junos jumstart 01 - junos overview
TRANSCRIPT
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 1/66
Copyright © 2008 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net 1
Module 1:
Router & JunOS Overview
JunOS Jump Start
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 2/66
2Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Outline
Hardware Architecture
• Basic design
• FPC and PIC
• ASICs• Example: M7i, M10i and MX-series
JunOS Software Overview
• One operating system
• Modular software
JunOS Command Line Interface
J-Web User Interface
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 3/66
3Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Hardware Architecture
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 4/66
4Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Juniper Networks Router Architecture
All Juniper Networks routersshare the same basic design
• Routing Engine (RE)
• Packet Forwarding Engine (PFE)
• Connected by 100-Mbps channel
R O U T I N G
E N G I N E JunOS Software
JunOS Software
P A C K E T
F O R W A R D I N G
E N G I N E
Programmable ASICs
Programmable ASICs
Routing Table
Forwarding Table
Switch Fabric
Switch Fabric
PIC
PIC PIC
PIC
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 5/66
5Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
RE/PFE Interaction
RE maintains routing table and creates forwarding table
PFE receives forwarding table from RE
ROUTING ENGINE
PACKET FORWARDING ENGINE
Routing Table
Forwarding Table
Forwarding Table
Packet in Packet out
100Mbps Incremental Update
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 6/66
6Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Routing Engine Overview
JUNOS software resides in flash memory
• Backup copy available on hard drive Implements CLI
Provides routing protocol intelligence to PFE
• Not directly involved with packet forwarding
Manages PFE
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 7/66
7Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Packet Forwarding Engine Overview
Custom ASICs
• Implement forwarding path
• Do not require a general-purpose processor
• Provide integrated fast features, including multicast and queuing
Divide-and-Conquer Architecture
• Each ASIC provides piece of forwarding puzzle
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 8/66
8Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Internet Processor ASIC
Internet Processor ASIC
• Allows routers to forward traffic at wire-rate speeds
Internet Processor II ASIC
• Adds packet-processing features: filtering, sampling, logging,counting, and load balancing
• The Internet Processor II has been standard on the M20 and M40
since the second quarter of 2000
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 9/66
9Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Packet Forwarding Engine Components
Physical Interface Card (PIC)
• Contains physical layer components
Flexible PIC Concentrator (FPC)
• Hardware platform that accepts Physical Interface Cards (PICs) System midplane
Control
• M5 and M10: Forwarding Engine Board (FEB)
• M20: System Switching Board (SSB)• M40: System Control Board (SCB)
• M160: Switching and Forwarding Module (SFM)
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 10/66
10Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
FPC
Room for up to 4 PICs
Hot-swappable
Throughput
• Up to 3.2 Gbps
Packet memory
• 64MB – 256MB
PowerPC supervisory processor
PhysicalInterface Card
PIC
PIC
PIC
FPC
B
u f f e r
m e m o r y
ASIC
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 11/66
11Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
PIC
1, 2, or 4 port PICs attach to FPC
Custom ASIC for each media type Each port has status LED
Hot-swappable
on M160, M10, and M5 routers
PhysicalInterface Card
PIC
PIC
PIC
FPC
B
u f f e r
m e m o r y
ASIC
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 12/66
12Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Control Systems
All models
• 200-MHz PowerPC 603e processor
• Manages forwarding table updates
• Manages ASICs and environmental systems
• 64-MB EDO processor RAM
• 4 MB of forwarding table SRAM
• Internet Processor ASIC
• Stratum 3 synchronization reference
All except M40 router• Distributed Buffer Manager ASICs
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 13/66
13Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
ASICs
PIC I/OManagerPIC I/O
ManagerPIC I/OManager
PIC I/OManagerPIC I/O
ManagerPIC I/OManagerPIC I/O
ManagerPIC I/O
Manager
Mem Mem Mem
InternetProcessor ForwardingTable
BufferManager 1
BufferManager 2
I/OManager 2
I/OManager 1
I/OManager 3
FPC
PICs
PFE System Controller
(SSB, SFM, etc.)
