Tag Archives: Static Routing

Notas estudo JNCIS-ENT parte 7

Nota: Este Post faz parte do guide de Routing.

Chapter 1 Protocol-Independent Routing

Configure Static Routing

set routing-options rib inet6.0 static route 0::/0 next-hop 3001::1 preference 250

set routing-options static route 0.0.0.0/0 next-hop 172.30.25.1 qualified-next-hop 172.30.25.5 preference 7

reject – Drop e envia ICMP packet
discard – Drop e não envia ICMP packet
resolve
qualified-next-hop  –
next-table – permite especificar uma segunda tabela onde e efetuada um 2 lookup
no-readvertise – não redistribui a rota num protocolo de routing dinamico

!A default preference tem o valor 5, caso não seja explicitamente configurada uma excepcao
set routing-options static defaults preference 250

set routing-options static route 172.28.102.0/24 next-hop 10.210.11.190 no-readvertise

Algumas das opções sobre a hierarquia routing-options static x.x.x.x/y
as-path
community
metric
preference

Configuring Aggregate Routes

set routing-options aggregate defauls community 1:888
set routing-options aggregate route 172.29.0.0/22
set routing-options aggregate route 172.25.0.0/16 community 1:999 discard

Algumas das opções sobre a hierarquia routing-options aggregate
as-path
community
metric
policy
preference

show route <prefix> exact detail

Generated Routes

A semelhança das Aggregate Routes, estas ficam activas quando existe pelo menos contributing route (rota mais especifica no range)

[email protected]> show route 0/0 exact detail
inet.0: 14 destinations, 14 routes (14 active, 0 holddown, 0 hidden)
0.0.0.0/0 (1 entry, 1 announced)
*Aggregate Preference: 130
Next hop type: Router, Next hop index: 546
Next-hop reference count: 4
Next hop: 172.30.25.1 via ge-0/0/1.100, selected
State: <Active Int Ext>
Local AS: 65400
Age: 1:03:46
Task: Aggregate
Announcement bits (2): 0-KRT 2-OSPF
AS path: I
Flags: Generate Depth: 0        Active
Contributing Routes (1):
10.0.0.0/16 proto BGP

A diferença entre Aggregate e Generated Routes e que as Generated route recebe o next-hop da primary contributing route (route com menor preference), em caso múltiplas rotas com a mesma preference será a rota com a menor number prefix)

Para a rota se qualificar para uma contributing route, deverá ter um forwarding next-hop válido caso contrário será a hidden route

[email protected]> show route hidden
inet.0: 7 destinations, 7 routes (6 active, 0 holddown, 1 hidden)
+ = Active Route, – = Last Active, * = Both
0.0.0.0/0           [Aggregate] 00:17:30
Reject

Uma generated route costuma ser referenciada com route of last resort

set policy-options term match-bgp-prefix from protocol bgp
set policy-options term match-bgp-prefix from route-filter 10.0.0.0/16 exact
set policy-options term match-bgp-prefix then accept
set policy-options term else-reject then reject

!O comando protocol aggregate é também usado para Generated Routes
set policy-options policy-statement match-contributing-prefix term match-default from protocol aggregate
set policy-options policy-statement match-contributing-prefix term match-default from route-filter 0.0.0.0/0 exact
set policy-options policy-statement match-contributing-prefix term match-default then accept

set routing-options generate defaults preference 130
set routing-options generate route 0.0.0.0/0 policy match-contributing-prefix

set protocolos ospf export export-default
set protocolos ospf area 0.0.0.0 interface ge-0/0/2.0
set protocolos ospf area 0.0.0.0 interface ge-0/0/3.0
set protocolos ospf area 0.0.0.0 interface lo0.0

Martian Addresses

0.0.0.0/8
127.0.0.0/8
128.0.0.0/16
191.255.0.0/16
192.0.0.0/24
223.255.255.0/24
240.0.0.0/4

Adding Additional Prefixes

set routing-options martians 23.0.0.0/8 orlonger
set routing-options martians 32.0.0.0/8 orlonger

