Like a Cisco, you can view basic information about the network interfaces by typing "show interfaces" at the command prompt, or "show interfaces <interface name> to show a specific interface:
root@main3200> show interfaces ge-0/0/12
Physical interface: ge-0/0/12, Enabled, Physical link is Up
Interface index: 141, SNMP ifIndex: 526
Link-level type: Ethernet, MTU: 1514, Speed: Auto, Duplex: Auto,
BPDU Error: None, MAC-REWRITE Error: None, Loopback: Disabled,
Source filtering: Disabled, Flow control: Enabled, Auto-negotiation: Enabled,
Remote fault: Online
Device flags : Present Running
Interface flags: SNMP-Traps Internal: 0x0
Link flags : None
CoS queues : 8 supported, 8 maximum usable queues
Current address: 3c:8a:b0:9a:22:0f, Hardware address: 3c:8a:b0:9a:22:0f
Last flapped : 2013-03-04 05:03:34 UTC (00:39:55 ago)
Input rate : 0 bps (0 pps)
Output rate : 0 bps (0 pps)
Active alarms : None
Active defects : None
Interface transmit statistics: Disabled
Logical interface ge-0/0/12.0 (Index 77) (SNMP ifIndex 527)
Flags: SNMP-Traps 0x0 Encapsulation: ENET2
Bandwidth: 0
Input packets : 1
Output packets: 1353
Protocol eth-switch
Flags: None
root@main3200>
From this output, we can see that there is currently a device connected to ge-0/0/12 ("Physical link is Up"), that the interface is auto-negotiating speed and duplex ("Speed: Auto, Duplex: Auto"), that the port has been up for 39 minutes and 55 seconds ("Last flapped : 2013-03-04 05:03:34 UTC (00:39:55 ago)"), and that there is currently no data flowing in or out of the interface ("Input rate : 0 bps (0 pps)" and "Output rate : 0 bps (0 pps)").
Like Cisco's IOS, JunOS supports the "show interfaces brief" command, but it doesn't work quite the same way:
root@main3200> show interfaces ge-0/0/0 brief
Physical interface: ge-0/0/0, Enabled, Physical link is Down
Description: IP Phone
Link-level type: Ethernet, MTU: 1514, Speed: Auto, Duplex: Auto,
Loopback: Disabled, Source filtering: Disabled, Flow control: Enabled,
Auto-negotiation: Enabled, Remote fault: Online
Device flags : Present Running
Interface flags: Hardware-Down SNMP-Traps Internal: 0x0
Link flags : None
Logical interface ge-0/0/0.0
Flags: Device-Down SNMP-Traps 0x0 Encapsulation: ENET2
eth-switch
root@main3200>
If you are familiar with IOS, "show interfaces terse" will provide output that is more like Cisco's "show ip interface brief" command:
root@main3200> show interfaces terse
Interface Admin Link Proto Local Remote
ge-0/0/0 up down
ge-0/0/0.0 up down eth-switch
ge-0/0/1 up down
ge-0/0/1.0 up down eth-switch
ge-0/0/2 up down
ge-0/0/2.0 up down eth-switch
ge-0/0/3 up down
<...snip...>
vlan up up
vlan.0 up up inet 192.168.1.1/24
vlan.20 up down inet 192.168.10.1/24
root@main3200>
If you want to view more verbose information about an interface, use "show interfaces detail"...:
root@main3200> show interfaces ge-0/0/20 detail
Physical interface: ge-0/0/20, Enabled, Physical link is Up
Interface index: 149, SNMP ifIndex: 542, Generation: 152
Link-level type: Ethernet, MTU: 1514, Speed: Auto, Duplex: Auto,
BPDU Error: None, MAC-REWRITE Error: None, Loopback: Disabled,
Source filtering: Disabled, Flow control: Enabled, Auto-negotiation: Enabled,
Remote fault: Online
Device flags : Present Running
Interface flags: SNMP-Traps Internal: 0x0
Link flags : None
CoS queues : 8 supported, 8 maximum usable queues
Hold-times : Up 0 ms, Down 0 ms
Current address: 3c:8a:b0:9a:22:17, Hardware address: 3c:8a:b0:9a:22:17
Last flapped : 2013-03-04 06:19:44 UTC (00:03:50 ago)
Statistics last cleared: Never
Traffic statistics:
