Operating Juniper Networks Routers in the Enterprise

Slides:



Advertisements
Similar presentations
EcoTherm Plus WGB-K 20 E 4,5 – 20 kW.
Advertisements

ALAK ROY. Assistant Professor Dept. of CSE NIT Agartala
© 2004 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Installation & management of SUSE.
1 Copyright © 2002 Pearson Education, Inc.. 2 Chapter 2 Getting Started.
Copyright © 2003 Pearson Education, Inc. Slide 7-1 Created by Cheryl M. Hughes The Web Wizards Guide to XML by Cheryl M. Hughes.
Sequential Logic Design
Copyright © 2013 Elsevier Inc. All rights reserved.
ASTM Member Website Tools Jeff Adkins Diane Trinsey 1 September 2012 Officers Training Workshop.
September 2013 ASTM Officers Training Workshop September 2013 ASTM Officers Training Workshop ASTM Member Website Tools September 2013 ASTM Officers Training.
Create an Application Title 1Y - Youth Chapter 5.
Add Governors Discretionary (1G) Grants Chapter 6.
CALENDAR.
CHAPTER 18 The Ankle and Lower Leg
1 Advanced Tools for Account Searches and Portfolios Dawn Gamache Cindy Bylander.
The 5S numbers game..
Microsoft®.
Office 2003 Introductory Concepts and Techniques M i c r o s o f t Windows XP Project An Introduction to Microsoft Windows XP and Office 2003.
© Tally Solutions Pvt. Ltd. All Rights Reserved Shoper 9 License Management December 09.
Welcome. © 2008 ADP, Inc. 2 Overview A Look at the Web Site Question and Answer Session Agenda.
© SafeNet Confidential and Proprietary Administering SafeNet StorageSecure Smart Card Module 3: Lesson 5 SafeNet StorageSecure Storage Security Course.
Version 1.0 digitaloffice.intel.com Intel ® vPro Technology Intel ® Active Management Technology Setup and Configuration HP Laptop – Compaq 6910p Small.
Break Time Remaining 10:00.
The basics for simulations
Chapter 1: Introduction to Scaling Networks
PP Test Review Sections 6-1 to 6-6
Employee & Manager Self Service Overview
1 IMDS Tutorial Integrated Microarray Database System.
What is access control list (ACL)?
User Friendly Price Book Maintenance A Family of Enhancements For iSeries 400 DMAS from Copyright I/O International, 2006, 2007, 2008, 2010 Skip Intro.
Microsoft Office 2007 Integration Integrating Office 2007 Applications and the World Wide Web.
Chapter 3 Logic Gates.
© Copyright by Deitel & Associates, Inc. and Pearson Education Inc. All Rights Reserved. 1 Outline 24.1 Test-Driving the Ticket Information Application.
Regression with Panel Data
INTRODUCTION Lesson 1 – Microsoft Word Word Basics
Office 2003 Introductory Concepts and Techniques M i c r o s o f t Office 2003 Integration Integrating Office 2003 Applications and the World Wide Web.
Operating Systems Operating Systems - Winter 2012 Chapter 2 - Processes Vrije Universiteit Amsterdam.
Operating Systems Operating Systems - Winter 2010 Chapter 3 – Input/Output Vrije Universiteit Amsterdam.
Dynamic Access Control the file server, reimagined Presented by Mark on twitter 1 contents copyright 2013 Mark Minasi.
Copyright © 2012, Elsevier Inc. All rights Reserved. 1 Chapter 7 Modeling Structure with Blocks.
 Copyright I/O International, 2013 Visit us at: A Feature Within from Item Class User Friendly Maintenance  Copyright.
Biology 2 Plant Kingdom Identification Test Review.
MaK_Full ahead loaded 1 Alarm Page Directory (F11)
Facebook Pages 101: Your Organization’s Foothold on the Social Web A Volunteer Leader Webinar Sponsored by CACO December 1, 2010 Andrew Gossen, Senior.
Before Between After.
Slide R - 1 Copyright © 2009 Pearson Education, Inc. Publishing as Pearson Prentice Hall Active Learning Lecture Slides For use with Classroom Response.
1 GIS Maps and Tax Roll Submission. 2 Exporting A New Shapefile.
1 Non Deterministic Automata. 2 Alphabet = Nondeterministic Finite Accepter (NFA)
Types of selection structures
WorkKeys Internet Version Training
Static Equilibrium; Elasticity and Fracture
Clock will move after 1 minute
1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.1 Module 9 TCP/IP Protocol Suite and IP Addressing.
Chapter 11 Creating Framed Layouts Principles of Web Design, 4 th Edition.
Select a time to count down from the clock above
1 © 2006 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Using the Cisco Technical Support & Documentation Website for Online.
Pupil Premium CSV File Import & Maintain Jim Haywood Product Manager for Statutory Returns.
Copyright Tim Morris/St Stephen's School
1.step PMIT start + initial project data input Concept Concept.
© Paradigm Publishing, Inc Excel 2013 Level 2 Unit 2Managing and Integrating Data and the Excel Environment Chapter 6Protecting and Sharing Workbooks.
A Data Warehouse Mining Tool Stephen Turner Chris Frala
Outlook 2013 Web App (OWA) User Guide Durham Technical Community College.
TCP/IP Protocol Suite 1 Chapter 18 Upon completion you will be able to: Remote Login: Telnet Understand how TELNET works Understand the role of NVT in.
1 Non Deterministic Automata. 2 Alphabet = Nondeterministic Finite Accepter (NFA)
Schutzvermerk nach DIN 34 beachten 05/04/15 Seite 1 Training EPAM and CANopen Basic Solution: Password * * Level 1 Level 2 * Level 3 Password2 IP-Adr.
Introduction to the Junos Operating System
Introduction to the Junos Operating System
Presentation transcript:

