Guide For Junos Upgrade

Project Title: Server Virtualization
Task:
Need to install 2 units of EX8200-40XS-ES linecard on Juniper Core Switches at DF3. Each core switch will hold 1 unit of EX8200-40XS-ES linecard.
To proceed with this linecard installation we need to upgrade the Junos in DF3 first as the current version in DF3 does not support the new
linecard.
Overview:
2 units of Juniper Core Switches at DF3

Model = EX8208
Each core switch has 2 routing engine (RE0 and RE1)
Current Junos version = 10.1S6.2
New Junos version = 11.4R2.14
Assumption:
The master routing engine is on RE0 and backup routing engine on RE1 for both Juniper Core Switches
Master VRRP is on Juniper Core 1
Things we need to have:
Junos 11.4R2.14 & Junos 10.1S6.2 Software Package

Jloader package
FTP server on laptop
2 units of EX8200-40XS-ES linecard
8 units of 10GE SFPs
SecureCRT on laptop
UTP cable
ExamDiff Software for file comparison
MultiPing Software for multiple ping test
Pre-migration Activity (14/11/2012 at 10PM)

1. Backup basic configuration (capture the result of the below show commands)
show system uptime | no-more
show version | no-more
show lldp neighbors | no-more
show chassis hardware | no-more
show chassis routing-engine | no-more
show configuration | no-more
show configuration | display set | no-more
show vlans | no-more
show ethernet-switching interfaces | no-more
show spanning-tree interface | no-more
show spanning-tree interface | match "VLAN|ROOT" | no-more
show spanning-tree interface detail | no-more
show spanning-tree bridge detail | no-more
show spanning-tree bridge detail | match "VLAN|Since" | no-more
show vrrp brief | no-more
show route | no-more
show ospf database | no-more
show ospf neighbor | no-more
show system alarm | no-more
show chassis alarm | no-more
show interface descriptions | no-more
show interface terse | no-more
show interface | no-more
show ethernet-switching interfaces ae0 | no-more
show interfaces extensive | match "Physical interface|Link mode|Link partner speed"| no-more
show interfaces extensive | match "Physical interface|error" | no-more
show interfaces extensive | match "Physical interface|error" | except "Errors: 0" | except "CRC/Align errors|FIFO errors" | no-more
show interfaces extensive | match "Physical interface|Framing errors|Collisions" | except "Framing errors: 0|Collisions: 0" | no-more
2. Backup log and rsi (capture the result of the below show commands)
show log messages.9.gz | no-more
show log messages | no-more
request support information | no-more
3. Ping the following ip addresses (capture the results so that you can compare after migration)
DWDM links
BAG
MAB
: 10.2.163.20
: 10.2.217.1
Corporate Offices
GLC
SHC
WAB
AMAB
Menara AmFirst
DION
: 10.0.159.1
: 10.3.9.1
: 10.2.128.1
: 10.7.148.1
: 10.20.4.1
: 10.14.133.1
Internet
Google DNS
: 8.8.8.8
4. Traceroute the following ip addresses (capture the results so that you can compare after migration)
DWDM links
BAG
MAB
: 10.2.163.20
: 10.2.217.1
Corporate Offices
GLC
SHC
WAB
AMAB
Menara AmFirst
DION
: 10.0.159.1
: 10.3.9.1
: 10.2.128.1
: 10.7.148.1
: 10.20.4.1
: 10.14.133.1
Internet
Google DNS
: 8.8.8.8
5. Console to Juniper Core 1 and show arp. Ping all the ip addresses on the arp table. Use MultiPing software to do this. Compare the
results before and after migration.
See the figure below on how to do it.
Once you click finish, you will see the ip address alone in one column, copy and paste the ip address in a notepad and then import this textfile in
the MultiPing software.
6. Configure interface me0 on Juniper Core 1 RE0 and Juniper Core 2 RE0. Assign ip address 10.10.10.2/24. Commit synchronize. You
have to this before the actual activity start.
set interface me0 unit 0 family inet address 10.10.10.2/24
show | compare
commit check
commit synchronize
Remain your console cable on RE0.
Connect your laptop using UTP cable to MGT port on RE0.
Assign your laptop as 10.10.10.3 mask 255.255.255.0 gateway 10.10.10.2.
Ping your laptop from the core switch, if successful proceed the next step.
7. Engage in JTAC
Call JTAC, the number is 1800889771 and get them to return call to your hand phone.
Request for secure meeting and share your desktop so that they could remote in.
Case Number: 2012-1010-1159.
Case Owner is Haridass Raghunathan,haridassr@juniper.net but likely he will be offduty during the upgrade, so next available engineer will take
over.
8. Backup configuration file
You must have ftp server running on your laptop. If you dont have, download one (such as Xlight FTP server)
admin@DF3-07-C1>start shell
%cd /config
%ftp 10.10.10.3
<key in your ftp server username and password>
Once connected to your ftp server, copy all the config file
ftp> mput juniper.conf.1.gz
Enter
Enter
This is the config file.

