The errata list is a list of errors and their corrections that were found after the product was released.
The following errata were submitted by our customers and have not yet been approved or disproved by the author or editor. They solely represent the opinion of the customer.
Color Key: Serious technical mistake Minor technical mistake Language or formatting error Typo Question Note Update
| Version |
Location |
Description |
Submitted by |
Date submitted |
| Printed |
Page 35
1st paragraph |
Page 34 Figure 1-10 shows 6 bytes padding at IP layer. Text on 1st paragraph of page 35 describes 4 bytes of padding at the IP layer.
6 not equal to 4. Which is correct?
|
Henry Hollenberg |
Mar 20, 2021 |
| Printed |
Page 286
|
"[...] it's a safe bet that 00:0b:5f:c3:cc:81 belongs to Host1 and 00:10:7b:3a:02:ea belongs to Vodkila."
00:10:7b:3a:02:ea does not belong to Vodkila, but to Host1 instead.
00:0b:5f:c3:cc:81 has also a Cisco vendor code and cannot belong to Vodkila (if not manually changed).
"The chassis MAC at Vodkila indeed matches one of the two addresses learned on Rum's ge-0/0/0 interface." is wrong unless the ethernet switching table includes 00:1f:12:3d:b4:c0 or 00:1f:12:3d:b4:80.
|
Bernd Bornkessel |
Sep 02, 2013 |
| Printed |
Page 338
last paragraph, last page line |
Where it says "Three of the bits are used to indicate the port role", I think it should be "Two of the bits are used to indicate the port role".
|
Anonymous |
Sep 22, 2010 |
| Printed |
Page 351
last paragraphs |
Where it says "Figure 6-25", I think it should be "Figure 6-26", and where it says "Figure 6-26", I think it should be "Figure 6-27".
|
Anonymous |
Sep 22, 2010 |
| PDF |
Page 487
below first config example |
The description of the "is-fragment" is wrong regarding the EX series.
For most of Juniper devices the from option of the firewall give you two possibilities to match regarding the packet fragmentation:
# set firewall family inet filter test term 1 from ?
<...>
first-fragment Match if packet is the first fragment
is-fragment Match if packet is a fragment
<...>
For this devices your explanation of the "is-fragment" is correct.
but this is not the case regarding the EX
On EX there is no option "first-fragment" and "is-fragment" matches the first and all next fragments.
Here I tested on EX4200 running 11.1R6.4
{master:0}[edit]
lab@ex4200# set firewall family inet filter test term 1 from ?
Possible completions:
+ apply-groups Groups from which to inherit configuration data
+ apply-groups-except Don't inherit configuration data from these groups
> destination-address Match IP destination address
+ destination-port Match TCP/UDP destination port
> destination-prefix-list Match IP destination prefixes in named list
+ dscp Match Differentiated Services (DiffServ) code point
fragment-flags Match fragment flags (in symbolic or hex formats) - (Ingress only)
+ icmp-code Match ICMP message code
+ icmp-type Match ICMP message type
> interface Match interface name
+ ip-options Match IP options
is-fragment Match if packet is a fragment
+ precedence Match IP precedence value
+ protocol Match IP protocol type
> source-address Match IP source address
+ source-port Match TCP/UDP source port
> source-prefix-list Match IP source prefixes in named list
tcp-established Match packet of an established TCP connection
tcp-flags Match TCP flags (in symbolic or hex formats)
tcp-initial Match initial packet of a TCP connection
+ ttl Match IP ttl type
{master:0}[edit]
|
Marcin Gorecki |
Feb 16, 2013 |
| PDF |
Page 495, 496
the filter rules of the loopback filter scase study |
The filter terms for ssh and snmp can not be correct.
You will almost never see ssh traffic both come from and to the ssh port. The source-port ssh should be removed.
For term snmp it should be destination-port [ snmp snmptrap ], not source-port.
|
Anonymous |
Jul 03, 2012 |
| Printed, PDF |
Page 578
3rd paragraph |
The configuration for applying the voice VLAN to an interface is shown in the book as:
lab@Ethanol> show configuration interfaces ge-0/0/0
unit 0 {
family ethernet-switching {
vlan {
members voice;
}
}
When configuring a voice vlan, you do as the book previously explains, by a voice vlan to an interface under [ edit ethernet-switching-options voip interface ], but the member vlan configured via [ edit interface family ethernet-switching vlan ] should be the DATA vlan, otherwise tagged and untagged frames would not be isolated.... voiding the point of this entire section of the book.
Configuration should read something like:
lab@Ethanol> show configuration interfaces ge-0/0/0
unit 0 {
family ethernet-switching {
vlan {
members DATA;
}
}
Descriptions to the config should be modified accordingly. This discrepency is confirmed in the application note "Deploying IP Telephony with EX Series Switches" published by Juniper Networks: http://forums.juniper.net/jnet/attachments/jnet/switch/8009/1/deploying%20IP%20Telephony%20with%20EX-en.pdf
Configuration in book also does not show the interface being placed int "port-mode access" which should be added for clarity.
The
|
Jeff Drehobl |
Jul 19, 2013 |
| Printed |
Page 621
top |
Above Fig. 11-4, it is stated that 'interfaces ge-0/0/3, ge-0/0/8 and ge-0/0/9 are all part of the bundle on AE0'.
However in Fig 11-4 itself it is is ge-0/0/5 on brandy instead of ge-0/0/3 and on ethanol it is ge-0/0/2 instead of ge-0/0/3.
At the bottom of the same page then ge-0/0/2 is shown as part of the bundle (which would correspond to ethanol from the figure).
I think, the text above the figure, the figure itself and the config example below should all be logically alligned.
Cheers,
Kai
|
Kai Krebber |
Dec 09, 2010 |