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 14/66
14Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Example 1: M7i Router
Dedicated Intel Pentium for control plane
ASIC forwarding with 16 Mpps and 7 Gbps
4 open slots for M7i/M10i PICs
2 x FE fixed or 1 x GE fixed (SFP)
Optional adaptive services module for hardware basedfirewall, NAT, IPSec, J-Flow
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 15/66
15Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Example 1: M7i Components
Redundant AC or DC
Power Supplies
4 slots for hot- swappable M7i/M10i PICs
Built-in tunnel services
(850 Mbps)
Compact Forwarding Engine Board (CFEB), w/optional Adaptive Services Module
Fixed Interface Card (FIC)• 2 fixed FE port or • 1 fixed GE port (SFP)
Routing Engine Board (REB)• PCMCIA expandable memory • 2 serial aux ports • Ethernet craft interface
Ultra-compact 8.75cm high (2U)
45cm deep
Side-to-side
cooling
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 16/66
16Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Example 2: M10i Router
Dedicated Intel Pentium for control plane
ASIC forwarding with 16 Mpps and 10 Gbps
8 open slots for M7i/M10i PICs
Optional adaptive services PIC for hardware based firewall,NAT, IPSec, J-Flow
Full redundant common hardware: Power, Fans,Forwarding Engine Boards, Routing Engine Boards
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 17/66
17Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Example 2: M10i Components
Redundant AC or DC Power Supplies
Redundant Forwarding Engine Boards (FEB)
Redundant Routing Engine Boards (REB)• PCMCIA expandable memory • 2 serial aux ports • Ethernet craft interface
5U/21.8cm High
45cm deep
Side-to-side
cooling
8 slots for hot- swappable M7i/M10i PICs
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 18/66
18Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Example 3: MX-Series Carrier Class Ethernet
New platforms designed for Ethernet Provider Edge
Routing and L2/L3 Ethernet Aggregation
Very high density Ethernet ports
HA, QoS, SLA support, scalability for MetroE transport
Designed for Cost optimized Carrier Ethernet
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 19/66
19Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Example 3: MX-series
Physical dimensions 5 RU(9 per 7’ rack)
8 RU(6 per 7’ rack)
16 RU(3 per 7’ rack)
Capacity 240 Gbps 480 Gbps 960 Gbps
10 GigE / Gig E ports 12 / 120 24 / 240 48 / 480
MAC Addresses 1 million 1 million 1 million
MX960MX480MX240
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 20/66
20Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Example 3: MX960
14 Slot Chassis Dependable hardware
• Redundant Routing Engines
• Redundant Switching Fabric (2+1)
• Distributed Packet Forwarding Architecture Power and cooling
• Front-to-back cooling with separate push-pull fan assemblies
• Holds up to 2 fan trays (1+1 redundancy)
• Holds up to 4 power supplies (2+2 DC, 3+1 AC) System capacity
• 2 for FCs/REs with the option of 1 additional SCB for redundancy
• Up to 480Gbps (full-duplex) from 12 line cards
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 21/66
21Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Height27.75"Width
17.386“(w/o mounting flanges)
Depth23.50“
(w/o cable mgr)~28.2“
(with cable mgr)
Example 3: MX960 Components
DPC SCB
RE
Cable Mgmnt
Upper Fantray
Lower
Fantray
Control Panel
Air Intake
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 22/66
22Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Example 3: MX480
8 Slot Chassis (6+2)
Dependable hardware
• Redundant Routing Engines
• Redundant Switching Fabric (1+1)
• Distributed Packet Forwarding Architecture Power and cooling
• Side to Side cooling
• Holds single fan tray
• Holds up to 4 power supplies (2+2 DC, 2+2 AC 240V, 3+1 AC 110V)
System capacity
• 8 slots - 2 for Fabric Cards / REs
• Up to 240Gbps (full-duplex) from 6 line cards
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 23/66
23Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
MX-series DPC
Dense Port Concentrator: SFPs or XFPs
Line rate connectivity to the switch fabric
4 packet forwarding engines (PFEs) per DPC
I
I
I
I
I
ESE
ESE
ESE
ESE
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 24/66
24Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
MX-series SCB with RE1300 or RE2000
SCBs are the Switch and Control Boards
SCB act as RE carrier
Each SCB has two SF (fabric) chips
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 25/66
25Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
JunOS Software Overview
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 26/66
26Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
What is JUNOS Software?
