JUNOS Cheat-Sheet Quick Reference www.cciezone.com

Similar documents
Example: Configuring VoIP on an EX Series Switch Without Including 802.1X Authentication

Network Configuration Example

INDIAN INSTITUTE OF TECHNOLOGY BOMBAY MATERIALS MANAGEMENT DIVISION : (+91 22) (DR)

CCT vs. CCENT Skill Set Comparison

SRX High Availability Design Guide

AT-S60 Version Management Software for the AT-8400 Series Switch. Software Release Notes

Cisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)

20 GE + 4 GE Combo SFP G Slots L3 Managed Stackable Switch

IMPLEMENTING CISCO SWITCHED NETWORKS V2.0 (SWITCH)

EX Series Technical Details

Implementing L2 at the Data Center Access Layer on Juniper Networks Infrastructure

VIRTUAL CHASSIS TECHNOLOGY BEST PRACTICES

TotalCloud Phone System

Deploying IP Telephony with EX-Series Switches

Network Configuration Example

DCS CT-POE fully loaded AT PoE Switch Datasheet

Configuring DHCP Snooping

DCS C Fast Ethernet Intelligent Access Switch Datasheet

20 GE PoE-Plus + 4 GE PoE-Plus Combo SFP + 2 GE SFP L2 Managed Switch, 370W

AT-S95 Version AT-8000GS Layer 2 Stackable Gigabit Ethernet Switch Software Release Notes

Feature Support Cisco 2960 Cisco 2960S Brocade ICX 6450 Brocade ICX GE SFP, 2 10GE SFP+, 4 1GE SFP, 2 DUAL PURPOSE PORTS, 1GE OR SFP

48 GE PoE-Plus + 2 GE SFP L2 Managed Switch, 375W

Optimizing VoIP Applications with Juniper Networks EX3200 and EX4200 Line of Ethernet Switches

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version Rev.

Monitoring and Analyzing Switch Operation

DEPLOYING IP TELEPHONY WITH EX SERIES ETHERNET SWITCHES

ADMINISTRATION GUIDE Cisco Small Business

Configure IOS Catalyst Switches to Connect Cisco IP Phones Configuration Example

EX 3500 ETHERNET SWITCH

ZyXEL GS2210-8HP V4.10(AASQ.1)C0 Release Note/Manual Supplement

Juniper Networks Certified Internet Specialist Fast Track

Deployment Guide for SRX Series Services Gateways in Chassis Cluster Configuration

Junos OS for EX Series Ethernet Switches

Junos OS for EX Series Ethernet Switches

24 GE + 2 GE SFP L2 Managed Switch

TP-LINK. JetStream 28-Port Gigabit Stackable L3 Managed Switch. Overview. Datasheet T3700G-28TQ.

Using Link Layer Discovery Protocol in Multivendor Networks

GS752TP, GS728TP, and GS728TPP Gigabit Smart Switches

Network Configuration Example

Juniper Networks EX Series/ Cisco Catalyst Interoperability Test Results. May 1, 2009

Apple Airport Extreme Base Station V4.0.8 Firmware: Version 5.4

User Guide XMS-1024P 24 Port Gigabit Managed PoE/PoE+ Switch

Juniper / Cisco Interoperability Tests. August 2014

Junos OS for EX Series Ethernet Switches

16-PORT POWER OVER ETHERNET WEB SMART SWITCH

Datasheet. Managed PoE+ Gigabit Switches with SFP. Models: ES W, ES W, ES W, ES W

Web Browser Interface User s Guide

Note: This case study utilizes Packet Tracer. Please see the Chapter 5 Packet Tracer file located in Supplemental Materials.

Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance

APPLICATION NOTE. Copyright 2011, Juniper Networks, Inc. 1

ProSafe Managed Switch

Switching in an Enterprise Network

How To Configure Voice Vlan On An Ip Phone

Ethernet Switch. CLI Reference Guide. Default Login Details. Firmware Version 3.79, 3.80, 3.90 and

CCNP SWITCH: Implementing High Availability and Redundancy in a Campus Network

AT-GS950/8. AT-GS950/8 Web Users Guide AT-S107 [ ] Gigabit Ethernet Smart Switch Rev A

"Charting the Course...

Cisco Networking Professional-6Months Project Based Training

TP-LINK. 24-Port Gigabit L2 Managed PoE Switch with 4 Combo SFP Slots. Overview. Datasheet TL-SG3424P.