Os possíveis match type:
exact
longer
orlonger
prefix-length-range
through
upto

!Omite a tabela default, mostra apenas as novas entradas
show route martians

show route martians table inet.0

[email protected]> show route martians table inet.0
inet.0:
0.0.0.0/0 exact — allowed
0.0.0.0/8 orlonger — disallowed
127.0.0.0/8 orlonger — disallowed
128.0.0.0/16 orlonger — disallowed
191.255.0.0/16 orlonger — disallowed
192.0.0.0/24 orlonger — disallowed
223.255.255.0/24 orlonger — disallowed
240.0.0.0/4 orlonger — disallowed
23.0.0.0/8 orlonger — disallowed
31.0.0.0/8 orlonger — disallowed
36.0.0.0/8 orlonger — disallowed

[email protected]# set routing-options martians 240/4 orlonger allow

[email protected]> show route martians table inet.0
inet.0:
0.0.0.0/0 exact — allowed
0.0.0.0/8 orlonger — disallowed
127.0.0.0/8 orlonger — disallowed
128.0.0.0/16 orlonger — disallowed
191.255.0.0/16 orlonger — disallowed
192.0.0.0/24 orlonger — disallowed
223.255.255.0/24 orlonger — disallowed
240.0.0.0/4 orlonger — allowed
23.0.0.0/8 orlonger — disallowed
31.0.0.0/8 orlonger — disallowed
36.0.0.0/8 orlonger — disallowed

Routing Instances
Master routing instance

Rever os seguints links:

http://www.cocheno.com/2014/06/notas-estudo-jncia-junos-parte-2/
http://www.cocheno.com/2014/06/notas-estudo-jncia-junos-parte-4/

Sharing Routes Between Routing Tables

Permite instalar routes em varias tabelas

Outra meio de partilhar rotas e usar e possível usar instance-import, instance-export e auto-export para partilhar rotas multiplas instâncias de routing

Defining RIB Group

O RIB Group permite colocar route information em múltiplas tabelas.

! Podem ser usadas diversas import ribs mas apenas uma export rib
set routing-options rib-groups <rib-group-name> export-rib <routing-table-name>
set routing-options rib-groups <rib-group-name> import-rib <routing-table-name>
set routing-options rib-groups <rib-group-name> import-policy <policy-name>

export-rib – indica tabebla de origem das rotas
import-rib – indica tabela onde as rotas devem ser colocadas
import-policy – controla as rotas que serao instaladas na routing table group

O 1′ comando de import-rib deve listar primeiro a primary routing table, esta primary sera onde a routing information sera colocada sem a presenca de uma RIB Group.
Uma vez que só é possível listar uma routing table usando o export-rib, e porque esta routing table deve ser a primary RIB, o comando export-rib é frequentemente omitido da config.

RIB Group Application

Permite incluir static routes, BGP,OSPF, RIP,IS-IS, PIM, MSDP

!
set routing-options rib-groups test import-rib [inet.0 test.inet.0]

set protocols ospf rib-group test
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0
set protocols ospf area 0.0.0.0 interface lo0.0

[email protected]> show route table inet.0 protocol ospf
inet.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both
172.20.101.0/24    *[OSPF/150] 00:00:30, metric 0, tag 0
> to 172.20.77.2 via ge-0/0/1.0
172.20.201.0/24    *[OSPF/150] 00:00:30, metric 0, tag 0
> to 172.20.77.2 via ge-0/0/1.0
192.168.2.1/32     *[OSPF/10] 00:00:30, metric 1
> to 172.20.77.2 via ge-0/0/1.0
224.0.0.5/32       *[OSPF/10] 2w1d 02:37:55, metric 1
MultiRecv

[email protected]> show route table test.inet.0 protocol ospf
test.inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both
172.20.101.0/24    *[OSPF/150] 00:00:27, metric 0, tag 0
> to 172.20.77.2 via ge-0/0/1.0
172.20.201.0/24    *[OSPF/150] 00:00:27, metric 0, tag 0
> to 172.20.77.2 via ge-0/0/1.0
192.168.2.1/32     *[OSPF/10] 00:00:27, metric 1
> to 172.20.77.2 via ge-0/0/1.0
224.0.0.5/32       *[OSPF/10] 00:00:27, metric 1
MultiRecv