In the event anything goes wrong you can copy this
file back from your laptop to the switch

Enter
ftp> mput juniper.conf.gz
Exit ftp
ftp> quit
Navigate to /var/tmp directory
%cd /var/tmp
Next, copy the new Junos software package from your laptop to the switch
%ftp 10.10.10.3
Once connected to your ftp server, copy the software package
ftp> mget jinstall-ex-8200-11.4R2.14-domestic-signed.tgz
Enter
9. Migration Installation of linecard on both Juniper Core Switches (15/11/2012 at 12:01AM)
Insert the linecard in one of the empty slot, better ask Asnawi@Ambank on which slot he prefer to use.
Also insert the 10G sfp module (4 units each on every linecard)
10. Migration Upgrade Junos & Jloader on Juniper Core 1
Recheck whether the master RE is on RE0

asnawi@DF3-07-C1> show chassis routing-engine
Routing Engine status:
Slot 0:
Current state
Election priority
Disabled
Master (default)
Temperature
22 degrees C / 71 degrees F
DRAM
2048 MB
Memory utilization
33 percent
CPU utilization:
User
29 percent
Background
0 percent
Kernel
34 percent
Interrupt
1 percent
Idle
36 percent
Model
RE-EX8208
Serial ID
BT0910454081
Start time
2012-01-19 16:15:01 MYT
Uptime
289 days, 9 hours, 7 minutes, 47 seconds
Last reboot reason
0x1:power cycle/failure
Routing Engine status:
Slot 1:
Current state
Master
Election priority
Backup (default)
Temperature
20 degrees C / 68 degrees F
DRAM
2048 MB
Memory utilization
25 percent
CPU utilization:
User
14 percent
Background
0 percent
Kernel
80 percent
Interrupt
1 percent
Idle
5 percent
Model
RE-EX8208
Serial ID
BT0910454081
Start time
2012-11-04 01:07:56 MYT
Uptime
18 minutes, 1 second
Last reboot reason
Router rebooted after a normal shutdown.
Load averages:
1 minute 5 minute 15 minute
1.64
0.43
0.19
asnawi@DF3-07-C1#deactivate redundancy graceful-switchover

asnawi@DF3-07-C1#deactivate routing-options nonstop-routing
asnawi@DF3-07-C1#commit synchronize
While your console cable connected to Juniper Core 1
RE0, perform the upgrade on RE1.
For EX8208, we must upgrade junos first before we
upgrade jloader
asnawi@DF3-07-C1#exit
asnawi@DF3-07-C1> request system software add /var/tmp/ jinstall-ex-8200-11.4R2.14-domestic-signed.tgz re1 reboot
<this process will take up to 20minutes>
Once done switchover the master routing to the backup routing engine
asnawi@DF3-07-C1> request chassis routing-engine master switch
Toggle mastership between routing engines ? [yes,no] (no) yes
<this process will take up to 2 minutes as we have already disable GRES (graceful-switchover)>
Now that the master routing engine will be on RE1 while RE0 as backup
Move your console cable to RE1.
asnawi@DF3-07-C1> request system software add /var/tmp/ jinstall-ex-8200-11.4R2.14-domestic-signed.tgz re0 reboot
Next, copy the Junos to the alternative partition
asnawi@DF3-07-C1> request system snapshot slice alternate routing-engine both

Currently the master RE is still on RE1
Check the software version on both RE if they are using the latest version. You can check the version for both RE while your console cable
connected to master RE, which in this case will be on RE1
asnawi@DF3-07-C1> show system snapshot media internal
Information for snapshot on
internal (/dev/da0s1a) (primary)
Creation date: Nov 4 02:21:32 2012
JUNOS version on snapshot:
jbase : ex-11.4R2.14
jcrypto-ex: 11.4R2.14
jdocs-ex: 11.4R2.14
jkernel-ex: 11.4R2.14
jroute-ex: 11.4R2.14
jswitch-ex: 11.4R2.14
jweb-ex: 11.4R2.14
jpfe-ex82x: 11.4R2.14
internal (/dev/da0s2a) (backup)
Creation date: Jan 3 10:53:24 2012
jbase : 10.4R8.5
jdocs-ex: 10.4R8.5
jroute-ex: 10.4R8.5
jweb-ex: 10.4R8.5
jpfe-ex82x: 10.4R8.5
asnawi@DF3-07-C1> request routing-engine login backup

