Difference between revisions of "Juniper FAQ"
From Teknologisk videncenter
m (→Kan man lave en no keepalive på juniper?) |
m |
||
| (16 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
=Juniper FAQ= | =Juniper FAQ= | ||
| − | ==Kan syslog filer deles i flere | + | ==Interface Ranges på JunOS== |
| + | [http://www.juniper.net/techpubs/en_US/junos14.2/topics/task/configuration/interface-ranges.html Configuring Interface Ranges] | ||
| + | |||
| + | ==Hvordan resetter man til fabriks indstillinger?== | ||
| + | <source lang=cli> | ||
| + | [edit] | ||
| + | root@SRX240# <input>load factory-default</input> | ||
| + | </source> | ||
| + | <ref>http://kb.juniper.net/InfoCenter/index?page=content&id=KB15725&smlogin=true</ref> | ||
| + | ==Kan syslog filer deles i flere, som med traceoptions?== | ||
<pre> | <pre> | ||
[edit system syslog] | [edit system syslog] | ||
| Line 9: | Line 18: | ||
} | } | ||
</pre> | </pre> | ||
| + | |||
==Kan man lave en no keepalive på juniper?== | ==Kan man lave en no keepalive på juniper?== | ||
<pre> | <pre> | ||
| Line 18: | Line 28: | ||
</pre> | </pre> | ||
==Hvordan ser man matches på en Route Policy?== | ==Hvordan ser man matches på en Route Policy?== | ||
| + | Under [edit routing-options] opretter man en traceoption med flag '''policy''', der matcher alt fra en routing policy. I Routing politikken tilføjer man '''trace''' under then for at logge det<ref>http://www.juniper.net/techpubs/en_US/junos9.5/information-products/topic-collections/config-guide-policy/policy-configuring-actions-in-routing-policy-terms.html#id-10467981</ref>. | ||
<pre> | <pre> | ||
routing-options { | routing-options { | ||
| Line 40: | Line 51: | ||
} | } | ||
</pre> | </pre> | ||
| + | ==Hvordan laver man en IPv6 Default Route?== | ||
| + | <pre> | ||
| + | |||
| + | routing-options { | ||
| + | rib inet6.0 { | ||
| + | static { | ||
| + | route ::/0 next-hop 2001:218:420:146::1; | ||
| + | } | ||
| + | } | ||
| + | } | ||
| + | </pre> | ||
| + | ==Hvordan ser man rollback configurationen?== | ||
| + | Rollback configurationen kan kun vises fra operational mode, og ikke med run kommandoen.<ref>http://www.juniper.net/techpubs/en_US/junos/topics/reference/command-summary/show-system-rollback.html</ref><br/> | ||
| + | '''show system rollback <num>''' | ||
| + | <pre> | ||
| + | root@SRX240> show system rollback 2 compare 3 | ||
| + | [edit system] | ||
| + | + services { | ||
| + | + ssh; | ||
| + | + telnet; | ||
| + | + } | ||
| + | </pre> | ||
| + | ==Hvad gør man hvis den booter fra backup Junos OS?== | ||
| + | Man installerer OS igen, eller kopierer snapshot over på primare partition<ref>http://www.juniper.net/techpubs/software/junos-security/junos-security10.2/junos-security-admin-guide/jd0e34995.html</ref>.<br/> | ||
| + | Her er det vist på en SRX100: | ||
| + | <pre> | ||
| + | login: root | ||
| + | |||
| + | --- JUNOS 10.2R3.10 built 2010-10-16 20:36:59 UTC | ||
| + | |||
| + | *********************************************************************** | ||
| + | ** ** | ||
| + | ** WARNING: THIS DEVICE HAS BOOTED FROM THE BACKUP JUNOS IMAGE ** | ||
| + | ** ** | ||
| + | ** It is possible that the primary copy of JUNOS failed to boot up ** | ||
| + | ** properly, and so this device has booted from the backup copy. ** | ||
| + | ** ** | ||
| + | ** Please re-install JUNOS to recover the primary copy in case ** | ||
| + | ** it has been corrupted. ** | ||
| + | ** ** | ||
| + | *********************************************************************** | ||
| + | |||
| + | |||
