Routing

Hi all,

 

I'm not running from primary flash as I only have 256MB and was trying to remove the swap on this J2320. The primary flash can't be sorted now for some reason on this "JUNOS Software Release [9.3R4.4] (Export edition) Enhanced Services" which was OK before I upgraded from 8.4

:

request system snapshot media compact-flash 
error: compact-flash is 256MB, must be at least 512MB

 So I'm running from:

 

show system storage 
Filesystem              Size       Used      Avail  Capacity   Mounted on
/dev/ad2s1a             991M       159M       822M       16%  /
devfs                   1.0K       1.0K         0B      100%  /dev
devfs                   1.0K       1.0K         0B      100%  /dev/
/dev/md0                269M       269M         0B      100%  /junos
/cf                     991M       159M       822M       16%  /junos/cf
devfs                   1.0K       1.0K         0B      100%  /junos/dev/
procfs                  4.0K       4.0K         0B      100%  /proc
/dev/bo0s1e             369M       8.0K       365M        0%  /config
/dev/md1                168M       9.3M       145M        6%  /mfs
/cf/var/jail            991M       159M       822M       16%  /jail/var
devfs                   1.0K       1.0K         0B      100%  /jail/dev

 

When I was running from primary my networking was fine, but now I can't ping anything. Here's my config:

 

My default route is set on the Juniper router and a traffic trace on it shows:

08:09:27.785137  In STP 802.1d, Config, Flags [none], bridge-id 8000.74:8e:f8:31:33:45.800e, length 43
08:09:29.784843  In STP 802.1d, Config, Flags [none], bridge-id 8000.74:8e:f8:31:33:45.800e, length 43
08:09:31.785648  In STP 802.1d, Config, Flags [none], bridge-id 8000.74:8e:f8:31:33:45.800e, length 43
08:09:32.109451  In arp who-has 178.22.x.x tell 178.22.x.x
08:09:32.761327  In arp who-has 178.22.x.x tell 178.22.x.x
08:09:33.761325  In arp who-has 178.22.x.x tell 178.22.x.x

08:09:33.784356  In STP 802.1d, Config, Flags [none], bridge-id 8000.74:8e:f8:31:33:45.800e, length 43
08:09:35.785544  In STP 802.1d, Config, Flags [none], bridge-id 8000.74:8e:f8:31:33:45.800e, length 43
08:09:37.784561  In STP 802.1d, Config, Flags [none], bridge-id 8000.74:8e:f8:31:33:45.800e, length 43
08:09:39.784272  In STP 802.1d, Config, Flags [none], bridge-id 8000.74:8e:f8:31:33:45.800e, length 43
08:09:41.782994  In STP 802.1d, Config, Flags [none], bridge-id 8000.74:8e:f8:31:33:45.800e, length 43
08:09:42.761755  In arp who-has 178.22.x.x tell 178.22.x.x
08:09:42.761783 Out arp reply 178.22.x.x is-at 0:1f:12:13:3:1
08:09:43.759703  In arp who-has 178.22.x.x tell 178.22.x.x
08:09:43.784802  In STP 802.1d, Config, Flags [none], bridge-id 8000.74:8e:f8:31:33:45.800e, length 43
08:09:45.784250  In STP 802.1d, Config, Flags [none], bridge-id 8000.74:8e:f8:31:33:45.800e, length 43
08:09:47.783973  In STP 802.1d, Config, Flags [none], bridge-id 8000.74:8e:f8:31:33:45.800e, length 43

root@surevoip-j1> show interfaces ge-0/0/1.0     
  Logical interface ge-0/0/1.0 (Index 69) (SNMP ifIndex 123) 
    Flags: SNMP-Traps Encapsulation: ENET2
    Input packets : 9324 
    Output packets: 337
    Security: Zone: Null
    Protocol inet, MTU: 1500
      Flags: None
      Addresses, Flags: Is-Default Is-Preferred Is-Primary
        Destination: 178.22.x.x/29, Local: 178.22.x.x,
        Broadcast: 178.22.x.x


root@test-j1> show route 

inet.0: 4 destinations, 4 routes (3 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[Static/5] 02:15:37
                    > to 178.22.x.x via ge-0/0/1.0
178.22.x.x/29    *[Direct/0] 02:10:32
                    > via ge-0/0/1.0
178.22.x.x/32   *[Local/0] 02:10:32
                      Local via ge-0/0/1.0

 I just can't ping the GW ip of .9 now. Is this my basic config or something bigger?

 

Thanks.

Hello there,

 

---

@suretec wrote:

root@surevoip-j1> show interfaces ge-0/0/1.0     
  Logical interface ge-0/0/1.0 (Index 69) (SNMP ifIndex 123) 
    Flags: SNMP-Traps Encapsulation: ENET2
    Input packets : 9324 
    Output packets: 337
    Security: Zone: Null
    Protocol inet, MTU: 1500
      Flags: None
      Addresses, Flags: Is-Default Is-Preferred Is-Primary
        Destination: 178.22.139.8/29, Local: 178.22.139.10,
        Broadcast: 178.22.139.15

 I just can't ping the GW ip of .9 now. Is this my basic config or something bigger?

 

Thanks.

---

It is your config or rather your config.unsuitable for JUNOS flavor you have upgraded to.

You have upgraded to Enhanced Services JUNOS which has a built-in stateful firewall security.

You should either (1) add security zones+policies to your existing router-only config or (2) upgrade one more time to legacy JUNOS 9.3R4.4

HTH

Thanks

Alex

 

Brilliant. You've no idea how late I've been up each night rechecking everything! Will add the zones.

I like the fact you have to do this to enable it. Which version do you recommend? Non legacy?

