Sie sind auf Seite 1von 49

Introduction to Juniper Networks Routers - E-series

Introduction to Juniper Networks Routers - E-series 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408-745-2000

1194 North Mathilda Avenue Sunnyvale, CA 94089

USA

408-745-2000

www.juniper.net

Lab Guide

Juniper Networks, the Juniper Networks logo. NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. JUNOS and JUNOSe are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.

Introduction to Juniper Networks Routers—E-series Lab Guide, Revision 7.c Copyright © 2007, Juniper Networks, Inc.

All rights reserved. Printed in USA.

Revision History:

Revision 4.c—April 2003 Revision 7.a—September 2005 Revision 7.b—January 2007 Revision 7.c—April 2007

The information in this document is current as of the date listed above.

The information in this document has been carefully verified and is believed to be accurate for software Release 7.3.0. Juniper Networks assumes no responsibilities for any inaccuracies that may appear in this document. In no event will Juniper Networks be liable for direct, indirect, special, exemplary, incidental or consequential damages resulting from any defect or omission in this document, even if advised of the possibility of such damages.

Juniper Networks reserves the right to change, modify, transfer or otherwise revise this publication without notice.

YEAR 2000 NOTICE

Juniper Networks hardware and software products do not suffer from Year 2000 problems and hence are Year 2000 compliant. The JUNOS software has no known time-related limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036.

SOFTWARE LICENSE

The terms and conditions for using Juniper Networks software are described in the software license provided with the software, or to the extent applicable, in an agreement executed between you and Juniper Networks, or Juniper Networks agent. By using Juniper Networks software, you indicate that you understand and agree to be bound by its license terms and conditions. Generally speaking, the software license restricts the manner in which you are permitted to use the Juniper Networks software, may contain prohibitions against certain uses, and may state conditions under which the license is automatically terminated. You should consult the software license for further details.

Contents

Lab 1:

Introduction to the E-series Router CLI (Detailed)

1-1

Part 1: Log In to the E-series Router

1-3

Part 2: Restore Factory Default Configuration

1-3

Part 3: User Exec and Privileged Exec Modes

1-4

Part 4: CLI Shortcuts

1-9

Part 5: Basic show Commands

1-10

Part 6: File System Commands

1-13

Part 7: Change Boot Configuration Settings and Reload the E-series Router

1-14

Part 8: Review E-series System Operational Status and Configuration Settings

1-18

Lab 2:

E-series Router Configuration Basics (Detailed)

2-1

Part 1: Restore the Factory-Default Configuration

2-3

Part 2: Configure IP Parameters on the SRP's Fast Ethernet Interface

2-3

Part 3: Configure IP Parameters on a Loopback Interface

2-4

Part 4: Configure the Hostname and Telnet Service

2-5

Part 5: Configuring Primary, Secondary, and Tertiary Chassis Timing Sources

2-8

Part 6: Copying Files to Flash Memory

2-10

Part 7: Set the System Date and Time

2-10

Part 8: Configure an Entry in the Host Table

2-11

Part 9: Transfer Files Between the E-series Router and an FTP Server

2-12

Part 10: Create a Virtual Router

2-13

Part 11: Customize the Banner and Send Messages to Users (Optional)

2-16

Course Overview

The Introduction to Juniper Networks Routers—E-series course provides an introduction to the E-series router platforms, including the E320 router. The course covers E-series router features, applications, and hardware architecture. It gives an overview of using the E-series command-line interface (CLI), including user modes, CLI shortcuts, the file system, and file manipulation. The course teaches students how to use the CLI to perform basic router administration tasks and how to perform a basic configuration of an E-series router. The course also introduces the concept of virtual routers and discusses the basics of virtual router configuration.

Objectives

After successfully completing this course, you should be able to:

Describe the E-series router features and applications in both a B-RAS and dedicated access environment;

Describe the E-series router hardware architecture;

Describe the configuration options available for E-series hardware platforms;

List the different CLI user modes;

Describe the file system used on E-series routers;

Use the CLI to manipulate files, to reload E-series router, and to perform basic troubleshooting;

Use the CLI to configure the E-series platforms for basic IP connectivity; and

Perform basic virtual router configuration and management tasks.

Intended Audience

This course is intended for network professionals, managers, and anyone needing an overview of the E-series router.

Course Level

This is an introductory-level course designed to be a stepping-stone to the more advanced courses available in the Juniper Networks training curriculum.

Prerequisites

Students attending this course should have a general knowledge of the Internet Protocol, including addressing. Students should also have a basic understanding of the OSI model, including the roles played by layers 1-4. Familiarity with common TCP and UDP protocols, such as Telnet and FTP, is helpful.

This course is a required prerequisite for the following:

E-series Routing Protocols (formerly E-series Circuit Aggregation Basics)

E-series Broadband Remote Access Server Configuration Basics

Course Agenda

Day 1

Lab 1:

Introduction to the E-series Router CLI (Detailed)

Lab 2:

E-series Router Configuration Basics (Detailed)

Additional Information

Education Services Offerings

You can obtain information on the latest Education Services offerings, course dates, and class locations from the World Wide Web by pointing your Web browser to: http://www.juniper.net/training/education/ .

About This Publication

The Introduction to Juniper Networks Routers—E-series Lab Guide was developed and tested using software version 7.3.0. Previous and later versions of software may behave differently so you should always consult the documentation and release notes for the version of code you are running before reporting errors. This document is written and maintained by the Juniper Networks Education Services development team. Please send questions and suggestions for improvement to training@juniper.net.

Technical Publications

You can print technical manuals and release notes directly from the Internet in a variety of formats:

Locate the specific software or hardware release and title you need, and choose the format in which you want to view or print the document. Documentation sets and CDs are available through your local Juniper Networks sales office or account representative.

Juniper Networks Support

For technical support, contact Juniper Networks at http://www.juniper.net/customers/ support/, or at 1-888-314-JTAC (within the United States) or 408-745-2121 (from outside the United States).

Lab 1 Introduction to the E-series Router CLI (Detailed)

Overview

This lab introduces you to the E-series router command-line interface (CLI). It is available in two formats: a high-level format that is designed to make you think through each step and a detailed format that offers step-by-step instructions complete with sample output from most commands.

By completing this lab, you will perform the following tasks:

Access the E-series router using a console connection (either directly or through a terminal server)

Restore a factory-default configuration (if needed)

Explore the differences between User Exec mode and Privileged Exec mode

Use CLI shortcuts

Perform basic show commands and enter configuration mode

Manage the E-series router file system

Change boot configuration setting and reload the E-series router

Review E-series system operation and configuration file settings

Introduction to Juniper Network Routers - the E-series

Key User and Privileged Exec Mode Commands

Key User and Privileged Exec mode commands used in this lab include the following:

configure copy running-configuration dir enable reload show boot show configuration show controller show environment show hardware show interfaces show ip interface brief show ip route show timing show utilization show version

Our Example Physical Topology

Default Router Lo# : 192.168.#.1/32

Virtual Router: vr_# Lo# : 192.168.##.1/32

OC3 OC3
OC3 OC3
OC3 OC3
OC3 OC3
OC3 OC3
OC3 OC3
OC3 OC3
OC3 OC3

OC3

OC3

slot 2/0

slot 2/1

 
 
 

VCD 1#0, VPI 0, VCI 1#0

 

.1

10.10.#.0/24

.2

 

Fa

Fa

slot 1/2

slot 1/3

 

Ethernet VLAN ID : #

 
   

.1

10.20.#.0/24

.2

UU

UU
UU
UU
UU
UU
UU
UU
UU

SRP

Fa 0/0

192.168.109.158 / 24

10.20. # .0/24 .2 UU SRP Fa 0/0 192.168.109.158 / 24 FTP Server 192.168.109.220 Note :

FTP Server

192.168.109.220

Note :

# = Group number

Part 1: Log In to the E-series Router

Introduction to Juniper Network Routers - the E-series

Log in to the E-series router by performing the following step:

Note

Depending on your classroom location and setup, some of the cabling steps might have already been performed by your instructor. Please check with the instructor if you are unsure about the state of your router's patching and to determine whether you should be using direct console connections or accessing the console ports through a terminal server.

Step 1.1

Direct console connection: Connect your PC to the E-series router console port and cable the router using the network topology diagram, noting the slot numbers on the map. Launch the terminal emulation program provided on your PC and log in to the E-series router. Connection through a terminal server. If you are accessing the E-series router via a terminal server, your instructor will provide you with the required Telnet destination address and terminal server login information.

