e-series introdution to juniper network routers(erx320) - lab guide

Introduction to Juniper Networks Routers - E-series

Lab Guide

1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408-745-2000 www.juniper.net

Juniper Networks, the Juniper Networks logo. NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other countries. JUNOS and JUNOSe are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners. Introduction to Juniper Networks Routers—E-series Lab Guide, Revision 7.c Copyright © 2007, Juniper Networks, Inc. All rights reserved. Printed in USA. Revision History: Revision 4.c—April 2003 Revision 7.a—September 2005 Revision 7.b—January 2007 Revision 7.c—April 2007 The information in this document is current as of the date listed above. The information in this document has been carefully verified and is believed to be accurate for software Release 7.3.0. Juniper Networks assumes no responsibilities for any inaccuracies that may appear in this document. In no event will Juniper Networks be liable for direct, indirect, special, exemplary, incidental or consequential damages resulting from any defect or omission in this document, even if advised of the possibility of such damages. Juniper Networks reserves the right to change, modify, transfer or otherwise revise this publication without notice. YEAR 2000 NOTICE Juniper Networks hardware and software products do not suffer from Year 2000 problems and hence are Year 2000 compliant. The JUNOS software has no known time-related limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036. SOFTWARE LICENSE The terms and conditions for using Juniper Networks software are described in the software license provided with the software, or to the extent applicable, in an agreement executed between you and Juniper Networks, or Juniper Networks agent. By using Juniper Networks software, you indicate that you understand and agree to be bound by its license terms and conditions. Generally speaking, the software license restricts the manner in which you are permitted to use the Juniper Networks software, may contain prohibitions against certain uses, and may state conditions under which the license is automatically terminated. You should consult the software license for further details.

Contents Lab 1: Introduction to the E-series Router CLI (Detailed) ................................................... 1-1 Part 1: Log In to the E-series Router ....................................................................... 1-3 Part 2: Restore Factory Default Configuration ......................................................... 1-3 Part 3: User Exec and Privileged Exec Modes ....................................................... 1-4 Part 4: CLI Shortcuts ............................................................................................. 1-9 Part 5: Basic show Commands.............................................................................. 1-10 Part 6: File System Commands ............................................................................. 1-13 Part 7: Change Boot Configuration Settings and Reload the E-series Router......... 1-14 Part 8: Review E-series System Operational Status and Configuration Settings .. 1-18 Lab 2: E-series Router Configuration Basics (Detailed) .................................................... 2-1 Part 1: Restore the Factory-Default Configuration ................................................... 2-3 Part 2: Configure IP Parameters on the SRP's Fast Ethernet Interface .................... 2-3 Part 3: Configure IP Parameters on a Loopback Interface ..................................... 2-4 Part 4: Configure the Hostname and Telnet Service ................................................ 2-5 Part 5: Configuring Primary, Secondary, and Tertiary Chassis Timing Sources ....... 2-8 Part 6: Copying Files to Flash Memory .................................................................. 2-10 Part 7: Set the System Date and Time .................................................................. 2-10 Part 8: Configure an Entry in the Host Table ........................................................ 2-11 Part 9: Transfer Files Between the E-series Router and an FTP Server................. 2-12 Part 10: Create a Virtual Router .......................................................................... 2-13 Part 11: Customize the Banner and Send Messages to Users (Optional) ............. 2-16

Contents - iii

Contents - iv

Course Overview The Introduction to Juniper Networks Routers—E-series course provides an introduction to the E-series router platforms, including the E320 router. The course covers E-series router features, applications, and hardware architecture. It gives an overview of using the E-series command-line interface (CLI), including user modes, CLI shortcuts, the file system, and file manipulation. The course teaches students how to use the CLI to perform basic router administration tasks and how to perform a basic configuration of an E-series router. The course also introduces the concept of virtual routers and discusses the basics of virtual router configuration. Objectives

After successfully completing this course, you should be able to: • Describe the E-series router features and applications in both a B-RAS and dedicated access

environment;

• Describe the E-series router hardware architecture;

• Describe the configuration options available for E-series hardware platforms;

• List the different CLI user modes;

• Describe the file system used on E-series routers;

• Use the CLI to manipulate files, to reload E-series router, and to perform basic troubleshooting;

• Use the CLI to configure the E-series platforms for basic IP connectivity; and

• Perform basic virtual router configuration and management tasks.

Intended Audience This course is intended for network professionals, managers, and anyone needing an overview of the E-series router.

Course Level This is an introductory-level course designed to be a stepping-stone to the more advanced courses available in the Juniper Networks training curriculum.

Prerequisites

Students attending this course should have a general knowledge of the Internet Protocol, including addressing. Students should also have a basic understanding of the OSI model, including the roles played by layers 1-4. Familiarity with common TCP and UDP protocols, such as Telnet and FTP, is helpful. This course is a required prerequisite for the following:

• E-series Routing Protocols (formerly E-series Circuit Aggregation Basics) • E-series Broadband Remote Access Server Configuration Basics

Course Overview - v

Course Agenda

Day 1 Lab 1: Introduction to the E-series Router CLI (Detailed)

Lab 2: E-series Router Configuration Basics (Detailed)

Course Agenda - vi

Additional Information Education Services Offerings

You can obtain information on the latest Education Services offerings, course dates, and class locations from the World Wide Web by pointing your Web browser to: http://www.juniper.net/training/education/ .

About This Publication

The Introduction to Juniper Networks Routers—E-series Lab Guide was developed and tested using software version 7.3.0. Previous and later versions of software may behave differently so you should always consult the documentation and release notes for the version of code you are running before reporting errors. This document is written and maintained by the Juniper Networks Education Services development team. Please send questions and suggestions for improvement to [email protected].

Technical Publications

You can print technical manuals and release notes directly from the Internet in a variety of formats: • Go to http://www.juniper.net/techpubs/ . • Locate the specific software or hardware release and title you need, and choose the format in

which you want to view or print the document. Documentation sets and CDs are available through your local Juniper Networks sales office or account representative.

Juniper Networks Support

For technical support, contact Juniper Networks at http://www.juniper.net/customers/ support/, or at 1-888-314-JTAC (within the United States) or 408-745-2121 (from outside the United States).

Additional Information - vii

http://www.juniper.net/training/education/

mailto:[email protected]

http://www.juniper.net/techpubs/

Additional Information - viii

Lab 1

Introduction to the E-series Router CLI (Detailed) Overview

This lab introduces you to the E-series router command-line interface (CLI). It is available in two formats: a high-level format that is designed to make you think through each step and a detailed format that offers step-by-step instructions complete with sample output from most commands. By completing this lab, you will perform the following tasks:

• Access the E-series router using a console connection (either directly or through a terminal server)

• Restore a factory-default configuration (if needed) • Explore the differences between User Exec mode and Privileged Exec mode • Use CLI shortcuts • Perform basic show commands and enter configuration mode • Manage the E-series router file system • Change boot configuration setting and reload the E-series router • Review E-series system operation and configuration file settings

Juniper Networks, Inc. Introduction to the E-series Router CLI (Detailed) Lab 1 - 1

Introduction to Juniper Network Routers - the E-series

Key User and Privileged Exec Mode Commands

Key User and Privileged Exec mode commands used in this lab include the following: configure copy running-configuration dir enable reload show boot show configuration show controller show environment show hardware show interfaces show ip interface brief show ip route show timing show utilization show version Our Example Physical Topology

UU

VCD 1#0, VPI 0, VCI 1#0

.1 .210.20.#.0/24

Note :# = Group number

OC3 slot 2/0

OC3 slot 2/1

192.168.109.158 / 24

Ethernet VLAN ID : #

10.10.#.0/24.1 .2

Faslot 1/2

Fa slot 1/3

FTP Server192.168.109.220

SRP Fa 0/0

Default RouterLo# : 192.168.#.1/32

Virtual Router: vr_#Lo# : 192.168.##.1/32

UU

Introduction to the E-series Router CLI (Detailed) Lab 1 - 2 Juniper Networks, Inc.


Part 1: Log In to the E-series Router

Log in to the E-series router by performing the following step:

Note Depending on your classroom location and setup, some of the cabling steps might have already been performed by your instructor. Please check with the instructor if you are unsure about the state of your router's patching and to determine whether you should be using direct console connections or accessing the console ports through a terminal server.

Step 1.1

Direct console connection: Connect your PC to the E-series router console port and cable the router using the network topology diagram, noting the slot numbers on the map. Launch the terminal emulation program provided on your PC and log in to the E-series router. Connection through a terminal server. If you are accessing the E-series router via a terminal server, your instructor will provide you with the required Telnet destination address and terminal server login information.

Part 2: Restore Factory Default Configuration

Note If your router is already running a factory-default configuration, you might not need to perform this part. If you believe this is the case, please check with your instructor before skipping this part.

Step 2.1

Enter the following commands to restore a factory-default configuration: ERX310-2> enable Password: ******** ERX310-2# configuration terminal Enter configuration commands, one per line. End with ^Z. ERX310(config)# boot config factory-defaults WARNING: Execution of this command will cause all configuration settings to revert to factory defaults upon the next system reboot. Proceed with 'boot config factory-defaults'? [confirm]y ERX310(config)# exit ERX310# reload WARNING: This command will cause the system to reboot. Proceed with reload? [confirm]y Reload operation commencing, please wait... BPOSTO - Bypassing Boot Power-On Self-Tests (BPOST) BPOST1 - Bypassing Boot Power-On Self-Tests (BPOST) 6128 Symbols loaded. 0 auto-booting... boot device : local: unit number : 0 processor number : 0 inet on ethernet (e) : 1.1.1.1 flags (f) : 0x26000000 other (o) : local:/ Loading local:/images/srp/srp42d40134.exe... 219002560 (from 55437395) Starting at 0x100000... NOTE: Reverting System Configuration to factory defaults. SRP is running in slot 1 Logged in on console O. Copyright (c) 1999-2006 Juniper Networks, Inc. All rights reserved. ERX-310-41-e1-d1>



Part 3: User Exec and Privileged Exec Modes Step 3.1

There are three different modes of operation on the E-series router. Initially, you are in the User Exec mode, which is a limited read-only mode. Each mode uses a different prompt.

