These are the some commands being used when performing network change or maintenance, depending on the features or services being run in the network. Typically, this is very useful in verification, troubleshooting and comparison between before and after the change. #Log Time set cli timestamp set cli screen-width 200 show ntp associations no-resolve | no-more show ntp status no-resolve | no-more ## Hardware Status show chassis hardware | no-more show chassis hardware clei-models | no-more show chassis hardware detail |…
Category: <span>Juniper</span>
As mentioned from the previous post, Bogon prefixes or routes should never appear in the Internet routing table. Network Engineers should implement “Best Practices” in their network, that includes filtering of bogons as it maybe used in DDoS attacks or Spams. Refer to https://freenetworktutorials.com/ipv4-and-ipv6-bogon-address-list for more info. “Martians” bogons may changed occasionally so at least make sure private address mentioned in https://freenetworktutorials.com/ipv4-classful-and-reserved-addresses are filtered so it wont leak out into the Internet. Here is sample steps and configuration. (This is the equivalent configuration…
Here’s the Cisco IOS-XR commands vs Juniper OS commands Cisco IOS-XR Juniper OS BASIC show show | include | match ..formal | display set configure configure/edit shutdown disable no shutdown delete interface <interface> disable no delete clear clear show running-config show configuration show version show version show tech-support request support information show configuration (after change) show | compare (after change) clear counters <interface> clear interface…
Static Route Configuration Examples in Juniper for BGP aggregated prefix advertisements In order to advertise the aggregated routes (and default routes) via BGP, it should exists in the routing table, that’s the #1 rule. If these summarized routes (/16) are not existing and only smaller subnets are learned via the IGP(e.g. OSPF,IS-IS), then configure static route and next hop e.g. Null0. Configuration: routing-options { graceful-restart; rib inet6.0 { static { route fd41:c8be:2153:f400::/64 discard; route ::0/0 { discard; no-install; static {…
Originating BGP advertisement can be configured to any iBGP peer router. Here’s the sample configuration of originating BGP routes and community tagging in Juniper. Assuming these are the summarized prefixes that you want to advertise via BGP. 111.111.0.0/16 222.222.0.0/16 Configuration: routing-options { graceful-restart; router-id 1.1.1.1; autonomous-system 11111; protocols { bgp { group RR-IBGP { type internal; description RR-IPv4; local-address 192.168.100.6; family inet { unicast; } authentication-key “$1$N3tBioBwfdFsFVwgoGDh.3C0oL”; ## SECRET-DATA export bgp-statement; neighbor 192.168.100.5 { description iBGP to Route Reflector; }…
Checking TX / RX optical power for Juniper Routers For checking transmission links, it is good to know how to find out the optical power for troubleshooting and making sure the desired or optimal range is meet. Here is the sample command for checking the TX/RX optical power show interfaces diagnostics optics <interface-name> Sample Output for 10GE interface: darwin@JUNOS-re0> show interfaces diagnostics optics xe-3/0/1 Physical interface: xe-3/0/16 Laser bias current : 41.590 mA Laser output power : 0.7150 mW /…
Here’s some Best practices that you can implement in Juniper devices in securing your SSH. 1.Remote access should be via SSH and telnet is disabled delete system services telnet 2. SSH should be version 2 or higher. Do not run v1 set system services ssh protocol-version v2 3. Configure Login Banner set system login message “\n*************************************************************************\n UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED\n\nYou must have explicit, authorized permission to access or configure this \ndevice.Unauthorized attempts and…
Here’s a sample IPv4 and IPv6 Static Route Configuration in Juniper Routers Configuration: IPv4: Route the block (1.1.1.0/24) to next hop 2.2.2.1 with metric 255 user@MX-re0>configure #set routing-options static route 1.1.1.0/24 next-hop 2.2.2.1 #set routing-options static route 1.1.1.0/24 metric 255 Optional: Set comment using annotate command #edit routing-options static #annotate route 1.1.1.0/24 “/* STATIC ROUTE IPv4*/” Commit #commit It will look something like this: user@MX-re0>> show configuration routing-options static /* STATIC ROUTE IPv4*/ route 1.1.1.0/24 { next-hop 2.2.2.1; …
One Comment