Juniper FAQ
From Teknologisk videncenter
Contents
- 1 Juniper FAQ
- 1.1 Interface Ranges på JunOS
- 1.2 Hvordan resetter man til fabriks indstillinger?
- 1.3 Kan syslog filer deles i flere, som med traceoptions?
- 1.4 Kan man lave en no keepalive på juniper?
- 1.5 Hvordan ser man matches på en Route Policy?
- 1.6 Hvordan laver man en IPv6 Default Route?
- 1.7 Hvordan ser man rollback configurationen?
- 1.8 Hvad gør man hvis den booter fra backup Junos OS?
- 1.9 Hvilke applicatiner er på forhånd defineret i JunOS?
- 1.10 Hvordan ser man comments på de sidste commits
- 1.11 Hvordan smider man en bruger af
- 2 References
Juniper FAQ
Interface Ranges på JunOS
Hvordan resetter man til fabriks indstillinger?
[edit]
root@SRX240# <input>load factory-default</input>Kan syslog filer deles i flere, som med traceoptions?
[edit system syslog]
root@SRX240# show
file messages {
any any;
archive size 512k files 10 world-readable;
}
Kan man lave en no keepalive på juniper?
[edit interfaces ge-0/0/0]
root@SRX240# show
gigether-options {
loopback;
}
Hvordan ser man matches på en Route Policy?
Under [edit routing-options] opretter man en traceoption med flag policy, der matcher alt fra en routing policy. I Routing politikken tilføjer man trace under then for at logge det[2].
routing-options {
traceoptions {
file policy-log size 512k files 10 world-readable;
flag policy;
}
}
policy-options {
policy-statement BGP-EXPORT-POLICY {
term MATCH-AGG {
from protocol aggregate;
then accept;
}
term DENY-OTHER {
then {
trace;
reject;
}
}
}
}
Hvordan laver man en IPv6 Default Route?
routing-options {
rib inet6.0 {
static {
route ::/0 next-hop 2001:218:420:146::1;
}
}
}
Hvordan ser man rollback configurationen?
Rollback configurationen kan kun vises fra operational mode, og ikke med run kommandoen.[3]
show system rollback <num>
root@SRX240> show system rollback 2 compare 3
[edit system]
+ services {
+ ssh;
+ telnet;
+ }
Hvad gør man hvis den booter fra backup Junos OS?
Man installerer OS igen, eller kopierer snapshot over på primare partition[4].
Her er det vist på en SRX100:
login: root --- JUNOS 10.2R3.10 built 2010-10-16 20:36:59 UTC *********************************************************************** ** ** ** WARNING: THIS DEVICE HAS BOOTED FROM THE BACKUP JUNOS IMAGE ** ** ** ** It is possible that the primary copy of JUNOS failed to boot up ** ** properly, and so this device has booted from the backup copy. ** ** ** ** Please re-install JUNOS to recover the primary copy in case ** ** it has been corrupted. ** ** ** *********************************************************************** root@% cli root> request system snapshot slice alternate Formatting alternate root (/dev/da0s1a)... Copying '/dev/da0s2a' to '/dev/da0s1a' .. (this may take a few minutes) The following filesystems were archived: / root> request system reboot Reboot the system ? [yes,no] (no) yes Shutdown NOW! [pid 1521] root> *** FINAL System shutdown message from root@SRX100 *** System going down IMMEDIATELY
Hvilke applicatiner er på forhånd defineret i JunOS?