Question: What is the prompt for User Exec mode? __________________________________________________________________ __________________________________________________________________ Answer: The prompt takes the form of the router's configured hostname followed by a greater-than (>) sign. If the hostname has not been explicitly configured, the prompt is based on the MAC address of the SRP's Ethernet interface.

Step 3.2

Use the Question Mark (?) key to determine what commands are available in User Exec mode. ERX-310-41-e1-d1> ? baseline Set a baseline for statistics clear Clear system information default Set a command to its default(s) dhcp-external DHCP External dir Display a list of local files disable Reduce the command privilege level enable Enable access to privileged commands erase Erase configuration settings exit Exit from the current command mode help Describe the interactive help system ip Perform IP services l2c L2C operations l2tp L2TP operations macro Run a CLI macro monitor Monitor system information mpls Execute MPLS commands mtrace Trace the path that packets will traverse from source to destination for a given group no Negate a command or set its default(s) ping Send MPLS echo request to remote host show Display system information sleep Make the Command Interface pause for a specified duration terminal Configure the terminal line settings test Test the outcome of a commad trace Trace the path that packets traverse to their destination traceroute Trace the path that packets traverse to their destination ERX-310-41-e1-d1>

Question: Can you enter Global Configuration mode directly from User Exec mode? __________________________________________________________________ __________________________________________________________________ Answer: No. The configure command is not an option at the User Exec privilege level.

Step 3.3

Use the CLI to determine what show commands are available while in User Exec mode. ERX-310-41-e1-d1> show ? aps Display aps information arp Display ARP table entries atm Display ATM information bfd Display information for BFD bgp Display information for BGP



boot Display the settings currently in effect for the next reboot bridge Display bridge information bridge1483 Display the bridge1483 information bulkstats Display bulkstats information cac Display CAC information classifier-list Display classifier lists clns Display network information for CLNS clock Display the time and date color-mark-profile Display color mark profile entries columns Display interface-column information controllers Display controller information cops Display COPS information dos-protection-group The DOS protection group drop-profile Display drop profile dvmrp Display dvmrp information egress-queue Display egress queue statistics environment Display chassis environmental status (power, temp., etc.) fabric-queue Display fabric queue statistics flash Display information about the flash card frame-relay Display frame relay information gre Display gre information hardware Display system hardware information hdlc Display the Cisco-HDLC information ike Display IKE information interfaces Display interface status and configuration ip Display information for IP ipsec Display ipsec information ipv6 Display information for IPv6 is-voice Display information for is-voice isis Display IS-IS routing information l2c Display information for l2c l2tp Display L2TP information l2vpn Display L2VPN information last-reset Display information about the last system reset ldp Display ldp information license Display license information line Display line configuration log Display logs and logging configuration mpls Display mpls information mroute Display Multicast routing information multicast Display about igmp globally nbma Display Non-Broadcast Multi-Access Interface information ntp Display Network Time Protocol characteristics nvs Display nvs summary information parent-group Display parent group entries policy-list Display policy table entries policy-parameter Display policy parameter entries ppp Display the PPP information pppoe Display the PPPoE information pppoe-service-name-table Configure pppoe service-name table privilege Display privilege level profile Display profile configuration qos Display qos information qos-parameter Display qos parameter instance(s) qos-parameter-define Display qos parameter definition(s) qos-port-type-profile Display default port profile qos-profile Display qos-profile qos-shared-shaper-control Show QoS shared shaper controls queue-profile Display queue profile rate-limit-profile Display rate limit profile entries reboot-history Display information about the reboot history rtr Display information for rtr scheduler-profile Display scheduler profile service-management Display service management information snmp Display SNMP information socket Display BSD Socket-Emulation information sscc Display SSC Client Information statistics-profile Display scheduler profile subscriber-policy Display subscriber policies subsystems Display the subsystems that can be configured for a release suspicious-control-flow-detection Suspicious control flow detection system tcp Display TCP information terminal Display the terminal configuration settings track Objects to be tracked



traffic-class Display traffic class traffic-class-group Display traffic class group tunnel-server Display tunnel-server information users Display information about current users version Display system hardware and software version information vlan Display VLAN related information vpls Display information for a vpls instance Step 3.4

Enter Privileged Exec mode. ERX-310-41-e1-d1> enable ERX-310-41-e1-d1#

Question: What is the prompt for Privileged Exec mode? __________________________________________________________________ __________________________________________________________________ Answer: The Privileged Exec mode prompt replaces the greater-than sign with a hash or pound sign (#).

Step 3.5

Use the CLI to list the commands available in this mode. ERX-310-41-e1-d1# ? aaa Configure authentication, authorization, and accounting characteristics baseline Set a baseline for statistics clear Clear a state clock Set the system's clock configure Enter Global Configuration mode copy Copy files debug Configure debugging functions default Set a command to its default(s) delete Delete a local file dhcp Perform DHCP operation dhcp-external DHCP External diag Reload and perform diagnostics on a specific slot dir Display a list of local files disable Reduce the command privilege level disconnect Disconnect remote CLI session enable Enable access to privileged commands erase Erase configuration settings exit Exit from the current command mode halt Halt the system in preparation for power down help Describe the interactive help system hotfix Manage hotfixes ip Perform IP services ipv6 Run IPv6 commands l2c L2C operations l2tp L2TP operations log Configure logging settings logout Logout PPP Subscribers macro Run a CLI macro monitor Monitor system information more Display contents of a file mpls Execute MPLS commands mtrace Trace the path that packets will traverse from source to destination for a given group no Negate a command or set its default(s) ping Send MPLS echo request to remote host pppoe Set PPPoE information profile-reassign Perform profile reassignment reload Halt and perform a cold restart rename Rename a local file send Send a message to specified lines service-management Service management show Display system information sleep Make the Command Interface pause for a specified duration



telnet Access a remote system via telnet terminal Configure the terminal line settings test Test the outcome of a commad trace Trace the path that packets traverse to their destination traceroute Trace the path that packets traverse to their destination undebug Disable debug logging functions virtual-router Specify a virtual router write Write system information

Question: How do the commands available in Privileged Exec mode compare with those available in User Exec mode? __________________________________________________________________ __________________________________________________________________ Answer: There are many more commands available in Privileged Exec mode. Many of these additional commands are potentially invasive or provide potentially sensitive information about the router and its configuration. Additionally, users in Privileged Exec mode can use the configure command to modify the router's configuration.

Step 3.6

Use the CLI to list the available show commands when using Privileged Exec mode. ERX-310-41-e1-d1# show ? aaa Configure authentication, authorization, and accounting characteristics access-list Display access list(s) aps Display aps information arp Display ARP table entries atm Display ATM information bfd Display information for BFD bgp Display information for BGP boot Display the settings currently in effect for the next reboot bridge Display bridge information bridge1483 Display the bridge1483 information bulkstats Display bulkstats information cac Display CAC information classifier-list Display classifier lists clns Display network information for CLNS clock Display the time and date color-mark-profile Display color mark profile entries columns Display interface-column information configuration Display the system's running configuration control-plane Display control plane information controllers Display controller information cops Display COPS information dhcp Display DHCP information dos-protection-group The DOS protection group drop-profile Display drop profile dvmrp Display dvmrp information egress-queue Display egress queue statistics environment Display chassis environmental status (power, temp., etc.) exception Display core dump configuration fabric-queue Display fabric queue statistics flash Display information about the flash card forwarding-table Display the forwarding table frame-relay Display frame relay information ftp-server Display information for FTP Server gre Display gre information hardware Display system hardware information hdlc Display the Cisco-HDLC information hosts Display the static host table hotfix Display hotfix information ike Display IKE information interfaces Display interface status and configuration ip Display information for IP ip-subscriber Display IP subscribers



ipsec Display ipsec information ipv6 Display information for IPv6 is-voice Display information for is-voice isis Display IS-IS routing information l2c Display information for l2c l2tp Display L2TP information l2vpn Display L2VPN information last-reset Display information about the last system reset ldp Display ldp information license Display license information line Display line configuration log Display logs and logging configuration memory-management Display memory management information mpls Display mpls information mroute Display Multicast routing information multicast Display about igmp globally nbma Display Non-Broadcast Multi-Access Interface information ntp Display Network Time Protocol characteristics nvs Display nvs summary information parent-group Display parent group entries policy-list Display policy table entries policy-parameter Display policy parameter entries ppp Display the PPP information pppoe Display the PPPoE information pppoe-service-name-table Configure pppoe service-name table privilege Display privilege level processes Display information about the running processes profile Display profile configuration qos Display qos information qos-parameter Display qos parameter instance(s) qos-parameter-define Display qos parameter definition(s) qos-port-type-profile Display default port profile qos-profile Display qos-profile qos-shared-shaper-control Show QoS shared shaper controls queue-profile Display queue profile radius Display RADIUS server information rate-limit-profile Display rate limit profile entries reboot-history Display information about the reboot history reload Display system reload configuration resource Display resource parameters route-map Display route maps rtr Display information for rtr scheduler-profile Display scheduler profile secrets Display the current password settings service-management Display service management information snmp Display SNMP information socket Display BSD Socket-Emulation information sscc Display SSC Client Information statistics Display statistics information statistics-profile Display scheduler profile subscriber-policy Display subscriber policies subscribers Display activity connected and authenticated clients subsystems Display the subsystems that can be configured for a release suspicious-control-flow-detection Suspicious control flow detection system tacacs Display TACACS+ server information tcp Display TCP information telnet Display status of telnet daemon terminal Display the terminal configuration settings terminate-code Display terminate code information timing Display network timing configuration and status track Objects to be tracked traffic-class Display traffic class traffic-class-group Display traffic class group tunnel-server Display tunnel-server information users Display information about current users utilization Display system resource utilization version Display system hardware and software version information virtual-router Display information pertaining to virtual routers vlan Display VLAN related information vpls Display information for a vpls instance

Step 3.7

Enter Global Configuration mode to configure the router from the terminal.



