Juniper-configs-JNCIs
New device config:
set system root-authentication plain-text-password
set system login user admin authentication plain-text-password
delete chassis auto-image
set system services ssh
deactivate system syslog user *
set system login user admin class super-user
delete interface fxp0 unit 0 family inet dhcpCreate Vlans
set vlan HR vlan-id 4
set vlan description "HR VLAN"Configure Access and Trunk Ports:
set interface ge-0/0/1 unit 0 family ethernet-switching port-mode access
set interface ge-0/0/1 unit 0 family ethernet-switching vlan members HR
set interface ge-0/0/0 unit 0 family ethernet-switching port mode trunk
set interface ge-0/0/0 unit 0 family ethernet-switching vlan members [ Acct IT HR CSuite]
set interface ge-0/0/0 unit 0 family ethernet-switching native-vlan-id 1Intervlan routing:
set interfaces vlan unit 4 family inet address 10.0.4.1/24
set interfaces vlan unit 5 family inet address 10.0.5.1/24
set vlans HR l3-interface vlan.4
set vlans IT l3-interface vlan.5Voice Vlans:
Configuring Bridge Domains on vMX Routers:
- This allows enterprises to expand their Layer 2 domain over a service provider network
- We don't configure vlans, we configure bridge domains and add vlan id there
set bridge-domains Customer1BD vlan-id 101
set bridge-domains Customer2BD vlan-id-list [ 202 203 204] interface ge-0/0/0.0
Assigning the Bridge Domains to Interfaces:
edit interface ge-0/0/0
delete family inet
set interfaces ge0/0/0.0 family bridge interface-mode-access
set interfaces ge0/0/1.0 family bridge vlan-id-list 202-204
set interfaces ge0/0/1.0 family bridge interface-mode trunkConfiguring Bridge Domains Intervlan Routing:
set interfaces irb unit 101 family inet 192.168.101.1/24
set interfaces irb unit 202 family inet 192.168.202.1/24
set bridge-domains Customer1BD routing-interface irb.101
set bridge domains Customer2bd routing-interface vlan-tagConfiguration on QFX Datacenter Switch
set vlan HR vlan-id 4
set vlan description "HR VLAN"
set interfaces xe-0/0/0 unit 0 family ethernet-switching interface-mode access
set interfaces xe-0/0/0 unit 0 family ethernet-switching
set interfaces irb unit 5 family inet address 10.0.5.1/24
set vlans HR l3-interface irb.4Debugging
show log <filename>
edit interfaces (or ospf or whatever)
set trace-options (filename)
set trace-options flag any
monitor start (filename) for live data
monitor stop
delete trace-options
file delete /var/log/filename- If you set it too far into the hierarchy at the specific interface, the debug messages will be sent to the standard log messages by default, but you can use ReGex to filter it to only match information for the specific interface
set trace-options file test.text match ge-0/0/0Rescue Config
request system configuration save
ls /config
show configuration
rollback rescueVSRx Delete Security and Put in Standard Mode
configure
delete security
set security forwarding options family mpls mode packet-based
set security forwarding options family inet6 mode packet-based
set security forwarding options family iso mode packet-based
commitDefaults for Routes:
edit routing-options static defaults
set ?
set preference 10
set as-path path 65000=============== Load Balancing
show route forwarding-table
routing policy for all traffic: set policy-options policy-statement load-balance term1 then load-balance per-packet (really per-flow)
apply it to forwarding table: set routing-options forwarding-table export load-balance commit
show route forwarding-table
Now we will be able to load balance
- The flow for the traffic is per-flow so traffic will be sent out of a particular interface based on the source, destination and protocol (i.e. tcp, udp)
- We can tweak this
set forwarding-options hash-key family inet layer-3 layer-4
We can pick particular routes to load balance: we can use a from statement in the policy:
set policy-options policy-statement load-balanc from route-filter 1.1.1.1 exact
- Now it will only balance for traffic going to 1.1.1.1