Operating Juniper Networks Routers in the Enterprise Chapter 3: JUNOS User Interfaces

Operating Juniper Networks Routers—J-series Chapter Objectives Operating Juniper Networks Routers—J-series After completing this chapter, you will be able to: Describe user interface options Describe user authentication and authorization options Differentiate active and candidate configurations Use J-Web to configure and monitor a Juniper Networks router Use the JUNOS software CLI to configure and monitor a Juniper Networks router Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series Agenda: JUNOS User Interfaces User Interface Options User Authentication and Authorization Active and Candidate Configurations Using the J-Web Graphical User Interface Using the JUNOS Software Command-Line Interface Module 2: The J-series User Interface

User Interface Options J-Web interface: A Web-based GUI The J-Web service using HTTP is enabled by default on J-series routers JUNOS software CLI: Available from console interface RJ-45 RS-232 @ 9600 Bps, 8/1/N (not configurable) Available by using Telnet and SSH Requires network interface and related service configuration Dedicated Ethernet management port on M-series routers All J-series network ports support management access and transit traffic Console Port Network Interfaces

This slide left intentionally blank! Operating Juniper Networks Routers—J-series Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series Agenda: JUNOS User Interfaces User Interface Options User Authentication and Authorization Active and Candidate Configurations Using the J-Web Graphical User Interface Using the JUNOS Software Command-Line Interface Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series User Authentication Operating Juniper Networks Routers—J-series RADIUS/ TACACS+ Server Local Authentication Database Local database Name and password Individual accounts and home directories RADIUS and TACACS+ Centralized authentication of users Users mapped to locally defined template users for authorization Extended regular expressions can be passed to alter authorization Module 2: The J-series User Interface

Authentication Order (1 of 3) Operating Juniper Networks Routers—J-series Multiple authentication methods are supported Can specify authentication order The router tries each authentication method in order until the password is accepted Even if a password is rejected, the router still tries the next configured authentication method! If all configured authentication methods fail to reply, the router tries local authentication Example 1: authentication-order [ radius tacplus password ] Router Local Authentication Database Username = lab Password = lab789 TACACS+ Server Username = lab Password = lab456 RADIUS Server Username = lab Password = lab123 Step 1 (lab, lab789) Step 2 (lab, lab789) Step 3 REJECT Step 4 (lab, lab789) Step 5 REJECT Step 6 (lab, lab789) Step 7 ACCEPT Step 8 ACCEPT Module 2: The J-series User Interface

Authentication Order (2 of 3) Operating Juniper Networks Routers—J-series Example 2: authentication-order [radius tacplus] Router Local Authentication Database Username = lab Password = lab789 TACACS+ Server Username = lab Password = lab456 RADIUS Server Username = lab Password = lab123 Step 1 (lab, lab789) Step 2 (lab, lab789) Step 3 REJECT Step 4 (lab, lab789) Step 5 REJECT Step 6 REJECT Module 2: The J-series User Interface