Junos Switching Basics

Configuring LLDP, LLDP-MED, and Location Service

Magnum Network Software DX

ALLNET ALL-SG8926PM Layer 2 FULL Management 24 Port Giga PoE Current Sharing Switch IEEE802.3at/af

TP-LINK. 24-Port 10/100Mbps + 4-Port Gigabit L2 Managed Switch. Overview. Datasheet TL-SL5428E.

CT5760 Controller and Catalyst 3850 Switch Configuration Example

48 GE PoE-Plus + 2 GE SFP L2 Managed Switch, 375 W

TP-LINK. 24-Port 10/100Mbps + 4-Port Gigabit L2 Managed Switch. Overview. Datasheet TL-SL

HARTING Ha-VIS Management Software

Ruckus Wireless ZoneDirector Command Line Interface

TP-LINK. 24-Port Gigabit L2 Managed Switch with 4 SFP Slots. Overview. Datasheet TL-SG

Configuring the Edgewater 4550 for use with the Bluestone Hosted PBX

How To Learn Cisco Cisco Ios And Cisco Vlan

TP-LINK 24-Port Gigabit L2 Managed Switch with 4 SFP Slots

AT-S63 Version Management Software for the AT-9400 Basic Layer 3 Gigabit Ethernet Switches Software Release Notes

Chapter 7 Lab 7-1, Configuring Switches for IP Telephony Support

Management Software. User s Guide AT-S84. For the AT-9000/24 Layer 2 Gigabit Ethernet Switch. Version Rev. B

Cisco - Configure the 1721 Router for VLANs Using a Switch Module (WIC-4ESW)

NAC Guest. Lab Exercises

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Junos OS. Layer 2 Bridging and Transparent Mode for Security Devices. Release 12.1X44-D10. Published:

Installation of the On Site Server (OSS)

AT-S105 Version Management Software Release Notes AT-FS750/24POE and AT-FS750/48 Fast Ethernet WebSmart Switches

Junos OS for EX Series Ethernet Switches

P330-ML Version 4.5 Release Notes

IMPLEMENTING VMWARE SERVER VIRTUALIZATION ON JUNIPER NETWORKS INFRASTRUCTURE

JetNet 5428Gv2. Features. Industrial 24FE+4G Gigabit Managed Ethernet Switch INDUSTRIAL ETHERNET RACKMOUNT SWITCH

Implementing L3 at the Data Center Access Layer on Juniper Networks Infrastructure

OLT LTP-8X_v Appendix to Operation Manual OLT LTP-8X Quick Configuration Guide Central Office Node Terminal

Interoperability between Mitel IP Phones and ProCurve Switches

Juniper Networks EX Series Ethernet Switches/ Cisco VoIP Interoperability Test Results. September 25, 2009

Lab Organizing CCENT Objectives by OSI Layer

High Performance 10Gigabit Ethernet Switch

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0

Implementing VMware Server Virtualization on Juniper Networks Infrastructure

ZyXEL MGS-3712F V3.90(BBB.4)C0 Release Note/Manual Supplement

TP-LINK L2 Managed Switch

ALL8894WMP. User s Manual. 8-Port 10/100/1000Mbps with 4-port PoE. Web Management Switch

INTEGRATING FIREWALL SERVICES IN THE DATA CENTER NETWORK ARCHITECTURE USING SRX SERIES SERVICES GATEWAY

Interconnecting Cisco Network Devices 1 Course, Class Outline

Configuring iscsi Multipath

Transcription:

JUNOS Cheat-Sheet Active /config/juniper.conf.gz Rollbacks n = 1-3 n = 4-49 Stored in /config/juniper.conf.n.gz Stored in /config/db/config/juniper.conf.n.gz Rescue /config/rescue.conf.gz JUNOS Images Should be stored in /var/tmp for easy cleanup Disable Enable interface <name> shutdown interface <name> no shutdown IOS JUNOS set interface <name> disable delete interface <name> disable help topic help reference General topics Syntax help syslog Lookup syslog msgs (all are operational-mode commands) Upgrade request system software add Reboot request system reboot Shutdown request system power-off There is no default rescue config don t forget to create it! Create Rollback request system configuration rescue save [edit] rollback rescue Login as root, run ezsetup Connect to ge-0/0/0, use DHCP and access 192.168.1.1 (web or telnet/ssh) Choose Enter Ezsetup from LCD screen Connect to me0 and access 192.168.2.1 (EX-series) (apply/restore) Press the config button for less than 5 seconds Show show system uptime set system time-zone Set set date Set Timezone Set (NTP) set date ntp <IP> Show (NTP) show ntp associations Set Root password Enable SSH Disable Telnet Set Hostname set system root-authentication plain-text-password set system services ssh delete system services telnet set system host-name <name>