ERX-310-41-e1-d1# configure Configuring from terminal or file [terminal]? <Enter> Enter configuration commands, one per line. End with ^Z. ERX-310-41-e1-d1(config)#

Question: In what two ways can you configure the E-series router? __________________________________________________________________ __________________________________________________________________ Answer: You can configure the router from a script ( . s cr) file or from a terminal session, with the latter being the default option. Question: What prompt indicates that you are in Global Configuration mode? __________________________________________________________________ __________________________________________________________________ Answer: The word con fig appears in parentheses between the router name and the pound sign.

Step 3.8

Exit Global Configuration mode and return to Privileged Exec mode. ERX-310-41-e1-d1(config)# end ERX-310-41-e1-d1# Part 4: CLI Shortcuts Step 4.1

Note The CLI captures in this lab used a router with redundant SRPs running in high-availability mode. The router in your lab environment might only have a single SRP running in file synchronization mode. If this is the case, some of the CLI captures might be slightly different.

You have already used the Question Mark (?) key shortcut to view all available commands as well as all available options for a particular command. The ? is very useful when navigating the E-series router CLI. There are other useful shortcuts as well. Use ? to assist in answering the following question:

Question: What show command would you use to determine the E-series system's hardware and software version information? __________________________________________________________________ __________________________________________________________________ Answer: The show version command returns the requested information.

Step 4.2

Enter and execute the command identified in the previous step in its entirety. Then, use the Up Arrow key (or Ctrl-p) to recall the command from the command history.

ERX-310-41-e1-d1# show version Juniper Edge Routing Switch ERX-310



Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved. System Release: erx310_9-0-0.rel Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01) System running for: 0 days, 17 hours, 22 minutes, 51 seconds (since SAT FEB 21 2009 08:28:05 UTC) slot state type admin spare running release slot uptime ---- ------ ---------- ------- ----- ---------------- ------------- 0 online SRP310-10G enabled --- erx310_9-0-0.rel 0d17h:20m:24s 1 online FE-8 enabled --- erx310_9-0-0.rel 0d16h:44m:20s 2 online OC3-2A-GE enabled --- erx310_9-0-0.rel 0d17h:19m:15s ERX-310-41-e1-d1# <Up Arrow or Ctrl-p> show version Step 4.3

You can save typing time by abbreviating commands. Abbreviations will work as long as you enter at least enough leading characters to identify the command uniquely. You can also type part of a command and use the Tab key to have the E-series router complete the command. Tab completion saves typing time and provides real-time syntax validation because tab completion will not complete a command if you have not entered enough leading characters to uniquely identify it or if it is invalid. Try tab completion now with the command show terminal. If the Tab key is unable to auto-complete the command, use ? to show all possible completions.

ERX-310-41-e1-d1# sh<Tab>ow ERX-310-41-e1-d1# show t<Tab> ERX-310-41-e1-d1# show t? tacacs tcp telnet terminal terminate-code timing track traffic-class traffic-class-group tunnel-server ERX-310-41-e1-d1# show te<Tab> ERX-310-41-e1-d1# show te? telnet terminal terminate-code ERX-310-41-e1-d1# show ter<Tab> ERX-310-41-e1-d1# show termina? terminal terminate-code ERX-310-41-e1-d1# show terminal <Enter> Length: 25 lines, Width: 80 columns data-character-bits: 8 bits per character exec-timeout never exec-banner enabled motd-banner enabled login-timeout 30 seconds Step 4.4

Using the Up Arrow key (or ctrl-p), scroll through the history buffer until the show version command is displayed on the command line. Edit the command on the command line so that the command to view the current configuration is displayed.

ERX-310-41-e1-d1# show configuration Part 5: Basic show Commands Step 5.1

Use ? to answer the following questions. Verify your answers by running the show command.

Question: What show command would you use to determine the E-series router's hardware revision information, serial numbers and memory configuration? __________________________________________________________________ __________________________________________________________________ Answer: The show hardware command displays information about hardware revisions, serial numbers, and memory size (if applicable).



ERX-310-41-e1-d1# show hardware serial assembly assembly ram slot type number number rev. (MB) ---- ---------- ---------- ---------- -------- ---- 0 SRP310-10G 4306102273 4500003051 A06 1024 1 GE/FE 4606010642 3500104555 A02 256 2 HYBRID 4305469608 4500005002 A03 256 number of serial assembly assembly MAC base slot type number number rev. addresses MAC address ---- ------------------ ---------- ---------- -------- --------- -------------- 0 SRP310-10G I/O 4305392663 4500004201 A00 1 0090.1a41.e1d1 1 FE-8 I/O 4305381886 3501006702 A05 8 0090.1a41.dfa6 2 2xOC3-ATM 1xGE I/O 4305515142 4500005701 A03 1 0090.1a42.00c5

Question: What show command would you use to determine CPU and memory utilization? __________________________________________________________________ __________________________________________________________________ Answer: The show utilization command displays CPU and memory usage details for each line module. The heap parameter indicates how much of the line module's RAM is in use by software.

ERX-310-41-e1-d1#show utilization Please wait.... System Resource Utilization --------------------------- heap cpu slot type (%) (%) ---- ---------- ---- --- 0 SRP310-10G 34 3 1 FE-8 35 5 2 OC3-2A-GE 51 4

Question: What show command can you use to determine if the E-series system is overheating? What option can you add to that command to have the router display the actual temperature values? __________________________________________________________________ __________________________________________________________________ Answer: You can use the show environment command to display information about the overall status of the E-series chassis, including its temperature status. Adding the all option to that command causes the router to display the same information plus a table of current temperatures. Adding the table option (instead of the all option) causes the router to only display the table of current temperatures.

ERX-310-41-e1-d1# show environment chassis: 3 slot (id 0x7, rev. 0x0) fabric: 10 Gbps (rev. 0) fans: fanSubsystemOk nvs: ok (1006MB flash disk, 84% full), matches running config power: A ok, B not present AC power: A ok, B not present srp redundancy: none slots: ok online: 0 1 2 line redundancy: none temperature: ok timing: primary



primary: internal SC oscillator (ok) secondary: internal SC oscillator (ok) tertiary: internal SC oscillator (ok) auto-upgrade enabled system operational: yes ERX-310-41-e1-d1# show environment ? &> Display and redirect the output to a file, replacing previous contents &>> Display and redirect the output to a file, appending to previous contents > Redirect the output to a file, replacing previous contents >> Redirect the output to a file, appending to previous contents all Display environment details table Display environment table | Filter output using the CLI Filtering feature <cr> ERX-310-41-e1-d1# show environment all Please wait... chassis: 3 slot (id 0x7, rev. 0x0) fabric: 10 Gbps (rev. 0) fans: fanSubsystemOk nvs: ok (1006MB flash disk, 84% full), matches running config power: A ok, B not present AC power: A ok, B not present srp redundancy: none slots: ok online: 0 1 2 line redundancy: none temperature: ok timing: primary primary: internal SC oscillator (ok) secondary: internal SC oscillator (ok) tertiary: internal SC oscillator (ok) auto-upgrade enabled system operational: yes processor processor IOA IOA temperature temperature temperature temperature slot (10C - 70C) status (10C - 70C) status ---- ----------- ----------- ----------- ----------- 0 32 normal 33 normal 1 33 normal 28 normal 2 41 normal 36 normal processor temperature ranges below -5C is too cold above 80C is too hot low temperature warning below 10C high temperature warning above 70C IOA temperature ranges below -5C is too cold above 80C is too hot low temperature warning below 10C high temperature warning above 70C

Question: What show command is used to view the configuration and system files currently configured to be used for the next system reboot? __________________________________________________________________ __________________________________________________________________ Answer: The show boot command indicates which system release and configuration file the E-series router will use at the next reboot. The display output also indicates that this E-series router does not have any backup settings or parameters configured. Therefore, this E-series router will always reboot using the system release and configuration file indicated.



ERX-310-41-e1-d1# show boot Please wait... System Release: erx310_9-0-0.rel System Configuration: running-configuration Note: This system is not configured with backup settings.

Question: What show command is used to determine the chassis timing configuration? __________________________________________________________________ __________________________________________________________________ Answer: The show timing command displays information about the source and status of the E-series chassis timing.

ERX-310-41-e1-d1# show timing timing: primary primary: internal SC oscillator (ok) secondary: internal SC oscillator (ok) tertiary: internal SC oscillator (ok) auto-upgrade enabled Part 6: File System Commands

Note Be sure to use the CLI help features(question-mark context-sensitive help and tab completion) to help you determine the correct command to accomplish these tasks.

Step 6.1 Display the list of files on the flash card. To have the file name, size, unshared size, date, and in-use columns all appear on a single line, you might need to increase the width of your terminal emulation software and use the CLI command terminal width ## , where ## is a number larger than 85.