Notas: Na versão 11.x a tabela test apenas contem as rotas aprendidas via OSPF. Testado nos EX

Routing Between Instances

É possível fazer esta ligação através de uma ligação física, ou neste caso através de uma ligação lógica (logical tunnel)

Para ligar 2 instances através de uma ligação logica, e configurado um tunel para cada instance. E usado a interface no formato lt-fpc/pic/port

set interfaces lt-0/0/0 unit 0 encapsulation ethernet peer-unit 1 family inet
set interfaces lt-0/0/0 unit 1 encapsulation ethernet peer-unit 0 family inet

Nem todos os junOS devices suportam interface logical tunnel, deve ser instalado services PIC ou services module.
Encapsulation types permitidos:Ethernet, Ethernet circuit cross-connect (CCC), Ethernet VPLS, Frame Relay, Frame Relay CCC, VLAN, VLAN CCC, ou VLAN VPLS.
Possível usar as families: IP, IPv6, International Organization for Standardization (ISO), ou MPLS
O peering logical interface deve pertencer a mesma interface logical tunnel derivado do Tunnel Services PIC ou Adaptive Services Module.
Apenas pode existir um peering unit por cada interface logica, p.exemplo o unit 0 não pode ser peer da unit 1 e unit 2
Deve existir pelo menos um statement relativo a uma interface física para activar o logical tunnel

Referências:

Notas estudo JNCIS-ENT parte 1

Notas estudo JNCIS-ENT parte 2

Notas estudo JNCIS-ENT parte 3

Notas estudo JNCIS-ENT parte 4

Notas estudo JNCIS-ENT parte 5

Notas estudo JNCIS-ENT parte 6

Notas estudo JNCIA-Junos parte 4

A tool primária de monitorização da plataforma é o CLI que inclui os comandos show e monitor. As secundarias são o J-Web , SNMP, hardware LEDS/LCDs

show system
alarms : This argument displays current system alarms;
boot-messages : This argument displays the messag es seen during the last system boot;
connections : This argument displays the status of local TCP and UDP connections;
statistics: This argument provides options for viewing various protocol statistics;
storage: This argument displays the status  of the file system storage space.

show chassis
alarms : This argument displays current chassis alarms;
environment : This argument displays component  and environmental status as well as the operational speeds of the cooling system;
hardware : This argument displays an inventory  of the installed hardware components along with the serial number of each component; and
routing-engine: This argument provides operational status and utilization details for the Routing Engine (RE).

Captura de tráfego

Capturar tráfego para ficheiro (hidden command)
monitor traffic write-file captura

Capturar em real-time especificando uma interface

[email protected]# run monitor traffic interface em5 no-resolve ?
Possible completions:
<[Enter]>            Execute this command
absolute-sequence    Display absolute TCP sequence numbers
brief                Display brief output
count                Number of packets to receive (0..1000000 packets)
detail               Display detailed output
extensive            Display extensive output
layer2-headers       Display link-level header on each dump line
matching             Expression for headers of receive packets to match
no-domain-names      Don’t display domain portion of hostnames
no-promiscuous       Don’t put interface into promiscuous mode
no-timestamp         Don’t print timestamp on each dump line
print-ascii          Display packets in ASCII when displaying in hexadecimal format
print-hex            Display packets in hexadecimal format
resolve-timeout      Period of time to wait for each name resolution (seconds)
size                 Amount of each packet to receive (bytes)
|                    Pipe through a command

[email protected]# run monitor traffic interface em5 no-resolve detail
Address resolution is OFF.
Listening on em5, capture size 1514 bytes