Input bytes : 0 0 bps
Output bytes : 10346 504 bps
Input packets: 0 0 pps
Output packets: 134 0 pps
IPv6 transit statistics:
Input bytes : 0
Output bytes : 0
Input packets: 0
Output packets: 0
Egress queues: 8 supported, 4 in use
Queue counters: Queued packets Transmitted packets Dropped packets
0 best-effort 0 0 0
1 assured-forw 0 0 0
5 expedited-fo 0 0 0
7 network-cont 0 134 0
Queue number: Mapped forwarding classes
0 best-effort
1 assured-forwarding
5 expedited-forwarding
7 network-control
Active alarms : None
Active defects : None
Interface transmit statistics: Disabled
Logical interface ge-0/0/20.0 (Index 85) (SNMP ifIndex 543) (Generation 150)
Flags: SNMP-Traps 0x0 Encapsulation: ENET2
Bandwidth: 0
Traffic statistics:
Input bytes : 0
Output bytes : 15516
Input packets: 0
Output packets: 134
Local statistics:
Input bytes : 0
Output bytes : 15516
Input packets: 0
Output packets: 134
Transit statistics:
Input bytes : 0 0 bps
Output bytes : 0 0 bps
Input packets: 0 0 pps
Output packets: 0 0 pps
Protocol eth-switch, Generation: 166, Route table: 0
Flags: None
root@main3200>
Whew -- that's a lot of information! However, I don't see any information about input errors, carrier transitions, or even what the negotiated speed and duplex are. As it turns out, not only does JunOS have two levels of less verbose information beyond the standard "show interfaces;" JunOS also has two levels of more verbose information, as well. To see more information, use "show interfaces extensive" like so:
root@main3200> show interfaces ge-0/0/20 extensive
Physical interface: ge-0/0/20, Enabled, Physical link is Up
Interface index: 149, SNMP ifIndex: 542, Generation: 152
Link-level type: Ethernet, MTU: 1514, Speed: Auto, Duplex: Auto,
BPDU Error: None, MAC-REWRITE Error: None, Loopback: Disabled,
Source filtering: Disabled, Flow control: Enabled, Auto-negotiation: Enabled,
Remote fault: Online
Device flags : Present Running
Interface flags: SNMP-Traps Internal: 0x0
Link flags : None
CoS queues : 8 supported, 8 maximum usable queues
Hold-times : Up 0 ms, Down 0 ms
Current address: 3c:8a:b0:9a:22:17, Hardware address: 3c:8a:b0:9a:22:17
Last flapped : 2013-03-04 06:19:44 UTC (00:31:25 ago)
Statistics last cleared: Never
Traffic statistics:
Input bytes : 0 0 bps
Output bytes : 80309 504 bps
Input packets: 0 0 pps
Output packets: 1064 0 pps
IPv6 transit statistics:
Input bytes : 0
Output bytes : 0
Input packets: 0
Output packets: 0
Input errors:
Errors: 0, Drops: 0, Framing errors: 0, Runts: 0, Policed discards: 0,
L3 incompletes: 0, L2 channel errors: 0, L2 mismatch timeouts: 0,
FIFO errors: 0, Resource errors: 0
Output errors:
Carrier transitions: 1, Errors: 0, Drops: 0, Collisions: 0, Aged packets: 0,
FIFO errors: 0, HS link CRC errors: 0, MTU errors: 0, Resource errors: 0
Egress queues: 8 supported, 4 in use
Queue counters: Queued packets Transmitted packets Dropped packets
0 best-effort 0 0 0
1 assured-forw 0 0 0
5 expedited-fo 0 0 0
7 network-cont 0 1064 0
Queue number: Mapped forwarding classes
0 best-effort
1 assured-forwarding
5 expedited-forwarding
7 network-control
Active alarms : None
Active defects : None
MAC statistics: Receive Transmit
Total octets 0 80309
Total packets 0 1064
Unicast packets 0 0
Broadcast packets 0 0
Multicast packets 0 1064
CRC/Align errors 0 0
FIFO errors 0 0
MAC control frames 0 0
MAC pause frames 0 0
Oversized frames 0
Jabber frames 0
Fragment frames 0
Code violations 0
Autonegotiation information:
Negotiation status: Incomplete
Local resolution:
Local link Speed: 100 Mbps, Link mode: Half-duplex
Packet Forwarding Engine configuration:
Destination slot: 0
CoS information:
Direction : Output
CoS transmit queue Bandwidth Buffer Priority Limit
% bps % usec
0 best-effort 95 95000000 95 NA low none
7 network-control 5 5000000 5 NA low none
Interface transmit statistics: Disabled
Logical interface ge-0/0/20.0 (Index 85) (SNMP ifIndex 543) (Generation 150)
Flags: SNMP-Traps 0x0 Encapsulation: ENET2
Bandwidth: 0
Traffic statistics:
Input bytes : 0
Output bytes : 122696
Input packets: 0
Output packets: 1064
Local statistics:
Input bytes : 0
Output bytes : 122696
Input packets: 0
Output packets: 1064
Transit statistics:
Input bytes : 0 0 bps
Output bytes : 0 0 bps
Input packets: 0 0 pps
Output packets: 0 0 pps
Protocol eth-switch, Generation: 166, Route table: 0
Flags: None
root@main3200>
It's probably safe to say that if you can't find the interface information you need with the "show interfaces extensive" command, the information probably doesn't exist :) That's a lot of data, and it's easy to miss important information in the firehose. Try this instead:
root@main3200> show interfaces ge-0/0/20 extensive | find Autonegotiation
Autonegotiation information:
Negotiation status: Incomplete
Local resolution:
Local link Speed: 100 Mbps, Link mode: Half-duplex
Packet Forwarding Engine configuration:
Destination slot: 0
CoS information:
Direction : Output
CoS transmit queue Bandwidth Buffer Priority Limit
% bps % usec
0 best-effort 95 95000000 95 NA low none
7 network-control 5 5000000 5 NA low none
Interface transmit statistics: Disabled
Logical interface ge-0/0/20.0 (Index 85) (SNMP ifIndex 543) (Generation 150)
Flags: SNMP-Traps 0x0 Encapsulation: ENET2
Bandwidth: 0
Traffic statistics:
Input bytes : 0
Output bytes : 171146
---(more)---
Note that I edited the output slight to boldface the items I wanted to draw your attention to: "Negotiation status: Incomplete" and "Link mode: Half-duplex." Are there any input or output errors on the interface? Let's find out:
root@main3200> show interfaces ge-0/0/20 extensive | find "Input error" | match error
Input errors:
Errors: 0, Drops: 0, Framing errors: 0, Runts: 0, Policed discards: 0,
L3 incompletes: 0, L2 channel errors: 0, L2 mismatch timeouts: 0,
FIFO errors: 0, Resource errors: 0
Output errors:
Carrier transitions: 1, Errors: 0, Drops: 0, Collisions: 0, Aged packets: 0,
FIFO errors: 0, HS link CRC errors: 0, MTU errors: 0, Resource errors: 0
CRC/Align errors 0 0
FIFO errors 0 0
root@main3200>
(Yes, that's right -- unlike IOS, you can chain filters together to form complex matching expressions, w00t!) In this case, I wanted to search for input or output errors, since the fact that Autonegotiation did not complete, and the interface is running at half-duplex tells me that I probably have one device auto-negotiating speed and duplex, and the other device hard-coded for speed and duplex (which, in fact, I have purposely done, just to show what happens). Typically, if one device is hard-coded for speed and duplex, while a connected device is auto-negotiating, they will match speeds, since the auto-negotiating side can sense the carrier frequency on the wire, and set speed appropriately. However, if it does not get a response to a request to negotiate duplex, it will fall back to the lowest common denominator, which is usually half-duplex. Unfortunately, if one side is using half-duplex while the other side is using full-duplex, you will get collisions on the wire, which will show up as errors on the Ethernet interface. In this case, there is not enough traffic on the line to have shown any errors yet.