| + | root@% cli | ||
| + | root> request system snapshot slice alternate | ||
| + | Formatting alternate root (/dev/da0s1a)... | ||
| + | |||
| + | Copying '/dev/da0s2a' to '/dev/da0s1a' .. (this may take a few minutes) | ||
| + | The following filesystems were archived: / | ||
| + | |||
| + | root> request system reboot | ||
| + | Reboot the system ? [yes,no] (no) yes | ||
| + | |||
| + | Shutdown NOW! | ||
| + | [pid 1521] | ||
| + | |||
| + | root> | ||
| + | *** FINAL System shutdown message from root@SRX100 *** | ||
| + | System going down IMMEDIATELY | ||
| + | </pre> | ||
| + | ==Hvilke applicatiner er på forhånd defineret i JunOS?== | ||
| + | De kan alle findes med: | ||
| + | <pre> | ||
| + | show configuration groups junos-defaults applications | ||
| + | </pre> | ||
| + | ==Hvordan ser man comments på de sidste commits== | ||
| + | De kan findes med<ref>http://www.juniper.net/documentation/en_US/junos13.2/topics/reference/command-summary/show-system-rollback.html</ref>: | ||
| + | <pre> | ||
| + | root@SRX240> show system commit | ||
| + | 0 2014-09-29 20:36:24 CEST by root via cli | ||
| + | Change the entire setup to vlan interfaces and added vlans, with voice vlan | ||
| + | 1 2014-09-29 20:34:11 CEST by root via cli commit confirmed, rollback in 3mins | ||
| + | Change the entire setup to vlan interfaces and added vlans, with voice vlan | ||
| + | 2 2014-09-29 19:46:37 CEST by root via cli | ||
| + | 3 2014-09-25 20:21:32 CEST by root via cli | ||
| + | Added a static ipv6 route to merc | ||
| + | 4 2014-09-25 20:12:51 CEST by root via cli | ||
| + | GRE Tunnel interface in trust zone | ||
| + | 5 2014-09-25 20:05:22 CEST by root via cli | ||
| + | Moved GRE config back to GR unit 0 | ||
| + | 6 2014-09-25 19:56:32 CEST by root via cli | ||
| + | Change tunnel to ipv4-ipv6 | ||
| + | 7 2014-09-25 19:54:17 CEST by root via cli | ||
| + | Added gre tunnel to mercantec | ||
| + | 8 2014-09-21 09:29:17 CEST by root via cli | ||
| + | Change NTP to Ubuntu.com and added any any to syslog | ||
| + | 9 2014-09-20 13:32:35 CEST by root via cli | ||
| + | Added D-LINK Switch to static DHCP | ||
| + | 10 2014-08-30 12:29:41 CEST by root via cli | ||
| + | Added IPSec VPN Forward to VPNGW | ||
| + | 11 2014-08-30 12:17:54 CEST by root via cli | ||
| + | Added LinuxBox as Syslog Sevrer | ||
| + | 12 2014-08-25 13:17:55 CEST by root via cli | ||
| + | Added the policy to allow SSH, again | ||
| + | 13 2014-08-25 13:03:56 CEST by root via other | ||
| + | 14 2014-08-25 12:53:43 CEST by root via cli commit confirmed, rollback in 10mins | ||
| + | Added the policy to allow SSH | ||
| + | 15 2014-08-25 11:00:11 CEST by root via cli | ||
| + | Added NAT 1212->12 for Rasp | ||
| + | 16 2014-08-25 10:59:48 CEST by root via cli commit confirmed, rollback in 10mins | ||
| + | 17 2014-08-25 10:56:49 CEST by root via cli commit confirmed, rollback in 10mins | ||
| + | Added NAT 1212->12 for Rasp | ||
| + | 18 2014-08-24 16:37:50 CEST by root via cli | ||
| + | Paket-based ipv6 forwarding | ||
| + | 19 2014-08-24 16:05:52 CEST by root via cli | ||
| + | removed the screen from the zone | ||
| + | 20 2014-08-24 15:58:12 CEST by root via cli | ||
| + | Change syn-flod timeout to 50 | ||
| + | 21 2014-08-24 15:55:50 CEST by root via cli | ||
| + | Back to rollback 2 | ||
| + | 22 2014-08-24 15:42:24 CEST by root via cli | ||
| + | Deleted the TCP subtree under screen | ||
| + | 23 2014-08-24 15:39:14 CEST by root via cli | ||
| + | Removed the synflood timeout | ||
| + | 24 2014-08-24 15:27:47 CEST by root via cli | ||