asnawi@DF3-07-C1> show system snapshot media internal
internal (/dev/da0s1a) (primary)
Creation date: Nov 4 02:21:32 2012
jbase : ex-11.4R2.14
jdocs-ex: 11.4R2.14
jroute-ex: 11.4R2.14
jweb-ex: 11.4R2.14
jpfe-ex82x: 11.4R2.14
internal (/dev/da0s2a) (backup)
Creation date: Jan 3 10:53:24 2012
jbase : 10.4R8.5
jdocs-ex: 10.4R8.5
jroute-ex: 10.4R8.5
jweb-ex: 10.4R8.5
jpfe-ex82x: 10.4R8.5
Next, proceed to upgrade the jloader.

Again, copy over the jloader software from your laptop to /var/tmp
%ftp 10.10.10.3
ftp> mget jloader-ex-3242-11.3I20110326_0802_hmerge-signed.tgz
Enter
You can only install jloader on the master routing engine
Your console cable is still on RE1 and the master RE is on RE1.

Determine the primary bank and the version of the loader software in the bank.
% kenv | grep boot.primary.bank
boot.primary.bank="0"
% kenv | grep boot.ver
boot.ver="2.4.0"
Enter the CLI and install the loader package:
asnawi@DF3-07-C1> request system software add /var/tmp/ jloader-ex-3242-11.3I20110326_0802_hmerge-signed.tgz
asnawi@DF3-07-C1> request system firmware upgrade scb
Firmware upgrade initiated....
Please wait for ~2mins for upgrade to complete....
After waiting for a couple of minutes, reboot the Routing Engine:
asnawi@DF3-07-C1> request system reboot
Reboot the system ? [yes,no] (no) yes
Enter the shell and verify that the previous backup bank is now the primary bank and that it contains the upgraded loader software:

boot.ver="3.5.0"
To install the loader software in the current backup bank we need to repeat the following step below. It will upgrade the loader
software on Memory Bank 0.
asnawi@DF3-07-C1> request system software add /var/tmp/ jloader-ex-3242-11.3I20110326_0802_hmerge-signed.tgz
Verify that after reboot jloader software is currently upgraded on Memory Bank 0.
boot.ver="3.5.0"
The following message might be displayed when a user logs in to the system:
--- JUNOS 10.4R3.4 built 2011-03-19 22:06:32 UTC
At least one package installed on this device has limited support.
Run 'file show /etc/notices/unsupported.txt' for details.
This message can be safely ignored. It appears as a result of upgrading the loader software after you upgrade Junos OS. You can permanently
remove this message by removing the loader software package and rebooting the routing-engine:
asnawi@DF3-07-C1> request system software delete jloader-ex-3242-11.3I20110326_0802
Unmounted /packages/mnt/jloader-ex-8200-11.3-20110310.0 ...
Now that we have completed jloader upgrade on RE1, so proceed with RE0.
asnawi@DF3-07-C1> request chassis routing-engine master switch
<this process will take up to 2 minutes as we have already disable GRES (graceful-switchover)>
Now that the master routing engine will be on RE0 while RE1 as backup
Next, proceed to upgrade the jloader.
Again, copy over the jloader software from your laptop to /var/tmp
%ftp 10.10.10.3
ftp> mget jloader-ex-3242-11.3I20110326_0802_hmerge-signed.tgz
Enter
You can only install jloader on the master routing engine
Your console cable is still on RE0 and the master RE is on RE0.

Determine the primary bank and the version of the loader software in the bank.
boot.ver="2.4.0"
Enter the CLI and install the loader package:
asnawi@DF3-07-C1> request system software add /var/tmp/jloader-ex-3242-11.3I20110326_0802_hmerge-signed.tgz

