I always forget how to do curtain stuff on juniper equipment, the more I do in the CLI the better I become. Many of below commands and settings will be obvious for most, but I am still learning, so bear with me. As time goes I will add more commands and tips and tricks in this post.
LLDP – Showing other LLDP or CDP enabled neighbours that are on the other end of the wire. I used the enable on specific interface, thinking strict is better. So that I know where its uses LLDP.
- To configure LLDP on all interfaces: [edit protocols lldp] user@srx# set interface all - To configure LLDP on a specific interface: [edit protocols lldp] user@srx# set interface interface-name - show lldp neighbors user@srx> show lldp neighbors
Configuring access/trunk interface – my SRX delivered the native vlan on a accessport over to the switch, I wanted it to be a trunk port because I added more vlan to be routed in the SRX. Could not get it to work. Thanks to the “commit confirmed” feature is could easily try gain. Fix was to have the native vlan with as a member in the trunk configuration….
- Access port user@srx> set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode access vlan members 10 - Trunk port with native vlan, remember to add the native vlan to member of trunk, else you cut your self off. user@srx> set interfaces ge-0/0/1 native-vlan-id 3 user@srx> set interfaces ge-0/0/1 unit 0 family ethernet-switching interface-mode trunk user@srx> set interfaces ge-0/0/1 unit 0 family ethernet-switching vlan members vlan-trust
Juniper have a great feature when having to change config, you do you configuration change and then you commit it all. The commit command can also be chained with confirmed. If there is something in the config that cut your off management or if has some other flaw you can tell it to rollback if you haven’t confirmed the change after a specified time of commit.
- Save changes with commit and tell it to rollback unless you confirm the change. The last number is the number of minuts before the srx does auto rollback. user@srx# commit confirmed 2 - Confim the config after it all went well user@srx# commit check - An other nice paremeter to commit is comment. Here you can write what your config change does, and maybe even what change request number is an behalf of. user@srx# commit comment "This adds vlan trunk to uplink switch on port ge-0/0/1." - Just another nice parameter. Prepare the config and make it active on other schedule or when the service windows is open. just nice. user@srx# commit prepare -- When its time you can active it. user@srx# commit activate - If you are interested in what's happening in the commit process, then you can monitor it. user@srx# commit | display detail
DHCP – When you Junos device is doing DHCP its nice to know the IP it handed out to took for that matter
- Showing the DHCP leases that it handed out user@srx> show dhcp server binding - Showing the DHCP leases that it took with its own DHCP client. user@srx> show dhcp client binding
Rollback and compare, another nice feature to help you see what have been happening on the device. You can compare older with newer or current configs.
- Give you a compare of the config that was 3 revisions back with current config. user@srx> show system rollback 3 compare 0
NTP – settings up NTP.
- Add NTP servers and Junos will change over to use NTP instead of local time setting. Setting 5 servers from 0.dk.pool.ntp.org. user@srx# set system ntp server 184.108.40.206 user@srx# set system ntp server 220.127.116.11 user@srx# set system ntp server 18.104.22.168 user@srx# set system ntp server 22.214.171.124 - Verify NTP servers user@srx> show ntp associations
- Add DNS server for lookups user@srx# set system name-server 192.168.2.253 - Verify from configuration user@srx> show configuration system name-server
Add user and insert ssh key for quick access. Feel free to add my public key 😉
set system login user jvradm class super-user authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/VPq30qzyJHr8v6qh1vF1CVY8R9U09iCkqnIs9H6d9hBOeDu/e52rPj2BOQUfHwBmGRPVqZUyuOO20hDgT/BzP0QxISv9l2OpFariz8AmHu9m4kUwAdrBDvplw8fFeafppUwQF/aFsIF+t1PtFluz0Bp3N/sp3NQGWfkez7myctGc9X3eMc6oUAYrPPJeDZz1x5JoGdwdH/w6wjr3uK03kRx6TX1kNqxSypIQQ/8lYg1TG7yAuF5DhX4fJrPjpiLau1H6z0vChVpqY1q8oMntzHHtYtByFMrNtWFfAvG94BT27h/Lkmz5JM5d41TbL0YdZT8zCTrXzUG87wdEaRiB5ZeKy9LENgfxKO66scSU2gjiXwpyJTrHKZYz9g5EERH/41w+qMT90HAM3ArSIvk7pROoKhZy0IeOwfWbmMlQvKQFjS7OtKnFEeVUYRqnLvi3XeUiFbLxmW3ID8IqQy3iDNuESiVNRcp/PoN7lxL9cfGJdXBuJ3PBcaQZx/vQpePRqW9eBSmhhS1beIUlLV0UOFdRGTMMMjOlp7m7jaw5EnvztbInfPOdMPoUuSL9iGut7M0SVMgEzo0MiJDHNdLQYK0EKO8qrWMz76UHhpdnhOQNdi3/wtVVzxVUR/D9zBa1q2oL8ml7jKVubVbBd6Vm0lEEquDEN3I9Dan/Ev0j9w== jr@mbp"