Part 2: Restore Factory Default Configuration

Note

If your router is already running a factory-default configuration, you might not need to perform this part. If you believe this is the case, please check with your instructor before skipping this part.

Step 2.1

Enter the following commands to restore a factory-default configuration:

ERX310-2> enable Password: ******** ERX310-2# configuration terminal Enter configuration commands, one per line. End with ^Z. ERX310(config)# boot config factory-defaults WARNING: Execution of this command will cause all configuration settings to revert to factory defaults upon the next system reboot. Proceed with 'boot config factory-defaults'? [confirm]y

ERX310(config)# exit ERX310# reload WARNING: This command will cause the system to reboot. Proceed with reload? [confirm]y

Reload operation commencing, please wait BPOSTO - Bypassing Boot Power-On Self-Tests (BPOST) BPOST1 - Bypassing Boot Power-On Self-Tests (BPOST) 6128 Symbols loaded. 0 auto-booting

boot device

: local:

unit number

:

0

processor number

:

0

inet on ethernet (e) : 1.1.1.1

flags (f)

: 0x26000000

other (o)

: local:/

Loading local:/images/srp/srp42d40134.exe

NOTE: Reverting System Configuration to factory defaults. SRP is running in slot 1 Logged in on console O. Copyright (c) 1999-2006 Juniper Networks, Inc. All rights reserved.

219002560 (from 55437395) Starting at 0x100000

ERX-310-41-e1-d1>

Introduction to Juniper Network Routers - the E-series

Part 3: User Exec and Privileged Exec Modes

Step 3.1

There are three different modes of operation on the E-series router. Initially, you are in the User Exec mode, which is a limited read-only mode. Each mode uses a different prompt.

Question: What is the prompt for User Exec mode?

Answer: The prompt takes the form of the router's configured hostname followed by a greater-than (>) sign. If the hostname has not been explicitly configured, the prompt is based on the MAC address of the SRP's Ethernet interface.

Step 3.2

Use the Question Mark (?) key to determine what commands are available in User Exec mode.

ERX-310-41-e1-d1> ?

baseline

Set a baseline for statistics

clear

Clear system information

default

Set a command to its default(s)

dhcp-external DHCP External

dir

Display a list of local files

disable

Reduce the command privilege level

enable

Enable access to privileged commands

erase

Erase configuration settings

exit

Exit from the current command mode

help

Describe the interactive help system

ip

Perform IP services

l2c

L2C operations

l2tp

L2TP operations

macro

Run a CLI macro

monitor

Monitor system information

mpls

Execute MPLS commands

mtrace

Trace the path that packets will traverse from source to

no

destination for a given group Negate a command or set its default(s)

ping

Send MPLS echo request to remote host

show

Display system information

sleep

Make the Command Interface pause for a specified duration

terminal

Configure the terminal line settings

test

Test the outcome of a commad

trace

Trace the path that packets traverse to their destination

traceroute

Trace the path that packets traverse to their destination

ERX-310-41-e1-d1>

Question: Can you enter Global Configuration mode directly from User Exec mode?

Answer: No. The configure command is not an option at the User Exec privilege level.

Step 3.3 Use the CLI to determine what show commands are available while in User Exec mode.

ERX-310-41-e1-d1> show ? aps arp atm bfd bgp

Display aps information Display ARP table entries Display ATM information Display information for BFD Display information for BGP

Introduction to Juniper Network Routers - the E-series

boot bridge

Display the settings currently in effect for the next reboot Display bridge information

bridge1483

Display the bridge1483 information

bulkstats cac classifier-list clns clock color-mark-profile columns controllers cops dos-protection-group drop-profile dvmrp egress-queue environment fabric-queue flash frame-relay gre hardware hdlc ike interfaces ip ipsec

Display bulkstats information Display CAC information Display classifier lists Display network information for CLNS Display the time and date Display color mark profile entries Display interface-column information Display controller information Display COPS information The DOS protection group Display drop profile Display dvmrp information Display egress queue statistics Display chassis environmental status (power, temp., etc.) Display fabric queue statistics Display information about the flash card Display frame relay information Display gre information Display system hardware information Display the Cisco-HDLC information Display IKE information Display interface status and configuration Display information for IP Display ipsec information

ipv6

Display information for IPv6

is-voice isis

Display information for is-voice Display IS-IS routing information

l2c

Display information for l2c

l2tp

Display L2TP information

l2vpn

Display L2VPN information

last-reset

Display information about the last system reset

ldp

Display ldp information

license

Display license information

line

Display line configuration

log

Display logs and logging configuration

mpls

Display mpls information

mroute

Display Multicast routing information

multicast

Display about igmp globally

nbma

Display Non-Broadcast Multi-Access Interface information

ntp

Display Network Time Protocol characteristics

nvs

Display nvs summary information

parent-group

Display parent group entries

policy-list

Display policy table entries

policy-parameter

Display policy parameter entries

ppp

Display the PPP information

pppoe

Display the PPPoE information

pppoe-service-name-table

Configure pppoe service-name table

privilege

Display privilege level

profile

Display profile configuration

qos

Display qos information

qos-parameter

Display qos parameter instance(s)

qos-parameter-define

Display qos parameter definition(s)

qos-port-type-profile

Display default port profile

qos-profile

Display qos-profile

qos-shared-shaper-control

Show QoS shared shaper controls

queue-profile

Display queue profile

rate-limit-profile

Display rate limit profile entries

reboot-history

Display information about the reboot history

rtr

Display information for rtr

scheduler-profile

Display scheduler profile

service-management

Display service management information

snmp

Display SNMP information

socket

Display BSD Socket-Emulation information

sscc

Display SSC Client Information

statistics-profile

Display scheduler profile

subscriber-policy

Display subscriber policies

subsystems

Display the subsystems that can be configured for a release

suspicious-control-flow-detection Suspicious control flow detection system

tcp

Display TCP information

terminal

Display the terminal configuration settings

track

Objects to be tracked

Introduction to Juniper Network Routers - the E-series

traffic-class

Display traffic class

traffic-class-group

Display traffic class group

tunnel-server

Display tunnel-server information

users

Display information about current users

version

Display system hardware and software version information

vlan

Display VLAN related information

vpls

Display information for a vpls instance

Step 3.4 Enter Privileged Exec mode.

ERX-310-41-e1-d1> enable

ERX-310-41-e1-d1#

Question: What is the prompt for Privileged Exec mode?

Answer: The Privileged Exec mode prompt replaces the greater-than sign with a hash or pound sign (#).

Step 3.5 Use the CLI to list the commands available in this mode.

ERX-310-41-e1-d1# ? aaa baseline clear clock configure copy debug default delete dhcp dhcp-external diag dir disable disconnect enable erase exit halt help hotfix ip

Configure authentication, authorization, and accounting characteristics Set a baseline for statistics Clear a state Set the system's clock Enter Global Configuration mode Copy files Configure debugging functions Set a command to its default(s) Delete a local file Perform DHCP operation DHCP External Reload and perform diagnostics on a specific slot Display a list of local files Reduce the command privilege level Disconnect remote CLI session Enable access to privileged commands Erase configuration settings Exit from the current command mode Halt the system in preparation for power down Describe the interactive help system Manage hotfixes Perform IP services

ipv6

Run IPv6 commands

l2c

L2C operations

l2tp

L2TP operations

log

Configure logging settings

logout

Logout PPP Subscribers

macro

Run a CLI macro

monitor

Monitor system information

more

Display contents of a file

mpls

Execute MPLS commands

mtrace

Trace the path that packets will traverse from source to destination for a

no

given group Negate a command or set its default(s)

ping

Send MPLS echo request to remote host

pppoe

Set PPPoE information

profile-reassign

Perform profile reassignment

reload

Halt and perform a cold restart

rename

Rename a local file

send

Send a message to specified lines

service-management Service management

show

Display system information

sleep

Make the Command Interface pause for a specified duration

Introduction to Juniper Network Routers - the E-series

telnet

Access a remote system via telnet

terminal

Configure the terminal line settings

test

Test the outcome of a commad

trace

Trace the path that packets traverse to their destination

traceroute

Trace the path that packets traverse to their destination

undebug

Disable debug logging functions

virtual-router

Specify a virtual router

write

Write system information

Question: How do the commands available in Privileged Exec mode compare with those available in User Exec mode?

Answer: There are many more commands available in Privileged Exec mode. Many of these additional commands are potentially invasive or provide potentially sensitive information about the router and its configuration. Additionally, users in Privileged Exec mode can use the configure command to modify the router's configuration.

