BLOG: Community Talk
News and updates to keep you informed about J-Net Community programs and enhancements
vcl , Contributor
BLOG: Community Talk
Junos 101 - Get started with awesome CLI!
Mar 4, 2015

catsI was offered the opportunity to share this blog article which contains the typical “Junos 101 tips” that I give to new recruits/trainees in my company, so here we go!

 

This article is a quick resume of "what to remember absolutely", and is the first step to go JNCIA-JUNOS certified.

 

About me: Network and Security Engineer in France, Juniper Elite Partner.

I love cats, Junos and motorcycles, find me on twitter @VincNuts

 

 CLI organization:

  • Shell: prompt %, OS access, with "root" user.
  • Operational mode: accessed by typing “cli” from shell - prompt  > -  used to issue “show commands” mainly, this is to verify status and results of configuration statements (show interfaces, show routes, show chassis…)
  • Configure mode: accessed by typing “edit” or “configure” from operational mode - prompt “#” - used to modify configuration. You can use “run” to call an operational command from there (run show interfaces).

Key shortcuts:

  • Ctrl-U: erase line (set interfaces > nothing)
  • Ctrl-W: erase word (set interfaces > set)
  • Ctrl-A and Ctrl-E: go to beginning or end of line

 

Interface naming in Junos:

Numbering always starts at 0, and is 3 levels wide.

 

Type-slot/pic/port

 

  • Type: ge for 1G, xe for 10G depending of the media
  • Slot: member ID in the Virtual Chassis or Chassis Cluster
  • Pic: 0 for fixed interfaces, 1+ for expansion slots (that is, uplink modules on EX for example)
  • Port: port number, 0 to 23, 47, 95 depending on the series
  • Example:

ge-0/0/47 -> 1G interface, last port of EXXX-48T for example

ge-9/1/0 -> 1G interface, first port of the 10th member of VC, on the uplink module

xe-5/1/1 -> 10G interface, on the 5th member (that is, the 6th in the stack) of the VC, second port of first expansion module

 

Some specifics:

 

vme: floating management interface for VC, active on Master Routing-Engine

VCEP port: vcp-255/1/X used internally to connect VC members, autoconfigured

Ae: aggregated interface

 

Main Commands:

  • Set/Delete: create or delete a configuration statement. Easy!
  • Show: verify and display configuration statement or status (configure mode/operational mode)
  • Clear: reset (clear error counters on a port for example)
  • ?: help and auto-completion information (set ?, set routing-options ?)
  • |: powerful chaining command with example:

show route | match 192.168 | except 192.168.1 will display all 192.168 routes, except those containing 192.168.1XX

 

  • Replace pattern: use carefully depending on the level of CLI you are in!

Replace pattern 192.168 with 172.16 will replace all IPs with 192.168 pattern in your configuration at top level in the cli! So you can navigate in CLI with “edit” and go to “edit routing-options” and replace only routes, not device IPs Smiley Wink

 

  • Commit: save and apply candidate configuration to the running configuration

The best: commit options!

  • commit confirmed 5 will automatically rollback to previous configuration if not confirmed under 5 minutes. That is, if you screw up on a remote device, just wait 5 minutes and it will come back online!
  • commit at 21:00:00 will deploy changes when the “on call” colleague is on duty while you peacefully watch the game. Let’s just hope he reads this post, and knows how to rollback if needed.
  • Rollback 1-49 will reload one of the previous 49 configurations.
  • Rollback 0 will reload running configuration on your candidate copy.
  • Show | compare rollback 1 to compare your configuration with one of the previous 49, trying to understand what your colleague changed in the configuration that he implemented at 21:00:00
  • TAB: auto-completion of a configuration statement

First configuration:                     

Load factory default to start fresh. All interfaces will be ethernet-switching on an EX.

Services: set system services ssh/web-management

set system root-authentication plain-text-password to define a root password, this is the mandatory step to commit for the first time

 

<configure interfaces and vlans>

 

Example 1: L2 vlan

 

Set vlan users vlan-id 172 interface ge-0/0/0

Or

Set vlan users vlan-id 172 + set interfaces ge-0/0/0 unit 0 port-mode access vlan member users

 

Example 2: Routed Vlan Interface (RVI)

 

Example 1 +

set vlan users l3-interface vlan.172

set interfaces vlans unit 172 family inet address 172.16.1.254/24

Set routing-options static route 0/0 next-hop 172.16.1.1  to define a default gateway.

Request system configuration rescue save to create a rescue configuration, in case that something goes really bad and you need to restart on a fresh and validated configuration.

 

Verify the state with show commands: show interfaces / detail / extensive / brief

 

Port modes:

Access (default): access port, to connect a standard workstation for example

Trunk: tagged link, mostly for uplinks carrying several VLANs

Native-Vlan: to carry a untagged Vlan on a trunk link

Voip-vlan: to tag on a access port, used in the classic scenario where the users’ workstation (untag) is connected to the switch through the VOIP phone port (tagged)

 

You are now ready to get your hands on your first Junos device, and this is only the beginning!

 

For more information about getting started with Junos and then getting your first Juniper certification, I recommend using:

https://learningportal.juniper.net/

- Learning Bytes on Youtube

- Champion center ressources: jpartnertraining.juniper.net

 

Keep calm and Juniper on Smiley Wink