Enter the shell and verify that the previous backup bank is now the primary bank and that it contains the upgraded loader software:
boot.ver="3.5.0"
To install the loader software in the current backup bank we need to repeat the following step below. It will upgrade the loader
software on Memory Bank 0.
asnawi@DF3-07-C1> request system software add /var/tmp/jloader-ex-3242-11.3I20110326_0802_hmerge-signed.tgz
Verify that after reboot jloader software is currently upgraded on Memory Bank 0.
boot.ver="3.5.0"
The following message might be displayed when a user logs in to the system:
--- JUNOS 10.4R3.4 built 2011-03-19 22:06:32 UTC
At least one package installed on this device has limited support.
Run 'file show /etc/notices/unsupported.txt' for details.
This message can be safely ignored. It appears as a result of upgrading the loader software after you upgrade Junos OS. You can permanently
remove this message by removing the loader software package and rebooting the routing-engine:
asnawi@DF3-07-C1> request system software delete jloader-ex-3242-11.3I20110326_0802
Unmounted /packages/mnt/jloader-ex-8200-11.3-20110310.0 ...
After reboot, reactivate GRES.
asnawi@DF3-07-C1#activate redundancy graceful-switchover
asnawi@DF3-07-C1#activate routing-options nonstop-routing
asnawi@DF3-07-C1#set ethernet-switching-options nonstop-bridging
11. Verify whether Juniper Core 1 is working fine

show version
show vrrp
show spanning-tree
few ping test
show arp
If everything ok, proceed with Junos upgrade on Juniper Core 2.
If it is not ok, troubleshoot first for 1 hour if it doesnt help initiate fallback.
Refer to step 14 for fallback
12. Migration Upgrade Junos & Jloader on Juniper Core 2

Repeat step 10
Enable GRES once completed.
asnawi@DF3-07-C1#activate redundancy graceful-switchover
asnawi@DF3-07-C1#activate routing-options nonstop-routing
asnawi@DF3-07-C1#set ethernet-switching-options nonstop-bridging
If upgrade is successful proceed with step 13
13. Verify connectivity
Repeat step 1,2,3,4 and 5 and use ExamDiff software to compare the results before & after migration.
Get Ambank team to test their applications.
14. Fallback for Juniper Core 1
Console to Juniper Core 1 RE0.
Connect your laptop using UTP to RE0 via MGT port.
Connect to your ftp
admin@DF3-07-C1>start shell
%cd /var/tmp
%ftp 10.10.10.3
Once connected to your ftp server, copy the Junos version 10.1S6.2
ftp>mget jinstall-ex-8200-10.1S6.2-domestic-signed.tgz
ftp>quit
%cli
Install Junos version 10.1S6.2 on RE1
admin@DF3-07-C1> request system software add /var/tmp/ jinstall-ex-8200-10.1S6.2-domestic-signed.tgz re1 reboot
<this will take 20 minutes to complete>

Login to RE1 to check software version while console cable still on RE0.
admin@DF3-07-C1> request routing-engine login backup
admin@DF3-07-C1> show version
Once done, switchover the master routing engine to RE1
admin@DF3-07-C1> request chassis routing-engine master switch
Now you are connected on Juniper Core 1 RE1.
Access the RE0.
admin@DF3-07-C1> request routing-engine login backup
Downgrade Junos on RE0.
admin@DF3-07-C1> request system software add /var/tmp/ jinstall-ex-8200-10.1S6.2-domestic-signed.tgz re1 reboot
<this will take 20 minutes to complete>
Once completed, copy the software to the alternate slice
admin@DF3-07-C1> request system snapshot slice alternate routing-engine both
15. Verify connectivity after fallback Juniper Core 1
16. Fallback for Juniper Core 2

Perform downgrade on Juniper Core 2 only if needed.
Follow as per step 14.
17. Verify connectivity after fallback both Juniper Core 1 & 2
Proceed with troubleshooting with JTAC if you hit any issue.
Feel free to contact me if you need my help.

Navin +60133934939

Guide For Junos Upgrade

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Guide For Junos Upgrade

Hochgeladen von

Copyright:

Verfügbare Formate

Project Title: Server Virtualization

2 units of Juniper Core Switches at DF3

Things we need to have:

Junos 11.4R2.14 & Junos 10.1S6.2 Software Package

Pre-migration Activity (14/11/2012 at 10PM)

This is the config file.

ftp> mput juniper.conf.3.gz

10. Migration Upgrade Junos & Jloader on Juniper Core 1

Recheck whether the master RE is on RE0

asnawi@DF3-07-C1#deactivate redundancy graceful-switchover

<this process will take up to 20minutes>

asnawi@DF3-07-C1> request routing-engine login backup

Next, proceed to upgrade the jloader.

You can only install jloader on the master routing engine

Your console cable is still on RE1 and the master RE is on RE1.

% kenv | grep boot.ver

You can only install jloader on the master routing engine

Your console cable is still on RE0 and the master RE is on RE0.

Firmware upgrade initiated....

11. Verify whether Juniper Core 1 is working fine

12. Migration Upgrade Junos & Jloader on Juniper Core 2

<this will take 20 minutes to complete>

16. Fallback for Juniper Core 2

Feel free to contact me if you need my help.

Das könnte Ihnen auch gefallen