Step 3.6 Use the CLI to list the available show commands when using Privileged Exec mode.

ERX-310-41-e1-d1# show ? aaa

Configure authentication, authorization, and accounting

access-list aps arp atm bfd bgp boot bridge

characteristics Display access list(s) Display aps information Display ARP table entries Display ATM information Display information for BFD Display information for BGP Display the settings currently in effect for the next reboot Display bridge information

bridge1483

Display the bridge1483 information

bulkstats

Display bulkstats information

cac

Display CAC information

classifier-list

Display classifier lists

clns

Display network information for CLNS

clock

Display the time and date

color-mark-profile

Display color mark profile entries

columns

Display interface-column information

configuration

Display the system's running configuration

control-plane

Display control plane information

controllers

Display controller information

cops

Display COPS information

dhcp

Display DHCP information

dos-protection-group

The DOS protection group

drop-profile

Display drop profile

dvmrp

Display dvmrp information

egress-queue

Display egress queue statistics

environment

Display chassis environmental status (power, temp., etc.)

exception

Display core dump configuration

fabric-queue

Display fabric queue statistics

flash

Display information about the flash card

forwarding-table

Display the forwarding table

frame-relay

Display frame relay information

ftp-server

Display information for FTP Server

gre

Display gre information

hardware

Display system hardware information

hdlc

Display the Cisco-HDLC information

hosts

Display the static host table

hotfix

Display hotfix information

ike

Display IKE information

interfaces

Display interface status and configuration

ip

Display information for IP

ip-subscriber

Display IP subscribers

Introduction to Juniper Network Routers - the E-series

ipsec

Display ipsec information

ipv6

Display information for IPv6

is-voice isis

Display information for is-voice Display IS-IS routing information

l2c

Display information for l2c

l2tp

Display L2TP information

l2vpn

Display L2VPN information

last-reset

Display information about the last system reset

ldp

Display ldp information

license

Display license information

line

Display line configuration

log

Display logs and logging configuration

memory-management

Display memory management information

mpls

Display mpls information

mroute

Display Multicast routing information

multicast

Display about igmp globally

nbma

Display Non-Broadcast Multi-Access Interface information

ntp

Display Network Time Protocol characteristics

nvs

Display nvs summary information

parent-group

Display parent group entries

policy-list

Display policy table entries

policy-parameter

Display policy parameter entries

ppp

Display the PPP information

pppoe

Display the PPPoE information

pppoe-service-name-table

Configure pppoe service-name table

privilege

Display privilege level

processes

Display information about the running processes

profile

Display profile configuration

qos

Display qos information

qos-parameter

Display qos parameter instance(s)

qos-parameter-define

Display qos parameter definition(s)

qos-port-type-profile

Display default port profile

qos-profile

Display qos-profile

qos-shared-shaper-control

Show QoS shared shaper controls

queue-profile

Display queue profile

radius

Display RADIUS server information

rate-limit-profile

Display rate limit profile entries

reboot-history

Display information about the reboot history

reload

Display system reload configuration

resource

Display resource parameters

route-map

Display route maps

rtr

Display information for rtr

scheduler-profile

Display scheduler profile

secrets

Display the current password settings

service-management

Display service management information

snmp

Display SNMP information

socket

Display BSD Socket-Emulation information

sscc

Display SSC Client Information

statistics

Display statistics information

statistics-profile

Display scheduler profile

subscriber-policy

Display subscriber policies

subscribers

Display activity connected and authenticated clients

subsystems

Display the subsystems that can be configured for a release

suspicious-control-flow-detection Suspicious control flow detection system

tacacs

Display TACACS+ server information

tcp

Display TCP information

telnet

Display status of telnet daemon

terminal

Display the terminal configuration settings

terminate-code

Display terminate code information

timing

Display network timing configuration and status

track

Objects to be tracked

traffic-class

Display traffic class

traffic-class-group

Display traffic class group

tunnel-server

Display tunnel-server information

users

Display information about current users

utilization

Display system resource utilization

version

Display system hardware and software version information

virtual-router

Display information pertaining to virtual routers

vlan

Display VLAN related information

vpls

Display information for a vpls instance

Step 3.7 Enter Global Configuration mode to configure the router from the terminal.

Introduction to Juniper Network Routers - the E-series

ERX-310-41-e1-d1# configure Configuring from terminal or file [terminal]? <Enter> Enter configuration commands, one per line. End with ^Z.

ERX-310-41-e1-d1(config)#

Question: In what two ways can you configure the E-series router?

Answer: You can configure the router from a script ( . s cr) file or from a terminal session, with the latter being the default option.

Question: What prompt indicates that you are in Global Configuration mode?

Answer: The word con fig appears in parentheses between the router name and the pound sign.

Step 3.8 Exit Global Configuration mode and return to Privileged Exec mode.

ERX-310-41-e1-d1(config)# end

ERX-310-41-e1-d1#

Part 4: CLI Shortcuts

Step 4.1

Note

The CLI captures in this lab used a router with redundant SRPs running in high-availability mode. The router in your lab environment might only have a single SRP running in file synchronization mode. If this is the case, some of the CLI captures might be slightly different.

You have already used the Question Mark (?) key shortcut to view all available commands as well as all available options for a particular command. The ? is very useful when navigating the E-series router CLI. There are other useful shortcuts as well. Use ? to assist in answering the following question:

Question: What show command would you use to determine the E-series system's hardware and software version information?

Answer: The show version command returns the requested information.

Step 4.2

Enter and execute the command identified in the previous step in its entirety. Then, use the Up Arrow key (or Ctrl-p) to recall the command from the command history.

ERX-310-41-e1-d1# show version Juniper Edge Routing Switch ERX-310

Introduction to Juniper Network Routers - the E-series

Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved. System Release: erx310_9-0-0.rel

Version: 9.0.0 release-0.0 [BuildId 8976]

(February 21, 2008 15:01)

System running for: 0 days, 17 hours, 22 minutes, 51 seconds

(since SAT FEB 21 2009 08:28:05 UTC)

slot state

---- ------ ---------- ------- ----- ---------------- -------------

0 online SRP310-10G enabled --- erx310_9-0-0.rel 0d17h:20m:24s

1 online FE-8 enabled --- erx310_9-0-0.rel 0d16h:44m:20s

2 online OC3-2A-GE enabled --- erx310_9-0-0.rel 0d17h:19m:15s

type

admin spare running release

slot uptime

ERX-310-41-e1-d1# <Up Arrow or Ctrl-p> show version

Step 4.3 You can save typing time by abbreviating commands. Abbreviations will work as long as you enter at least enough leading characters to identify the command uniquely. You can also type part of a command and use the Tab key to have the E-series router complete the command. Tab completion saves typing time and provides real-time syntax validation because tab completion will not complete a command if you have not entered enough leading characters to uniquely identify it or if it is invalid. Try tab completion now with the command show terminal. If the Tab key is unable to auto-complete the command, use ? to show all possible completions.

ERX-310-41-e1-d1# sh<Tab>ow ERX-310-41-e1-d1# show t<Tab> ERX-310-41-e1-d1# show t? tacacs tcp telnet terminal terminate-code timing track traffic-class traffic-class-group tunnel-server ERX-310-41-e1-d1# show te<Tab> ERX-310-41-e1-d1# show te? telnet terminal terminate-code ERX-310-41-e1-d1# show ter<Tab> ERX-310-41-e1-d1# show termina? terminal terminate-code ERX-310-41-e1-d1# show terminal <Enter> Length: 25 lines, Width: 80 columns data-character-bits: 8 bits per character exec-timeout never exec-banner enabled motd-banner enabled login-timeout 30 seconds

Step 4.4 Using the Up Arrow key (or ctrl-p), scroll through the history buffer until the show version command is displayed on the command line. Edit the command on the command line so that the command to view the current configuration is displayed.

ERX-310-41-e1-d1# show configuration

Part 5: Basic show Commands

Step 5.1

Use ? to answer the following questions. Verify your answers by running the show command.

Question: What show command would you use to determine the E-series router's hardware revision information, serial numbers and memory configuration?

Answer: The show hardware command displays information about hardware revisions, serial numbers, and memory size (if applicable).

Introduction to Juniper Network Routers - the E-series

ERX-310-41-e1-d1# show hardware serial

assembly

assembly

ram

slot

type

number

number

rev.