- All ports are family ethernet-switching - PoE is enabled on all PoE-capable ports - LLDP and RSTP enabled - Virtual chassis system ID is 0 (zero) - mastership-priority of 128 The EX-series can be an NTP server! Reset back to default Juniper EX-series Cheat Sheet load factory-default Each EX 4200 comes with a ½-meter VCB - Up to 64 MSTP instances are supported - Configure under [edit protocols] hierarchy (stp, rstp and mstp) - Use Redundant Trunk Groups (RTGs) to have a failover/ secondary link without the use of STP Up to 16 RTGs are supported per switch show spanning-tree bridge show spanning-tree interface show spanning-tree statistics interface show spanning-tree mstp configuration redundant-trunk-group { group rtg10 { interface ge-0/0/3.0; interface ge-0/0/4.0; show redundant-trunk-group Pre-emption is enabled by default, highest priority wins VCPs Virtual Chassis Ports form the backplane VCB VCEPs VCCP VME PFE Virtual Chassis Backplane cables interconnects switches into a VCS Virtual Chassis Extender Ports uses fiber to interconnect remote switches Only supported on 10Gbps uplink module Configure a VME Up to 10 (ten) EX 4200s can be stacked into a VCS Virtual Chassis Control Protocol used to exchange LSA-based discovery messages between PFEs in a VCS Virtual Management Ethernet interface used to administer the switch stack Packet Forwarding Engine 24-port EX 4200s have 2 PFEs 48-port EX 4200s have 3 PFEs request virtual-chassis vc-port set pic-slot <#> port <#> - Up to 8 interfaces in a single LAG - Max # LAGs: EX 3200 = 32 LAGs per switch EX 4200 = 64 LAGs per switch VCS = 128 LAGs per VCS - Trunks do not have to have a native VLAN If me0 isn t configured as a L3 interface, it is automatically assigned to the mgmt VLAN 1. Set the number of ae interfaces set chassis aggregated-devices ethernet device-count <#> - show chassis hardware - show virtual-chassis status - show virtual-chassis active-topology - show virtual-chassis interfaces - show virtual-chassis member-config - show virtual-chassis protocol Remember that all ports by default are access ports 2. Bind the physical interface to the ae interface set interfaces <name> etheroptions 802.3ad <ae_int> Provides inter-vlan routing. Like an SVI on IOS. [edit interfaces] vlan { unit 200 { family inet { address 10.1.1.1/24 [edit vlans] test { vlan-id 200; l3-interface vlan.200; The VLAN unit doesn t have to match the VLAN ID best-practices recommend it 1. Set the port mode to trunk family ethernet-switching portmode trunk 2. Set the VLAN membership on the trunk family ethernet-switching vlan members <name(s)> 3. Set the native VLAN (optional) family ethernet-switching native-vlan-id <name> 3. Set the ae interface properties (physical and logical) Ports can be: L2 Configure family ethernet-switching L3 Configure family inet