ERX-310-41-e1-d1#terminal width 85 ERX-310-41-e1-d1#dir Please wait.... unshared in file size size date (UTC) use -------------------------- --------- --------- ------------------- --- disk0:/incoming <DIR> 0 02/26/2007 07:48:14 disk0:/outgoing <DIR> 16384 02/26/2007 07:48:14 disk0:reboot.hty 405184 405184 02/21/2009 09:06:36 disk0:system.log 567 567 02/21/2009 09:00:32 disk0:erx310_7-2-4p0-5.rel 160077342 142378264 04/22/2008 04:21:08 disk0:erx310_8-2-4.rel 182223038 182223038 01/16/2009 09:22:54 disk0:erx310_9-0-0.rel 194194435 194194435 02/02/2009 06:41:08 ! . . . disk0:basic_conf.scr 3723 3723 08/21/2007 09:29:50 disk0:ftpTest.txt 1207834 1207834 02/09/2009 07:17:20 ram:bulkstats2.sts 2701 2701 02/22/2009 02:08:12 Disk capacity ------------- Capacity Free Reserved Device (bytes) (bytes) (bytes) ------ ---------- --------- -------- disk0: 1054900224 108065015 68157440 ram: 5777408 5741568 0

Question: What does the exclamation point ( ! ) indicate? __________________________________________________________________



__________________________________________________________________ Answer: The exclamation point (!) indicates that the corresponding file is in use by the system. In this example, you can see that the E-series router software release (erx310_9-0-0.rel) is in use, which means the file cannot be deleted.

Question: For each type of file listed, indicate what each extension means. __________________________________________________________________ __________________________________________________________________ Answer: The router uses the .cnf extension for binary configuration files. The .rel extension is used for E-series software releases. The router keeps the reboot history in a file with a .hty extension. Files containing scripts are denoted by the .scr extension, while macros are stored in files with a .mac extension. The .txt extension is used to indicate a plain text file. The other file types are for logs (.log), core dumps (.dmp), bulk statistics (.sts), and SSH server public keys (.pub).

Step 6.2

Save a copy of the running-configuration to a file on the flash card called test_#.cnf. ERX-310-41-e1-d1# copy running-configuration test_#.cnf Please wait...

Question: What will happen if you repeat this command? __________________________________________________________________ __________________________________________________________________ Answer: Because you just created a file named test_#.cnf, the router prompts you to confirm your wanting to overwrite the existing test_#.cnf file.

Step 6.3

Delete the file test_#.cnf from the flash disk. ERX-310-41-e1-d1# delete test_#.cnf ERX-310-41-e1-d1#

Stop and determine if your all peer router teams is at the same point in the lab. If it is not, do not continue until they are at the same point in the lab. This lab introduces many troubleshooting techniques and commands and assumes that the provider virtual router team and the workstation virtual router team are working closely together.

Part 7: Change Boot Configuration Settings and Reload the E-series Router

In this part of the lab, you will reload the E-series router using an existing configuration file called IJNRe-lab1.cnf.

Step 7.1

Start by viewing the current configuration running on the E-series router. This configuration represents an E-series router using the factory-default configuration.

ERX-310-41-e1-d1# show configuration ! Configuration script being generated on SUN FEB 22 2009 02:35:18 UTC ! Juniper Edge Routing Switch ERX-310 ! Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01) ! Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved.



! ! Commands displayed are limited to those available at privilege level 10 ! boot config running-configuration boot system erx310_9-0-0.rel no boot backup no boot subsystem no boot backup subsystem no boot force-backup service ctrl-x-reboot line console 0 line vty 0 4 ! ! traffic-class best-effort ! drop-profile default ! queue-profile default ! scheduler-profile default ! qos-shared-shaper-control ! statistics-profile default ! qos-profile atm-default ! qos-profile serial-default ! qos-profile ethernet-default ! qos-profile server-default ! qos-profile lag-default ! ! qos-port-type-profile ethernet qos-profile ethernet-default ! qos-port-type-profile atm qos-profile atm-default ! qos-port-type-profile serial qos-profile serial-default ! qos-port-type-profile server-port qos-profile server-default ! qos-port-type-profile lag qos-profile lag-default ! virtual-router default interface null 0 interface fastEthernet 0/0 no ip source-route ... license ipsec-tunnels l0agskcs7wd6w6 log engineering log verbosity low no log severity * no log engineering log fields timestamp instance no-calling-task ! End of generated configuration script.

Step 7.2

Use the CLI help feature to answer the following questions about the show configuration command.

Question: What option do you use to have the router display only a specified portion of the configuration (everything relating to physical layer protocols, for example)? __________________________________________________________________ __________________________________________________________________



Answer: The category option to show configuration allows you to filter the display so that the router prints only the portions of the configuration that are in the specified category.

Question: What option do you use to have the router display only the configuration for a specific interface? __________________________________________________________________ __________________________________________________________________ Answer: The interface option to show configuration tells the router to print the current configuration for only the specified interface. Question: What option do you use to have the router display only the configuration for a specific virtual router? __________________________________________________________________ __________________________________________________________________ Answer: The virtual-router option to show configuration tells the router to print the current configuration for only the specified virtual router. Question: What general CLI output-filtering commands can you use to filter the output of show configuration? (Hint: These are the commands that follow the pipe ( I ) character.) __________________________________________________________________ __________________________________________________________________ Answer: You can use the begin, include, and exclude commands to filter the output from any show command, including show configuration.

ERX-310-41-e1-d1# show configuration ? &> Display and redirect the output to a file, replacing previous contents &>> Display and redirect the output to a file, appending to previous contents > Redirect the output to a file, replacing previous contents >> Redirect the output to a file, appending to previous contents category Display the configuration for a specific category exclude-category Exclude category from output include-defaults Include commands that set default values for various parameters interface Display the configuration for a specific interface virtual-router Display information pertaining to a specific virtual router | Filter output using the CLI Filtering feature <cr> ERX-310-41-e1-d1# show configuration | ? begin Display lines only after a line is found that includes the filtering text exclude Display only those lines that do not include the filtering text include Display only those lines that include the filtering text Step 7.3

Determine the configuration file and system image the E-series router will use the next time it reloads. ERX-310-41-e1-d1# show boot Please wait... System Release: erx310_9-0-0.rel System Configuration: running-configuration



Note: This system is not configured with backup settings.

Question: Configuration filename: __________________________________________________________________ __________________________________________________________________ Answer: The configuration filename is running-configuration. Question: System release filename: __________________________________________________________________ __________________________________________________________________ Answer: The system release filename is erx 7-3-0 . rel.

Step 7.4

From your terminal, enter Global Configuration mode. Change the boot configuration to use the file IJNRe-lab1.cnf as its configuration file only the next time it boots.

ERX-310-41-e1-d1# configure terminal Enter configuration commands, one per line. End with ^Z. ERX-310-41-e1-d1(config)# boot config IJNRe-labl.cnf once

Question: Does this command cause the E-series router to reboot? __________________________________________________________________ __________________________________________________________________ Answer: No. This command merely changes the configuration file that will be used for the next boot.

Step 7.5

Exit Global Configuration mode and verify that the E-series router will boot using the IJNRe-lab1.cnf file as its configuration file the next time it boots and that it will only use this file for the next boot.

ERX-310-41-e1-d1# exit ERX-310-41-e1-d1# show boot Please wait... System Release: erx310_9-0-0.rel System Configuration: IJNRe-labl.cnf once Note: This system is not configured with backup settings.

Question: What keyword tells you this file will only be used for the next boot? __________________________________________________________________ __________________________________________________________________ Answer: The once keyword specified that this configuration file will only be used for the next boot. On subsequent boots, the router will revert to using the default configuration file (running-configuration in Automatic Commit mode).



Step 7.6 Reload the E-series router.

ERX-310-41-e1-d1# reload WARNING: This command will cause the system to reboot. Proceed with reload? [confirm]y WARNING: The Standby SRP may not be in sync with this SRP. Perform a sync before reloading? [confirm]y Reload operation commencing, please wait... BPOSTO - Bypassing Boot Power-On Self-Tests (BPOST) BPOST1 - Bypassing Boot Power-On Self-Tests (BPOST) 6128 Symbols loaded. 0 auto-booting... boot device : local: unit number : 0 processor number : 0 inet on ethernet (e) : 1.1.1.1 flags (f) : 0x26000000 other (0) : local:/ Loading local:/images/srp/srp42d40134.exe... 219002560 (from 55437395) Starting at Ox100000... NOTE: Restoring System Configuration from file IJNRe-labl.cnf SRP is running in slot 1 Logged in on console O. Copyright (c) 1999-2006 Juniper Networks, Inc. All rights reserved. E-310> Step 7.7

While your router is booting, review the network topology diagram for Lab 1. Notice that the SRP management port IP address is missing the host address. Fill in the correct host address for this interfaces based on your router number. For example, if you are working on erx3, the default router's SRP management IP address is 192.168.109.158.

Part 8: Review E-series System Operational Status and Configuration Settings

Use the network topology diagram and context-sensitive help to complete the following tasks. Step 8.1

Have the router display a short listing of all currently configured IP interfaces and their operational state. E-310> show ip interface brief Interface IP-Address Status Protocol Description -------------------- ------------------- ---------- ----------- --------------- null0 255.255.255.255/32 up up Loopback# 192.168.#.1/32 up up FastEthernet0/0 192.168.109.158/24 up up erx-srp ATM2/0.1#0 10.10.#.1/32 up up atm-to-vr_# FastEthernet1/2.# 10.20.#.1/32 up up enet-to-vr_# Step 8.2

Determine if the E-series router is transmitting or receiving frames on the Fast Ethernet interface connected to virtual router vr_#. You can obtain the interface name from the previous step.