Authentication Order (3 of 3) Operating Juniper Networks Routers—J-series Example 3: authentication-order [radius tacplus] Router Local Authentication Database Username = lab Password = lab789 TACACS+ Server Username = lab Password = lab456 RADIUS Server Username = lab Password = lab123 Step 1 (lab, lab789) Step 2 (lab, lab789) Step 3 (lab, lab789) Step 4 (lab, lab789) Step 5 ACCEPT Step 6 ACCEPT X Module 2: The J-series User Interface

Components of Authorization (1 of 2) Operating Juniper Networks Routers—J-series Permissions deny-commands deny-configuration allow-commands allow-configuration Class User Authorized or Denied Command and configuration statements are either authorized or denied Applies to all nonroot users Defined by a hierarchy of configuration components Users Locally defined on the router Member of a single class Class A container for one or more permissions and explicit allow/deny overrides Four predefined classes for common groups of permissions Operator, read-only, super-user, unauthorized Module 2: The J-series User Interface

Components of Authorization (2 of 2) Operating Juniper Networks Routers—J-series Permissions deny-commands deny-configuration allow-commands allow-configuration Class User Authorized or Denied Permissions Predefined sets of related commands Allow and deny overrides Define exceptions for commands and configuration statements that would otherwise be allowed or denied Specified using regular expressions Module 2: The J-series User Interface

This slide left intentionally blank! Operating Juniper Networks Routers—J-series Module 2: The J-series User Interface

Authorization Example Operating Juniper Networks Routers—J-series Permissions deny-commands deny-configuration allow-commands allow-configuration Class User Authorized or Denied root@host> show configuration system login class noc { permissions view; allow-commands "clear interface statistics"; deny-commands "clear interface statistics all"; } user sue { uid 2000; class noc; authentication { encrypted-password "$1$UK4021d6$PZo./nQZbzIHXw7sYF/y3/"; Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series Agenda: JUNOS User Interfaces User Interface Options User Authentication and Authorization Active and Candidate Configurations Using the J-Web Graphical User Interface Using the JUNOS Software Command-Line Interface Module 2: The J-series User Interface

Active and Candidate Configurations Operating Juniper Networks Routers—J-series Batch configuration model: Must commit configuration changes Active configuration: Current operational configuration Boot-up configuration Candidate configuration: A working copy for configuration changes Initialized with the active configuration Becomes active configuration upon commit Module 2: The J-series User Interface

Configuration History Operating Juniper Networks Routers—J-series commit rollback n Candidate Configuration Active 1 2 ... Active configuration stored in /config/juniper.conf.gz Rollback files stored in /config/juniper.conf.n.gz (n=1–3) /var/db/config/juniper.conf.n.gz (n=4–49) 49 configure Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series Agenda: JUNOS User Interfaces User Interface Options User Authentication and Authorization Active and Candidate Configurations Using the J-Web Graphical User Interface Using the JUNOS Software Command-Line Interface Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series The J-Web Graphical User Interface Easy-to-use, Web-based graphical interface Operational monitoring, configuration, and routine maintenance actions HTTP and HTTPS (SSL) support No additional client software required On J-series platforms, works out of the box with a factory-default configuration Can provide a temporary DHCP service to accommodate initial J-Web access Automatically directs user to setup wizard when a factory-default configuration is detected J-Web features: Same authentication and authorization as CLI User-defined session timeout One browser window per J-Web session Module 2: The J-series User Interface

This slide left intentionally blank! Operating Juniper Networks Routers—J-series Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series J-Web Capabilities Quick Configuration wizards Initial setup, interfaces, routing, firewall/NAT, IPSec, etc. Configuration maintenance History, compare, view, upload, download, full clickable edit System monitoring System, chassis, interfaces, firewall, etc. Fault isolation Ping and traceroute System management Software upgrade, file system maintenance, license management, reboots and shutdowns Module 2: The J-series User Interface

This slide left intentionally blank! Operating Juniper Networks Routers—J-series Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series J-Web Login J-Web sessions require a valid login Use the same authentication methods as CLI Exception is initial access, when no login is needed to access the setup wizard Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series J-Web Layout The J-Web page is composed of multiple panes Monitor > System is the default view when a complete configuration is present Top Pane Task Bar Current Location Main Pane Left Pane Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series The J-Web Monitor Task View the operation of the router and its protocols Module 2: The J-series User Interface