18:00:02.101361  In IP6 (hlim 1, next-header: UDP (17), length: 107) fe80::6101:1a73:bc24:3daf.546 > ff02::1:2.547: [udp sum ok] dhcp6 solicit(C cliaddr=8:2:189d:1:e:1:1:188a relayaddr=2145:d4be:d963:d2be:3:c:5300:5056)
18:00:02.983638 Out IP (tos 0xc0, ttl   1, id 12712, offset 0, flags [none], proto: OSPF (89), length: 64) 172.20.101.1 > 224.0.0.5: OSPFv2, Hello, length 44
Router-ID 9.9.9.9, Backbone Area, Authentication Type: none (0)
Options [External]
Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 128
Designated Router 172.20.101.1
18:00:02.985453 Out IP (tos 0xc0, ttl   1, id 12713, offset 0, flags [none], proto: OSPF (89), length: 64) 172.20.110.1 > 224.0.0.5: OSPFv2, Hello, length 44
Router-ID 9.9.9.9, Backbone Area, Authentication Type: none (0)
Options [External]
Hello Timer 10s, Dead Timer 40s, Mask 255.255.255.0, Priority 128
Designated Router 172.20.110.1
^C
3 packets received by filter
0 packets dropped by kernel

Unified In-Service Software Upgrade (ISSU)

Permite upgrade sem disrupção no control plane, apenas e suportado com 2 Routing Engines. O Graceful Routing Engine Switchover (GRES) e NonStop Active Routing (NSR) devem estar activos. Nem todas as plataformas suportam o NSR, durante a mudança de versão não podem ser feitas operações online/offline ás PICs

Passos para efetuar um Unified ISSU:

1. activar o GRES e NSR e verificar a sincronização dos protocolos
2. efetuar no RE master request system software in-service-upgrade

Password Recovery

Durante o processo de reboot pressionar o Space

loader> boot -s (para boot em single user, similar em linux)

Ao iniciar o sistema vai perguntar pelo recovery script, apenas é necessário digitar recovery, sendo que o sistema vai iniciar permitindo fazer login sem password
Após alterada a password, sair com ‘exit‘ para fazer reboot automaticamente

Remover/Copiar Ficheiros

[email protected]# run file ?
Possible completions:
<[Enter]>            Execute this command
archive              Archives files from the system
checksum             Calculate file checksum
compare              Compare files
copy                 Copy files (local or remote)
delete               Delete files from the system
list                 List file information
rename               Rename files
show                 Show file contents
source-address       Local address to use in originating the connection
|                    Pipe through a command

[email protected]# run file show /config/?
Possible completions:
<[Enter]>            Execute this command
<filename>           Filename to show
/config/juniper.conf.1.gz  Size: 458, Last changed: May 24 19:58:53
/config/juniper.conf.2.gz  Size: 454, Last changed: May 23 21:17:12
/config/juniper.conf.3.gz  Size: 450, Last changed: May 23 15:03:46
/config/juniper.conf.gz  Size: 452, Last changed: May 24 20:00:08
/config/juniper.conf.md5  Size: 32, Last changed: May 22 23:45:51
/config/rescue.conf.gz  Size: 454, Last changed: May 24 19:57:27

Uso de Grupos

Definir um grupo
Nota: Este grupo irá surtir efeito apenas em interfaces em*

set groups CONFIG_IF_EM interfaces <em*> description “By group”
set groups CONFIG_IF_EM interfaces <em*> vlan-tagging
set groups CONFIG_IF_EM interfaces <em*> speed 10m
set groups CONFIG_IF_EM interfaces <em*> link-mode half-duplex
set groups CONFIG_IF_EM interfaces <em*> unit 0 vlan-id 1
set groups CONFIG_IF_EM interfaces <em*> unit 0 family inet
set groups CONFIG_IF_EM interfaces <em*> unit 0 family inet6

[email protected]# set interfaces em4 apply-groups CONFIG_IF_EM;

[email protected]# show interfaces em4 | display inheritance | except #
description “By group”;
vlan-tagging;
speed 10m;
link-mode half-duplex;
unit 0 {
vlan-id 1;
family inet;
family inet6;
}

[edit]

