Skip to main content

From IOS to Junos – Day 2

Notes from the day


I am just going to dump my text notes for the day, you have no idea how long it would take to format this stuff, and hell I do it to share, not to make profit.

 
** when I had shutdown after the previous days works,

I had a thought that the loopback 0 (only loopback adaptor in Junos)

would probably be done using unit numbers, as soon a I woke up and checked my

twitter I had a tweet from @networkjanitor

"In regards to Junos Loopbacks you can have multiple unit interfaces

and they can go diff vrfs"

so first task today is remove existing loopback 0 unit 0 address

and create new loopback 0 unit 10 address.


root@Junos1# edit interfaces lo0

[edit interfaces lo0]

root@Junos1# edit unit 0

[edit interfaces lo0 unit 0]

root@Junos1# show
family inet {
address 10.254.200.1/32;
}

[edit interfaces lo0 unit 0]
root@Junos1# delete family inet address 10.254.200.1/32

[edit interfaces lo0 unit 0]
root@Junos1# commit
commit complete

[edit interfaces lo0]
root@Junos1# edit unit 10

[edit interfaces lo0 unit 10]
root@Junos1# set family inet address 10.254.200.1/32

[edit interfaces lo0 unit 10]
root@Junos1# commit
[edit interfaces lo0]
'unit 10'
if_instance: Multiple loopback interfaces not permitted in master routing instance
error: configuration check-out failed

[edit interfaces lo0 unit 10]

** OH Dear,

** after a bit of work I found that I had not deleted unit 0 of lo0

[edit interfaces]
admin@Junos1# delete lo0 unit 0
commit

[edit]
root@Junos1# set interfaces lo0 unit 10 family inet address 10.254.200.1/32

[edit]
root@Junos1# commit
commit complete

[edit]
root@Junos1#

**problem resolved

========== Moving onto Junos2
** setup the same basics as Junos1
name
domain-name
ip addresses
ssh
I had to go back and look at day 1 note for some guidance.

** now thats done let try and get rip running between 1 and 2

root@Junos1> configure
Entering configuration mode

[edit]
root@Junos1# edit protocols
[edit protocols]
root@Junos1# set rip group 1 neighbor em1

[edit protocols]
root@Junos1# commit
commit complete

** rig group name , I have used 1 need to look about and see what the standard way of representing this in JUNOS is

the same process on Junos 2 em0, I donot have ssh access yet so I am not pasting the commands

[edit protocols]
root@Junos1# set rip group 1 neighbor em1
[edit protocols]
root@Junos1# set rip group 1 neighbor em10

did the same on Junos2 but no routes. found this helpful page http://knol.google.com/k/configuring-basic-rip-using-a-juniper-olive-junos-via-cli#

so by default RIP will not advertise routes out

[edit]
root@Junos1# edit policy-options
[edit policy-options]
root@Junos1# set policy-statement adv-rip-routes term 1 from protocol rip

[edit]
root@Junos1# edit policy-options

[edit policy-options]
root@Junos1# set policy-statement adv-rip-routes term 1 then accept

[edit policy-options]
root@Junos1# commit

[edit protocols rip]
root@Junos1# top

commit complete
[edit policy-options]

root@Junos1# top edit protocols rip
[edit protocols rip]
root@Junos1# set group 1 export adv-rip-routes

** the command line will show what groups are aval and what policies --excellent

***I can not see 192.168.1.11 in router 2
found it I should habe used
root@Junos1# set policy-statement adv-rip-routes term 1 from protocol direct
in addition to rip
I had temporarily set it and remove it on router 2 so I could see the route in Junos 1

protocols {
rip {
group 1 {
export adv-rip-routes;
neighbor em0.0;
neighbor lo0.10;
neighbor em1.0;
}
}
}
policy-options {
policy-statement adv-rip-routes {
term 1 {
from protocol [ rip direct ];
then accept;
}

which appear to work , I can now ssh onto 10.254.200.2 with admin user.

** need to understand direct and rip
assumption at this point is direct = routes generated by routing protocol from within this host.
rip= route in the rip protocol not from this host????


**Final update 3/10/11 23:30

direct = directly connected networks on this router. even if they donot have rip configure on the interface e.g

show route protocol direct

so enabling rip on the lo.10 was a waste of time

rip = would guess as above "routes in the rip protocol not from this host"


What I achieved



  • Got loopback 10 sorted

  • Got rip working although need to look at Direct/Rip from protocol


 

 

Noteworth thoughts



  • I like the concept of setting up the routing protocol and establishing relationship without actually sending routing update, looking forward to see if this is the same with OSPF.

  • Need more work on the show / diagnostic command to verify current status

  • Need to investigate naming convention for protocol Groups



Comments

Popular posts from this blog

Break the Network Emulators out of the Cloud

Cisco IOU and JunoSphere
Recently both Cisco and Juniper have announced the availability of online resources to provide hands on training over the internet. They have built software emulators in the cloud that can be accessed remotely for a cost. These solutions are based purely around the certification programs and therefore are pretty rigid in the topology that are provided, not to mention the re-occurring cost.

http://www.juniper.net/us/en/company/press-center/press-releases/2011/pr_2011_05_16-03_01.html
https://learningnetworkstore.cisco.com/market/prod/listSubCatLearnLab.se.work?TRGT=85&/nxt/rcrs/=2559
Rack Rentals
There are training providers such as Internetwork Expert (http://www.ine.com/) and IPexpert (http://www.ipexpert.com/) who provide rack rentals based on their training materials. These guy cannot possibly compete going forward. To keep these sustainable they will need to reduce the overhead of building physical racks, providing power and space for the racks. Using emula…

ASR1006 Dual Route Processors Password Recovery - Tip

I recently ran into an issue when trying to perform dual route processors password recovery on a Cisco  ASR1006
Problem
After breaking into rommon mode and using confreg to ignore the startup configuration, during the rest the ASR1006 loaded the startup configuration!!!!!!!!
Solution
So quick and simple, I pulled one of the RP and preformed password recovery running on a single RP. All went according to the Cisco documentation

http://www.cisco.com/en/US/docs/routers/asr1000/install/guide/routers/asr1_hwc.html#wp1045971



After the system running on a single RP was recovered and fully booted I waiting for 5 minutes just to be sure; then I inserted the second RP and allowed everything to sync up.



All was well again :) phew



Note: The system was previously fully functioning with dual RPs; a configuration error was made during Tacacs+ configuration which resulted in lockout.


Summary
I hit an issue recovering and ASR with dual RPs, so rather that spending hour researching, I decided very quickly to go …

Dell Latitude D830 SSD Upgrade

Slow Laptop Syndrome
I have a LATITUDE D830 : INTEL CORE 2 DUO T7500 4GB Ram from 2008, I did get a fairly high specification at the time, so it has always had pretty decent performance. However I haven't been using it for a while and when I did it seemed slow compared to my Core 5i desktop computer. (I use Windows 7 ultimate with the latest updates)

Laptop for Work
Now I might be doing a fair bit of travelling to customer sites in the near future and the last thing I want is a poorly performing Laptop, so I decide to ditch all the crap I had on it like iTunes, movies, miscellaneous software and cut back to a basic "work" PC. After all I do have iPhone, iPad and new kindle (soon) for all my multi media needs.

I purchased a "Corsair 120GB Force 3 SSD 2.5" SATA-III 6Gb/s Read = 550MB/s, Write = 510MB/s" from ebuyer.com. Now I am guessing that SATA-II rather that SATA-III on the system board, but the price difference between SATA-II and SATA-III was nothing …