This slide left intentionally blank! Operating Juniper Networks Routers—J-series Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series The J-Web Configuration Task Use Quick Configuration wizards Navigate a clickable view-and-edit function Access previous configuration history (rollbacks) Set a rescue configuration Module 2: The J-series User Interface

This slide left intentionally blank! Operating Juniper Networks Routers—J-series Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series The J-Web Diagnose Task Access the ping, traceroute, and packet capture utilities Optional switches available through Advanced Options Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series The J-Web Manage Task Download and delete files Upgrade software Install and manage licenses Schedule system reboots Perform backups of software and configuration files Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series The J-Web Events Task Provides access to log files Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series Initial Setup The Quick Configuration Set Up wizard makes initial configuration a snap Module 2: The J-series User Interface

J-Web Configuration Changes Operating Juniper Networks Routers—J-series In Quick Configuration wizards: Click OK or Apply to commit and activate configuration changes In the View and Edit hierarchy: Click Commit OK to commit and go to previous page OK returns to previous page but does not commit Apply to commit and stay on current page Use Commit! Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series Viewing Configuration History Use the J-Web Configuration > History page to view the change log and to compare configuration files Compare current configuration to previous (rollback 1) Module 2: The J-series User Interface

Lab 1, Parts 1–3: The J-Web Interface Operating Juniper Networks Routers—J-series Become familiar with the J-Web user interface. Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series Agenda: JUNOS User Interfaces User Interface Options User Authentication and Authorization Active and Candidate Configurations Using the J-Web Graphical User Interface Using the JUNOS Software Command-Line Interface Module 2: The J-series User Interface

CLI Modes and Feature Overview Operating Juniper Networks Routers—J-series CLI operational mode: Editing command lines Command completion and history Context-sensitive and documentation-based help UNIX-style pipes CLI configuration mode: Object-oriented hierarchy Jumping between levels Candidate configuration with sanity checking Automatic rollback capability Showing portions of configuration while configuring Saving, loading, and deleting configuration files Running operational-mode commands from within configuration Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series CLI Modes Operating Juniper Networks Routers—J-series Operational mode: Monitor and troubleshoot the software, network connectivity, and router hardware Configuration mode: Configure the router, including interfaces, general routing information, routing protocols, user access, and system hardware properties The > character identifies operational mode user@host> [edit] user@host# The # character identifies configuration mode Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series Logging In When logging in: Nonroot users are placed into the CLI automatically host (ttyd0) login: user Password: --- JUNOS 8.3R2.8 built 2007-07-07 00:21:56 UTC user@host> The root user must start the CLI from the shell Do not forget to exit root shell after logging out of the CLI! host (ttyd0) login: root Password: --- JUNOS 8.3R2.8 built 2007-07-07 00:21:56 UTC root@host% cli root@host> Shell Prompt CLI Prompt Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series CLI Operational Mode Execute commands (mainly) from the default CLI level (user@host>) Can execute from configuration mode with the run command Hierarchy of commands Example: show ospf neighbor Less Specific clear configure file help monitor set show etc. bgp chassis configuration ospf rip route version etc. database interface neighbor route statistics etc. More Specific Module 2: The J-series User Interface

This slide left intentionally blank! Operating Juniper Networks Routers—J-series Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series Editing Command Lines Operating Juniper Networks Routers—J-series EMACS-style editing sequences are supported The default VT100 terminal type also supports cursor positioning with the arrow keys user@host> show interfaces Ctrl+b Ctrl+a Ctrl+f Ctrl+e Keyboard sequence Cursor position Module 2: The J-series User Interface

This page left intentionally blank! Operating Juniper Networks Routers—J-series Module 2: The J-series User Interface

Command and Variable Completion Operating Juniper Networks Routers—J-series Spacebar completes a command user@host> sh<space>ow i<space> 'i' is ambiguous. Possible completions: igmp Show Internet Group Management Protocol... ike Show Internet Key Exchange information interfaces Show interface information ipsec Show IP Security information isis Show Intermediate System-to-Intermediate... user@host> show i Use the Tab key to complete an assigned variable [edit policy-options] user@host# show policy-statement t<tab>his-is-my-policy then accept; user@host# Enter a space to complete a command Use Tab to complete assigned variables Module 2: The J-series User Interface