Ingress / Received Packet Port (PACL) This is only used if it s routed outside of the VLAN VLAN (VACL) Juniper EX-series Cheat Sheet Router (RACL) VLAN (VACL) Egress / Transmit Packet MAC Limiting protects the CAM: Only allows statically-defined MAC addresses Limits the number of dynamically-learned MAC addresses MAC Limiting actions: shutdown (blocks data traffic & generates system log entry) drop (drops the packet and generates a system log entry) log (does not drop packet, but generates a system log entry) none (do not do anything) Mitigate rogue DHCP servers! Default Port Trusts: Access port = untrusted Trunk port = trusted dhcp-trusted; interface ge-0/0/1.0 { no-dhcp-trusted; vlan test { examine-dhcp; allowed-mac [ 00:00:00:00:00:01 ]; interface ge-0/0/1.0 { mac-limit 2 action shutdown; Examine show ethernet-switching table to view the MAC table. Use clear ethernet-switching table interface <name> to clear violations. Look at show log messages for MAC Limiting violation messages. show dhcp snooping binding clear dhcp snooping binding DHCP traceoptions are logged to /var/log/fud by default [edit system services dhcp] pool 10.0.0.0/24 { address-range low 10.0.0.1 high 10.0.0.200; exclude-address { 10.0.0.1; maximum-lease-time 86400; default-lease-time 86400; name-server { 10.0.10.10; router { 10.0.0.254; dhcp-trusted; vlan test { arp-inspection; examine-dhcp; show system services dhcp? clear system services dhcp conflict - Relies on examining entries in the DHCP Snooping table, so requires DHCP Snooping - Disabled on all VLANs by default - It is enabled on a per-vlan basis - Any interface that is configured as a trusted interface for DHCP Snooping is also setup as a DAI trusted interface (bypasses ARP inspection) Monitoring Commands: show dhcp snnoping bindings show arp inspection statistics [edit forwarding-options helpers bootp] description Main DHCP relay ; server 10.0.40.2; maximum-hop-count 4; minimum-wait-time 1; interface { vlan.2 { no-listen; 802.1X port modes: single (default only first host is authenticated, all other hosts piggy-back on the first supplicant) single-secure (only permits a single supplicant, all others are denied) multiple (permits access for multiple supplicant, each supplicant is authenticated individually) 802.1X Parameters & Options Default Reauthentication Period: 3600 seconds Range: 1 to 65,535 seconds A Guest VLAN can be configured and is used when: When authentication fails When a client doesn t respond (have a supplicant) MAC Static List is an authentication bypass for non-802.1x hosts. MAC addresses are stored locally on the device. [edit protocols dot1x authenticator] interface { ge-0/0/0.0 { guest-vlan test-guest-vlan; reauthentication 3600; supplicant single-secure; ge-0/0/3.0 { no-reauthentication; Static { 00:00:00:00:00:01 { interface ge-0/0/0.0; 00:00:00:00:00:02; Monitoring Commands: show dot1x interface Show dot1x static-mac-address show dot1x authentication-failed-users

Juniper EX-series Cheat Sheet - All switch ports are assigned to class 0 by default - Modes: Static max power for port is deducted from total power pool (only supports class 0) Dynamic power budgeted from total power pool matches actual power consumed Class max power class budget is deducted from the total power pool - PoE Telemetries provide historical power usage for each powered device (PD) Disabled by default Default interval is 5 minutes (1 to 30 mins) Default duration is 1 hour (1 to 24 hrs) [edit poe] interface ge-0/0/0 { priority high; maximum-power 15.4; telemetries { interval 5; duration 1; interface ge-0/0/1 { telemetries { disable; show chassis hardware show poe controller show poe interface - Fully interchangeable between EX 3200 and 4200 series switches - 320W, 600W and 930W capacities are available - Configure CoS before enabling voice VLAN - Use voice VLAN on ports with IP phones - Use LLDP-MED to signal voice VLAN ID and 802.1p value to IP phone voip { interface ge-0/0/0 { LLDP Multicast Address: 01-80-C2-00-00-0E vlan test-voice; forwarding-class voice-ep; show vlans detail <name> - All mandatory LLDP TLVs are sent when LLDP is enabled - All optional LLDP and LLDP-MED TLVs are enabled by default [edit protocols] lldp { advertisement-interval 30; hold-multiplier 2; msgtxinterval 30; msgtxhold 4; lldp-med; show lldp statistics show lldp detail show lldp neighbors show lldp local-info Assessment Maintenance Design and Implementation

Juniper EX-series Cheat Sheet - 24 to 48-ports Basic model has 8 PoE ports Up to 48 PoE ports are supported - Does not support VCS - Intended for access layer usage - Supports redundant power supplies (one internal, one via RPS port) - Field-replaceable PS and fan tray - Uplink modules: 4 x 1Gbps Ethernet (SFP) 2 x 10Gbps Ethernet (XFP) - Line-rate switching (non-blocking) - 24 to 48-ports Basic model has 8 PoE ports Up to 48 PoE ports are supported - Supports VCS (up to 10 switches in a VCS) - Intended for distribution and access layer usage - Redundant (both internal), hot-swappable PS - Field-replaceable fan tray (3 fans one can fail & not affect operations) - Uplink modules: 4 x 1Gbps Ethernet (SFP) 2 x 10Gbps Ethernet (XFP) - Line-rate switching (non-blocking) Routing Engine (RE) Bridging (BT) Routing (RT) Fwding (FT) Control Plane Forwarding Plane JUNOS Software Packet Forwarding Engine (PFE) Packet Flow Bridging (BT) Fwding (FT) Packet Flow

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information