De kan alle findes med:
show configuration groups junos-defaults applications
Hvordan ser man comments på de sidste commits
De kan findes med[5]:
root@SRX240> show system commit
0 2014-09-29 20:36:24 CEST by root via cli
Change the entire setup to vlan interfaces and added vlans, with voice vlan
1 2014-09-29 20:34:11 CEST by root via cli commit confirmed, rollback in 3mins
Change the entire setup to vlan interfaces and added vlans, with voice vlan
2 2014-09-29 19:46:37 CEST by root via cli
3 2014-09-25 20:21:32 CEST by root via cli
Added a static ipv6 route to merc
4 2014-09-25 20:12:51 CEST by root via cli
GRE Tunnel interface in trust zone
5 2014-09-25 20:05:22 CEST by root via cli
Moved GRE config back to GR unit 0
6 2014-09-25 19:56:32 CEST by root via cli
Change tunnel to ipv4-ipv6
7 2014-09-25 19:54:17 CEST by root via cli
Added gre tunnel to mercantec
8 2014-09-21 09:29:17 CEST by root via cli
Change NTP to Ubuntu.com and added any any to syslog
9 2014-09-20 13:32:35 CEST by root via cli
Added D-LINK Switch to static DHCP
10 2014-08-30 12:29:41 CEST by root via cli
Added IPSec VPN Forward to VPNGW
11 2014-08-30 12:17:54 CEST by root via cli
Added LinuxBox as Syslog Sevrer
12 2014-08-25 13:17:55 CEST by root via cli
Added the policy to allow SSH, again
13 2014-08-25 13:03:56 CEST by root via other
14 2014-08-25 12:53:43 CEST by root via cli commit confirmed, rollback in 10mins
Added the policy to allow SSH
15 2014-08-25 11:00:11 CEST by root via cli
Added NAT 1212->12 for Rasp
16 2014-08-25 10:59:48 CEST by root via cli commit confirmed, rollback in 10mins
17 2014-08-25 10:56:49 CEST by root via cli commit confirmed, rollback in 10mins
Added NAT 1212->12 for Rasp
18 2014-08-24 16:37:50 CEST by root via cli
Paket-based ipv6 forwarding
19 2014-08-24 16:05:52 CEST by root via cli
removed the screen from the zone
20 2014-08-24 15:58:12 CEST by root via cli
Change syn-flod timeout to 50
21 2014-08-24 15:55:50 CEST by root via cli
Back to rollback 2
22 2014-08-24 15:42:24 CEST by root via cli
Deleted the TCP subtree under screen
23 2014-08-24 15:39:14 CEST by root via cli
Removed the synflood timeout
24 2014-08-24 15:27:47 CEST by root via cli
Added ping on ipv4 and removed all services on ipv6
25 2014-08-24 15:10:13 CEST by root via cli
Changed the forwarding mode to Flow-based for IPv6
26 2014-08-24 14:38:08 CEST by root via cli
Using IPv6 Flow-based again
27 2014-08-24 14:21:28 CEST by root via other
28 2014-08-24 14:01:59 CEST by root via cli
Rolled back to the Google DNS
29 2014-08-24 13:58:40 CEST by root via cli
Change the DNS server for Netflix Hack
30 2014-08-13 22:43:07 CEST by root via cli
Added FE4 to the management stack
31 2014-07-31 15:33:29 CEST by root via cli
Enabled IGMP on fe4 interface
32 2014-07-04 15:41:24 CEST by root via cli
Added prefixes and inet6 is still in packet-mode
33 2014-07-04 15:26:05 CEST by root via cli
34 2014-07-04 15:22:40 CEST by root via cli
back to basic
35 2014-07-04 15:20:53 CEST by root via cli
inet6 packet-based
36 2014-07-04 15:16:59 CEST by root via cli
Atempted to fix the IPv6 problem with permit all on ip0/0/0.6
37 2014-07-03 10:57:40 CEST by root via cli
removed prefix on fe0/0/4
38 2014-07-02 23:48:43 CEST by root via cli
Rolled back to configuration with IPv6 advetisements on fe 0/0/4
39 2014-07-02 23:24:43 CEST by root via cli
temp deleted IPv6 advertisements from fe0/0/4
40 2014-07-02 23:20:35 CEST by root via cli
Deleted IPv6 advertisements on fe0/0/6
41 2014-07-02 23:14:38 CEST by root via cli
Removed Erronous prefix on fe0/0/5
42 2014-07-02 22:06:11 CEST by root via cli
Added Boot sever and file
43 2014-07-02 21:10:45 CEST by root via cli
Added Rasps to static DHCP bindings
44 2014-07-02 20:53:31 CEST by root via cli
45 2014-07-02 20:52:54 CEST by root via cli
46 2014-07-02 20:52:14 CEST by root via cli
47 2014-07-02 20:50:46 CEST by root via cli
48 2014-07-02 20:47:51 CEST by root via cli
49 2014-07-02 20:38:42 CEST by root via cli
rescue 2014-09-29 16:21:50 CEST by root via cli
root@SRX240>
Hvordan smider man en bruger af
Ved at requeste det[6]:
root@SRX240> show system users 9:02PM up 36 days, 4:23, 2 users, load averages: 0.09, 0.07, 0.08 USER TTY FROM LOGIN@ IDLE WHAT root p0 10.1.0.25 8:35PM - -cli (cli) root p1 10.1.0.25 7:47PM 29 -cli (cli) root@SRX240> request system logout terminal p1 root@SRX240>
References
- ↑ http://kb.juniper.net/InfoCenter/index?page=content&id=KB15725&smlogin=true
- ↑ http://www.juniper.net/techpubs/en_US/junos9.5/information-products/topic-collections/config-guide-policy/policy-configuring-actions-in-routing-policy-terms.html#id-10467981
- ↑ http://www.juniper.net/techpubs/en_US/junos/topics/reference/command-summary/show-system-rollback.html
- ↑ http://www.juniper.net/techpubs/software/junos-security/junos-security10.2/junos-security-admin-guide/jd0e34995.html
- ↑ http://www.juniper.net/documentation/en_US/junos13.2/topics/reference/command-summary/show-system-rollback.html
- ↑ http://kb.juniper.net/InfoCenter/index?page=content&id=KB9341