Context-Sensitive Help Operating Juniper Networks Routers—J-series Type ? anywhere on the command line user@host> ? Possible completions: clear Clear information in the system configure Manipulate software configuration information file Perform file operations help Provide help information . . . user@host> clear ? arp Clear address resolution information bfd Clear Bidirectional Forwarding Detection information bgp Clear Border Gateway Protocol information firewall Clear firewall counters Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series Topical Help Operating Juniper Networks Routers—J-series The help topic command provides information on general concepts user@host> help topic interfaces ? Possible completions: accept-data Accept packets destined for virtual IP... accept-source-mac Policers for specific source MAC addresses access-profile Mapping peer name and secrets for CHAP accounting-profile Accounting profile acknowledge-timer Maximum time to wait for link... address Interface address and destination prefix ... user@host> help topic interfaces address Configuring the Interface Address You assign an address to an interface by specifying the address when configuring the protocol family. For the inet family, you configure the interface's IP address. For the iso family, you configure one or more addresses for the loopback interface. For the ccc, tcc, mpls, tnp, and vpls families, you never configure an address. Module 2: The J-series User Interface

Help with Configuration Syntax Operating Juniper Networks Routers—J-series Help with Configuration Syntax Use help reference for assistance with configuration syntax user@host> help reference interfaces address address Syntax address address { arp ip-address (mac | multicast-mac) mac-address <publish>; broadcast address; destination address; destination-profile name; eui-64; multipoint-destination address dlci dlci-identifier; ... Hierarchy Level [edit interfaces interface-name unit logical-unit-number family family], [edit logical-routers logical-router-name interfaces interface-name unit logical-unit-number family family] Description Configure the interface address. Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series Using | (Pipe) Operating Juniper Networks Routers—J-series The pipe function allows you to filter and manipulate command output Available in all modes and contexts user@host> show route | ? Possible completions: count Count occurrences display Show additional kinds of information except Show only text that does not match a pattern find Search for first occurrence of pattern hold Hold text without exiting the --More-- prompt last Display end of output only match Show only text that matches a pattern no-more Don't paginate output request Make system-level requests resolve Resolve IP addresses save Save output text to file trim Trim specified number of columns from start of line user@host> show route | Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series This slide left intentionally blank! Module 2: The J-series User Interface

CLI Configuration Mode Operating Juniper Networks Routers—J-series Where we are going… Active vs. candidate configuration Configuration history Configuration mode Navigating configuration hierarchy Making or deleting configuration changes Viewing configuration differences Saving and loading configuration files Module 2: The J-series User Interface

Review: Active Versus Candidate Configuration Operating Juniper Networks Routers—J-series Batch configuration model: Must commit configuration changes Active configuration: Current operational configuration Boot-up configuration Candidate configuration: A working copy for configuration changes Initialized with the active configuration Becomes active configuration upon commit Module 2: The J-series User Interface

Review: Configuration History Operating Juniper Networks Routers—J-series commit rollback n Candidate Configuration Active 1 2 ... 49 configure Active configuration stored in /config/juniper.conf.gz Rollback files stored in /config/juniper.conf.n.gz (n=1–3) /var/db/config/juniper.conf.n.gz (n=4–49) Module 2: The J-series User Interface

Entering Configuration Mode Operating Juniper Networks Routers—J-series Type configure or edit at the CLI operational-mode prompt: user@host> configure Entering configuration mode [edit] user@host# To allow a single user to edit the configuration, type configure exclusive configure private allows the user to edit a private copy of the candidate configuration Multiple users can edit private candidate configurations simultaneously At commit time, the user’s private changes are merged back into the global configuration Module 2: The J-series User Interface

This slide left intentionally blank! Operating Juniper Networks Routers—J-series Module 2: The J-series User Interface

Configuration Statement Hierarchy Operating Juniper Networks Routers—J-series [edit] user@host# edit protocols ospf area 51 stub [edit protocols ospf area 0.0.0.51 stub] user@host# top Less Specific chassis interfaces protocols services system etc. bgp isis mpls ospf pim rip rsvp vrrp etc. area area_id graceful-restart overload traffic-engineering etc. More Specific area-range area_range interface nssa stub etc. Module 2: The J-series User Interface

Configuration File Is Hierarchical Operating Juniper Networks Routers—J-series CLI commands are entered without curly brackets [edit system] user@host# set services web-management http port 8080 The result is a hierarchical configuration file, complete with curly brackets user@host# show services web-management { http { port 8080; } user@host# Module 2: The J-series User Interface