E-310> show interfaces fastEthernet 1/2 FastEthernet1/2 is Up, Administrative status is Up Hardware is Intel 21440, address is 0090.1a41.dfa8 MAU is 100BASE-TX MTU: Operational 1518, Administrative 1518 Duplex Mode: Operational Full Duplex, Administrative Auto Negotiate Speed: Operational 100 Mbps, Administrative Auto Negotiate No baseline has been set 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec In: Bytes 986, Unicast 5 Multicast 0, Broadcast 4 Errors 0, Discards 0, Mac Errors 0, Alignment 0 CRC 0, Too Longs 0, Symbol Errors 0 Out: Bytes 986, Unicast 6 Multicast 0, Broadcast 3



Errors 0, Discards 0, Mac Errors 0, Deferred 0, No Carrier 0 Collisions: Single 0, Multiple 0, Late 0, Excessive 0 Policed Statistics: In: 0, Out: 0 ARP Statistics: In: ARP requests 4, ARP responses 0 Errors 0, Discards 0 Out: ARP requests 3, ARP responses 1 Errors 0, Discards 0 Administrative qos-shaping-mode: none Operational qos-shaping-mode: none queue 0: traffic class best-effort, bound to ethernet FastEthernet1/2 Queue length 0 bytes Forwarded packets 0, bytes 0 Dropped committed packets 0, bytes 0 Dropped conformed packets 0, bytes 0 Dropped exceeded packets 0, bytes 0 queue 1: traffic class control, bound to FastEthernet1/2 Queue length 0 bytes Forwarded packets 4, bytes 168 Dropped committed packets 0, bytes 0 Dropped conformed packets 0, bytes 0 Dropped exceeded packets 0, bytes 0 Step 8.3

Determine if the router is sending or receiving IP packets on the same Fast Ethernet interface connected to vr_#.

E-310> show interfaces fastEthernet 1/2 FastEthernet1/2 line protocol Ethernet is up, ip is up Description: enet-to-vr_# Network Protocols: IP Internet address is 10.20.#.1/255.255.255.0 Broadcast address is 255.255.255.255 Operational MTU = 1500 Administrative MTU = 0 Operational speed = 100000000 Administrative speed = 0 Discontinuity Time = 14606 Router advertisement = disabled Proxy Arp = enabled Network Address Translation is disabled TCP MSS Adjustment = disabled Administrative debounce-time = disabled Operational debounce-time = disabled Access routing = disabled Multipath mode = hashed Auto Configure = disabled Auto Detect = disabled Inactivity Timer = disabled Use Framed Routes = disabled Warm-restart initial-sequence-preference: Operational = 0 Administrative = 0 In Received Packets 5, Bytes 640 Unicast Packets 5, Bytes 640 Multicast Packets 0, Bytes 0 In Policed Packets 0, Bytes 0 In Error Packets 0 In Invalid Source Address Packets 0 In Discarded Packets 0 Out Forwarded Packets 5, Bytes 640 Unicast Packets 5, Bytes 640 Multicast Routed Packets 0, Bytes 0 Out Scheduler Dropped Packets 0, Bytes 0 Out Policed Packets 0, Bytes 0 Out Discarded Packets 0 Administrative qos-shaping-mode: none Operational qos-shaping-mode: none queue 0: traffic class best-effort, bound to ethernet FastEthernet1/2 Queue length 0 bytes Forwarded packets 5, bytes 730 Dropped committed packets 0, bytes 0 Dropped conformed packets 0, bytes 0



Dropped exceeded packets 0, bytes 0 Step 8.4

Verify network connectivity by sending 100 ping packets to the IP address of the Fast Ethernet interface in vr_#, 10.20.#.2.

E-310> ping 10.20.#.2 100 Sending 100 ICMP echoes to 10.20.#.2, timeout = 2 sec. !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Success rate = 100% (100/100), round-trip min/avg/max = 3/3/38 ms Step 8.5

Using the Up Arrow key, examine the Fast Ethernet's IP interface statistics again to verify that the router sent and received the ping packets.

E-310> show interfaces fastEthernet 1/2 FastEthernet1/2 line protocol Ethernet is up, ip is up Description: enet-to-vr_# Network Protocols: IP Internet address is 10.20.#.1/255.255.255.0 Broadcast address is 255.255.255.255 Operational MTU = 1500 Administrative MTU = 0 Operational speed = 100000000 Administrative speed = 0 Discontinuity Time = 14606 Router advertisement = disabled Proxy Arp = enabled Network Address Translation is disabled TCP MSS Adjustment = disabled Administrative debounce-time = disabled Operational debounce-time = disabled Access routing = disabled Multipath mode = hashed Auto Configure = disabled Auto Detect = disabled Inactivity Timer = disabled Use Framed Routes = disabled Warm-restart initial-sequence-preference: Operational = 0 Administrative = 0 In Received Packets 105, Bytes 13440 Unicast Packets 105, Bytes 13440 Multicast Packets 0, Bytes 0 In Policed Packets 0, Bytes 0 In Error Packets 0 In Invalid Source Address Packets 0 In Discarded Packets 0 Out Forwarded Packets 106, Bytes 13592 Unicast Packets 106, Bytes 13592 Multicast Routed Packets 0, Bytes 0 Out Scheduler Dropped Packets 0, Bytes 0 Out Policed Packets 0, Bytes 0 Out Discarded Packets 0 Administrative qos-shaping-mode: none Operational qos-shaping-mode: none queue 0: traffic class best-effort, bound to ethernet FastEthernet1/2 Queue length 0 bytes Forwarded packets 105, bytes 15330 Dropped committed packets 0, bytes 0 Dropped conformed packets 0, bytes 0 Dropped exceeded packets 0, bytes 0 Step 8.6

Determine the operational status of all SONET controllers on the router. E-310> show controllers sonet Interfaces ifAdminStatus OperationalStatus oc3 2/0 (non channelized) up up oc3 2/1 (non channelized) up up



Question: What status is currently displayed on your router for the SONET controllers used for the ATM connections? __________________________________________________________________ __________________________________________________________________ Answer: In the above example, the operational status is up for both SONET controllers used for ATM connections.

Step 8.7

View the router's IP routing table. E-310> show ip route Protocol/Route type codes: I1- ISIS level 1, I2- ISIS level2, I- route type intra, IA- route type inter, E- route type external, i- metric type internal, e- metric type external, P- periodic download, O- OSPF, E1- external type 1, E2- external type2, N1- NSSA external type1, N2- NSSA external type2 L- MPLS label, V- VRF, *- via indirect next-hop Prefix/Length Type Next Hop Dst/Met Interface ------------------ --------- --------------- ---------- ---------------------------------------- 10.10.#.0/24 Connect 10.10.#.1 0/0 ATM2/0.1#0 192.168.109.0/24 Connect 192.168.109.158 0/0 FastEthernet0/0 10.20.#.0/24 Connect 10.20.#.1 0/0 FastEthernet1/2.# 192.168.#.1/32 Connect 192.168.#.1 0/0 loopback# 192.168.##.0/24 Static 10.10.#.2 1/0 ATM2/0.1#0 10.20.#.2 1/0 FastEthernet1/2.#

Question: Is there a route to vrl's loopback0 address? If so, what type of route is it? __________________________________________________________________ __________________________________________________________________ Answer: There are two static routes to vrl's loopback0 address.

Step 8.8

Verify that you can ping the IP address of vr_#'s loopback0 interface. E-310> ping 192.168.##.1 Sending 5 ICMP echoes to 192.168.##.1, timeout = 2 sec. !!!!! Success rate = 100% (5/5), round-trip min/avg/max = 4/4/4 ms Step 8.9

View the current configuration.

Question: What CLI mode must you access to view the configuration? __________________________________________________________________ __________________________________________________________________ Answer: You must be in Privileged Exec mode to view the configuration.

E-310> enable E-310# show configuration ! Configuration script being generated on SUN FEB 22 2009 02:35:18 UTC ! Juniper Edge Routing Switch ERX-310 ! Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01) ! Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved.



! ! Commands displayed are limited to those available at privilege level 10 ! boot config running-configuration boot system erx310_9-0-0.rel no boot backup no boot subsystem no boot backup subsystem no boot force-backup hostname "E-310" service ctrl-x-reboot line console 0 line vty 0 4 ! ! traffic-class best-effort ! drop-profile default ! queue-profile default ! scheduler-profile default ! qos-shared-shaper-control ! statistics-profile default ! qos-profile atm-default ! qos-profile serial-default ! qos-profile ethernet-default ! qos-profile server-default ! qos-profile lag-default ! ! qos-port-type-profile ethernet qos-profile ethernet-default ! qos-port-type-profile atm qos-profile atm-default ! qos-port-type-profile serial qos-profile serial-default ! qos-port-type-profile server-port qos-profile server-default ! qos-port-type-profile lag qos-profile lag-default ! virtual-router default interface null 0 interface loopback # ip address 192.168.#.1 255.255.255.255 interface atm 2/0 atm clock internal chassis interface atm 2/0.1#0 point-to-point atm pvc 1#0 0 1#0 aal5snap 0 0 0 ip description atm-to-vr_# ip address 10.10.#.1 255.255.255.0 ! interface atm 2/1.1#0 point-to-point atm pvc 1#0 0 1#0 aal5snap 0 0 0 interface fastEthernet 0/0 ip description erx3-srp ip address 192.168.109.158 255.255.255.0 interface fastEthernet 1/2 mtu 1522 encapsulation vlan ! interface fastEthernet 1/2.# ip description enet-to-vr_# vlan id # ip address 10.20.2.1 255.255.255.0 ! interface fastEthernet 1/3



mtu 1522 encapsulation vlan ! interface fastEthernet 1/3.# vlan id # . . . ip route 192.168.##.0 255.255.255.0 10.10.#.2 ip route 192.168.##.0 255.255.255.0 10.20.#.2 license ipsec-tunnels l0agskcs7wd6w6 ! ! ================================================================================================== virtual-router vr_# aaa authentication atm1483 default radius aaa accounting atm1483 default radius aaa authentication ip default radius aaa accounting ip default radius aaa authentication ipsec default radius aaa accounting ipsec default radius aaa authentication ppp default radius aaa accounting ppp default radius ! ip address-pool local aaa authentication radius-relay default radius aaa accounting radius-relay default radius aaa authentication tunnel default radius aaa accounting tunnel default radius interface null 0 interface loopback 0 ip address 192.168.##.1 255.255.255.255 interface atm 6/1.1#0 ip description atm-to-default ip address 10.10.#.2 255.255.255.0 interface fastEthernet 1/3.# ip description enet-to-default ip address 10.20.#.2 255.255.255.0 ip route 192.168.#.0 255.255.255.0 10.10.#.1 ip route 192.168.#.0 255.255.255.0 10.20.#.1 . . . no ip source-route log engineering log verbosity low no log severity * no log engineering log fields timestamp instance no-calling-task ! End of generated configuration script.