| + | Added ping on ipv4 and removed all services on ipv6 | ||
| + | 25 2014-08-24 15:10:13 CEST by root via cli | ||
| + | Changed the forwarding mode to Flow-based for IPv6 | ||
| + | 26 2014-08-24 14:38:08 CEST by root via cli | ||
| + | Using IPv6 Flow-based again | ||
| + | 27 2014-08-24 14:21:28 CEST by root via other | ||
| + | 28 2014-08-24 14:01:59 CEST by root via cli | ||
| + | Rolled back to the Google DNS | ||
| + | 29 2014-08-24 13:58:40 CEST by root via cli | ||
| + | Change the DNS server for Netflix Hack | ||
| + | 30 2014-08-13 22:43:07 CEST by root via cli | ||
| + | Added FE4 to the management stack | ||
| + | 31 2014-07-31 15:33:29 CEST by root via cli | ||
| + | Enabled IGMP on fe4 interface | ||
| + | 32 2014-07-04 15:41:24 CEST by root via cli | ||
| + | Added prefixes and inet6 is still in packet-mode | ||
| + | 33 2014-07-04 15:26:05 CEST by root via cli | ||
| + | 34 2014-07-04 15:22:40 CEST by root via cli | ||
| + | back to basic | ||
| + | 35 2014-07-04 15:20:53 CEST by root via cli | ||
| + | inet6 packet-based | ||
| + | 36 2014-07-04 15:16:59 CEST by root via cli | ||
| + | Atempted to fix the IPv6 problem with permit all on ip0/0/0.6 | ||
| + | 37 2014-07-03 10:57:40 CEST by root via cli | ||
| + | removed prefix on fe0/0/4 | ||
| + | 38 2014-07-02 23:48:43 CEST by root via cli | ||
| + | Rolled back to configuration with IPv6 advetisements on fe 0/0/4 | ||
| + | 39 2014-07-02 23:24:43 CEST by root via cli | ||
| + | temp deleted IPv6 advertisements from fe0/0/4 | ||
| + | 40 2014-07-02 23:20:35 CEST by root via cli | ||
| + | Deleted IPv6 advertisements on fe0/0/6 | ||
| + | 41 2014-07-02 23:14:38 CEST by root via cli | ||
| + | Removed Erronous prefix on fe0/0/5 | ||
| + | 42 2014-07-02 22:06:11 CEST by root via cli | ||
| + | Added Boot sever and file | ||
| + | 43 2014-07-02 21:10:45 CEST by root via cli | ||
| + | Added Rasps to static DHCP bindings | ||
| + | 44 2014-07-02 20:53:31 CEST by root via cli | ||
| + | 45 2014-07-02 20:52:54 CEST by root via cli | ||
| + | 46 2014-07-02 20:52:14 CEST by root via cli | ||
| + | 47 2014-07-02 20:50:46 CEST by root via cli | ||
| + | 48 2014-07-02 20:47:51 CEST by root via cli | ||
| + | 49 2014-07-02 20:38:42 CEST by root via cli | ||
| + | rescue 2014-09-29 16:21:50 CEST by root via cli | ||
| + | |||
| + | root@SRX240> | ||
| + | </pre> | ||
| + | |||
| + | ==Hvordan smider man en bruger af== | ||
| + | Ved at requeste det<ref>http://kb.juniper.net/InfoCenter/index?page=content&id=KB9341</ref>: | ||
| + | <pre> | ||
| + | root@SRX240> show system users | ||
| + | 9:02PM up 36 days, 4:23, 2 users, load averages: 0.09, 0.07, 0.08 | ||
| + | USER TTY FROM LOGIN@ IDLE WHAT | ||
| + | root p0 10.1.0.25 8:35PM - -cli (cli) | ||
| + | root p1 10.1.0.25 7:47PM 29 -cli (cli) | ||
| + | |||
| + | root@SRX240> request system logout terminal p1 | ||
| + | |||
| + | root@SRX240> | ||
| + | </pre> | ||
| + | |||
| + | =References= | ||
| + | <references /> | ||
| + | {{Source cli}} | ||
| + | [[Category:Juniper]] | ||
Latest revision as of 21:05, 11 January 2015
Contents
- 1 Juniper FAQ
- 1.1 Interface Ranges på JunOS
- 1.2 Hvordan resetter man til fabriks indstillinger?
- 1.3 Kan syslog filer deles i flere, som med traceoptions?
- 1.4 Kan man lave en no keepalive på juniper?
- 1.5 Hvordan ser man matches på en Route Policy?
- 1.6 Hvordan laver man en IPv6 Default Route?
- 1.7 Hvordan ser man rollback configurationen?
- 1.8 Hvad gør man hvis den booter fra backup Junos OS?
- 1.9 Hvilke applicatiner er på forhånd defineret i JunOS?