(MB)

----

----------

----------

----------

--------

----

0

SRP310-10G

4306102273

4500003051

A06

1024

1

GE/FE

4606010642

3500104555

A02

256

2

HYBRID

4305469608

4500005002

A03

256

 

number

of

 

serial

assembly

assembly

MAC

base

slot

number

number

rev.

addresses

MAC address

----

type ------------------

----------

----------

--------

---------

--------------

0

SRP310-10G I/O

4305392663

4500004201

A00

1

0090.1a41.e1d1

1

FE-8 I/O

4305381886

3501006702

A05

8

0090.1a41.dfa6

2

2xOC3-ATM 1xGE I/O

4305515142

4500005701

A03

1

0090.1a42.00c5

Question: What show command would you use to determine CPU and memory utilization?

Answer: The show utilization command displays CPU and memory usage details for each line module. The heap parameter indicates how much of the line module's RAM is in use by software.

ERX-310-41-e1-d1#show utilization Please wait System Resource Utilization

---------------------------

 

heap

cpu

slot

type

(%)

(%)

----

----------

----

---

0

SRP310-10G

34

3

1

FE-8

35

5

2

OC3-2A-GE

51

4

Question: What show command can you use to determine if the E-series system is overheating? What option can you add to that command to have the router display the actual temperature values?

Answer: You can use the show environment command to display information about the overall status of the E-series chassis, including its temperature status. Adding the all option to that command causes the router to display the same information plus a table of current temperatures. Adding the table option (instead of the all option) causes the router to only display the table of current temperatures.

ERX-310-41-e1-d1# show environment chassis: 3 slot (id 0x7, rev. 0x0) fabric: 10 Gbps (rev. 0) fans: fanSubsystemOk nvs: ok (1006MB flash disk, 84% full), matches running config power: A ok, B not present AC power: A ok, B not present srp redundancy: none slots: ok online: 0 1 2 line redundancy: none temperature: ok timing: primary

Introduction to Juniper Network Routers - the E-series

primary: internal SC oscillator (ok) secondary: internal SC oscillator (ok) tertiary: internal SC oscillator (ok) auto-upgrade enabled

system operational: yes

ERX-310-41-e1-d1# show environment ?

&>

Display and redirect the output to a file, replacing previous contents

&>>

Display and redirect the output to a file, appending to previous contents

>

Redirect the output to a file, replacing previous contents

>>

Redirect the output to a file, appending to previous contents

all

Display environment details

table Display environment table

|

Filter output using the CLI Filtering feature

<cr>

ERX-310-41-e1-d1# show environment all Please wait chassis: 3 slot (id 0x7, rev. 0x0) fabric: 10 Gbps (rev. 0) fans: fanSubsystemOk nvs: ok (1006MB flash disk, 84% full), matches running config power: A ok, B not present AC power: A ok, B not present srp redundancy: none slots: ok online: 0 1 2 line redundancy: none temperature: ok timing: primary primary: internal SC oscillator (ok) secondary: internal SC oscillator (ok) tertiary: internal SC oscillator (ok) auto-upgrade enabled

system operational: yes

 

processor

processor

IOA

IOA

temperature

temperature

temperature

temperature

slot

status

status

----

(10C - 70C) -----------

-----------

(10C - 70C) -----------

-----------

0

32

normal

33

normal

1

33

normal

28

normal

2

41

normal

36

normal

processor temperature ranges below -5C is too cold above 80C is too hot low temperature warning below 10C high temperature warning above 70C IOA temperature ranges below -5C is too cold above 80C is too hot low temperature warning below 10C high temperature warning above 70C

Question: What show command is used to view the configuration and system files currently configured to be used for the next system reboot?

Answer: The show boot command indicates which system release and configuration file the E-series router will use at the next reboot. The display output also indicates that this E-series router does not have any backup settings or parameters configured. Therefore, this E-series router will always reboot using the system release and configuration file indicated.

ERX-310-41-e1-d1# show boot Please wait

Introduction to Juniper Network Routers - the E-series

System Release:

System Configuration: running-configuration

erx310_9-0-0.rel

Note: This system is not configured with backup settings.

Question: What show command is used to determine the chassis timing configuration?

Answer: The show timing command displays information about the source and status of the E-series chassis timing.

ERX-310-41-e1-d1# show timing timing: primary primary: internal SC oscillator (ok) secondary: internal SC oscillator (ok) tertiary: internal SC oscillator (ok) auto-upgrade enabled

Part 6: File System Commands

Note

Be sure to use the CLI help features(question-mark context- sensitive help and tab completion) to help you determine the correct command to accomplish these tasks.

Step 6.1

Display the list of files on the flash card. To have the file name, size, unshared size, date, and in-use columns all appear on a single line, you might need to increase the width of your terminal emulation software and use the CLI command terminal width ## , where ## is a number larger than 85.

ERX-310-41-e1-d1#terminal width 85

ERX-310-41-e1-d1#dir

Please wait

 

unshared

in

file

size

size

date (UTC)

use

---------

---------

---

-------------------------- disk0:/incoming <DIR>

0

------------------- 02/26/2007 07:48:14

disk0:/outgoing <DIR>

16384

02/26/2007 07:48:14

disk0:reboot.hty

405184

405184

02/21/2009 09:06:36

disk0:system.log

567

567

02/21/2009 09:00:32

disk0:erx310_7-2-4p0-5.rel

160077342

142378264

04/22/2008 04:21:08

disk0:erx310_8-2-4.rel

182223038

182223038

01/16/2009 09:22:54

disk0:erx310_9-0-0.rel

194194435

194194435

02/02/2009 06:41:08

!

.

.

.

disk0:basic_conf.scr

 

3723

3723

08/21/2007 09:29:50

disk0:ftpTest.txt

1207834

1207834

02/09/2009 07:17:20

ram:bulkstats2.sts

2701

2701

02/22/2009 02:08:12

 

Disk capacity

 

-------------

Capacity

Free

Reserved

Device

(bytes)

(bytes)

(bytes)

------

----------

---------

--------

disk0:

1054900224

108065015

68157440

ram:

5777408

5741568

0

Question: What does the exclamation point ( ! ) indicate?

Introduction to Juniper Network Routers - the E-series

Answer: The exclamation point (!) indicates that the corresponding file is in use by the system. In this example, you can see that the E-series router software release (erx310_9-0-0.rel) is in use, which means the file cannot be deleted.

Question: For each type of file listed, indicate what each extension means.

Answer: The router uses the .cnf extension for binary configuration files. The .rel extension is used for E-series software releases. The router keeps the reboot history in a file with a .hty extension. Files containing scripts are denoted by the .scr extension, while macros are stored in files with a .mac extension. The .txt extension is used to indicate a plain text file. The other file types are for logs (.log), core dumps (.dmp), bulk statistics (.sts), and SSH server public keys (.pub).

Step 6.2 Save a copy of the running-configuration to a file on the flash card called test_#.cnf.

ERX-310-41-e1-d1# copy running-configuration test_#.cnf Please wait

Question: What will happen if you repeat this command?

Answer: Because you just created a file named test_#.cnf, the router prompts you to confirm your wanting to overwrite the existing test_#.cnf file.

Step 6.3 Delete the file test_#.cnf from the flash disk.

ERX-310-41-e1-d1# delete test_#.cnf

ERX-310-41-e1-d1#

Stop and determine if your all peer router teams is at the same point in the lab. If it is not,

do not continue until they are at the same point in the lab. This lab introduces many troubleshooting techniques and commands and assumes that the provider virtual router team and the workstation virtual router team are working closely together.

Part 7: Change Boot Configuration Settings and Reload the E-series Router

In this part of the lab, you will reload the E-series router using an existing configuration file called IJNRe-

lab1.cnf.

Step 7.1

Start by viewing the current configuration running on the E-series router. This configuration represents an E-series router using the factory-default configuration.

ERX-310-41-e1-d1# show configuration

! Configuration script being generated on SUN FEB 22 2009 02:35:18 UTC

! Juniper Edge Routing Switch ERX-310

! Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01)

! Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved.

Introduction to Juniper Network Routers - the E-series

!

!

Commands displayed are limited to those available at privilege level 10

!

boot config running-configuration

boot system erx310_9-0-0.rel no boot backup no boot subsystem no boot backup subsystem no boot force-backup service ctrl-x-reboot line console 0 line vty 0 4

!

!

traffic-class best-effort

!

drop-profile default

!

queue-profile default

!

scheduler-profile default

!

qos-shared-shaper-control

!

statistics-profile default

!

qos-profile atm-default

!

qos-profile serial-default

!

qos-profile ethernet-default

!

qos-profile server-default

!

qos-profile lag-default

!