Deployed since 1998
• First high-performance network operating system
10+ years of innovation and development
• Routing, switching and security platforms
• Branch and regional offices, central sites, data centers
• 4 releases per year; thousands of features
Serving the most demanding customers
• Top 40+ service providers
• High-performance enterprise and public sector accounts
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 27/66
27Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
How JUNOS Is Different
One OS
• Single code source
• Consistent implementation of features
One Release
• Single software release train
• Stable, predictable enhancement
One Architecture
• Modular software with Memory protection
• Nimble enhancement through new modules
ModuleX API
2Q08
9.1
1Q08
9.0
4Q07
8.5
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 28/66
28Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
One Operating System
One implementation ofcontrol plane features
Eases training
Streamlines testing,
qualification and deployment
Accelerates JUNOSdevelopment
Consistent user experience
Single common manage-ment interface and tools
Unix familiarity
Branch Office
Data Center
Service Provider
Access/Edge
Service Provider
Core
Corporate
HQ
O S P F
B G P
M P L S
I P v 6 …
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 29/66
29Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
One Code Train Release
Single release train developed from one code base
Quality + Schedule are the highest priorities
• Each release is a superset of the previous
• Achieve zero critical regression errors in each release
• Fix any and all critical bugs
Fixed schedule; plan with confidence• 4 new releases pre-scheduled per year
• All product lines follow the same release schedule
9.29.19.08.58.4
Q407 Q108 Q208 Q308Q307
9.3
Q408
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 30/66
30Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Modular Software Architecture
Stand-alone modules
• Protected Memory for stability
• Contain faults
• Enable rapid fault isolation
• Restart independently• Enable flexible innovation
Separation of control and packetforwarding
• Assures performance
• Enhances resiliency
• Enables redundancy
• Firewalls control plane
M o d u l e n
M o d u l e 3
M o d u l e 1
Kernel
C o n t r o l P l a n e
M o d u l e 4
M o d u l e 2
PacketForwarding Services
High-Level Architecture
Physical Interfaces
F o r w a r d
i n g P l a n e
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 31/66
31Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
User Interface Options
J-Web interface:
• A Web-based GUI
• The J-Web service using HTTP is disabled by default on M-series
JUNOS software CLI:
• Available from console interface
• RJ-45 RS-232 @ 9600 Bps, 8/1/N
• Available by using Telnet and SSH
• Requires network interface and related service configuration
Dedicated Ethernet management port on M-series routers
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 32/66
32Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
User Authentication
Local database• Name and password
• Individual accounts and home directories
RADIUS and TACACS+
• Centralized authentication of users• Users mapped to locally defined template users for authorization
• Extended regular expressions can be passed to alter authorization
RADIUS/ TACACS+
Server Local Authentication
Database
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 33/66
33Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
JunOS Command Line Interface
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 34/66
34Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
CLI Modes and Feature Overview
CLI operational mode:• Editing command lines
• Command completion and history
• Context-sensitive and documentation-based help
• UNIX-style pipes CLI configuration mode:
• Object-oriented hierarchy
• Jumping between levels
• Candidate configuration with sanity checking
• Automatic rollback capability
• Showing portions of configuration while configuring
• Saving, loading, and deleting configuration files
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 35/66
35Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
CLI Modes
Operational mode:
• Monitor and troubleshoot the software, network connectivity, androuter hardware
Configuration mode:
• Configure the router, including interfaces, general routing, routing
protocols, user access, and system hardware properties
[edit]
user@host#The # character identifies
configuration mode
The > character identifies operational mode user@host>
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 36/66
36Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
host (ttyd0)
login: root
Password:
--- JUNOS 8.3R2.8 built 2007-07-07 00:21:56 UTC
root@host% cli
root@host>
Shell Prompt
CLI Prompt
Logging In
host (ttyd0)
login: user
Password:
--- JUNOS 8.3R2.8 built 2007-07-07 00:21:56 UTC
user@host>
The root user must start the CLI from
the shell
Non-root users are placed into the CLI
automatically
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 37/66
37Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
CLI Operational Mode
Execute commands (mainly) from the default CLI level(user@host>)
• Can execute from configuration mode with the run command
• Hierarchy of commands
> show ospf neighbor
More Specific
Less Specific
database interface route statistics
chassis configuration
configure file help monitor etc.
neighbor
bgp
clear set show
ospf rip route version etc.
etc.
