These are the steps in upgrading Juniper Routers. This was tested using the JunOS SRX router. Assumption: JunOS is downloaded and stored in an FTP server. Step1: Download the necessary image from the FTP server. Save it in the /var/tmp folder. user1@SRX-Router1> file copy ftp://user1@172.25.11.254/junos-vsrx-x86-64-19.2R1.8.tgz /var/tmp/ Password for user1@172.25.11.254: /var/home/user1/…transferring.file………ush100% of 1127 MB 5426 kBps 00m00s Step2: Verify the software package user1@SRX-Router1> file list /var/tmp | match junos junos-vsrx-x86-64-19.2R1.8.tgz user1@SRX-Router1> file list detail /var/tmp | match junos -rw-r–r– 1 user1 …
Free Network Posts
Objective: To configure port-channel and associate it to vlan. Servers will use Juniper-Router as their gateway and uplink to Internet. Server-switch have Layer 2 (access mode) connectivity to Juniper-Router. (see Fig.1) Fig.1 1. Configure the Vlan (interface vlan will be the server’s gateway) Juniper-Router# configure set vlans VLAN-8 description Server-Farm set vlans VLAN-8 vlan-id 8 set vlans VLAN-8 l3-interface irb.8 set interfaces irb unit 8 description “Server Farm Vlan” set interfaces irb unit 8 family inet address 192.168.8.1/24 2. Configure…
Objective: To configure port-channel and associate it to vlan. Servers will use Cisco-NXOS as their gateway and uplink to Internet. Server-switch have Layer 2 (access mode) connectivity to Cisco-NXOS router. (see Fig.1) Fig.1 1. Configure the Vlan (interface vlan will be the server’s gateway) Cisco-NXOS# configure vlan 8 name Server-Farm interface Vlan8 description Server Farm Vlan no shutdown ip address 192.168.8.1/24 2. Configure port-channel interface port-channel10 description Port-channel to Server-Switch switchport access vlan 8 3. Configure…
Objective: To separate management traffic from data/customer traffic in your Cisco XR routers. Preferably, Data and Management are into 2 separate network domains. Pre-requisite: UTP cables (for each RSP management port in case for switchover) are connected to a network switch to access the OOB management gateway * * Management IP Configuration* * 1. Configure the vrf for management vrf management description VRF for Out-of-Band address-family ipv4 unicast 2. Set the physical IP address on each RSP management port. There are total of…
Cisco IOS e.g. Vlan10 = interface management vlan NTP Server = 192.168.10.100 1. Configure ACL to deny NTP requests and query conf t access-list 100 remark to block NTP requests and query access-list 100 deny any 2. Configure ACL to allow only the NTP servers to peer or synch with access-list 200 remark NTP to peer access-list 200 permit 192.168.10.100 access-list 200 deny any 3. Configure NTP conf t ntp source Vlan10 ntp access-group peer 200 ntp access-group serve 100 ntp access-group…
By default in Juniper, LACP timer is fast which is 1 sec, while in Cisco the default setting is slow which is 30 secs. If connecting Juniper devices to non-Juniper routers or switches, the LACP timer will have mismatch thus it can cause LACP timing out due to not receiving PDU packets in a timely manner. show log messages | match lacp Sample error logs: user1@QFX-Router1-re0> show log messages | match lacp Sep 6 08:23:10.002 2020 QFX-Router1-re0 lacpd[7292]: %DAEMON-5-LACPD_TIMEOUT: xe-0/0/0:…
Tacacs/AAA/ISE Server: 192.168.10.222 Tacacs Password: tacpassword1 Router’s Management IP: 192.168.0.4 (under mgmt_junos routing instance) Assumption: There’s an existing local account e.g. “user1” set system login user user1 class super-user set system login user user1 authentication plain-text-password (passwordhere) 1. Configure the tacacs server IP set system tacplus-server 192.168.10.222 routing-instance mgmt_junos set system tacplus-server 192.168.10.222 secret tacpassword1 set system tacplus-server 192.168.10.222 single-connection set system tacplus-server 192.168.10.222 source-address 192.168.0.4 2. Configure authentication order (if tacacs cannot authenticate, will ask for local access user1) set system…
Here are the steps of configuring Equal cost multipath (ECMP) in Juniper routers for Load balancing purposes. Step1:Configure ECMP routing policy set policy-options policy-statement LBPOLICY then load-balance per-packet Step2: Export the policy to forwarding table set routing-options forwarding-table export LBPOLICY Verification: (Use the command “show route forwarding-table”) user1@QFX-re0> show route forwarding-table Routing table: default.inet Internet: Enabled protocols: Bridging, Destination Type RtRef Next hop Type Index NhRef Netif 192.168.200.0/24 user 0 …
Here is the most popular Mnemonic for Border Gateway Protocol (BGP) for Best Path Selection. This helps to easily remember on how BGP choosing its best path instead of memorizing it. “We Love Oranges AS Oranges Mean Pure Refreshment” W Weight (Highest) L LOCAL_PREF (Highest) O Originate (local) routes that are advertise through the “network” command or redistributed from an IGP. AS AS_PATH (shortest) O ORIGIN Code (IGP > EGP > Incomplete) M MED (lowest) P Paths (External > Internal) R RID (lowest)
Here is sample commands in configuring SNMPv2 and SNMPv3 in Cisco IOS-XR devices. It also detailed on how to configure SNMP traps for your Network Monitoring System. SNMPv2c community: snmpcomm123 management IP address: 192.168.10.100 SNMP Polling Server: 192.168.20.199 SNMP Trap Server: 192.168.20.200 SNMPv2c Polling Configuration: ipv4 access-list SNMP-ALLOW 10 permit ipv4 host 192.168.20.199 any snmp-server contact DC-ADMIN snmp-server location Datacentre snmp-server trap-source Loopback0 snmp-server community snmpcomm123 RO SystemOwner IPv4 SNMP-ALLOW SNMPv2c Traps Configuration: configure snmp-server traps snmp-server host 192.168.20.200 traps snmpcomm123 Verify: /usr/bin/snmpwalk -M /usr/local/snmp/mibs -v2c…
Leave a Comment