juniper-junos-general.md 8.5 KB
title: Juniper Junos General breadcrumbs:
- title: Configuration
- title: Network --- {% include header.md %}
TODO Clean up, reorganize and add remaining stuff.
Related Pages
{:.no_toc}
Info
Junos OS
- Based on FreeBSD.
- Used on all Juniper devices.
- Juniper's next-generation OS "Junos OS evolved" (not "Junos OS") is based on Linux.
General
Usage
- Controlling the CLI:
- Tab: Auto-complete.
- Space: Like tab, generally.
?: Prints the allowed keywords.|: Can be used to filter the output.
- Open CLI in operational mode (from shell):
cli - Open shell (from op mode):
- Local:
start shell user root - VC:
request session member <vc-member-id>
- Local:
- Enter configuration mode (from op mode):
configure - Exit any mode:
exit - Show configuration:
- From (op mode):
show configuration [statement] - From (conf mode):
show [statement] - Show changes (conf mode):
show | compare - Show as set-statements (op mode):
show configuration | display set
- From (op mode):
- Run op command in config mode:
run <command> - Navigate config mode:
- The config is structures as nested container statements and leaf statements.
- Change context to container statement:
edit <path> - Go up in context:
uportop - Show configuration for current level:
show
- Commit config changes:
commit [comment <comment>] [confirmed] [and-quit]confirmedautomatically rolls back the commit if it is not confirmed within a time limit.and-quitwill quit configuration mode after a successful commit.
- Delete all existing configuration while in config mode:
load override terminal, then Ctrl+D.
Booting
The devices have two partitions; the primary and the backup. One of them will be designated as active and that choice will be remembered across reboots. When the active partition is damaged, the device will boot into the other partition. When the backup partition is the active partition, an alarm will be set and a banner shown.
Change active partition and reboot: request system reboot slice alternate media internal
Shutting It Down
The devices should be shut down gracefully instead of just pulling the power. This will prevent corrupting the file system.
- Shell:
shutdown -h noworhalt - Op mode:
request system <halt|power-off> [local|all-members|member <member-id>]
Wait for the "The operating system has halted." text before pulling the power, so that system processess are stopped and disks are synchronized. The system LED turning off and the LCD saying "HALTING..." does not mean that the halting process is finished yet.
Basics
- Shut down or reboot:
request system <halt|reboot> [local|all-members]- For
halt, it will print "please press any key to reboot" when halted.
- For
- Erase all configuration and data:
request system zeroize - Show alarms:
show chassis alarms - Show temperatures and fan speeds:
show chassis environment - Show routing engine usage:
show chassis routing-engine - Show effective configuration (with inheritance):
show <configuration> | display inheritance
Move Config
- Copy config from host to device over SCP:
- Copy (host):
scp <config> <device>:/config/juniper.conf.new - Load (conf mode):
load override /config/juniper.conf.new - Show changes and commit.
- Delete tmp config (op mode):
file delete /config/juniper.conf.new
- Copy (host):
Interfaces
- Show interfaces:
- Overview:
show interfaces terse - Simple overview:
show interfaces routing - Some details:
show interfaces brief - Statistics:
show interfaces statistics - All details:
show interfaces detail - Physical details:
show interfaces media
- Overview:
- Show LLDP neighbors:
show lldp neighbors
Events
- Show event type info:
help syslog SNMP_TRAP_LINK_DOWN(op mode) (example) - Show available event attributes: Use ?-completion.
- Show log:
run show log escript.log | last
Info
- "Do not use the change-configuration statement to modify the configuration on dual Routing Engine devices that have nonstop active routing (NSR) enabled, because both Routing Engines might attempt to acquire a lock on the configuration database, which can cause the commit to fail." (From docs.)
Tasks
Reset Root Password
- Power on the device and prepare for the next step.
- Press space quickly as the "Hit [Enter] to boot immediately, or space bar for command prompt." message is shown (right before the kernel is loaded). You should immediately enter a
loader>prompt. - Run
boot -sto boot into single-user mode. - When prompted for a shell, enter
recovery. - Wait for the device to fully boot.
- (Alternative 1) Zeroize the system by running
request system zeroize(this will delete all configuration). - (Alternative 2) Set a new root password and commit (there should be instructions before the prompt). Reboot the device afterwards.
Mount a USB Drive
Note: USB3 drives may not work properly. Use USB2 drives.
- Make sure the drive is formatted as FAT32 (MS-DOS) (or something else supported).
- Don't insert it in the Juniper device yet.
- Show current storage devices:
ls -l /dev/da* - Insert the drive. It should print a few lines to the console.
- Show current storage devices again and find the new device.
- Mount it:
mkdir /var/tmp/usb0 && mount_msdosfs <device> /var/tmp/usb0(arbitrary path) - Check that it's mounted properly:
ls -l /var/tmp/usb0 - Do stuff with it.
- Unmount it:
umount /var/tmp/usb0 && rmdir /var/tmp/usb0
Upgrade Junos Using a USB Drive
- Format the USB drive using FAT32.
- Copy the software file to the drive.
- Mount the USB drive:
- TL;DR:
mkdir /var/tmp/usb0 && mount_msdosfs <device> /var/tmp/usb0 - See mount a USB drive.
- TL;DR:
- Check the contents:
ls -l /var/tmp/usb0 - Copy the file to internal storage:
cp /var/tmp/usb0/jinstall* /var/tmp/ - Unmount and remove the USB drive:
umount /var/tmp/usb0 && rmdir /var/tmp/usb0 - Enter op CLI:
cli - Install:
request system software add <file> no-copy reboot- If it complains about certificate problems, consider disabling verification using
no-validate. - It will reboot before and after.
- It may produce some insignificant errors in the process (commands not found etc.).
- If it complains about certificate problems, consider disabling verification using
- Verify that the system is booted from the active partition of the internal media:
show system storage partitions - Verify that the current Junos version for the primary partition is correct:
show system snapshot media internal - Copy to the alternate root partition (may take several minutes):
request system snapshot slice alternate - Verify that the primary and backup partitions have the same Junos version:
show system snapshot media internal- If it fails, wait a bit and try again. The copy may still be happening.
If the method above did not work, try this instead to completely format and flash the device.
- Prepare the USB drive like above.
- Connect using a serial cable.
- When the device is booting, press space at the right time.
- Format and flash:
install --format file:///jinstall-whatever.tgz
Copy the Active Root Partition
This procedure clones the active partition to the alternate partition.
This is also how you would clone to and boot from a USB device, but with media external instead of both media internal and slice alternate.
- Clone the active partition to the alternate partition:
request system snapshot slice alternate- This may not be completely finished when the command returns. If the below commands fail, wait and try again.
- Validate it:
show system storage partitionsshow system snapshot media internal
To boot to the alternate partition, use request system reboot slice alternate media internal.
Fix a Corrupt Root Partition
If one of the root partitions get corrupted (e.g. due to sudden power loss), the device will boot to the alternate root partition. This can be fixed by cloning the new active partition to the alternate, corrupt partition.
See Copy the Active Root Partition or [EX] Switch boots from backup root partition after file system corruption occurred on the primary root partition (Juniper).
Miscellanea
Interface Names
lo: Loopback.ge: Gigabit Ethernet.xe: 10G Ethernet.et: 40G Ethernet.emandfxp: Management, possibly OOB.
Fusion
TODO
{% include footer.md %}