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 38/66
38Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Editing Command Lines
EMACS-style editing sequences are supported
The default VT100 terminal type also supports cursorpositioning with the arrow keys
user@host> show interfaces
user@host> show interfaces
user@host> show interfaces
user@host> show interfaces
user@host> show interfaces
Ctrl-B
Ctrl-A
Ctrl-F
Ctrl-E
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 39/66
39Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Command and Variable Completion
Use Tab to complete assigned variables
Enter a space to complete a command
user@host> sh<space> ow i<space> 'i' is ambiguous.
Possible completions:
igmp Show Internet Group
ike Show Internet Key
interfaces Show interface
ipsec Show IP Security
isis Show Intermediate
[edit policy-options]
user@host# show policy-statement T<tab> EST
then accept;
[edit policy-options]
user@host#
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 40/66
40Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Context-Sensitive Help
user@host> ?
Possible completions:
clear Clear information in the system
configure Manipulate software configuration info
file Perform file operations
help Provide help information
. . .
user@host> clear ?
Possible completions:
arp Clear address resolution information
bfd Clear Bidirectional Forwarding Detecti
bgp Clear Border Gateway Protocol informat
firewall Clear firewall counters
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 41/66
41Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Topical Help
user@host> help topic interfaces ?
Possible completions:
...
acknowledge-timer Maximum time to wait for link...
address Interface address and destination pref
...
user@host> help topic interfaces address
Configuring the Interface Address
You assign an address to an interface by specifying the address
when configuring the protocol family. For the inet family, you
configure the interface's IP address. For the iso family, you
configure one or more addresses for the loopback interface. For
the ccc, tcc, mpls, tnp, and vpls families, you never configurean address.
...
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 42/66
42Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Configuration Syntax Help
user@host> help reference interfaces address
address
Syntax
address address {
arp ip-address (mac | multicast-mac) mac-address <publ broadcast address;
destination address;
destination-profile name;
eui-64;
multipoint-destination address dlci dlci-identifier;
...
Hierarchy Level
[edit interfaces interface-name unit logical-unit-number f
[edit logical-routers logical-router-name interfaces intef
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 43/66
43Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Using | (Pipe)
user@host> show route | ?
Possible completions:
count Count occurrences
display Show additional kinds of information
except Show only text that does not match a p
find Search for first occurrence of pattern
hold Hold text without exiting the --More--
last Display end of output only
match Show only text that matches a pattern
no-more Don't paginate output
request Make system-level requests
resolve Resolve IP addresses
save Save output text to file
trim Trim specified number of columns from user@host> show route
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 44/66
44Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Batch configuration model:
• Must commit configuration changes
Active configuration:
• Current operational configuration
• Boot-up configuration
Candidate configuration:
• A working copy for configuration changes
• Initialized with the active configuration
• Becomes active configuration upon commit
Active and Candidate Configurations
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 45/66
45Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Configuration History
Active configuration stored in
/config/juniper.conf.gz
Rollback files stored in/config/juniper.conf.n.gz (n=1–3)
/var/db/config/juniper.conf.n.gz (n=4–49)
commit
rollback n
CandidateConfiguration
ActiveConfiguration
1 2 ...
0
49
configure
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 46/66
46Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Entering Configuration Mode
Type configure or edit at the CLI operational-mode prompt:
> configure
To allow a single user to edit the configuration, type:
> configure exclusive
Use configure private to allow users to edit a private copy ofthe candidate configuration
> configure private
• Multiple users can edit private candidate configurations simultaneously
• At commit time, the user’s private changes are merged back into theglobal configuration
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 47/66
47Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Configuration Statement Hierarchy
user@host# edit protocols ospf area 51 stub
[edit protocols ospf area 0.0.0.51 stub]
user@host#
More Specific
Less Specific
area area_id graceful-restart
isis mpls
interfaces protocols etc.
bgp
chassis
ospf pim rip rsvp etc.
etc.
top
services system
vrrp
overload traffic-engineering
area-range area_range interface nssa stub etc.
