ads

Style6

Style3[OneLeft]

Style3[OneRight]

Style4

Style5[ImagesOnly]

Style2

Disable Juniper Ports

Problem:  

How to shutdown a Juniper switchport or interface.  This simple JUNOS task frustrates Cisco-minded folks.  So where does JUNOS hide the shutdown command?

Solution:  

"Disable" is the JUNOS command for "shutdown".  Examples:

     Disable:        root@host> set interface ge-0/0/1 disable
     Enable  root@host> del set interface ge-0/0/1 disable

That's it!

Juniper Switch: Interface Link Speed and Autonegotiation Settigns



Problem:  Duplex mismatch on Juniper EX Switches.  Juniper Gigabit switch-ports run at half duplex when connecting to 100Mb interfaces (e.g., EX2200 uplink to SSG).

Troubleshoot:  Confirm the interface state from the switch port:  (a) Check for outbound collisions and (b) Autonegotiation status.

root@EX2200> show interfaces ge-0/0/0 extensive
  Solution:  Disable autonegotiation on the switch port.  Manually configure interface link settings:

root@EX2200# delete interfaces ge-0/0/0 ether-options auto-negotiation
root@EX2200# set interfaces ge-0/0/0 ether-options speed 100
root@EX2200# set interfaces ge-0/0/0 ether-options full-duplex
root@EX2200# set interfaces ge-0/0/0 ether-options no-auto-negotiation
MDI Consideration:  Disabling auto-negotiation also disables auto-mdix.  This has no impact for crossover cables.  However, no data will pass with straight-through cables.

Straight-through cables can be used by disabling mdi-x detection and setting the mdi mode.
  • mdi mode sets the interface to straigh-through mode.
  • mdix mode sets the interface to crossover mode.

root@EX2200# set interfaces ge-0/0/0 gigether-options no-auto-mdix
root@EX2200# set interfaces ge-0/0/0 ether-options mdix

Troubleshoot Example:
root@EX2200> show interfaces ge-0/0/0 extensive
Physical interface: ge-0/0/0, Enabled, Physical link is Up
 Interface index: 129, SNMP ifIndex: 501, Generation: 132
 Description: Uplink-To-SRX Gateway
 Link-level type: Ethernet, MTU: 1514, Speed: Auto, Duplex: Auto, BPDU Error: None, MAC-REWRITE Error: None, Loopback: Disabled, Source filtering: Disabled,
 Flow control: Enabled, Auto-negotiation: Enabled, Remote fault: Online, Media type: Copper Device flags : Present Running
 Interface flags: SNMP-Traps Internal: 0x4000
 Link flags : None
 CoS queues : 8 supported, 8 maximum usable queues
 Hold-times : Up 0 ms, Down 0 ms
 Current address: 54:e0:32:0a:63:03, Hardware address: 54:e0:32:0a:63:03
 Last flapped : 2015-11-05 18:50:43 UTC (04:53:31 ago)
 Statistics last cleared: Never
 Traffic statistics:
 Input bytes : 1256633066638 82512 bps
 Output bytes : 1392350385008 1076248 bps
 Input packets: 1770081587 101 pps
 Output packets: 1603112698 117 pps
 IPv6 transit statistics:
Input bytes : 0
Output bytes : 0
 Input packets: 0
 Output packets: 0
 Input errors:
Errors: 0,
Drops: 0, Framing errors: 0, Runts: 0, Policed discards: 0, L3 incompletes: 0, L2 channel errors: 0,L2 mismatch timeouts: 0, FIFO errors: 0, Resource errors: 0 Output errors:
 Carrier transitions: 3, Errors: 0, Drops: 0, Collisions: 247932333, Aged packets: 0, FIFO errors: 0, HS link CRC errors: 0, MTU errors: 0, Resource errors: 0
 Egress queues: 8 supported, 4 in use
 Queue counters: Queued packets Transmitted packets Dropped packets
 0 best-effort
 0 1702583017 366
 1 assured-forw 0 0 0
 5 expedited-fo 0 0 0
 7 network-cont 0 1795806 0
 Queue number: Mapped forwarding classes
 0 best-effort
 1 assured-forwarding
 5 expedited-forwarding
 7 network-control
 Active alarms : None
 Active defects : None
 MAC statistics: Receive Transmit
  Total octets 1256864002527 1392689372675
  Total packets 1770488775 1603506730
  Unicast packets 1769692120 1579600991
  Broadcast packets 796655 15971137
  Multicast packets 0 7934602
  CRC/Align errors 0 0
  FIFO errors 0 0
  MAC control frames 0 0
  MAC pause frames 0 0
  Oversized frames 0
  Jabber frames 0
  Fragment frames 0
  Code violations 0
Autonegotiation information:
  Negotiation status: Incomplete
  Local resolution:
   Local link Speed: 100 Mbps, Link mode: Half-duplex
  Packet Forwarding Engine configuration:
   Destination slot: 0 (0x00)
  CoS information:
   Direction : Output
   CoS transmit queue

References:

http://www.juniper.net/documentation/en_US/junos14.2/topics/reference/configuration-statement/no-auto-mdix-edit-interfaces.html

https://www.juniper.net/documentation/en_US/junos15.1/topics/reference/configuration-statement/mdi-mode-edit-interfaces.html

http://www.juniper.net/documentation/en_US/junos14.1/topics/task/configuration/ex-series-gigabit-interfaces-cli.html


Juniper EEOL - End of Life and End of Support JUNOS versions

Upgrade your old JUNOS!