- 1.10 Hvordan ser man comments på de sidste commits
- 1.11 Hvordan smider man en bruger af
- 2 References
Juniper FAQ
Interface Ranges på JunOS
Hvordan resetter man til fabriks indstillinger?
[edit]
root@SRX240# <input>load factory-default</input>Kan syslog filer deles i flere, som med traceoptions?
[edit system syslog]
root@SRX240# show
file messages {
any any;
archive size 512k files 10 world-readable;
}
Kan man lave en no keepalive på juniper?
[edit interfaces ge-0/0/0]
root@SRX240# show
gigether-options {
loopback;
}
Hvordan ser man matches på en Route Policy?
Under [edit routing-options] opretter man en traceoption med flag policy, der matcher alt fra en routing policy. I Routing politikken tilføjer man trace under then for at logge det[2].
routing-options {
traceoptions {
file policy-log size 512k files 10 world-readable;
flag policy;
}
}
policy-options {
policy-statement BGP-EXPORT-POLICY {
term MATCH-AGG {
from protocol aggregate;
then accept;
}
term DENY-OTHER {
then {
trace;
reject;
}
}
}
}
Hvordan laver man en IPv6 Default Route?
routing-options {
rib inet6.0 {
static {
route ::/0 next-hop 2001:218:420:146::1;
}
}
}
Hvordan ser man rollback configurationen?
Rollback configurationen kan kun vises fra operational mode, og ikke med run kommandoen.[3]
show system rollback <num>
root@SRX240> show system rollback 2 compare 3
[edit system]
+ services {
+ ssh;
+ telnet;
+ }
Hvad gør man hvis den booter fra backup Junos OS?
Man installerer OS igen, eller kopierer snapshot over på primare partition[4].
Her er det vist på en SRX100:
login: root --- JUNOS 10.2R3.10 built 2010-10-16 20:36:59 UTC *********************************************************************** ** ** ** WARNING: THIS DEVICE HAS BOOTED FROM THE BACKUP JUNOS IMAGE ** ** ** ** It is possible that the primary copy of JUNOS failed to boot up ** ** properly, and so this device has booted from the backup copy. ** ** ** ** Please re-install JUNOS to recover the primary copy in case ** ** it has been corrupted. ** ** ** *********************************************************************** root@% cli root> request system snapshot slice alternate Formatting alternate root (/dev/da0s1a)... Copying '/dev/da0s2a' to '/dev/da0s1a' .. (this may take a few minutes) The following filesystems were archived: / root> request system reboot Reboot the system ? [yes,no] (no) yes Shutdown NOW! [pid 1521] root> *** FINAL System shutdown message from root@SRX100 *** System going down IMMEDIATELY
Hvilke applicatiner er på forhånd defineret i JunOS?
De kan alle findes med:
show configuration groups junos-defaults applications
Hvordan ser man comments på de sidste commits
De kan findes med[5]:
root@SRX240> show system commit
0 2014-09-29 20:36:24 CEST by root via cli
Change the entire setup to vlan interfaces and added vlans, with voice vlan
1 2014-09-29 20:34:11 CEST by root via cli commit confirmed, rollback in 3mins
Change the entire setup to vlan interfaces and added vlans, with voice vlan
2 2014-09-29 19:46:37 CEST by root via cli
3 2014-09-25 20:21:32 CEST by root via cli
Added a static ipv6 route to merc
4 2014-09-25 20:12:51 CEST by root via cli
GRE Tunnel interface in trust zone
5 2014-09-25 20:05:22 CEST by root via cli
Moved GRE config back to GR unit 0
6 2014-09-25 19:56:32 CEST by root via cli
Change tunnel to ipv4-ipv6
7 2014-09-25 19:54:17 CEST by root via cli
Added gre tunnel to mercantec
8 2014-09-21 09:29:17 CEST by root via cli
Change NTP to Ubuntu.com and added any any to syslog
9 2014-09-20 13:32:35 CEST by root via cli
Added D-LINK Switch to static DHCP
10 2014-08-30 12:29:41 CEST by root via cli
Added IPSec VPN Forward to VPNGW
11 2014-08-30 12:17:54 CEST by root via cli
Added LinuxBox as Syslog Sevrer
12 2014-08-25 13:17:55 CEST by root via cli