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 48/66
48Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Configuration File is Hierarchical
CLI commands are entered without curly brackets:
# set system services web-management http port 8080
The result is a hierarchical configuration file, complete withcurly brackets
[edit system]
user@host# show services
web-management {
http {
port 8080;}
}
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 49/66
49Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Moving Between Levels
[edit]
user@host# edit protocol ospf
[edit protocols ospf]
user@host# edit area 51 stub
[edit protocols ospf area 0.0.0.51 stub]
user@host# exit
[edit protocols ospf]
user@host# up
[edit protocols]
user@host# top
[edit]
user@host#
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 50/66
50Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Viewing Candidate Configuration
user@host# show system services
ssh;
web-management {
http {
port 8080;
}
}
user@host# edit system services
[edit system services]
user@host# show
ssh;
web-management {
http {
port 8080;}
}
You can display just the portions that concern you from the root of the hierarchy…
or use edit to park yourself at a
specific sub-hierarchy
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 51/66
51Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Configuration File Differences
[edit system]
user@host# set services telnet
[edit system]
user@host# delete services web-management
[edit system]
user@host# delete services ssh
user@host# show | compare
[edit system services]
- ssh;
+ telnet;
- web-management {
- http {
- port 8080;- }
- }
Display differences between the candidate and active configurations
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 52/66
52Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Removing Statements
Statements are removed with the delete command• Removes everything from the specified hierarchy down
• Use wildcard delete to save time
The entire Web- management hierarchy is
removed by the delete statement
user@host# show services
ssh;web-management {
http {
port 8080;
}
}
[edit system]
user@host# delete services web-management[edit system]
user@host# show services
ssh;
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 53/66
53Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Committing a Configuration
Configuration changes must be committed to take effect# commit
Use commit check to confirm syntax
# commit check
Use commit confirmed to temporarily activate
# commit confirmed
Schedule a future commit with commit at
# commit at 21:00:00
Add comments with commit comment
# commit comment "Changed OSPF configuration"
> show system commit
Use commit and-quit to save time
# commit and-quit
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 54/66
54Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Backing Out of Configuration Changes
Use the rollback command to restore one of the last 50previously committed configurations
# rollback
Userollback
(orrollback 0
) to reset the candidateconfiguration to the currently active configuration (which isthe last version committed)
# rollback 1 loads the configuration before that
# rollback n loads n configurations before that
Using rollback only modifies the candidate configuration
• Don’t forget to commit the changes
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 55/66
55Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
run is Cool
[edit interfaces fe-0/0/0]
user@host# set unit 0 family inet address 10.250.0.141/16
[edit interfaces fe-0/0/0]
user@host# commitcommit complete
[edit interfaces fe-0/0/0]
user@host# run ping 10.250.0.149 count 1
PING 10.250.0.149 (10.250.0.149): 56 data bytes
64 bytes from 10.250.0.149: icmp_seq=0 ttl=255 time=0.967 ms
--- 10.250.0.149 ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.967/0.967/0.967/0.000 ms
Use the run command to execute
operational-mode CLI commands from within configuration
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 56/66
56Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
Using rename
user@host# show interfaces fe-0/0/0
unit 0 {
family inet {
address 10.250.0.141/16;
}
}
user@host# rename interfaces fe-0/0/0 unit 0 family inet address
10.250.0.141/16 to address 10.250.0.241/16
user@host# show interfaces fe-0/0/0
unit 0 {
family inet {
address 10.250.0.241/16;
}
}
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 57/66
57Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
J-Web User Interface
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 58/66
58Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
J-Web User Interface
Easy-to-use, Web-based graphical interface
• Operational monitoring, configuration, and maintenance
• HTTP and HTTPS (SSL) support
J-Web features:
• Same authentication and authorization as CLI
• User-defined session timeout
• One browser window per J-Web session
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 59/66
59Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
J-Web Login
J-Web sessionsrequire a valid login
• Use the sameauthenticationmethods as CLI
• Exception is initialaccess, when no loginis needed to access
the setup wizard
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 60/66
60Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
J-Web Layout
Left Pane
Main Pane
Task Bar
Top Pane
Current Location
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 61/66
61Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
J-Web Monitoring
View the operation of therouter and its protocols
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 62/66
62Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
J-Web Configurations
Use Quick Configurationwizards
Navigate a clickable
view-and-edit function
Access previousconfiguration history(rollbacks)
Set a rescueconfiguration
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 63/66
63Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
J-Web Diagnosis
Access the ping,
traceroute, and packetcapture utilities
• Optional switchesavailable throughAdvanced Options
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 64/66
64Copyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net
J-Web Management
Download and deletefiles
Upgrade software
Install and managelicenses
Schedule systemreboots
Perform backups ofsoftware andconfiguration files
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 65/66
8/3/2019 JunOS Jumstart 01 - JunOS Overview
http://slidepdf.com/reader/full/junos-jumstart-01-junos-overview 66/66