Let's configure ge-0/0/20 to 100M, full-duplex to resolve the problem:
root@main3200> configure
Entering configuration mode
[edit]
root@main3200# edit interfaces ge-0/0/20
[edit interfaces ge-0/0/20]
root@main3200# set ether-options speed 100m
[edit interfaces ge-0/0/20]
root@main3200# set ether-options link-mode full-duplex
[edit interfaces ge-0/0/20]
root@main3200# commit
commit complete
[edit interfaces ge-0/0/20]
root@main3200# run show interfaces ge-0/0/20 terse
Interface Admin Link
Proto Local Remote
ge-0/0/20 up down
ge-0/0/20.0 up down eth-switch
[edit interfaces ge-0/0/20]
root@main3200#
Wait...what?!?! Why did the interface go up/down?
JunOS approaches auto-negotiation a little differently than most other vendors. On most network vendors' equipment, you can either hard-code speed and duplex, or you can negotiate speed and duplex with the link partner to whatever capabilities both partners can support. Technically, however, there is no reason a network device couldn't advertise a subset of the capabilities of its Ethernet interface, and that's exactly what JunOS does. When you set speed to 100Mbps and duplex to full, you are only telling JunOS to advertise 100M-Full on its Ethernet port. However, it is still auto-negotiating with its link partner. If you truly want to disable auto-negotiation, you have to explicitly tell JunOS to disable auto-negotiation:
root@main3200# set ether-options no-auto-negotiation
[edit interfaces ge-0/0/20]
root@main3200# commit
commit complete
[edit interfaces ge-0/0/20]
root@main3200# run show interfaces ge-0/0/20 terse
Interface Admin Link
Proto Local Remote
ge-0/0/20 up up
ge-0/0/20.0 up up eth-switch
[edit interfaces ge-0/0/20]
root@main3200#
It's a little weird for someone used to other vendors' products, but it works :)
Two other commands worth experimenting with: "show interfaces statistics" (which you can further refine with the "terse" and "detail" filters, as in "show interfaces statistics detail") and "clear interfaces statistics." Both commands can have a specific interface listed, although JunOS is not consistent about where to put the interface spec:
root@main3200> show interfaces ge-0/0/20 statistics detail
Physical interface: ge-0/0/20, Enabled, Physical link is Up
<...snip...>
root@main3200> clear interfaces statistics ge-0/0/20
root@main3200>
If you want to view information about the EX3200 switch itself, JunOS provides the "show chassis ..." command:
root@main3200> show chassis ?
Possible completions:
alarms Show alarm status
environment Show component status and temperature, cooling system speeds
firmware Show firmware and operating system version for components
fpc Show Flexible PIC Concentrator status
hardware Show installed hardware components
lcd Show LCD display
led Show LED status
location Show physical location of chassis
mac-addresses Show media access control addresses
pic Show Physical Interface Card state, type, and uptime
redundant-power-system Show redundant power system chassis information
routing-engine Show Routing Engine status
temperature-thresholds Show chassis temperature threshold settings
root@main3200> show chassis environment
Class Item Status Measurement
Power FPC 0 Power Supply 0 OK
FPC 0 Power Supply 1 Absent
FPC 0 Power Supply 2 Absent
FPC 0 Power Supply 3 Absent
Temp FPC 0 CPU OK 36 degrees C / 96 degrees F
FPC 0 EX-PFE1 OK 45 degrees C / 113 degrees F
FPC 0 GEPHY Front Left OK 35 degrees C / 95 degrees F
FPC 0 GEPHY Front Right OK 36 degrees C / 96 degrees F
FPC 0 Uplink Conn OK 32 degrees C / 89 degrees F
Fans FPC 0 Fan 1 OK Spinning at normal speed
root@main3200>
Additionally, JunOS provides the "show system ..." command:
root@main3200> show system ?
