All models of Juniper routers are comprised of two major componants: A Routing Engine and a Packet Forwarding Engine. The Routing Engine is a single blade or unit that plugs into the chassis. It performs routing calculations and system management functions (like running the user interface). The Packet Forwarding Engine is made up of several units including physical interface cards (PICs), flexible pic concentrators (FPCs), the controller card (SCB in an M40, and SSB in an M20), the backplane, and the craft (or chassis) inteface.
To replace a routing engine or a controller card, the router should be halted and powered off. PICs and FPCs can be added or replaced without shutting the whole router down. If an FPC needs to be removed from the chassis (to add or swap PICs, or to replace the FPC), it should first be taken offline. You can take an FPC offline with the “offline” button on the craft interface, or with the appropriate CLI command. IP Engineering should be informed and/or consulted anytime hardware needs to be added or replaced.
For more information about Juniper hardware see the Juniper hardware installation documentation.
Software Overview
Currently Juniper software is the same on all official hardware platforms. It is essentially a unix operating system with a kernal and several daemons performing various functions. “show version” will show you the software version of the kernel and the daemons. IP Engineering takes care of all Juniper software issues.
CLI Navigation
The CLI operates in two modes: command mode and configuration mode. When you log into a juniper remotely you will be placed into command mode. In command mode your prompt will end with a “>”. To enter configuration mode, type “configure”. In configuration mode your promp ends with a “#”. In configuration mode, you can issue non-configuration commands by typing “run” followed by the command. Type “exit” to return to command mode.
Command completion and help are available in both CLI modes. Hitting the tab or spacebar will complete any command you may be typing, or give an error if no valid completion is available. Typing a “?” at any point will give you all available completions or commands. More complete help is available using the “help” command. This gives access to an in-line manual. “help reference” provides configuration assistance and “help topic” gives more generic help for higher level topics.
Configuration
Most Juniper configuration should be done using the config tools. Unlike Cisco configurations, Juniper configurations can be made active directly from the config server. This almost entirely eliminates the need to configure the router using the CLI. However, it is still useful to be able to navigate the CLI’s configuration mode as it allows you to view the config is small sections and allows you to make temporary changes (like putting loops on interfaces for troubleshooting purposes).
The configuration is object oriented — to non-coders, this means that it’s heirarchical and has lots of curly braces. The major sections are as follows:
system contains user authentication information, services, syslog, ntp, and other system wide settings
interfaces contains physical and logical interface configurations. Note: “family inet”, which contains the ip address, is under the logical “unit” hierarchy
routing-options contains static routes and AS and confederation information
protools contains routing protocol configuration for bgp, ospf, isis, etc
policy contains routing policy, dampening policy, community membership, and as-path definitions
To look at individual sections of the config, use “show context“. Here are some examples:
[edit]
usr@routerg# show interfaces so-1/2/2
description “University Sonet - local wire”;
keepalives;
clocking internal;
encapsulation cisco-hdlc;
sonet-options {
fcs 16;
payload-scrambler;
}
unit 0 {
family inet {
address 192.168.3.1/30;
}
}
You can use as much or as little context as you need. If Just want to verify the address for the above interfaces, do this:
[edit]
usr@routerg# show interfaces so-1/2/2 unit 0 family inet
address 192.168.3.1/30;
The line above the prompt tells you your location within the config heirarchy. To change your context, use the “edit” command:
[edit]
usr@routerg# edit interfaces so-1/2/2
[edit interfaces so-1/2/2]
usr@routerg#
“up” will take you up one level of the heirarchy, and “top” will take you back to the top of the heirarchy.
If you ever need to make a temporary change to the configuration (something that isn’t meant to last more than an hour or so), you can do this via the CLI configuration mode. For all other changes you should use the tools.
To change the configuration use the “set” and “delete” commands. When you change the configuration, you are actually changing a “candidate” config, not the activce config. In order to make the candidate config active you need to run “commit”. Here’s an example of setting a loopback on a sonet interface:
[edit interfaces so-1/2/2]
usr@routerg# set sonet-options loopback remote
[edit interfaces so-1/2/2]
usr@routerg# show sonet-options
fcs 16;
loopback remote;
payload-scrambler;
[edit interfaces so-1/2/2]
usr@routerg# commit
commit complete
The following shows the loop being removed:
[edit interfaces so-1/2/2]
usr@routerg# delete sonet-options loopback
[edit interfaces so-1/2/2]
usr@routerg# show sonet-options
fcs 16;
payload-scrambler;
[edit interfaces so-1/2/2]
usr@routerg# commit
commit complete
If you make a mistake, you can either load the proper configuration from the config server and commit it, or you can use the “rollback” command to recover the previous config (prior to the last commit) and commit it. Both these methods also work to undo temporary changes.
Troubleshooting
The following commands will be useful for troubleshooting. You can find more commands in the Juniper manuals.
Command Notes
show interfaces terse shows a list of all interfaces and their status
show interfaces descriptions shows a list of all interfaces and their configured descriptions
show interfaces intfc [extensive] shows specific interfaces statistics. Using “extensive” will show very detailed statistics which can be a great help in circuit troubleshooting
show bgp summary lists all configured bgp sessions and their status
show route prefix [terse] shows routing information for the givin prefix. Note that inet.0 is the unicast rib and probably the one you’re most concerned with. Using “terse” may make the routing information a bit easier to read.
show route receive-protocol bgp neighbor shows all routes received via bgp from the given neighbor
ping destination [rapid] pings the given destination address. Using “rapid” will send only 5 pings and give the output in a cisco-like format. Otherwise, the ping continues until it receives a break and gives the output in a unix-like format.
ping destination bypass-routing Will cause the ping to be sourced from the interface it exits rather than the loopback interface.
Tidak ada komentar:
Posting Komentar