[email protected]# show interfaces em4 | display inheritance
##
## ‘By group’ was inherited from group ‘CONFIG_IF_EM’
##
description “By group”;
##
## ‘vlan-tagging’ was inherited from group ‘CONFIG_IF_EM’
##
vlan-tagging;
##
## ’10m’ was inherited from group ‘CONFIG_IF_EM’
##
speed 10m;
##
## ‘half-duplex’ was inherited from group ‘CONFIG_IF_EM’
##
link-mode half-duplex;
##
## ‘0’ was inherited from group ‘CONFIG_IF_EM’
##
unit 0 {
##
## ‘1’ was inherited from group ‘CONFIG_IF_EM’
##
vlan-id 1;
##
## ‘inet’ was inherited from group ‘CONFIG_IF_EM’
##
family inet;
##
## ‘inet6’ was inherited from group ‘CONFIG_IF_EM’
##
family inet6;
}

[edit]

[email protected]# show interfaces ae0
apply-groups CONFIG_IF_EM;
vlan-tagging;
aggregated-ether-options {
lacp {
active;
}
}

[edit]
[email protected]# show interfaces ae0 | display inheritance
vlan-tagging;
aggregated-ether-options {
lacp {
active;
}
}

[edit]

Routing

Routing preference values can range from 0 to 4,294,967,295.

* – indica a rota activa

holddown – estão no estado pendente antes de o sistema as declarar como inativas
hidden – o sistema não pode usar por questões de invalid next-hop e/ou route policy

show route forwarding-table

Algumas das rotas são permanentes devido a sua natureza como e o caso da default (Type perm), esta entrada e usada para o router descartar tráfego quando não existe roteamento para determinado destino, após descarte envia um ICMP unreachable ao host de origem

Caso exista um default route na tabela, o router utiliza-a em vez da Type perm

Route types:

cloned (clon) – (TCP or multicast only) Cloned route.
destination (dest) – Remote addresses directly reachable through an interface.
destination down (iddn) – Destination route for which the interface is unreachable.
interface cloned (ifcl) – Cloned route for which the interface is unreachable.
route down (ifdn) – Interface route for which the interface is unreachable.
ignore (ignr) – Ignore this route.
interface (intf) – Installed as a result of configuring an interface.
permanent (perm) – Routes installed by the kernel when the routing table is initialized.
user – Routes installed by the routing protocol process or as a result of the configuration.

Next-hop Types:

broadcast (bcst) – Broadcast.
deny – Deny.
hold – Next hop is waiting to be resolved into a unicast or multicast type.
indexed (idxd) – Indexed next hop.
indirect (indr) – Indirect next hop.
local (locl) – Local address on an interface.
routed multicast (mcrt) – Regular multicast next hop
multicast (mcst) – Wire multicast next hop (limited to the LAN).
multicast discard (mdsc) – Multicast discard.
multicast group (mgrp)  – Multicast group member.
receive (recv) – Receive.
reject (rjct) – Discard. An ICMP unreachable message was sent.
resolve (rslv) – Resolving the next hop.
unicast (ucst) – Unicast.
unilist (ulst) – List of unicast next hops. A packet sent to this next hop goes to any next hop in the list.

By default o JunOS cria a master instance e outras private instances. Estas private instances são para uso interno (comunicações entre componentes de hardware) do JunOS.

[email protected]> show route instance
Instance             Type
Primary RIB                                     Active/holddown/hidden
__juniper_private1__ forwarding
__juniper_private1__.inet.0                     0/0/1
__juniper_private1__.inet6.0                    1/0/0

__juniper_private2__ forwarding
__juniper_private2__.inet.0                     0/0/1

__master.anon__      forwarding

master               forwarding
inet.0                                          8/0/0
inet6.0                                         1/0/0

Instances Types

forwarding: Used to implement filter-based forwarding for common Access Layer applications;
l2vpn: Used in Layer 2 VPN implementations;
no-forwarding :  Used to separate large networks into smaller administrative entities;
virtual-router: Used for non-VPN-related applications such as system virtualization; “VRF-lite”
vpls:  Used for point-to-multipoint LAN implementations between a set of sites in a VPN;
vrf :  Used in Layer 3 VPN implementations.