How to upgrade from old JUNOS:


Issue:  Older versions of JUNOS (i.e., End of Life [EEOL]) can only be upgraded in the chronological order of EEOL releases.

Juniper does not publish download links to EEOL versions.

Solution:  Use the following URLs to download EEOL versions of JUNOS.  N.B., these links require a Juniper username and password.




  Juniper JUNOS EEOLs:


  1.  JUNOS 8.5:  https://download.juniper.net/software/junos/specials/JTAC/eeol/junos-jseries-8.5R4.4-domestic.tgz

  2. JUNOS 9.3:   https://download.juniper.net/software/junos/specials/JTAC/eeol/junos-jseries-9.3R4.6-domestic.tgz

  3. JUNOS 10.0:  https://download.juniper.net/software/junos/specials/JTAC/eeol/junos-jsr-10.0R4.9-domestic.tgz

  4. JUNOS 10.4:  https://download.juniper.net/software/junos/specials/JTAC/eeol/junos-jsr-10.4R10.8-domestic.tgz

  5. JUNOS 11.4:  https://download.juniper.net/software/junos/specials/JTAC/eeol/junos-jsr-11.4R13.5-domestic.tgz

Additional Information:

JUNOS release information:  http://www.juniper.net/support/eol/junos.html


Juniper IOS Cheat Sheet - EX Switch Commands

Juniper IOS Cheat Sheet
EX Series Ethernet Switch Commands


by Steven Jordan November 25th, 2013


Juniper commands to configure and manage a Juniper EX switch.  My formal training is with Cisco; I was lost the first couple times I used JUNOS CLI.  These commands should help out other Cisco minded people.

N.B.  The list below is blog friendly.  I included a printer friendly Word version here.



General Commands:
Operation Mode: #CLI
Move up tree: #up
Move down tree: #down
Enter Configuration: #config
View Configuration: #show
Ascend to top of tree: #top
Descend one or multiple levels: #edit
Add line to config: #set
Delete a line:#delete

Changes:
Save changes #commit
* Confirm changes are permanent.
View changes since
   previous commit:
#show | compare
Verify changes: #commit check
Confirm changes: #commit confirmed
*Commit confirm will roll
     back after 10 minutes.

Descend one or multiple levels: #edit
Add line to config: #set
Delete a line:#delete

Configure Physical Interface:
     #set interfaces ge-0/0/0 unit 0 family inet address 10.1.1.1/24


Configure SVI/RVI:
  1. Configure an IP on the RVI.
  2. Bind the RVI to a VLAN
* For additional RVIs, increase the unit number.
**It is recommended the RVI unit number match the VLAN-id.
     #set interfaces vlan unit 1 family inet address 192.168.1.2/24
     #set vlans vlan-1 l3-interface vlan.1

Configure VLAN:
  1. Minimum VLAN config is define vlan-name.
      #set vlans servers
     2.  Assign VLAN-ID for tags:
            #set vlans servers vlan-id 100
     3.  To delete VLAN replace the command set with “delete”.

Configure VLAN Range:
  • VLAN range defines a range of VLANs.
  • Syntax:  set vlans vlan-name vlan-range low-high
            #set vlans production vlan-range 90-100

Configure VLAN Membership
  1. Assign ports via VLAN-centric method.
      #set vlans servers interface ge-0/0/0.0

     2.  Assign ports via Port-centric method.
            #set interfaces ge-0/0/0.0 family Ethernet-switching vlan members servers

   OR:

          #set interfaces ge-0/0/0.0 family Ethernet-switching vlan members 100

          #set interfaces fe-0/0/0.0 family Ethernet-switching vlan members [1 5 7-100]

  • For access port, configure all the VLAN membership under the VLAN stanza.
  • For trunk ports, configure all the VLAN membership under the interface (port-centric method
Configure Port Roles:
  1. Access Ports:    
         #set interface ge-0/0/0.0 family Ethernet-switching port-mode access
  2. Trunk:         
         #set interface ge-0/0/0.0 family Ethernet-switching port-mode trunk
  3. Routed:       
         #set-interface ge-0/0/0.0 family inet address 192.168.1.0/24
Execute CLI Commands:
 #run show

Shutdown:
 #request system halt

3COM 4510G S-Flow Netflow Config


Config sample to enable S-Flow with SolarWinds:

sflow agent ip x.x.x.x
 sflow collector ip x.x.x.x port 2055
 sflow interval 60


interface GigabitEthernet1/0/2
 broadcast-suppression pps 3000
 undo jumboframe enable
 stp disable
 stp edged-port enable
 sflow enable inbound
 sflow enable outbound
 sflow sampling-rate 1000

Last updated 9/7/11 by Steven Jordan

Fortigate & S-Flow Config

 Problem:  

   Enable and configure S-Flow on a Fortigate firewall.  Send samples to S-flow collector (e.g., Solarwinds Netflow).

Solution:

  Configuration steps to enable S-Flow on a Fortigate 200B for use with the Solarwinds Netflow collector:


 
FG200xxx (interface) #config system sflow

FG200xxx (interface) #set collector-ip x.x.x.x
FG200xxx (interface) #set collector-port 2055
FG200xxx (interface) #end
FG200Bxxx (interface) # config sys interface
FG200Bxxx (interface) #edit
FG200Bxxx (portx) # set sflow-sampler enable
FG200Bxxx(portx) # set sample-rate 1000
FG200Bxxx (portx) # set sample-direction both
FG200Bxxx (portx) # set polling-interval 20
FG200xxx (portx) # next
FG200xxx (portx) # end