As you know from my previous posts, I’m trying to find time to gain some Juniper knowledge. During this “quest” I will add here some basic things about how to start working with Juniper devices. For now I know only the basics of Juniper configuration, but I hope that soon you’ll find here some more challenging scenarios.
I have a basic topology that you’ll find below. The scenario is already prepare to have some tasks which suppose integration between Juniper and Cisco environment.
Let’s assume that I did power on the two boxes J1 and J2 and now I’m connected to J1 through a console cable. After the boot sequence I’m left with something like this:
Tue Jun 12 11:46:06 UTC 2012
Amnesiac (ttyd0)
login: |
Tue Jun 12 11:46:06 UTC 2012
Amnesiac (ttyd0)
login:
All platforms running the Junos OS have only the root user configured by default, without any password. Let’s introduce that username and see what’s happening:
login: root
Password:
--- JUNOS 9.4R2.9 built 2009-03-25 07:50:02 UTC
root@% |
login: root
Password:
--- JUNOS 9.4R2.9 built 2009-03-25 07:50:02 UTC
root@%
What I have now in front is actually the shell of the FreeBSD OS. JunOS is based on the FreeBSD OS. If you ever interacted with a Linux based system, then you can run here specific linux commands. For example:
root@% ls
.snap boot jail modules sbin
COPYRIGHT config kernel opt staging
altconfig data libexec packages tmp
altroot dev mfs proc usr
bin etc mnt root var
root@%
root@%
root@%
root@% ps u
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 1153 0.0 0.2 1492 936 v0 Is+ 11:46AM 0:00.02 /usr/libexec/getty
root 941 0.0 0.4 2636 2176 d0- S 11:46AM 0:00.14 /usr/sbin/eventd -
root 1264 0.0 0.2 1676 1252 d0 Is 11:50AM 0:00.05 login [pam] (login
root 1265 0.0 0.5 3872 2744 d0 S 11:51AM 0:00.21 -csh (csh)
root 1289 0.0 0.2 1612 996 d0 R+ 11:54AM 0:00.01 ps u |
root@% ls
.snap boot jail modules sbin
COPYRIGHT config kernel opt staging
altconfig data libexec packages tmp
altroot dev mfs proc usr
bin etc mnt root var
root@%
root@%
root@%
root@% ps u
USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
root 1153 0.0 0.2 1492 936 v0 Is+ 11:46AM 0:00.02 /usr/libexec/getty
root 941 0.0 0.4 2636 2176 d0- S 11:46AM 0:00.14 /usr/sbin/eventd -
root 1264 0.0 0.2 1676 1252 d0 Is 11:50AM 0:00.05 login [pam] (login
root 1265 0.0 0.5 3872 2744 d0 S 11:51AM 0:00.21 -csh (csh)
root 1289 0.0 0.2 1612 996 d0 R+ 11:54AM 0:00.01 ps u
OK, you got my point. To get from the FreeBSD shell to JunOS CLI, you need to enter the following:
What you see now is the Operational Mode. In this mode the user can run basic and troubleshooting commands (like traceroute, ping…). You can get a list of commands using the ? (question mark):
root> ?
Possible completions:
clear Clear information in the system
configure Manipulate software configuration information
file Perform file operations
help Provide help information
monitor Show real-time debugging information
mtrace Trace multicast path from source to receiver
op Invoke an operation script
ping Ping remote target
quit Exit the management session
request Make system-level requests
restart Restart software process
set Set CLI properties, date/time, craft interface message
show Show system information
ssh Start secure shell on another host
start Start shell
telnet Telnet to another host
test Perform diagnostic debugging
traceroute Trace route to remote host |
root> ?
Possible completions:
clear Clear information in the system
configure Manipulate software configuration information
file Perform file operations
help Provide help information
monitor Show real-time debugging information
mtrace Trace multicast path from source to receiver
op Invoke an operation script
ping Ping remote target
quit Exit the management session
request Make system-level requests
restart Restart software process
set Set CLI properties, date/time, craft interface message
show Show system information
ssh Start secure shell on another host
start Start shell
telnet Telnet to another host
test Perform diagnostic debugging
traceroute Trace route to remote host
If you want to compare the Operational Mode is somehow like Privilege level 1 under Cisco CLI. Still I have the feeling that Operational Mode offer a wider area of commands and more powerful than Cisco CLI Privilege level 1. I may be mistaken.
All platforms running the Junos OS come with a factory-default configuration. All factory-default configurations
allow access using the root account without any password. Nevertheless to activate a configuration you have first to set the password root password.Factory-default configurations can vary from one platform family to another or even between the different models
within the same platform family.
My default configuration looks like:
root> show configuration
version 9.4R2.9;
system {
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
} |
root> show configuration
version 9.4R2.9;
system {
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
I this first post my target is to set the hostname of the Juniper devices. To accomplish this step, I need to go first into configuration mode:
root> configure
Entering configuration mode
The configuration has been changed but not committed
[edit]
root# |
root> configure
Entering configuration mode
The configuration has been changed but not committed
[edit]
root#
and then set the hostname:
root# set system host-name J1
[edit] |
root# set system host-name J1
[edit]
If I look at the system prompt, it still shows root#, so it doesn’t quite seems to work. This is because I have to commit to activate the configuration:
root# commit
[edit]
'system'
Missing mandatory statement: 'root-authentication'
error: commit failed: (missing statements)
[edit]
root# |
root# commit
[edit]
'system'
Missing mandatory statement: 'root-authentication'
error: commit failed: (missing statements)
[edit]
root#
Well, this didn’t work as expected. The most important thing that I learned when I started with Juniper is that before I can activate any configuration (commit) I need to set the password for the root user:
root# set system root-authentication plain-text-password
New password:
Retype new password:
[edit]
root# |
root# set system root-authentication plain-text-password
New password:
Retype new password:
[edit]
root#
Let me try to commit one more time, after setting the root password:
root# commit
commit complete
[edit]
root@J1# |
root# commit
commit complete
[edit]
root@J1#
You can see that the prompt did change into root@HOSTNAME# (in my case this is root@J1#). If you look again to the system configuration. I will exist the Configuration Mode and have another look at my config file:
root@J1> show configuration
## Last commit: 2012-06-12 12:38:22 UTC by root
version 9.4R2.9;
system {
host-name J1;
root-authentication {
encrypted-password "$1$DKpYj/Nd$TVFTars5T2.oM3y5eyp520"; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
root@J1> |
root@J1> show configuration
## Last commit: 2012-06-12 12:38:22 UTC by root
version 9.4R2.9;
system {
host-name J1;
root-authentication {
encrypted-password "$1$DKpYj/Nd$TVFTars5T2.oM3y5eyp520"; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
root@J1>
The host-name and root password appears now in the active configuration.
That’s it for today. Until next post, I will add the basic configuration for J2 and the Cisco, so I can go to basic interface configuration and connectivity check.