Hello,

The latest supported legacy (a.k.a. packet-based) JUNOS release for J-series is 9.3R4.4

The latest supported JUNOS (a.k.a. JUNOS-ES, a.k.a flow-based JUNOS) release for J-series is 12.1R3.

The JTAC recommends certain JUNOS releases for each product, you can find them here http://kb.juniper.net/InfoCenter/index?page=content&id=KB21476 

 

Specifically for J2320 it is JUNOS 10.2R4.8 (flow-based).

 

If it is a production router, I suggest to load and run JUNOS from internal CF.

With 256M internal CF, the maximum supported JUNOS release is 9.3 (legacy or ES):

https://www.juniper.net/techpubs/en_US/junos9.3/information-products/topic-collections/release-notes/9.3/topic-23949.html#rn-cf-mem-reqs

https://www.juniper.net/techpubs/en_US/junos9.4/information-products/topic-collections/release-notes/9.4/topic-26604.html#compact-flash-memory-req 

 

If this is a lab router and you are prepared to always run JUNOS from USB, then there is no HW restriction for J2320 apart from RAM size and certain PIMs - you can find it for each JUNOS release and feature set from http://www.juniper.net/techpubs/software/junos and http://www.juniper.net/support/eol/ 

 

HTH

Rgds

Alex

 

 

 

 

Unofficially, the internal CF is upgradable.  You have to boot from USB in order to do it though.  The RAM is upgradable too although I don't recall what type it used anymore.

1) Create bootable USB drive.

2) Verify you can boot from USB.

3) Power down router.

4) Open up case.

5) Remove current CF card.

6) Insert new, bigger CF card.  I happened to use a 2G Sandisk Ultra card I had free.

7) Power up router, boot from USB.

😎 request system snapshot media compact-flash partition 

9) Let it finish, then attempt to boot from compact flash instead of USB.

10) If it boots successfully, you're done!

 

Looks like you can also use the external removable compact-flash slot as well, in which case you would put the card in the removable slot and for media use "removable-compact-flash".  You can see the various snapshot options here.

 

I went through the above steps several years ago using install media written to USB.  You can get install media up to 10.4.

 

Oh, and there is an old forum thread that shows how to switch to packet mode from flow mode.  I thought there was a KB article on it too but a quick look didn't find it.

http://forums.juniper.net/t5/Junos-and-Junosphere/Using-a-J-Series-quot-only-quot-as-a-router/m-p/24298/true

 

Ah-ha, finally found the KB article, KB21633.  It also points to a PDF that gives some other options.  

http://www.juniper.net/us/en/local/pdf/app-notes/3500192-en.pdf

 

Cheers!

 

-Chad

Thanks all for the detailed info.

---

ChadM wrote:

 

Looks like you can also use the external removable compact-flash slot as well, in which case you would put the card in the removable slot and for media use "removable-compact-flash".  You can see the various snapshot options here.

---

I've heard some rumor that a J-series can be configured to permanently regard its external CF as the primary boot device (ad0) while making the internal CF the alternative boot device (ad2). Does anybody know the details? Thanks!

---

@barnet wrote:

I've heard some rumor that a J-series can be configured to permanently regard its external CF as the primary boot device (ad0) while making the internal CF the alternative boot device (ad2). Does anybody know the details? Thanks!

---

Offhand, no.  If it is possible my guess would be by adjusting the boot order in the BIOS.  If you decide to take a look in the BIOS settings, don't change anything unless you are absolutely certain you know what it does.  I can't offer any guidance since it has been a while since I looked.

 

-Chad

---

@ChadM wrote:

---

@barnet wrote:

I've heard some rumor that a J-series can be configured to permanently regard its external CF as the primary boot device (ad0) while making the internal CF the alternative boot device (ad2). Does anybody know the details? Thanks!

---

Offhand, no.  If it is possible my guess would be by adjusting the boot order in the BIOS.  If you decide to take a look in the BIOS settings, don't change anything unless you are absolutely certain you know what it does.  I can't offer any guidance since it has been a while since I looked.

 

---

Probably you are right that there is no way to swap the cf slot roles in software. We here believed that a consultant had set up a couple of our jseries that way but upon an examination it was only found that the cf cards were swapped around, with a bigger card in the internal slot and the original one in the rear slot. As for the boot device bios setting, it works once but seems to be rewritten by junos at each reboot back to internal cf partition zero. My guess is that is how 'request system reboot media xxx' works. In addition, changing the boot device does nothing to change the device numbering. So the bottom line is, if a bigger internal cf is needed, it has to be just upgraded using a genuine or 3rd party card.

Our internal one won't boot so it's failing back to the bigger external one, which is fine with us 🙂

If you use a larger one in the external slot and you can boot from it, then just pop it into the internal slot and call it a day.  Pretty sure that's what I did.  I believe I have a 2G SanDisk Ultra 2 in there at the moment.

 

Hmm, actually, I may have done the reverse.  It's been a few years so it is a bit fuzzy.  This seems right though:

- Moved the small internal CF to the external slot

- Insert larger CF in the internal slot

- Boot from external slot

- request system snapshot partition (I don't think you needed to specify media but not sure)

- After snapshot completes, reboot from internal CF

 

I might have tried it via USB boot and system snapshot method.  I believe either worked, don't recall which one I used last.

 

If you do decide to try this, make sure you back up the configuration off of the device before swapping.  I know M/MX/T snapshot captures the config while EX uses primary & alternate code versions with the configuration in a separate partition when using the internal flash.  I -think- the J follows the same snapshot model as M/MX/T, but I'm not certain.

 

Cheers!

 

-Chad