!

qos-port-type-profile ethernet qos-profile ethernet-default

!

qos-port-type-profile atm qos-profile atm-default

!

qos-port-type-profile serial qos-profile serial-default

!

qos-port-type-profile server-port qos-profile server-default

!

qos-port-type-profile lag qos-profile lag-default

!

virtual-router default interface null 0 interface fastEthernet 0/0 no ip source-route

license ipsec-tunnels l0agskcs7wd6w6 log engineering log verbosity low no log severity * no log engineering

log fields timestamp instance no-calling-task

! End of generated configuration script.

Step 7.2

Use the CLI help feature to answer the following questions about the show configuration command.

Question: What option do you use to have the router display only a specified portion of the configuration (everything relating to physical layer protocols, for example)?

Introduction to Juniper Network Routers - the E-series

Answer: The category option to show configuration allows you to filter the display so that the router prints only the portions of the configuration that are in the specified category.

Question: What option do you use to have the router display only the configuration for a specific interface?

Answer: The interface option to show configuration tells the router to print the current configuration for only the specified interface.

Question: What option do you use to have the router display only the configuration for a specific virtual router?

Answer: The virtual-router option to show configuration tells the router to print the current configuration for only the specified virtual router.

Question: What general CLI output-filtering commands can you use to filter the output of show configuration? (Hint: These are the commands that follow the pipe ( I ) character.)

Answer: You can use the begin, include, and exclude commands to filter the output from any show command, including show configuration.

ERX-310-41-e1-d1# show configuration ?

&>

Display and redirect the output to a file, replacing previous

Redirect the output to a file, replacing previous contents

&>>

contents Display and redirect the output to a file, appending to previous

>

contents

>>

Redirect the output to a file, appending to previous contents

category

Display the configuration for a specific category

exclude-category Exclude category from output include-defaults Include commands that set default values for various parameters

interface

Display the configuration for a specific interface

virtual-router

Display information pertaining to a specific virtual router

|

Filter output using the CLI Filtering feature

<cr>

ERX-310-41-e1-d1# show configuration | ?

begin

exclude Display only those lines that do not include the filtering text

include Display only those lines that include the filtering text

Display lines only after a line is found that includes the filtering text

Step 7.3 Determine the configuration file and system image the E-series router will use the next time it reloads.

ERX-310-41-e1-d1# show boot Please wait

System Release:

System Configuration: running-configuration

erx310_9-0-0.rel

Introduction to Juniper Network Routers - the E-series

Note: This system is not configured with backup settings.

Question: Configuration filename:

Answer: The configuration filename is running-configuration.

Question: System release filename:

Answer: The system release filename is erx 7-3-0 . rel.

Step 7.4

From your terminal, enter Global Configuration mode. Change the boot configuration to use the file IJNRe-lab1.cnf as its configuration file only the next time it boots.

ERX-310-41-e1-d1# configure terminal Enter configuration commands, one per line. End with ^Z. ERX-310-41-e1-d1(config)# boot config IJNRe-labl.cnf once

Question: Does this command cause the E-series router to reboot?

Answer: No. This command merely changes the configuration file that will be used for the next boot.

Step 7.5

Exit Global Configuration mode and verify that the E-series router will boot using the IJNRe-lab1.cnf file as its configuration file the next time it boots and that it will only use this file for the next boot.

ERX-310-41-e1-d1# exit ERX-310-41-e1-d1# show boot Please wait

System Release:

System Configuration: IJNRe-labl.cnf once

erx310_9-0-0.rel

Note: This system is not configured with backup settings.

Question: What keyword tells you this file will only be used for the next boot?

Answer: The once keyword specified that this configuration file will only be used for the next boot. On subsequent boots, the router will revert to using the default configuration file (running-configuration in Automatic Commit mode).

Introduction to Juniper Network Routers - the E-series

Step 7.6 Reload the E-series router.

ERX-310-41-e1-d1# reload WARNING: This command will cause the system to reboot. Proceed with reload? [confirm]y

WARNING: The Standby SRP may not be in sync with this SRP. Perform a sync before reloading? [confirm]y Reload operation commencing, please wait BPOSTO - Bypassing Boot Power-On Self-Tests (BPOST) BPOST1 - Bypassing Boot Power-On Self-Tests (BPOST) 6128 Symbols loaded. 0 auto-booting

boot device

: local:

unit number

:

0

processor number

inet on ethernet (e) : 1.1.1.1

:

0

flags (f)

: 0x26000000

other (0)

: local:/

Loading local:/images/srp/srp42d40134.exe

NOTE: Restoring System Configuration from file IJNRe-labl.cnf SRP is running in slot 1 Logged in on console O. Copyright (c) 1999-2006 Juniper Networks, Inc. All rights reserved.

219002560 (from 55437395) Starting at Ox100000

E-310>

Step 7.7 While your router is booting, review the network topology diagram for Lab 1. Notice that the SRP management port IP address is missing the host address. Fill in the correct host address for this interfaces based on your router number. For example, if you are working on erx3, the default router's SRP management IP address is 192.168.109.158.

Part 8: Review E-series System Operational Status and Configuration Settings

Use the network topology diagram and context-sensitive help to complete the following tasks.

Step 8.1

Have the router display a short listing of all currently configured IP interfaces and their operational state.

E-310> show ip interface brief

Interface

IP-Address

Status

Protocol

Description

-------------------- ------------------- ---------- ----------- ---------------

null0

255.255.255.255/32 up

up

Loopback#

192.168.#.1/32

up

up

FastEthernet0/0

192.168.109.158/24 up

up

erx-srp

ATM2/0.1#0

10.10.#.1/32

up

up

atm-to-vr_#

FastEthernet1/2.#

10.20.#.1/32

up

up

enet-to-vr_#

Step 8.2

Determine if the E-series router is transmitting or receiving frames on the Fast Ethernet interface connected to virtual router vr_#. You can obtain the interface name from the previous step.

E-310> show interfaces fastEthernet 1/2 FastEthernet1/2 is Up, Administrative status is Up Hardware is Intel 21440, address is 0090.1a41.dfa8 MAU is 100BASE-TX MTU: Operational 1518, Administrative 1518 Duplex Mode: Operational Full Duplex, Administrative Auto Negotiate Speed: Operational 100 Mbps, Administrative Auto Negotiate

No baseline has been set

5

minute input rate 0 bits/sec, 0 packets/sec

5

minute output rate 0 bits/sec, 0 packets/sec

In: Bytes 986, Unicast 5 Multicast 0, Broadcast 4 Errors 0, Discards 0, Mac Errors 0, Alignment 0 CRC 0, Too Longs 0, Symbol Errors 0 Out: Bytes 986, Unicast 6 Multicast 0, Broadcast 3

Introduction to Juniper Network Routers - the E-series

Errors 0, Discards 0, Mac Errors 0, Deferred 0, No Carrier 0 Collisions: Single 0, Multiple 0, Late 0, Excessive 0 Policed Statistics:

In: 0, Out: 0 ARP Statistics:

In: ARP requests 4, ARP responses 0 Errors 0, Discards 0 Out: ARP requests 3, ARP responses 1 Errors 0, Discards 0

Administrative qos-shaping-mode: none Operational qos-shaping-mode: none queue 0: traffic class best-effort, bound to ethernet FastEthernet1/2 Queue length 0 bytes Forwarded packets 0, bytes 0 Dropped committed packets 0, bytes 0 Dropped conformed packets 0, bytes 0 Dropped exceeded packets 0, bytes 0 queue 1: traffic class control, bound to FastEthernet1/2 Queue length 0 bytes Forwarded packets 4, bytes 168 Dropped committed packets 0, bytes 0 Dropped conformed packets 0, bytes 0 Dropped exceeded packets 0, bytes 0

Step 8.3 Determine if the router is sending or receiving IP packets on the same Fast Ethernet interface connected to vr_#.