Possible completions:
alarms Show system alarm status
audit Show file system MD5 hash and permissions
autoinstallation Show autoinstallation information
boot-messages Show boot time messages
buffers Show buffer statistics
certificate Show installed X509 certificates
commit Show pending commit requests (if any) and commit history
configuration Show configuration information
connections Show system connection activity
core-dumps Show system core files
directory-usage Show local directory information
initialsetup Show initial setup information
license Show feature licenses information
login Show system login state
processes Show system process table
reboot Show any pending halt or reboot requests
rollback Show rolled back configuration
services Show service applications information
snapshot Show snapshot information
software Show loaded JUNOS extensions
statistics Show statistics for protocol
storage Show local storage data
subscriber-management Show Subscriber management information
uptime Show time since system and processes started
users Show users who are currently logged in
virtual-memory Show kernel dynamic memory usage
root@main3200> show system uptime
Current time: 2013-03-04 08:10:26 UTC
System booted: 2013-03-01 13:30:13 UTC (2d 18:40 ago)
Protocols started: 2013-03-01 13:31:56 UTC (2d 18:38 ago)
Last configured: 2013-03-04 07:51:54 UTC (00:18:32 ago) by root
8:10AM up 2 days, 18:40, 1 user, load averages: 0.00, 0.00, 0.00
root@main3200>
By this point, you are starting to feel pretty comfortable on the Juniper switch, so you decide to upgrade the firmware to the latest revision. You download the tarball onto an FTP server so you can upload it to your switch:
root@main3200> show version
Hostname: main3200
Model: ex3200-24t
JUNOS Base OS boot [11.4R7.5]
JUNOS Base OS Software Suite [11.4R7.5]
JUNOS Kernel Software Suite [11.4R7.5]
JUNOS Crypto Software Suite [11.4R7.5]
JUNOS Online Documentation [11.4R7.5]
JUNOS Enterprise Software Suite [11.4R7.5]
JUNOS Packet Forwarding Engine Enterprise Software Suite [11.4R7.5]
JUNOS Routing Software Suite [11.4R7.5]
JUNOS Web Management [11.4R7.5]
JUNOS FIPS mode utilities [11.4R7.5]
root@main3200> ftp 192.168.2.32
Connected to 192.168.2.32.
220 Authorized users only.
Name (192.168.2.32:root): anonymous
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd vsftpd
250 Directory successfully changed.
ftp> ls *.tgz
200 PORT command successful. Consider using PASV.
150 Here comes the directory listing.
-rwxr-xr-x 1 0 0 111506228 Nov 01 23:16 jinstall-ex-3200-12.3R4.6-domestic-signed.tgz
-rw-r--r-- 1 1000 0 119235944 Nov 01 23:16 jinstall-ex-3200-13.2X50-D15.3-domestic-signed.tgz
226 Directory send OK.
ftp> get jinstall-ex-3200-12.3R4.6-domestic-signed.tgz /var/tmp/jinstall-ex-3200-12.3R4.6-domestic-signed.tgz
local: /var/tmp/jinstall-ex-3200-12.3R4.6-domestic-signed.tgz remote: jinstall-ex-3200-12.3R4.6-domestic-signed.tgz
200 PORT command successful. Consider using PASV.
150 Opening BINARY mode data connection for jinstall-ex-3200-12.3R4.6-domestic-signed.tgz (111506228 bytes).
100% |**************************************************| 106 MB 00:00 ETA
226 Transfer complete.
111506228 bytes received in 40.55 seconds (2.62 MB/s)
ftp> quit
221 Goodbye.
root@main3200> file list /var/tmp/
/var/tmp/:
.snap/
ex_autod_config
ex_autod_rollback_cfg
gres-tp/
jinstall-ex-3200-12.3R4.6-domestic-signed.tgz
krt_gencfg_filter.txt
rtsdb/
root@main3200> request system software validate /var/tmp/jinstall-ex-3200-12.3R4.6-domestic-signed.tgz
root@main3200> request system software add /var/tmp/jinstall-ex-3200-12.3R4.6-domestic-s
NOTICE: Validating configuration against jinstall-ex-3200-12.3R4.6-domestic-signed.tgz.