Moving Between Levels (1 of 6) Operating Juniper Networks Routers—J-series edit functions like a change directory (CD) command [edit] user@host# edit protocols ospf area 51 stub [edit protocols ospf area 0.0.0.51 stub] user@host# area area_id graceful-restart isis mpls interfaces protocols etc. bgp chassis ospf pim rip rsvp top services system vrrp overload traffic-engineering area-range area_range interface nssa stub Module 2: The J-series User Interface

Moving Between Levels (2 of 6) Operating Juniper Networks Routers—J-series up moves up one level in the hierarchy [edit protocols ospf area 0.0.0.51 stub] user@host# up [edit protocols ospf area 0.0.0.51] user@host# area area_id graceful-restart isis mpls interfaces protocols etc. bgp chassis ospf pim rip rsvp top services system vrrp overload traffic-engineering area-range area_range interface nssa stub Module 2: The J-series User Interface

Moving Between Levels (3 of 6) Operating Juniper Networks Routers—J-series up n moves up n levels [edit protocols ospf area 0.0.0.51] user@host# up 2 [edit protocols] user@host# area area_id graceful-restart isis mpls interfaces protocols etc. bgp chassis ospf pim rip rsvp top services system vrrp overload traffic-engineering area-range area_range interface nssa stub Module 2: The J-series User Interface

Moving Between Levels (4 of 6) Operating Juniper Networks Routers—J-series top moves to the top of the hierarchy [edit protocols ospf area 0.0.0.51 stub] user@host# top [edit] user@host# area area_id graceful-restart isis mpls interfaces protocols etc. bgp chassis ospf pim rip rsvp top services system vrrp overload traffic-engineering area-range area_range interface nssa stub Module 2: The J-series User Interface

Moving Between Levels (5 of 6) Operating Juniper Networks Routers—J-series exit moves to the previous higher level in the hierarchy [edit protocols ospf] user@host# edit area 51 stub [edit protocols ospf area 0.0.0.51 stub] user@host# exit user@host# area area_id graceful-restart isis mpls interfaces protocols etc. bgp chassis ospf pim rip rsvp top services system vrrp overload traffic-engineering area-range area_range interface nssa stub Module 2: The J-series User Interface

Moving Between Levels (6 of 6) Operating Juniper Networks Routers—J-series Summary of moving between levels: edit functions like a CD command up moves up one level up n moves up n levels top moves to the top of the hierarchy exit moves to the previous higher level in the hierarchy or exits configuration mode if at the top level of the hierarchy [edit] user@host# edit protocols ospf area 51 stub [edit protocols ospf area 0.0.0.51 stub] user@host# up [edit protocols ospf area 0.0.0.51] user@host# up 2 [edit protocols] user@host# top user@host# exit The configuration has been changed but not committed Exit with uncommitted changes? [yes,no] (yes) Module 2: The J-series User Interface

Viewing Candidate Configuration Operating Juniper Networks Routers—J-series [edit] user@host# show system services ssh; web-management { http { port 8080; } user@host# edit system services [edit system services] user@host# show You can display just the portions that concern you from the root of the hierarchy… …or use edit to park yourself at a specific subhierarchy Module 2: The J-series User Interface

Identifying Configuration File Differences (1 of 2) Operating Juniper Networks Routers—J-series Identifying Configuration File Differences (1 of 2) Change the candidate configuration: [edit system] user@host# set services telnet user@host# delete services web-management user@host# delete services ssh Display differences between the candidate and active configurations: user@host# show | compare [edit system services] - ssh; + telnet; - web-management { - http { - port 8080; - } - } Module 2: The J-series User Interface

Identifying Configuration File Differences (2 of 2) Operating Juniper Networks Routers—J-series Compare active and historical configurations user@host> show configuration | compare rollback number user@host> show configuration | compare filename Compare arbitrary files: user@host> file compare files filename_1 filename_2 Module 2: The J-series User Interface

Removing Statements (1 of 2) Operating Juniper Networks Routers—J-series Statements added with set are removed with the delete command Removes everything from the specified hierarchy down Use wildcard delete to save time user@host# show services ssh; web-management { http { port 8080; } [edit system] user@host# delete services web-management The entire Web-management hierarchy is removed by the delete statement Module 2: The J-series User Interface