E-310> show interfaces fastEthernet 1/2

FastEthernet1/2 line protocol Ethernet is up, ip is up Description: enet-to-vr_# Network Protocols: IP Internet address is 10.20.#.1/255.255.255.0 Broadcast address is 255.255.255.255 Operational MTU = 1500 Administrative MTU = 0 Operational speed = 100000000 Administrative speed = 0 Discontinuity Time = 14606 Router advertisement = disabled Proxy Arp = enabled Network Address Translation is disabled TCP MSS Adjustment = disabled Administrative debounce-time = disabled

Operational debounce-time

Access routing = disabled Multipath mode = hashed Auto Configure = disabled Auto Detect = disabled Inactivity Timer = disabled Use Framed Routes = disabled Warm-restart initial-sequence-preference: Operational = 0 Administrative = 0

= disabled

In Received Packets 5, Bytes 640 Unicast Packets 5, Bytes 640 Multicast Packets 0, Bytes 0 In Policed Packets 0, Bytes 0 In Error Packets 0 In Invalid Source Address Packets 0 In Discarded Packets 0 Out Forwarded Packets 5, Bytes 640 Unicast Packets 5, Bytes 640 Multicast Routed Packets 0, Bytes 0 Out Scheduler Dropped Packets 0, Bytes 0 Out Policed Packets 0, Bytes 0 Out Discarded Packets 0

Administrative qos-shaping-mode: none Operational qos-shaping-mode: none queue 0: traffic class best-effort, bound to ethernet FastEthernet1/2 Queue length 0 bytes Forwarded packets 5, bytes 730 Dropped committed packets 0, bytes 0 Dropped conformed packets 0, bytes 0

Introduction to Juniper Network Routers - the E-series

Dropped exceeded packets 0, bytes 0

Step 8.4 Verify network connectivity by sending 100 ping packets to the IP address of the Fast Ethernet interface in vr_#, 10.20.#.2.

E-310> ping 10.20.#.2 100 Sending 100 ICMP echoes to 10.20.#.2, timeout = 2 sec. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Success rate = 100% (100/100), round-trip min/avg/max = 3/3/38 ms

Step 8.5 Using the Up Arrow key, examine the Fast Ethernet's IP interface statistics again to verify that the router sent and received the ping packets.

E-310> show interfaces fastEthernet 1/2

FastEthernet1/2 line protocol Ethernet is up, ip is up Description: enet-to-vr_# Network Protocols: IP Internet address is 10.20.#.1/255.255.255.0 Broadcast address is 255.255.255.255 Operational MTU = 1500 Administrative MTU = 0 Operational speed = 100000000 Administrative speed = 0 Discontinuity Time = 14606 Router advertisement = disabled Proxy Arp = enabled Network Address Translation is disabled TCP MSS Adjustment = disabled Administrative debounce-time = disabled

Operational debounce-time

Access routing = disabled Multipath mode = hashed Auto Configure = disabled Auto Detect = disabled Inactivity Timer = disabled Use Framed Routes = disabled Warm-restart initial-sequence-preference: Operational = 0 Administrative = 0

= disabled

In Received Packets 105, Bytes 13440 Unicast Packets 105, Bytes 13440 Multicast Packets 0, Bytes 0 In Policed Packets 0, Bytes 0 In Error Packets 0 In Invalid Source Address Packets 0 In Discarded Packets 0 Out Forwarded Packets 106, Bytes 13592 Unicast Packets 106, Bytes 13592 Multicast Routed Packets 0, Bytes 0 Out Scheduler Dropped Packets 0, Bytes 0 Out Policed Packets 0, Bytes 0 Out Discarded Packets 0

Administrative qos-shaping-mode: none Operational qos-shaping-mode: none queue 0: traffic class best-effort, bound to ethernet FastEthernet1/2 Queue length 0 bytes Forwarded packets 105, bytes 15330 Dropped committed packets 0, bytes 0 Dropped conformed packets 0, bytes 0 Dropped exceeded packets 0, bytes 0

Step 8.6 Determine the operational status of all SONET controllers on the router.

E-310> show controllers sonet

Interfaces

ifAdminStatus

OperationalStatus

oc3

2/0

(non channelized)

up

up

oc3

2/1

(non channelized)

up

up

Introduction to Juniper Network Routers - the E-series

Question: What status is currently displayed on your router for the SONET controllers used for the ATM connections?

Answer: In the above example, the operational status is up for both SONET controllers used for ATM connections.

Step 8.7 View the router's IP routing table.

E-310> show ip route Protocol/Route type codes:

I1- ISIS level 1, I2- ISIS level2, I- route type intra, IA- route type inter, E- route type external, i- metric type internal, e- metric type external, P- periodic download, O- OSPF, E1- external type 1, E2- external type2, N1- NSSA external type1, N2- NSSA external type2 L- MPLS label, V- VRF, *- via indirect next-hop

Prefix/Length

Type

Next Hop

Dst/Met

Interface

------------------ --------- --------------- ---------- ----------------------------------------

10.10.#.0/24

Connect

10.10.#.1

0/0

ATM2/0.1#0

192.168.109.0/24

Connect

192.168.109.158 0/0

FastEthernet0/0

10.20.#.0/24

Connect

10.20.#.1

0/0

FastEthernet1/2.#

192.168.#.1/32

Connect

192.168.#.1

0/0

loopback#

192.168.##.0/24

Static

10.10.#.2

1/0

ATM2/0.1#0

 

10.20.#.2

1/0

FastEthernet1/2.#

Question: Is there a route to vrl's loopback0 address? If so, what type of route is it?

Answer: There are two static routes to vrl's loopback0 address.

Step 8.8 Verify that you can ping the IP address of vr_#'s loopback0 interface.

E-310> ping 192.168.##.1 Sending 5 ICMP echoes to 192.168.##.1, timeout = 2 sec. !!!!! Success rate = 100% (5/5), round-trip min/avg/max = 4/4/4 ms

Step 8.9 View the current configuration.

Question: What CLI mode must you access to view the configuration?

Answer: You must be in Privileged Exec mode to view the configuration.

E-310> enable E-310# show configuration

! Configuration script being generated on SUN FEB 22 2009 02:35:18 UTC

! Juniper Edge Routing Switch ERX-310

! Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01)

! Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved.

Introduction to Juniper Network Routers - the E-series

!

! Commands displayed are limited to those available at privilege level 10

!

boot config running-configuration

boot system erx310_9-0-0.rel no boot backup no boot subsystem no boot backup subsystem no boot force-backup hostname "E-310" service ctrl-x-reboot line console 0 line vty 0 4

!

!

traffic-class best-effort

!

drop-profile default

!

queue-profile default

!

scheduler-profile default

!

qos-shared-shaper-control

!

statistics-profile default

!

qos-profile atm-default

!

qos-profile serial-default

!

qos-profile ethernet-default

!

qos-profile server-default

!

qos-profile lag-default

!

!

qos-port-type-profile ethernet qos-profile ethernet-default

!

qos-port-type-profile atm qos-profile atm-default

!

qos-port-type-profile serial qos-profile serial-default

!

qos-port-type-profile server-port qos-profile server-default

!

qos-port-type-profile lag qos-profile lag-default

!

virtual-router default interface null 0 interface loopback # ip address 192.168.#.1 255.255.255.255 interface atm 2/0 atm clock internal chassis interface atm 2/0.1#0 point-to-point atm pvc 1#0 0 1#0 aal5snap 0 0 0 ip description atm-to-vr_# ip address 10.10.#.1 255.255.255.0

!

interface atm 2/1.1#0 point-to-point atm pvc 1#0 0 1#0 aal5snap 0 0 0 interface fastEthernet 0/0 ip description erx3-srp ip address 192.168.109.158 255.255.255.0 interface fastEthernet 1/2 mtu 1522 encapsulation vlan

!

interface fastEthernet 1/2.# ip description enet-to-vr_# vlan id # ip address 10.20.2.1 255.255.255.0

!

interface fastEthernet 1/3

mtu 1522 encapsulation vlan

!

interface fastEthernet 1/3.# vlan id #

. . ip route 192.168.##.0 255.255.255.0 10.10.#.2

ip route 192.168.##.0 255.255.255.0 10.20.#.2 license ipsec-tunnels l0agskcs7wd6w6

.

!

Introduction to Juniper Network Routers - the E-series

! ================================================================================================== virtual-router vr_# aaa authentication atm1483 default radius aaa accounting atm1483 default radius aaa authentication ip default radius aaa accounting ip default radius aaa authentication ipsec default radius aaa accounting ipsec default radius aaa authentication ppp default radius aaa accounting ppp default radius

!

ip address-pool local aaa authentication radius-relay default radius aaa accounting radius-relay default radius aaa authentication tunnel default radius aaa accounting tunnel default radius

interface null 0 interface loopback 0 ip address 192.168.##.1 255.255.255.255 interface atm 6/1.1#0 ip description atm-to-default ip address 10.10.#.2 255.255.255.0 interface fastEthernet 1/3.# ip description enet-to-default ip address 10.20.#.2 255.255.255.0 ip route 192.168.#.0 255.255.255.0 10.10.#.1 ip route 192.168.#.0 255.255.255.0 10.20.#.1

. . no ip source-route log engineering log verbosity low no log severity * no log engineering

log fields timestamp instance no-calling-task

.