[email protected]# set routing-instances <instance-name> instance-type <instance-type>

[email protected]>show route table new-instance.inet.0
[email protected]>show interfaces terse routing-instance new-instance
[email protected]>traceroute 2.2.2.2 routing-instance new-instance

Static Routing

O next-hop pode ser a opção de bit bucket, as opcoes de discard/reject permite descartar o trafego:

  • discard faz drop silenciosamente (nao envia ICMP)
  • reject envia ICMP unreachable

Config static routing

set routing-options
static{
route 0.0.0.0/0 next-hop 172.30.25.1;
route 172.28.102.0/24 {
next-hop 10.210.11.190;
no-readdvertise;
}
}

O nexr-hop deve estar diretamente ligado, porque by default o JunOS não faz lookups recursivos. Para possibilitar a recursividade usar o comando resolve

set routing-options static route 0.0.0.0/0 next-hop 172.30.25.1;
set routing-options static route 172.28.102.0/24 next-hop 10.210.11.190 resolve

Qualified Next hops

Permite indicar a preferência de uma rota (floating route)

qualified-next-hop x.x.x.x {
preference 7;
}

Referências:

Notas estudo JNCIA-Junos parte 1

Notas estudo JNCIA-Junos parte 2

Notas estudo JNCIA-Junos parte 3

Notas estudo JNCIA-Junos parte 2

Help

O JunOS tem integrado um livraria que permite por exemplo ver qual o significado do output de uma mensagem de syslog.

[email protected]# help ?
Possible completions:
<[Enter]>            Execute this command
apropos              Find help information about a topic
reference            Reference material
syslog               System log error messages
tip                  Tip for the day
topic                Help for high level topics
|                    Pipe through a command

Separation of configuration edit and activation

validation checks
version control
automated rollback

candidate configuration ->commit->validated configuration->active configuration

configure private – permite que todos os users alterem em simultâneo a active config

configure exclusive – proíbe  outros efetuarem alterações enquanto estiver conectado ao device

show command – mostra a config candidate relativamente a hierarquia onde se está inserido no momento

Set/Edit Command

From Top
[email protected]#set sytem services finger
[email protected]#set sytem services ftp
[email protected]#set sytem services ssh

From Sublevel
[email protected]#edit system services
[edit system services]
[email protected]#set finger
[email protected]#ser ftp
[email protected]#set ssh

Rollback

Apenas modifica a candidate config (não esquecer do commit)

rollback 0 – reset a candidate para a config atualmente ativa+
rollback n – n representa o numero da config ativa
rollback rescue – load o rescue file previamente criado

Fazer commit num determinado período

[email protected]#commit at 02:00:00

run command – permite executar comandos em config mode como se estivesse no Operational mode

Junos Sytem Health
Real-time Performance Monitoring (RPM)
Flow accounting – cflowd

Health monitor
RMON

Junos Sytem Health Diagnostic

System logging
hardware and operating events
Trace logging
protocol operations
snmp

Routing tables

Predefined Routing tables
inet.0 ipv4 unicast
inet.1 multicast forwarding cache
inet.2 usado para MBGP para permitir reverse path forwarding (RPF) checks
inet.3 usado para MPLS path information
inet.4 usado para MSDP routes
inet6.0 Usado para IPv6 unicast
mpls.0 usado para MPLS next hops

Route preference = Administrative Distance (Cisco World)

DIRECT 0
LOCAL 0
STATIC 5
OSPF internal 10
RIP 100
OSPF AS external 150
BGP (both EBGP and IBGP) 170

show route forwarding-table – existe uma entrada default para quando o prefix não existe, notificando a source device com ICMP unreachable

Default Routing Instance

A tabela default unicast de nome master e inclui a inet.0, e poderá tb incluir a inet6.0

show route instance

User-Defined instances

edit routing-instances new-instance instance-type instance-type

Existem diversos tipos de instances:

forwarding – Forwarding instance
l2vpn – Layer 2 VPN routing instance
layer2-control -Layer 2 control protocols
no-forwarding -Nonforwarding instance
virtual-router -Virtual routing instance
virtual-switch -Virtual switch routing instance
vpls -VPLS routing instance
vrf -Virtual routing forwarding instance

show route table new-instace.inet.0

Rotas estáticas

O next-hop pode ser a opção de bit bucket, as opções de discard/reject permite descartar o tráfego.