Removing Statements (2 of 2) Operating Juniper Networks Routers—J-series Pop quiz: You have just disabled an interface with a set interface interface-name disable statement. How do you re-enable this interface? Module 2: The J-series User Interface

Committing a Configuration (1 of 2) Operating Juniper Networks Routers—J-series Configuration changes must be committed to take effect [edit] user@host# commit commit complete user@host# Use commit check to confirm syntax user@host# commit check [edit interfaces lo0 unit 0 family inet] 'address 192.168.69.1/24' Loopback addresses' prefix must be 32 bits error: configuration check-out failed Use commit confirmed to temporarily activate user@host# commit confirmed commit confirmed will be automatically rolled back in 10 minutes unless confirmed Module 2: The J-series User Interface

Committing a Configuration (2 of 2) Operating Juniper Networks Routers—J-series Schedule a future commit with commit at [edit] user@host# commit at 21:00:00 configuration check succeeds commit at will be executed at 2005-05-25 21:00:00 UTC Exiting configuration mode Add comments with commit comment user@host# commit comment "Changed OSPF configuration" commit complete user@host> show system commit 0 2005-05-25 04:10:17 UTC by lab via cli Changed OSPF configuration ... Use commit and-quit to save time user@host# commit and-quit user@host> Module 2: The J-series User Interface

Backing Out of Configuration Changes Operating Juniper Networks Routers—J-series Use the rollback command to restore one of the last 50 previously committed configurations [edit] user@host# rollback load complete Use rollback (or rollback 0 ) to reset the candidate configuration to the currently active configuration (which is the last version committed) rollback 1 loads the configuration before that rollback n loads n configurations before that Using rollback only modifies the candidate configuration Don’t forget to commit the changes! Module 2: The J-series User Interface

This slide left intentionally blank! Operating Juniper Networks Routers—J-series Module 2: The J-series User Interface

Saving Configuration Files Operating Juniper Networks Routers—J-series Save current candidate configuration using the save command [edit] user@host# save filename File saved to user’s home directory unless full path name is specified Only saves from the current hierarchy down Filename can specify: A path and filename on the local router’s file system A URL (FTP and SCP) Miscellaneous features: terminal option for save commands Simplifies load operations from terminal buffers Pipe option for display set Displays the set statements used to create a configuration Periodic saves to a remote host Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series This slide left intentionally blank! Module 2: The J-series User Interface

Loading Configuration Files Operating Juniper Networks Routers—J-series Configuration information can come from an ASCII file or terminal emulation capture buffer The load command supports various arguments: Override an existing configuration: load override filename Merge new statements into current configuration: load merge filename Replace existing statements in current configuration: load replace filename Take input from terminal capture buffer: load (replace | merge | override) terminal Load relative to current configuration hierarchy: load (replace | merge) (filename | terminal) relative Changes candidate configuration only You must issue a commit to activate Module 2: The J-series User Interface

This slide left intentionally blank! Operating Juniper Networks Routers—J-series Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series run Is Cool Operating Juniper Networks Routers—J-series Use the run command to execute operational-mode CLI commands from within configuration Can be a real time-saver when testing the effect of a recent change [edit interfaces fe-0/0/0] lab@HongKong# set unit 0 family inet address 10.250.0.141/16 lab@HongKong# commit commit complete lab@HongKong# run ping 10.250.0.149 count 1 PING 10.250.0.149 (10.250.0.149): 56 data bytes 64 bytes from 10.250.0.149: icmp_seq=0 ttl=255 time=0.967 ms --- 10.250.0.149 ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.967/0.967/0.967/0.000 ms Test configuration changes without leaving configuration mode with run Module 2: The J-series User Interface

Operating Juniper Networks Routers—J-series Review Questions Operating Juniper Networks Routers—J-series What user authentication methods are available? List two user interface options supported by J-series platforms. What does the confirmed switch do when committing changes? What command restores the router to the previously committed configuration? How can you display differences between an active and a candidate configuration? What is the difference between the merge, override, and replace arguments when loading a file? How can you display the status of an interface while in configuration mode? Module 2: The J-series User Interface

Lab 1, Parts 4–5: The JUNOS Software CLI Operating Juniper Networks Routers—J-series Become familiar with the JUNOS software CLI. Module 2: The J-series User Interface

This slide appears only in the slide deck, not the SG/IG. Nothing to edit here. Move along please. Education Services

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.