Question: Does this display include default configuration settings? If not, how can you have the router display both the default and nondefault configuration? __________________________________________________________________ __________________________________________________________________ Answer: No, show configuration does not cause the router to include most default settings.To display both the default and nondefault configuration, you can add the include-defaults option.

Step 8.10

View the router's interface configuration. E-310# show configuration category interfaces ! Configuration script being generated on SUN FEB 22 2009 05:12:04 UTC ! Juniper Edge Routing Switch ERX-310 ! Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01) ! Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved. ! ! Commands displayed are limited to those available at privilege level 10 !




! NOTE: This script represents only a subset of the full system configuration. ! The category displayed is: interfaces ! virtual-router default interface null 0 interface loopback # ip address 192.168.#.1 255.255.255.255 interface atm 2/0 atm clock internal chassis interface atm 2/0.1#0 point-to-point atm pvc 1#0 0 1#0 aal5snap 0 0 0 ip description atm-to-vr_# ip address 10.10.#.1 255.255.255.0 ! interface atm 2/1.1#0 point-to-point atm pvc 1#0 0 1#0 aal5snap 0 0 0 interface fastEthernet 0/0 ip description erx3-srp ip address 192.168.109.158 255.255.255.0 interface fastEthernet 1/2 mtu 1522 encapsulation vlan ! interface fastEthernet 1/2.# ip description enet-to-vr_# vlan id # ip address 10.20.2.1 255.255.255.0 ! interface fastEthernet 1/3 mtu 1522 encapsulation vlan ! interface fastEthernet 1/3.# vlan id # ... ! ================================================================================================== ! virtual-router vr_# interface null 0 interface loopback 0 ip address 192.168.##.1 255.255.255.255 interface atm 6/1.1#0 ip description atm-to-default ip address 10.10.#.2 255.255.255.0 interface fastEthernet 1/3.# ip description enet-to-default ip address 10.20.#.2 255.255.255.0 Step 8.11

View the configuration for only the SRP's Fast Ethernet interface. E-310# show configuration interface fastEthernet 0/0 ! Configuration script being generated on SUN FEB 22 2009 04:57:53 UTC ! Juniper Edge Routing Switch ERX-310 ! Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01) ! Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved. ! ! Commands displayed are limited to those available at privilege level 10 ! ! NOTE: This script represents only a subset of the full system configuration. interface fastEthernet 0/0 ip description erx-srp ip address 192.168.109.158 255.255.255.0

Tell your instructor that you have completed Lab 1.

Lab 2

E-series Router Configuration Basics (Detailed) Overview

This lab introduces basic E-series router configuration commands. It is available in two formats: a high-level format that is designed to make you think through each step and a detailed format that offers step-by-step instructions complete with sample output from most commands. By completing this lab, you will perform the following tasks:

• Restore the factory-default configuration • Configure IP parameters on the SRP's Fast Ethernet interface • Configure IP parameters on a loopback interface • Configure the hostname and Telnet server • Configure primary, secondary, and tertiary chassis timing sources • Copy files to flash memory • Set the system date and time • Configure an entry in the host table on the E-series router • Copy a backup of the E-series router's configuration to a FTP server and copy

a file from the FTP server to the E-series router • Create a virtual router • Customize the banner and send messages to users (optional)

Juniper Networks, Inc. E-series Router Configuration Basics (Detailed) Lab 2 - 1


Key User and Privileged Exec Mode Commands

Key User and Privileged Exec mode commands used in this lab include the following: clear line clock set configure copy enable exit ping reload send show configuration show hosts show ip interface brief show ip route show timing show users show virtual-router telnet Our Example Physical Topology

UU

VCD 1#0, VPI 0, VCI 1#0

.1 .210.20.#.0/24

Note :# = Group number

OC3 slot 2/0

OC3 slot 2/1

192.168.109.158 / 24

Ethernet VLAN ID : #

10.10.#.0/24.1 .2

Faslot 1/2

Fa slot 1/3

FTP Server192.168.109.220

SRP Fa 0/0

Default RouterLo# : 192.168.#.1/32

Virtual Router: vr_#Lo# : 192.168.##.1/32

UU

E-series Router Configuration Basics (Detailed) Lab 2 - 2 Juniper Networks, Inc.


Part 1: Restore the Factory-Default Configuration Step 1.1

Enter Global Configuration mode on the E-series router. E-310# configure terminal Enter configuration commands, one per line. End with ^Z. E-310(config)# Step 1.2

Configure the E-series router to boot using the factory-default configuration file, verify the boot configuration, and use the reload command to reboot the router.

ERX310(config)# boot config factory-defaults WARNING: Execution of this command will cause all configuration settings to revert to factory defaults upon the next system reboot. Proceed with 'boot config factory-defaults'? [confirm]y ERX310(config)# exit ERX310# reload WARNING: This command will cause the system to reboot. Proceed with reload? [confirm]y Reload operation commencing, please wait... BPOSTO - Bypassing Boot Power-On Self-Tests (BPOST) BPOST1 - Bypassing Boot Power-On Self-Tests (BPOST) 6128 Symbols loaded. 0 auto-booting... boot device : local: unit number : 0 processor number : 0 inet on ethernet (e) : 1.1.1.1 flags (f) : 0x26000000 other (o) : local:/ Loading local:/images/srp/srp42d40134.exe... 219002560 (from 55437395) Starting at 0x100000... NOTE: Reverting System Configuration to factory defaults. SRP is running in slot 1 Logged in on console O. Copyright (c) 1999-2006 Juniper Networks, Inc. All rights reserved. ERX-310-41-e1-d1> Step 1.3

While your router is booting, review the network topology diagram for Lab 2. Notice that the loopback interfaces and the SRP management port IP addresses are missing host addresses. Fill in the correct host address for these interfaces based on your group number. For example, if you are working on group 3, the virtual router's loopback 0 IP address is 192.168.33.1.

Part 2: Configure IP Parameters on the SRP's Fast Ethernet Interface

Note

Use the information on the topology diagrams and the Question Mark (?) key to assist you in performing the following steps.

Step 2.1

Enter Privileged Exec mode and review the current configuration of the SRP's Fast Ethernet interface. ERX-310-41-e1-d1> enable ERX-310-41-e1-d1# show configuration interface fastEthernet 0/0 ! Configuration script being generated on SUN FEB 22 2009 05:35:16 UTC ! Juniper Edge Routing Switch ERX-310 ! Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01) ! Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved. ! ! Commands displayed are limited to those available at privilege level 10 ! ! NOTE: This script represents only a subset of the full system configuration.



interface fastEthernet 0/0 Step 2.2

Enter Global Configuration mode. Then, enter Interface Configuration mode and configure the Fast Ethernet interface on the SRP using the IP address and subnet mask indicated on the topology diagram. For the host IP address, the # represents your assigned router number.

ERX-310-41-e1-d1# configure terminal Enter configuration commands, one per line. End with ^Z. ERX-310-41-e1-d1(config)# interface fastEthernet 0/0 ERX-310-41-e1-d1(config-if)# ip address 192.168.109.158 255.255.255.0 Step 2.3

Configure an IP description for the SRP's Fast Ethernet interface. Use a description of erx#-srp, where # represents your assigned router number.

ERX-310-41-e1-d1(config-if)# ip description erx-srp Step 2.4

Return to Privileged Exec mode, review your configuration for accuracy, and then verify that you can ping the FTP server indicated on the topology diagrams.

Note

If you are unable to ping the FTP server indicated on diagram, please notify your instructor.

ERX-310-41-e1-d1(c endonfig-if)# ERX-310-41-e1-d1# show configuration interface fastEthernet 0/0 ! Configuration script being generated on SUN FEB 22 2009 05:35:16 UTC ! Juniper Edge Routing Switch ERX-310 ! Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01) ! Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved. ! ! Commands displayed are limited to those available at privilege level 10 ! ! NOTE: This script represents only a subset of the full system configuration. interface fastEthernet 0/0 ip description erx-srp ip address 192.168.109.158 255.255.255.0 ERX-310-41-e1-d1# ping 192.168.109.220 Sending 5 ICMP echoes to 192.168.109.220, timeout = 2 sec. !!!!! Success rate = 100% (5/5), round-trip min/avg/max = 0/0/1 ms Part 3: Configure IP Parameters on a Loopback Interface Step 3.1

Enter Global Configuration mode. Then, enter Interface Configuration mode and configure the loopback 0 interface using the IP address and subnet mask shown on the network topology diagram. For the host IP address, the # represents your assigned router number. Configure the subnet mask using the prefix-length notation.

ERX-310-41-e1-d1# configure terminal Enter configuration commands, one per line. End with ^Z. ERX-310-41-e1-d1(config)# interface loopback # ERX-310-41-e1-d1(config-if)# ip address 192.168.#.1/32 Step 3.2

Without leaving Interface Configuration mode, review the configuration for accuracy. ERX-310-41-e1-d1(config)# run show configuration interface loopback # ! Configuration script being generated on SUN FEB 22 2009 05:57:40 UTC ! Juniper Edge Routing Switch ERX-310



! Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01) ! Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved. ! ! Commands displayed are limited to those available at privilege level 10 ! ! NOTE: This script represents only a subset of the full system configuration. interface loopback # ip address 192.168.#.1 255.255.255.255

Question: How did you execute a Privileged Exec mode command without exiting Interface Configuration mode? __________________________________________________________________ __________________________________________________________________ Answer: You can run any User Exec or Privileged Exec mode command within any configuration mode by prefacing it with the run or the do command. Context-sensitive help and command completion are also available when using the run or the do command. Question: In the configuration, did the router display the subnet mask using the prefix-length notation? __________________________________________________________________ __________________________________________________________________ Answer: No. It converted the prefix-length notation to dotted-decimal notation.