! End of generated configuration script.

Question: Does this display include default configuration settings? If not, how can you have the router display both the default and nondefault configuration?

Answer: No, show configuration does not cause the router to include most default settings.To display both the default and nondefault configuration, you can add the include-defaults option.

Step 8.10 View the router's interface configuration.

E-310# show configuration category interfaces

!

Configuration script being generated on SUN FEB 22 2009 05:12:04 UTC

!

Juniper Edge Routing Switch ERX-310

!

Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01)

!

Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved.

!

!

Commands displayed are limited to those available at privilege level 10

!

Introduction to Juniper Network Routers - the E-series

!

NOTE: This script represents only a subset of the full system configuration.

!

The category displayed is: interfaces

!

virtual-router default interface null 0 interface loopback # ip address 192.168.#.1 255.255.255.255 interface atm 2/0 atm clock internal chassis interface atm 2/0.1#0 point-to-point atm pvc 1#0 0 1#0 aal5snap 0 0 0 ip description atm-to-vr_#

ip address 10.10.#.1 255.255.255.0

!

interface atm 2/1.1#0 point-to-point atm pvc 1#0 0 1#0 aal5snap 0 0 0 interface fastEthernet 0/0 ip description erx3-srp ip address 192.168.109.158 255.255.255.0 interface fastEthernet 1/2 mtu 1522 encapsulation vlan

!

interface fastEthernet 1/2.# ip description enet-to-vr_# vlan id # ip address 10.20.2.1 255.255.255.0

!

interface fastEthernet 1/3 mtu 1522 encapsulation vlan

!

interface fastEthernet 1/3.# vlan id #

!

==================================================================================================

!

virtual-router vr_# interface null 0 interface loopback 0 ip address 192.168.##.1 255.255.255.255 interface atm 6/1.1#0

ip description atm-to-default ip address 10.10.#.2 255.255.255.0 interface fastEthernet 1/3.# ip description enet-to-default ip address 10.20.#.2 255.255.255.0

Step 8.11 View the configuration for only the SRP's Fast Ethernet interface.

E-310# show configuration interface fastEthernet 0/0

!

Configuration script being generated on SUN FEB 22 2009 04:57:53 UTC

!

Juniper Edge Routing Switch ERX-310

!

Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01)

!

Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved.

!

!

Commands displayed are limited to those available at privilege level 10

!

! NOTE: This script represents only a subset of the full system configuration. interface fastEthernet 0/0 ip description erx-srp ip address 192.168.109.158 255.255.255.0

Tell your instructor that you have completed Lab 1.

Lab 2 E-series Router Configuration Basics (Detailed)

Overview

This lab introduces basic E-series router configuration commands. It is available in two formats:

a high-level format that is designed to make you think through each step and a detailed format that offers step-by-step instructions complete with sample output from most commands.

By completing this lab, you will perform the following tasks:

Restore the factory-default configuration

Configure IP parameters on the SRP's Fast Ethernet interface

Configure IP parameters on a loopback interface

Configure the hostname and Telnet server

Configure primary, secondary, and tertiary chassis timing sources

Copy files to flash memory

Set the system date and time

Configure an entry in the host table on the E-series router

Copy a backup of the E-series router's configuration to a FTP server and copy a file from the FTP server to the E-series router

Create a virtual router

Customize the banner and send messages to users (optional)

Introduction to Juniper Network Routers - the E-series

Key User and Privileged Exec Mode Commands

Key User and Privileged Exec mode commands used in this lab include the following:

clear line clock set configure copy enable exit ping reload send show configuration show hosts show ip interface brief show ip route show timing show users show virtual-router telnet

Our Example Physical Topology

Default Router Lo# : 192.168.#.1/32

Virtual Router: vr_# Lo# : 192.168.##.1/32

OC3 OC3
OC3 OC3
OC3 OC3
OC3 OC3
OC3 OC3
OC3 OC3
OC3 OC3
OC3 OC3

OC3

OC3

slot 2/0

slot 2/1

 
 
 

VCD 1#0, VPI 0, VCI 1#0

 

.1

10.10.#.0/24

.2

 

Fa

Fa

slot 1/2

slot 1/3

 

Ethernet VLAN ID : #

 
   

.1

10.20.#.0/24

.2

UU

UU
UU
UU
UU
UU
UU
UU
UU

SRP

Fa 0/0

192.168.109.158 / 24

10.20. # .0/24 .2 UU SRP Fa 0/0 192.168.109.158 / 24 FTP Server 192.168.109.220 Note :

FTP Server

192.168.109.220

Note :

# = Group number

Part 1: Restore the Factory-Default Configuration

Introduction to Juniper Network Routers - the E-series

Step 1.1

Enter Global Configuration mode on the E-series router.

E-310# configure terminal Enter configuration commands, one per line. End with ^Z.

E-310(config)#

Step 1.2 Configure the E-series router to boot using the factory-default configuration file, verify the boot configuration, and use the reload command to reboot the router.

ERX310(config)# boot config factory-defaults WARNING: Execution of this command will cause all configuration settings to revert to factory defaults upon the next system reboot. Proceed with 'boot config factory-defaults'? [confirm]y

ERX310(config)# exit ERX310# reload WARNING: This command will cause the system to reboot. Proceed with reload? [confirm]y

Reload operation commencing, please wait BPOSTO - Bypassing Boot Power-On Self-Tests (BPOST)

BPOST1 - Bypassing Boot Power-On Self-Tests (BPOST) 6128 Symbols loaded. 0 auto-booting

boot device

: local:

unit number

:

0

processor number

:

0

inet on ethernet (e) : 1.1.1.1

flags (f)

: 0x26000000

other (o)

: local:/

Loading local:/images/srp/srp42d40134.exe

NOTE: Reverting System Configuration to factory defaults. SRP is running in slot 1 Logged in on console O. Copyright (c) 1999-2006 Juniper Networks, Inc. All rights reserved.

219002560 (from 55437395) Starting at 0x100000

ERX-310-41-e1-d1>

Step 1.3 While your router is booting, review the network topology diagram for Lab 2. Notice that the loopback interfaces and the SRP management port IP addresses are missing host addresses. Fill in the correct host address for these interfaces based on your group number. For example, if you are working on group 3, the virtual router's loopback 0 IP address is 192.168.33.1.

Part 2: Configure IP Parameters on the SRP's Fast Ethernet Interface

Note

Use the information on the topology diagrams and the Question Mark (?) key to assist you in performing the following steps.

Step 2.1

Enter Privileged Exec mode and review the current configuration of the SRP's Fast Ethernet interface.

ERX-310-41-e1-d1> enable ERX-310-41-e1-d1# show configuration interface fastEthernet 0/0

!

Configuration script being generated on SUN FEB 22 2009 05:35:16 UTC

!

Juniper Edge Routing Switch ERX-310

!

Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01)

!

Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved.

!

!

Commands displayed are limited to those available at privilege level 10

!

!

NOTE: This script represents only a subset of the full system configuration.

Introduction to Juniper Network Routers - the E-series

interface fastEthernet 0/0

Step 2.2

Enter Global Configuration mode. Then, enter Interface Configuration mode and configure the Fast Ethernet interface on the SRP using the IP address and subnet mask indicated on the topology diagram. For the host IP address, the # represents your assigned router number.

ERX-310-41-e1-d1# configure terminal Enter configuration commands, one per line. End with ^Z. ERX-310-41-e1-d1(config)# interface fastEthernet 0/0 ERX-310-41-e1-d1(config-if)# ip address 192.168.109.158 255.255.255.0

Step 2.3 Configure an IP description for the SRP's Fast Ethernet interface. Use a description of erx#-srp, where # represents your assigned router number.

ERX-310-41-e1-d1(config-if)# ip description erx-srp

Step 2.4 Return to Privileged Exec mode, review your configuration for accuracy, and then verify that you can ping the FTP server indicated on the topology diagrams.

Note

If you are unable to ping the FTP server indicated on diagram, please notify your instructor.

ERX-310-41-e1-d1(config-if)# end ERX-310-41-e1-d1# show configuration interface fastEthernet 0/0

!

Configuration script being generated on SUN FEB 22 2009 05:35:16 UTC

!

Juniper Edge Routing Switch ERX-310

!

Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01)

!

Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved.

!

!

Commands displayed are limited to those available at privilege level 10

!