NOTICE: Use the 'no-validate' option to skip this if desired.
WARNING: A reboot is required to install the software
WARNING: Use the 'request system reboot' command immediately
root@main3200> request system reboot
Reboot the system ? [yes,no] (no) yes
Shutdown NOW!
[pid 7419]
root@main3200>
*** FINAL System shutdown message from root@main3200 ***
System going down IMMEDIATELY
At this point you can go make a coffee, go make a sandwich, meet a nice girl, raise a family, retire...whatever. It's going to take a while for the switch to reboot :) Eventually, however, you will be greeted with the following message:
main3200 (ttyu0)
login: root
Password:
--- JUNOS 12.3R4.6 built 2013-09-13 02:39:14 UTC
root@main3200:LC:0%
Woohoo! You are now running JunOS 12.3R4.6! Just to be sure, you can run the "show version" command again:
root@main3200:LC:0% cli
root@main3200> show version
Hostname: main3200
Model: ex3200-24t
JUNOS Base OS boot [12.3R4.6]
JUNOS Base OS Software Suite [12.3R4.6]
JUNOS Kernel Software Suite [12.3R4.6]
JUNOS Crypto Software Suite [12.3R4.6]
JUNOS Online Documentation [12.3R4.6]
JUNOS Enterprise Software Suite [12.3R4.6]
JUNOS Packet Forwarding Engine Enterprise Software Suite [12.3R4.6]
JUNOS Routing Software Suite [12.3R4.6]
JUNOS Web Management [12.3R4.6]
JUNOS FIPS mode utilities [12.3R4.6]
root@main3200>
One step left in the upgrade: JunOS provides a snapshot of the old image, so the OS can fail over to the previous version if there is a problem with the new version. Once you know the new OS is working, you need to remove the old version or you may find yourself (not that I would know, *cough*) running the old OS again at some point:
root@main3200> request system snapshot slice alternate
Formatting alternate root (/dev/da0s1a)...
Copying '/dev/da0s2a' to '/dev/da0s1a' .. (this may take a few minutes)
The following filesystems were archived: /
root@main3200>
...and you're done (and yes, it does take a "few" minutes...and maybe a few minutes longer than that, even [:roll_eyes:]).
All that's left for today is password recovery, which is a pretty simple process. Power off the switch, and, with a console cable connected between the console port on the switch and the serial port on a PC or laptop, watch the boot process until you see the following prompt:
Hit [Enter] to boot immediately, or space bar for command prompt.
Booting [/kernel] in 1 second...
Press the space bar when you see this prompt, then when the system prompts you, type...:
Type '?' for a list of commands, 'help' for more detailed help.
loader> boot -s
The switch will dump some more log messages to the screen as it starts the requested boot sequence, then will display the following message:
Enter full pathname of shell or 'recovery' for root password recovery or RETURN for /bin/sh:
Type "recovery" and hit the enter key. When the switch finally finishes booting, just follow the on-screen instructions...:
NOTE: Once in the CLI, you will need to enter configuration mode using
NOTE: the 'configure' command to make any required changes. For example,
NOTE: to reset the root password, type:
NOTE: configure
NOTE: set system root-authentication plain-text-password
NOTE: (enter the new password when asked)
NOTE: commit
NOTE: exit
NOTE: exit
NOTE: When you exit the CLI, you will be asked if you want to reboot
NOTE: the system
Starting CLI ...
root@main3200> configure
Entering configuration mode
[edit]
root@main3200# set system root-authentication plain-text-password
New password:
Retype new password:
[edit]
root@main3200# commit
commit complete
[edit]
root@main3200#
Reboot the system, and you are done!
No comments:
Post a Comment