discard – faz drop silenciosamente (não envia ICMP)
reject – envia ICMP unreachable

set routing-options
static{
route 0.0.0.0/0 next-hop 172.30.25.1;
route 172.28.102.0/24 {
next-hop 10.210.11.190;
no-readdvertise;
resolve;
}
}

O nex-hop deve ser directamente ligado, porque by default o JunOS não faz lookups recursivos. Para permitir é necessário usar o comando resolve

Qualified Next hops

Permite indicar a preferência de uma rota (floating route)

qualified-next-hop x.x.x.x {
preference 7;
}

Config OSPF

Apartir da versão 8.x o Loop0/router-id é advertido automaticamente

set protocols ospf
set area 0 interface ge-0/0/1.{0} Se a unit não for referenciada, o JunOS considera como 0
set area 0 interface ge-0/0/3.0 passive

O JunOS converte a area 0 para decimal 0.0.0.0

show
area 0.0.0.0 {
interface ge-0/0/1.0;
interface ge-0/0/2.0;
interface ge-0/0/3.0 {
passive;
}

show ospf neighbor {detail,extensive}
show route protocol ospf

NETCONF XML Interface

set system load patch terminal

NTP

Para o sistema sincronizar quando faz booting é necessário configurar:

set system ntp boot-server 1.1.1.1

set system time-zone Europe/Lisbon

request system configuration rescue {save | delete} – efetua uma cópia da actual config como rescue config

rollback rescue – este comando apenas altera a candidate config

Operational Mode

show system  command arguments:
alarms: Displays  current system  alarms
boot-messages: Displays the messages seen during the last system boot
connections: Displays the status of local TCP and UDP connections
processes: Displays the system’s process table
statistics : Provides options for viewing various protocol statistics
storage: Displays the status of the file system storage space.

show version detail (inclui as versões das pacotes instalados)

Junos Naming Convention

Package-release-edition

jroute-10.1R1.8-domestic-signed.tgz
release:
• Describes the Junos version
• Includes major and minor release numbers, release type (Release,Beta or Internal), build number and spin number
edition:
• Versions are either domestic-supporting strong encryption, or export-not supporting encryption
• Federal Information Processing Standards (or FIPS) editions provide advanced network security

the letter is an R to
indicate that this is released software. If you are involved in testing prereleased software,
this letter might be a B (for beta-level software) or I (for internal, test, or experimental
versions of software). The release also includes a build and spin number for the Junos
version.
Here, the release is 9.5R1.8, which is  version 9.5, which has been released, build 1,
spin 8.-signed.tgz – Junos software is digitally signed and compressed using Secure Hash Algorithm (SHA-1) and
Message Digest 5 (MD5) checksums.
A package is installed only if the checksum within it matches the hash recorded in its corresponding file. The actual checksum used depends on the software version.

Package :
jinstall usado nas M/Mx/T Series
jinstall-ex usado nos EX Series,
junos-jsr usado J Series
junos-srx usado nos SRX Series

Upgrading JunOS

>reques system software add /var/tmp/jbundle-10.1R1.8-domestic.tgz reboot

Commands Useful in Upgrading Software:
• request system software add /var/tmp/<image-name> upgrades software
• request system storage cleanup  deletes images
• show system storagedisplays compact-flash  device storage  details
• request system software add /var/tmp/<image-name> reboot  upgrades the software

Permite verificar quais os ficheiros a serem eliminados

[email protected]> request system storage ?
Possible completions:
cleanup              Clean up temporary files and rotate logs
[email protected]> request system storage cleanup ?
Possible completions:
<[Enter]>            Execute this command
dry-run              Only list the cleanup candidates, do not remove them

[email protected]> request system storage cleanup dry-run

Referências:

Notas estudo JNCIA-Junos parte 1