! NOTE: This script represents only a subset of the full system configuration. interface fastEthernet 0/0 ip description erx-srp ip address 192.168.109.158 255.255.255.0

ERX-310-41-e1-d1# ping 192.168.109.220 Sending 5 ICMP echoes to 192.168.109.220, timeout = 2 sec. !!!!! Success rate = 100% (5/5), round-trip min/avg/max = 0/0/1 ms

Part 3: Configure IP Parameters on a Loopback Interface

Step 3.1

Enter Global Configuration mode. Then, enter Interface Configuration mode and configure the loopback 0 interface using the IP address and subnet mask shown on the network topology diagram. For the host IP address, the # represents your assigned router number. Configure the subnet mask using the prefix- length notation.

ERX-310-41-e1-d1# configure terminal Enter configuration commands, one per line. End with ^Z. ERX-310-41-e1-d1(config)# interface loopback # ERX-310-41-e1-d1(config-if)# ip address 192.168.#.1/32

Step 3.2 Without leaving Interface Configuration mode, review the configuration for accuracy.

ERX-310-41-e1-d1(config)# run show configuration interface loopback #

! Configuration script being generated on SUN FEB 22 2009 05:57:40 UTC

! Juniper Edge Routing Switch ERX-310

Introduction to Juniper Network Routers - the E-series

!

Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01)

!

Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved.

!

!

Commands displayed are limited to those available at privilege level 10

!

! NOTE: This script represents only a subset of the full system configuration. interface loopback # ip address 192.168.#.1 255.255.255.255

Question: How did you execute a Privileged Exec mode command without exiting Interface Configuration mode?

Answer: You can run any User Exec or Privileged Exec mode command within any configuration mode by prefacing it with the run or the do command. Context-sensitive help and command completion are also available when using the run or the do command.

Question: In the configuration, did the router display the subnet mask using the prefix- length notation?

Answer: No. It converted the prefix-length notation to dotted-decimal notation.

Step 3.3 Exit Interface Configuration mode.

ERX-310-41-e1-d1(config-if)# exit

ERX-310-41-e1-d1(config)#

Part 4: Configure the Hostname and Telnet Service

Step 4.1

Configure the hostname as E-<model number>, where the <model number> is your router model number.

ERX-310-41-e1-d1(config)#hostname E-310

E-310(config)#

Question: What happens to the prompt?

Answer: The hostname portion of the prompt changes from the MAC address of the SRP's Fast Ethernet interface to the hostname you just configured.

Step 4.2

Enter Line Configuration mode to configure all 30 possible virtual lines using the line vty x y command. Configure a password of j-protek on these lines.

E-310(config)# line vty 0 29 E-310(config-line)# password j-protek Please wait

Introduction to Juniper Network Routers - the E-series

E-310(config-line)#

Step 4.3 Return to Privileged Exec mode and view the configuration to confirm the accuracy of your changes.

E-310(config-line)# end E-310# show configuration

!

Configuration script being generated on SUN FEB 22 2009 02:35:18 UTC

!

Juniper Edge Routing Switch ERX-310

!

Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01)

!

Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved.

!

!

Commands displayed are limited to those available at privilege level 10

!

boot config running-configuration boot system erx310_9-0-0.rel no boot backup no boot subsystem no boot backup subsystem no boot force-backup hostname "E-310" service ctrl-x-reboot controller sonet 2/0 controller sonet 2/1 line console 0 line vty 0 29

password 5 ''(B=R;:HdiyL*7:y1Gj

!

traffic-class best-effort

!

drop-profile default

!

queue-profile default

!

scheduler-profile default

!

qos-shared-shaper-control

!

statistics-profile default

!

qos-profile atm-default

!

qos-profile serial-default

!

qos-profile ethernet-default

!

qos-profile server-default

!

qos-profile lag-default

!

qos-port-type-profile ethernet qos-profile ethernet-default

!

qos-port-type-profile atm qos-profile atm-default

!

qos-port-type-profile serial qos-profile serial-default

!

qos-port-type-profile server-port qos-profile server-default

!

qos-port-type-profile lag qos-profile lag-default

!

virtual-router default interface null 0 interface loopback # ip address 192.168.#.1 255.255.255.255 interface fastEthernet 0/0 ip description erx3-srp ip address 192.168.109.158 255.255.255.0 . no ip source-route log engineering log verbosity low no log severity *

no log engineering

.

.

log fields timestamp instance no-calling-task ! End of generated configuration script.

Introduction to Juniper Network Routers - the E-series

Question: Is the password displayed in clear-text when you have the router print its configuration?

Answer: No, the password is encrypted to prevent its disclosure.

Step 4.4 From your router, establish a Telnet session to your E-series router's loopback interface to verify Telnet functionality.

E-310# telnet 192.168.#.1 Telnet password: ********** Logged in on vty 0 via telnet. Copyright (c) 1999-2006 Juniper Networks, Inc. All rights reserved.

E-310>

Step 4.5

Enter Privileged Exec mode on this Telnet session and determine which users are currently logged in to the E-series router.

E-310> show users line

 

connected

idle

number

line name

user

from

connected since

time

------

--------------

----

-------------

----------------

--------

0

console 0

console

02/21/2009 08:30

21:44:24

1*

vty 0 (telnet)

192.168.#.1

02/22/2009 03:45

Note: '*' indicates current user.

Question: How many users are currently logged in to the E-series router?

Answer: In this example, two users are currently logged in to the E-series router.

Question: How are the users connected to the E-series router?

Answer: In this example, one user is attached to the E-series router via the console and another is attached through a Telnet session, which was originated from 192.168.8.3.

Question: How long have the users been connected?

Answer: In this example, the console session was started at 02/21/2009 08:30 and the user connected through a Telnet session at 02/22/2009 03:45. All these times are given in a 24-hour clock (for example, 19:30 would be 7:30 PM).

Introduction to Juniper Network Routers - the E-series

Step 4.6 Try to end your Telnet session using the clear line n command.

E-310> enable Password: ******** E-310# clear line 1 Cannot kill your own session

Question: Were you able to clear your own Telnet session?

Answer: No. The clear line n command can be used to close another connection. You cannot use the command to end your own connection.

Step 4.7 Disconnect your Telnet session using the exit command.

E-310# exit

Logging out.

E-310#

Part 5: Configuring Primary, Secondary, and Tertiary Chassis Timing Sources

Step 5.1

Before making any configuration changes, first document the default factory settings for the E-series chassis timing sources:

E-310# show timing timing: primary primary: internal SC oscillator (ok) secondary: internal SC oscillator (ok) tertiary: internal SC oscillator (ok) auto-upgrade enabled

Question: What is the current primary chassis timing source?

Answer: In this example, the current primary timing source is the E-series router's internal system controller oscillator.

Question: What is the current secondary chassis timing source?

Answer: In this example, the current secondary timing source is the E-series router's internal system controller oscillator.

Question: What is the current tertiary chassis timing source?

Introduction to Juniper Network Routers - the E-series

Answer: In this example, the current tertiary timing source is the E-series router's internal system controller oscillator.

Question: What timing source is the E-series chassis currently using?

Answer: In this example, the E-series router is using its primary timing source.

Step 5.2 Configure the E-series router's primary chassis timing source to be the external BITS clock connected to T1 port A on the SRP.

Note

In our lab environment, we do not have a BITS clock connected to T1 port A or port B. As a result, these timing sources will display an ERROR condition, and the timing sources will not be used.

E-310# configure terminal Enter configuration commands, one per line. End with "Z. E-310(config)# timing source primary line t1:a

Step 5.3 Configure the E-series router's secondary chassis timing source to be the external BITS clock connected to T1 port B on the SRP.

E-310(config)# timing source secondary line t1:b

Step 5.4 Configure the E-series router's tertiary chassis timing source to be internal.

E-310(config)# timing source tertiary internal

Step 5.5 Within Global Configuration mode, analyze the current chassis timing status to answer the questions that follow.

E-310(config)# run show timing timing: tertiary (failover from primary) primary: external SC T1 (A) (ERROR) secondary: external SC T1 (B) (ERROR) tertiary: internal SC oscillator (ok) auto-upgrade enabled

Question: What is the current primary chassis timing source?

Answer: The primary timing source is now the external BITS clock attached to T1 port A on the E-series router's system controller I/O module.

Question: What is the current secondary chassis timing source?

Introduction to Juniper Network Routers - the E-series

Answer: The secondary timing source is now the external BITS clock attached to T1 port B on the E-series router's system controller I/O module.