Management
Reply
Super Contributor
cryptochrome
Posts: 498
Registered: ‎03-29-2008
0

Re: Want some examples why NSM is a piece of junk?

Kudos to Juniper for releasing such a comprehensive bug fix release. Still don't understand why an old release was chosen first (despite Keith's explanation). Hoping 2012.x will soon be available.
Twitter: @cryptochrome
--------------------------------
plus.google.com/11635909860
Distinguished Expert
keithr
Posts: 979
Registered: ‎09-10-2009
0

Re: Want some examples why NSM is a piece of junk?


KB_Fan wrote:

2010.3R2 is out [...]


... aaaaaaaaand, I just got a notification that 2010.3r2 was removed from the download site.

 

I hope you keep a good bottle of gin in your desk drawer.  :smileywink:

-kr


---
If this solves your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated.
Super Contributor
cryptochrome
Posts: 498
Registered: ‎03-29-2008
0

Re: Want some examples why NSM is a piece of junk?

As Keith stated, the 2010.3R2 has been pulled. Here is the reason:

 

"Reports of problem with device update from NSM causing removal of l3 interfaces config on SRX devices running junos version 11.1 made it necessary to remove the 2010.3r2 release from our support download website. This was caused by the new 11.2 schema released recently that came bundled with 2010.3r2 release. 

 

Solution: There will be a new build of NSM software posted by end of business day (PST) on 09/20/2011 or earlier. 

 

 

Twitter: @cryptochrome
--------------------------------
plus.google.com/11635909860
Super Contributor
cryptochrome
Posts: 498
Registered: ‎03-29-2008
0

Re: Want some examples why NSM is a piece of junk?


cryptochrome wrote:

This is just great:

 

> Limitations> The following items are known limitations in this version of NSM:smileyembarrassed: • NSM does not support Junos OS downgrades. However, if you need to downgrade a> device, follow these steps:smileyembarrassed: 1. From the device, use the CLI command to downgrade the image. For example:smileyembarrassed: root> request system software add <package-name> reboot> 2. After the downgrade, from NSM, delete the device and then add it again.

 

from NSM release notes.

 

@Keith: Please press for an update on when the 2011.1 bug fix release will be available. This is just not bearable. 


It goes on.

 

After opening a ticket about this we get the response from Juniper that they do not classify this limitation as a bug and so there will most likely not be fix.

 

Dear Juniper. If this is a known limitation, e.g. NSM is unable to adjust OS versions for Junos devices, then please remove that option from the NSM GUI. You let me run into this, you present me an error message and I need time (=money) to open a ticket. If you can't do something, don't present the option.

 

Thanks

Sascha

Twitter: @cryptochrome
--------------------------------
plus.google.com/11635909860
Visitor
tibz
Posts: 9
Registered: ‎10-22-2010
0

Re: Want some examples why NSM is a piece of junk?

Hello cryptochrome,

 

Sorry to hijack your thread for some kind of support but ...did you manage to find a fix for issue you describe at the end of page 3 of this thread ? (NSM trying to delete the "dns-name" statement uppon push)

 

I'm running into the same issue right now ... I've tried your "workaround" (unassign policy, push, re-assign, push) and it worked. But each time I change a single things into the policy, then next push it tries again to delete all those dns-name.

 

I'm running SRX650 Cluster, 10.4R4.5 in NSM 2011.1p7

 

Thanks a lot in advance !

 

Super Contributor
cryptochrome
Posts: 498
Registered: ‎03-29-2008
0

Re: Want some examples why NSM is a piece of junk?


tibz wrote:

Hello cryptochrome,

 

Sorry to hijack your thread for some kind of support but ...did you manage to find a fix for issue you describe at the end of page 3 of this thread ? (NSM trying to delete the "dns-name" statement uppon push)

 

I'm running into the same issue right now ... I've tried your "workaround" (unassign policy, push, re-assign, push) and it worked. But each time I change a single things into the policy, then next push it tries again to delete all those dns-name.

 

I'm running SRX650 Cluster, 10.4R4.5 in NSM 2011.1p7

 

Thanks a lot in advance !

 


This was a bug in NSM 2011.1 (may be present in other versions too). We had to install a patch release, I think a10 or a11, don't remember exactly. You should definitely get in touch with JTAC, they can give you the patch release for your system.

Twitter: @cryptochrome
--------------------------------
plus.google.com/11635909860
Trusted Expert
Automate
Posts: 784
Registered: ‎11-01-2007
0

Re: Want some examples why NSM is a piece of junk?

[ Edited ]

keithr wrote:

I hope you keep a good bottle of gin in your desk drawer.  :smileywink:


 

 Scotch. 12 year old single-malt...

Visitor
tibz
Posts: 9
Registered: ‎10-22-2010
0

Re: Want some examples why NSM is a piece of junk?

Thanks cryptochrome for your quick answer. I've contacted JTAC and they did not provide me with a patch, but asked me to modify a file by hand and it did the trick.


Thanks again, now i'm checking with them the next bug, why are my interfaces units sometimes renamed ... (ie: reth1 unit 0 renamed to reth1 unit reth1.0) ...

Super Contributor
cryptochrome
Posts: 498
Registered: ‎03-29-2008
0

Re: Want some examples why NSM is a piece of junk?

Any news on a possible 2012.x or 2011.1R2 release?

Twitter: @cryptochrome
--------------------------------
plus.google.com/11635909860
Trusted Expert
Automate
Posts: 784
Registered: ‎11-01-2007
0

Re: Want some examples why NSM is a piece of junk?

Not yet, but 2010.3R2 has been re-released. The bundled schema was corrected to address the issue reported earlier, but the code is otherwise un-changed, so that's why it's not renumbered.  That particular issue was, btw, a great example of the "butterfly effect" - I wish I could share the details but suffice to say the NSM team was not at fault and steps have been taken to avoid that particualr scenario in the future. It was just really unfortunate timing. 

 

Please do take a careful read of the release notes. While this release does fix a lot of issues, there were some performance trade-offs and that's already a sore point for some customers. In some cases (and certainly for those already running 2010.4 or higher) a patch release available from JTAC may be a better choice.

 

-Keith

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.