Step 3.3

Exit Interface Configuration mode. ERX-310-41-e1-d1(config-if)# exit ERX-310-41-e1-d1(config)# Part 4: Configure the Hostname and Telnet Service Step 4.1

Configure the hostname as E-<model number>, where the <model number> is your router model number.

ERX-310-41-e1-d1(config)#hostname E-310 E-310(config)#

Question: What happens to the prompt? __________________________________________________________________ __________________________________________________________________ Answer: The hostname portion of the prompt changes from the MAC address of the SRP's Fast Ethernet interface to the hostname you just configured.

Step 4.2

Enter Line Configuration mode to configure all 30 possible virtual lines using the line vty x y command. Configure a password of j-protek on these lines.

E-310(config)# line vty 0 29 E-310(config-line)# password j-protek Please wait...



E-310(config-line)# Step 4.3

Return to Privileged Exec mode and view the configuration to confirm the accuracy of your changes. E-310(config-line)# end E-310# show configuration ! Configuration script being generated on SUN FEB 22 2009 02:35:18 UTC ! Juniper Edge Routing Switch ERX-310 ! Version: 9.0.0 release-0.0 [BuildId 8976] (February 21, 2008 15:01) ! Copyright (c) 1999-2008 Juniper Networks, Inc. All rights reserved. ! ! Commands displayed are limited to those available at privilege level 10 ! boot config running-configuration boot system erx310_9-0-0.rel no boot backup no boot subsystem no boot backup subsystem no boot force-backup hostname "E-310" service ctrl-x-reboot controller sonet 2/0 controller sonet 2/1 line console 0 line vty 0 29 password 5 ''(B=R;:HdiyL*7:y1Gj ! traffic-class best-effort ! drop-profile default ! queue-profile default ! scheduler-profile default ! qos-shared-shaper-control ! statistics-profile default ! qos-profile atm-default ! qos-profile serial-default ! qos-profile ethernet-default ! qos-profile server-default ! qos-profile lag-default ! qos-port-type-profile ethernet qos-profile ethernet-default ! qos-port-type-profile atm qos-profile atm-default ! qos-port-type-profile serial qos-profile serial-default ! qos-port-type-profile server-port qos-profile server-default ! qos-port-type-profile lag qos-profile lag-default ! virtual-router default interface null 0 interface loopback # ip address 192.168.#.1 255.255.255.255 interface fastEthernet 0/0 ip description erx3-srp ip address 192.168.109.158 255.255.255.0 . . . no ip source-route log engineering log verbosity low no log severity * no log engineering



log fields timestamp instance no-calling-task ! End of generated configuration script.

Question: Is the password displayed in clear-text when you have the router print its configuration? __________________________________________________________________ __________________________________________________________________ Answer: No, the password is encrypted to prevent its disclosure.

Step 4.4

From your router, establish a Telnet session to your E-series router's loopback interface to verify Telnet functionality.

E-310# telnet 192.168.#.1 Telnet password: ********** Logged in on vty 0 via telnet. Copyright (c) 1999-2006 Juniper Networks, Inc. All rights reserved. E-310> Step 4.5

Enter Privileged Exec mode on this Telnet session and determine which users are currently logged in to the E-series router.

E-310> show users line connected idle number line name user from connected since time ------ -------------- ---- ------------- ---------------- -------- 0 console 0 console 02/21/2009 08:30 21:44:24 1* vty 0 (telnet) 192.168.#.1 02/22/2009 03:45 Note: '*' indicates current user.

Question: How many users are currently logged in to the E-series router? __________________________________________________________________ __________________________________________________________________ Answer: In this example, two users are currently logged in to the E-series router. Question: How are the users connected to the E-series router? __________________________________________________________________ __________________________________________________________________ Answer: In this example, one user is attached to the E-series router via the console and another is attached through a Telnet session, which was originated from 192.168.8.3. Question: How long have the users been connected? __________________________________________________________________ __________________________________________________________________ Answer: In this example, the console session was started at 02/21/2009 08:30 and the user connected through a Telnet session at 02/22/2009 03:45. All these times are given in a 24-hour clock (for example, 19:30 would be 7:30 PM).



Step 4.6 Try to end your Telnet session using the clear line n command.

E-310> enable Password: ******** E-310# clear line 1 Cannot kill your own session

Question: Were you able to clear your own Telnet session? __________________________________________________________________ __________________________________________________________________ Answer: No. The clear line n command can be used to close another connection. You cannot use the command to end your own connection.

Step 4.7

Disconnect your Telnet session using the exit command. E-310# exit Logging out. E-310# Part 5: Configuring Primary, Secondary, and Tertiary Chassis Timing Sources Step 5.1

Before making any configuration changes, first document the default factory settings for the E-series chassis timing sources:

E-310# show timing timing: primary primary: internal SC oscillator (ok) secondary: internal SC oscillator (ok) tertiary: internal SC oscillator (ok) auto-upgrade enabled

Question: What is the current primary chassis timing source? __________________________________________________________________ __________________________________________________________________ Answer: In this example, the current primary timing source is the E-series router's internal system controller oscillator. Question: What is the current secondary chassis timing source? __________________________________________________________________ __________________________________________________________________ Answer: In this example, the current secondary timing source is the E-series router's internal system controller oscillator. Question: What is the current tertiary chassis timing source? __________________________________________________________________ __________________________________________________________________



Answer: In this example, the current tertiary timing source is the E-series router's internal system controller oscillator. Question: What timing source is the E-series chassis currently using? __________________________________________________________________ __________________________________________________________________ Answer: In this example, the E-series router is using its primary timing source.

Step 5.2

Configure the E-series router's primary chassis timing source to be the external BITS clock connected to T1 port A on the SRP.

Note

In our lab environment, we do not have a BITS clock connected to T1 port A or port B. As a result, these timing sources will display an ERROR condition, and the timing sources will not be used.

E-310# configure terminal Enter configuration commands, one per line. End with "Z. E-310(config)# timing source primary line t1:a Step 5.3

Configure the E-series router's secondary chassis timing source to be the external BITS clock connected to T1 port B on the SRP.

E-310(config)# timing source secondary line t1:b Step 5.4

Configure the E-series router's tertiary chassis timing source to be internal. E-310(config)# timing source tertiary internal Step 5.5

Within Global Configuration mode, analyze the current chassis timing status to answer the questions that follow.

E-310(config)# run show timing timing: tertiary (failover from primary) primary: external SC T1 (A) (ERROR) secondary: external SC T1 (B) (ERROR) tertiary: internal SC oscillator (ok) auto-upgrade enabled

Question: What is the current primary chassis timing source? __________________________________________________________________ __________________________________________________________________ Answer: The primary timing source is now the external BITS clock attached to T1 port A on the E-series router's system controller I/O module. Question: What is the current secondary chassis timing source? __________________________________________________________________



__________________________________________________________________ Answer: The secondary timing source is now the external BITS clock attached to T1 port B on the E-series router's system controller I/O module. Question: What is the current tertiary chassis timing source? __________________________________________________________________ __________________________________________________________________ Answer: The current tertiary timing source is the E-series router's internal system controller oscillator. Question: What timing source is the E-series chassis currently using? __________________________________________________________________ __________________________________________________________________ Answer: The E-series router is using its tertiary timing source due to the failure of its primary and secondary sources. Question: If the primary source became functional, would the router use it or would it continue to use the tertiary source? __________________________________________________________________ __________________________________________________________________ Answer: Because the output shows that the auto-upgrade feature is enabled, the E-series router would use a more preferred timing source if it became available.

Part 6: Copying Files to Flash Memory Step 6.1

Copy the running-configuration to a file on the flash called start_#.cnf. Other courses' labs might use this saved configuration file as a starting point so report any errors or problems to your instructor.

E-310(config)# ^Z E-310# copy running-configuration start_#.cnf Destination file exists, proceed with copy? [confirm] y Please wait... E-310# Part 7: Set the System Date and Time Step 7.1

Before making any configuration changes, determine the current system date and time. E-310# show clock TUE SEP 26 2006 13:24:34 UTC E-310#

Question: What is the current date and time on your E-series router? __________________________________________________________________ __________________________________________________________________



Answer: In this example, it is 13:24:34 Coordinated Universal Time (UTC) on Tuesday, September 26, 2006.

Step 7.2

Set the E-series router's time and date (taking into account time zones), and verify the results. E-310# clock set 13:25:00 26 September 2006 E-310# show clock TUE SEP 26 2006 13:26:02 UTC Part 8: Configure an Entry in the Host Table

To transfer files to or from a remote file server, you must define an entry for that host in the host table. In the case of file servers, you use the host command to bind a locally defined symbolic name to an IP address, the protocol which will be used to access that IP address, and (optionally) FTP account parameters.

Step 8.1

Determine if there are any entries in the host table. E-310(config)# run show hosts Static Host Table ----------------- name ip address type -------- --------------- ---- NFS Host Table -------------- name userid groupid ---- ------ ------- Step 8.2

Examine the topology diagrams and obtain the IP address of the FTP server. Verify that you can ping the FTP server from your E-series router.

E-310# ping 192.168.109.220 Sending 5 ICMP echoes to 10.13.7.55, timeout = 2 sec. !!!!! Success rate = 100% (5/5), round-trip min/avg/max = 0/0/1 ms Step 8.3

Enter Global Configuration mode using your terminal and configure a static host entry for the FTP server using the hostname ftp-host. Do not configure an FTP username and password. If no FTP username and password are configured, the router uses a username of anonymous and a null password when contacting this FTP server.