Added the policy to allow SSH, again
13 2014-08-25 13:03:56 CEST by root via other
14 2014-08-25 12:53:43 CEST by root via cli commit confirmed, rollback in 10mins
Added the policy to allow SSH
15 2014-08-25 11:00:11 CEST by root via cli
Added NAT 1212->12 for Rasp
16 2014-08-25 10:59:48 CEST by root via cli commit confirmed, rollback in 10mins
17 2014-08-25 10:56:49 CEST by root via cli commit confirmed, rollback in 10mins
Added NAT 1212->12 for Rasp
18 2014-08-24 16:37:50 CEST by root via cli
Paket-based ipv6 forwarding
19 2014-08-24 16:05:52 CEST by root via cli
removed the screen from the zone
20 2014-08-24 15:58:12 CEST by root via cli
Change syn-flod timeout to 50
21 2014-08-24 15:55:50 CEST by root via cli
Back to rollback 2
22 2014-08-24 15:42:24 CEST by root via cli
Deleted the TCP subtree under screen
23 2014-08-24 15:39:14 CEST by root via cli
Removed the synflood timeout
24 2014-08-24 15:27:47 CEST by root via cli
Added ping on ipv4 and removed all services on ipv6
25 2014-08-24 15:10:13 CEST by root via cli
Changed the forwarding mode to Flow-based for IPv6
26 2014-08-24 14:38:08 CEST by root via cli
Using IPv6 Flow-based again
27 2014-08-24 14:21:28 CEST by root via other
28 2014-08-24 14:01:59 CEST by root via cli
Rolled back to the Google DNS
29 2014-08-24 13:58:40 CEST by root via cli
Change the DNS server for Netflix Hack
30 2014-08-13 22:43:07 CEST by root via cli
Added FE4 to the management stack
31 2014-07-31 15:33:29 CEST by root via cli
Enabled IGMP on fe4 interface
32 2014-07-04 15:41:24 CEST by root via cli
Added prefixes and inet6 is still in packet-mode
33 2014-07-04 15:26:05 CEST by root via cli
34 2014-07-04 15:22:40 CEST by root via cli
back to basic
35 2014-07-04 15:20:53 CEST by root via cli
inet6 packet-based
36 2014-07-04 15:16:59 CEST by root via cli
Atempted to fix the IPv6 problem with permit all on ip0/0/0.6
37 2014-07-03 10:57:40 CEST by root via cli
removed prefix on fe0/0/4
38 2014-07-02 23:48:43 CEST by root via cli
Rolled back to configuration with IPv6 advetisements on fe 0/0/4
39 2014-07-02 23:24:43 CEST by root via cli
temp deleted IPv6 advertisements from fe0/0/4
40 2014-07-02 23:20:35 CEST by root via cli
Deleted IPv6 advertisements on fe0/0/6
41 2014-07-02 23:14:38 CEST by root via cli
Removed Erronous prefix on fe0/0/5
42 2014-07-02 22:06:11 CEST by root via cli
Added Boot sever and file
43 2014-07-02 21:10:45 CEST by root via cli
Added Rasps to static DHCP bindings
44 2014-07-02 20:53:31 CEST by root via cli
45 2014-07-02 20:52:54 CEST by root via cli
46 2014-07-02 20:52:14 CEST by root via cli
47 2014-07-02 20:50:46 CEST by root via cli
48 2014-07-02 20:47:51 CEST by root via cli
49 2014-07-02 20:38:42 CEST by root via cli
rescue 2014-09-29 16:21:50 CEST by root via cli
root@SRX240>
Hvordan smider man en bruger af
Ved at requeste det[6]:
root@SRX240> show system users 9:02PM up 36 days, 4:23, 2 users, load averages: 0.09, 0.07, 0.08 USER TTY FROM LOGIN@ IDLE WHAT root p0 10.1.0.25 8:35PM - -cli (cli) root p1 10.1.0.25 7:47PM 29 -cli (cli) root@SRX240> request system logout terminal p1 root@SRX240>
References
- ↑ http://kb.juniper.net/InfoCenter/index?page=content&id=KB15725&smlogin=true
- ↑ http://www.juniper.net/techpubs/en_US/junos9.5/information-products/topic-collections/config-guide-policy/policy-configuring-actions-in-routing-policy-terms.html#id-10467981
- ↑ http://www.juniper.net/techpubs/en_US/junos/topics/reference/command-summary/show-system-rollback.html
- ↑ http://www.juniper.net/techpubs/software/junos-security/junos-security10.2/junos-security-admin-guide/jd0e34995.html
- ↑ http://www.juniper.net/documentation/en_US/junos13.2/topics/reference/command-summary/show-system-rollback.html
- ↑ http://kb.juniper.net/InfoCenter/index?page=content&id=KB9341