not commit).

     

    After turned on this feature (after commit), these licenses can be installed.
    However, UTM/IDP features will not be active.
    This is because enhanced-routing-mode feature uses the free memory area by stopping the UTM / IDP daemon.

     

      *This is not documented about UTM/IDP.
        also nothing in datasheet.
        I already feedbacked to doc team.


    No method to confirm current size of RIB or FIB and possible to confirm the feature is active or not active only.

     

    <how to enable this feature>

     

    =====
    [edit security]
    flow {
    enhanced-routing-mode;
    }
    =====

     

      *this method is not documented.
        japan pre-sales team already asked to create a document about this method to doc team.

     

    <confirm the feature status>

     

    =====
    <root@srx345> show security flow status
    Flow forwarding mode:
    Inet forwarding mode: flow based
    Inet6 forwarding mode: drop
    MPLS forwarding mode: drop
    ISO forwarding mode: drop
    Enhanced route scaling mode: Enabled <------- Disable(default) / Enable
    =====