E-310# configure terminal Enter configuration commands, one per line. End with ^Z. E-310(config)# host ftp-host 192.168.109.220 ftp Step 8.4

Verify that the FTP server is correctly listed in the host table. E-310(config)# run show hosts Static Host Table ----------------- name ip address type -------- --------------- ---- ftp-host 192.168.109.220 ftp NFS Host Table -------------- name userid groupid ---- ------ -------



Step 8.5 Try to ping the FTP server using the name you defined in the host table.

E-310(config)# run ping ftp-host Resolving "ftp-host" Sending 5 ICMP echoes to 192.168.109.220, timeout = 2 sec. !!!!! Success rate = 100% (5/5), round-trip min/avg/max = 0/0/1 ms

Question: Did this work? Without DNS, how was the router able to determine the IP address of the name you entered? __________________________________________________________________ __________________________________________________________________ Answer: Yes, it should work. The router used the entry you just defined in the host table to resolve the IP address for that name.

Part 9: Transfer Files Between the E-series Router and an FTP Server

It is useful to be able to transfer files between the E-series Router and an FTP server. One important use for this is backing up E-series router configuration files to an FTP server and retrieving and restoring configuration files from backups stored on an FTP server. You will practice doing that in this lab part.

Step 9.1

Copy the running-configuration to the FTP server. Name the file erx-backup_#.cnf, where the # is your group number.

E-310(config)#end E-310# copy running-configuration ftp-host:erx-backup_#.cnf Please wait... E-310#

Question: Did the copy operation succeed? __________________________________________________________________ __________________________________________________________________ Answer: The copy operation succeeded. If the copy command were to fail, you would receive an error message.

Step 9.2

Now, reverse the operation by copying the file erx-backup_#.cnf from the FTP server back to your E-series router, naming it backup_#.cnf on the router's flash card. If you want to load this configuration on the router, you can set the router to boot once using this configuration file and reload the router.

E-310# copy ftp-host:erx-backup_#.cnf backup_#.cnf Destination file exists, proceed with copy? [confirm] y Please wait... E-310#



Part 10: Create a Virtual Router

Note On the E-series router, you can configure and manage layer 1 and layer 2 parameters within any virtual router context. However, you must configure and manage layer 3 parameters within a specific virtual router context.

Step 10.1

Determine the number of virtual routers currently configured. E-310# show virtual-router Virtual Router : default

Question: What are the names of the currently configured virtual routers? __________________________________________________________________ __________________________________________________________________ Answer: Currently, the only virtual router that is configured is the default virtual router.

Step 10.2

Determine the routing protocols that are currently running in the default virtual router. E-310# show virtual-router default detail Virtual Router: default Ip: Present Ipv6: Not Present Mgtm: Not Present Mgtmv6: Not Present Bgp: Not Present Isis: Not Present Ospf: Not Present Pim: Not Present Rip: Not Present Igmp: Not Present Mld: Not Present Dvmrp: Not Present Mpls: Not Present Ldp: Not Present Rsvp: Not Present

Question: What routing protocols are currently running in the default virtual router? __________________________________________________________________ __________________________________________________________________ Answer: According to this output, no routing protocols are running in the default virtual router.

Step 10.3

Examine the IP routing table in the default virtual router. E-310# show ip route Protocol/Route type codes: I1- ISIS level 1, I2- ISIS level2, I- route type intra, IA- route type inter, E- route type external, i- metric type internal, e- metric type external, P- periodic download, O- OSPF, E1- external type 1, E2- external type2, N1- NSSA external type1, N2- NSSA external type2 L- MPLS label, V- VRF, *- via indirect next-hop



Prefix/Length Type Next Hop Dst/Met Interface ------------------ --------- --------------- ---------- ---------------------------------------- 192.168.109.0/24 Connect 192.168.109.158 0/0 FastEthernet0/0 192.168.#.1/32 Connect 192.168.#.1 0/0 loopback#

Question: How many routes are listed? __________________________________________________________________ __________________________________________________________________ Answer: There are two routes listed. Both routes are to directly connected networks.

Step 10.4

Examine the IP interfaces in the default virtual router. E-310# show ip interface brief Interface IP-Address Status Protocol Description ------------------------- ------------------- ---------- ----------- ------------------------------ null0 255.255.255.255/32 up up FastEthernet0/0 192.168.109.158/24 up up E-310-srp Loopback# 192.168.#.1/32 up up

Question: How many IP interfaces are configured? __________________________________________________________________ __________________________________________________________________ Answer: The default virtual router has two user-defined interfaces and a null0 interface that is created automatically as a destination for discarded packets.

Step 10.5

Create a new virtual router called vr_#. Note Virtual router names cannot be abbreviated and are case sensitive. E-310# configure terminal Enter configuration commands, one per line. End with ^Z. E-310(config)# virtual-router vr_# Proceed with new virtual-router creation? [confirm]y E-310:vr_#(config)#

Question: How did the E-series router's prompt change? __________________________________________________________________ __________________________________________________________________ Answer: The prompt changed to show that you are configuring virtual router vr_#. Question: Can you tell which virtual router you are currently configuring? __________________________________________________________________ __________________________________________________________________ Answer: Yes, the virtual router name appears in the prompt. If no virtual router name appears, then you are configuring the default virtual router.



Step 10.6 Configure the loopback0 interface in the virtual router vr_# using the IP address and subnet mask found on the physical topology diagram. For the host IP address, the # represents your group number.

E-310:vr_#(config)# interface loopback 0 E-310:vr_#(config-if)# ip address 192.168.##.1/32 Step 10.7

Determine the number of virtual routers currently configured. E-310:vr_#(config-if)# run show virtual-router Virtual Router : default Virtual Router : vr_# Step 10.8

Exit Configuration mode and examine the IP routing table in the new virtual router. E-310:vr_#(config-if)# end E-310:vr_# # show ip route Protocol/Route type codes: I1- ISIS level 1, I2- ISIS level2, I- route type intra, IA- route type inter, E- route type external, i- metric type internal, e- metric type external, P- periodic download, O- OSPF, E1- external type 1, E2- external type2, N1- NSSA external type1, N2- NSSA external type2 L- MPLS label, V- VRF, *- via indirect next-hop Prefix/Length Type Next Hop Dst/Met Interface ------------------ --------- --------------- ---------- ---------------------------------------- 192.168.##.0/32 Connect 192.168.##.1 0/0 loopback0

Question: How many routes are listed in the new virtual router? __________________________________________________________________ __________________________________________________________________ Answer: The routing table contains a single route, which is the directly connected network configured on the loopback0 interface. Question: Are the routes from the default virtual router listed in vr1's routing table? __________________________________________________________________ __________________________________________________________________ Answer: No. Virtual routers do not exchange routing information unless external connectivity is established to enable them to communicate with each other and they are configured to exchange routing information through a common routing protocol.

Step 10.9

Examine the IP interfaces in the new virtual router. E-310:v show ip interface brief r_# # E-310# show ip interface brief Interface IP-Address Status Protocol Description ------------------------- ------------------- ---------- ----------- ------------------------------ null0 255.255.255.255/32 up up Loopback# 192.168.#.1/32 up up

Question: How many IP interfaces are configured? __________________________________________________________________



__________________________________________________________________ Answer: Two IP interfaces are configured: null° and loopback0. Question: Are the default virtual router's IP interfaces listed? __________________________________________________________________ __________________________________________________________________ Answer: No. Layer 3 information is not shared between virtual routers. Each virtual router has its own null0 interface.

Step 10.10

From the new virtual router, try pinging the default virtual router's loopback0 address. E-310:vr_# # ping 192.168.#.1 Sending 5 ICMP echoes to 192.168.#.1, timeout = 2 sec. ..... Success rate = 0% (0/5), round-trip min/avg/max = 0/0/0 ms

Question: Was the ping successful? Why or why not? __________________________________________________________________ __________________________________________________________________ Answer: The ping was unsuccessful because vr_# has no connectivity to the default virtual router. Question: How can you establish connectivity between the default virtual router and vr_#? __________________________________________________________________ __________________________________________________________________ Answer: You can establish connectivity between these two virtual routers the same way you establish connectivity between two physically separate routers. First, you must establish a physical link between the routers. Then, you must establish IP connectivity (including appropriate IP routing) between the two routers.

Tell your instructor that you have completed the mandatory aspects of Lab 2. If time permits, you may proceed with the optional parts of this lab.

Part 11: Customize the Banner and Send Messages to Users (Optional) Step 11.1

Configure a multiline banner, such as: You are attempting to access a secure computing device. Unauthorized access is strictly prohibited!

E-310:vr# # configure terminal Enter configuration commands, one per line. End with ^Z. E-310:vr_#(config)# banner ^ Enter remainder of text message. End with the character '^'.




You are attempting to access a secure computing device. Unauthorized access is strictly prohibited! ^ Step 11.2

Log out and then reconnect to the E-series router to determine if the banner is correctly displayed. E-310:vr_#(config)# exit E-310:vr_# # exit Logging out. E-310 con0 is now available Press RETURN to get started. You are attempting to access a secure computing device. Unauthorized access is strictly prohibited! Logged in on console 0. Copyright (6) 1999-2006 Juniper Networks, Inc. All rights reserved. E-310> Step 11.3

Send a message to all users currently logged in to the E-series router. E-310# send * "This is a test message. This is only a test." Proceed with send? [confirm]y E-310# *** *** TUE SEP 26 2006 13:49:40 UTC *** Message from console 0 to all lines *** This is a test message. This is only a test. E-310#

Question: What delimiters can you use for the banner and send commands? __________________________________________________________________ __________________________________________________________________ Answer: You can use any character as a delimiter, provided it will not appear within the text you want to enter. As you saw with the banner command, the router reminds you to end your message with the delimiter you chose if your entire message does not appear on a single line.

Tell your instructor that you have completed Lab 2.

e-series introdution to juniper network routers(erx320) - lab guide

Documents