Quick Configs Juniper - Basics & User Interface

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

in this video I'm gonna talk a little bit about the configuration basics and user interface of the two nuts device in particular I'm going to talk about the factory default state at the very CLI modes rollback and commit and filtering I'm using a very simple Network Ten Network my pcs that dot one hundred and my ass 4x is a dot one so I'm using a virtual as Rex in this example and without further ado let's get started so this is the first screen you will see wondering when you login to the device the primary account is root without a password so if you enter this in we get into the shell however we will not be able to manage it like we would normally manage the device because there's nothing to do or well there are commands to be run over here but I'm not going to talk about that now the way we enter in the privileged mode or we Cisco terms call the graphics mode is by entering C like that if I want to go back to the shell I can either do start shell or I can press exit and over here we can run our commands that we are used to such as ping SSH show show route for instance so this is basically privilege mode for those of you that are familiar with Cisco if I want to configure the device when ciske do configure terminal however in juniper in Juno's we use edit so this is what brings me to edit mode so before I can actually start configuring this device there's one important thing that I have to specify it in the dusty route authentication password so if I do commit check for instance which I'm gonna talk about to come in a little bit later it says missing mandatory statement root authentication so that is the first thing that we have to configure one week and start configuring in June as device so in this example I'm gonna set it with an encrypted password which is basically this password over here so let me paste that in alternatively you could do set system with authentication plaintext password and then just entering in a password on the live line like so so if I do commit I will basically well let's talk about the commit so right now nothing has happened I've entered in the commands however they have not been applied yet so if I do show compared I can see exactly what is gonna be entered into this configuration which is the root authentication I just put in however this is not live yet so how do we make this configuration live we enter in the commit command but before we can enter it before we enter in the commitment we can do a commit check which is making sure that the configuration check succeeds so if I do this now I will see that my commit has been complete and this will actually be the running configuration so if I do show compared I will not see it in here however if I will see it in the show system for instance so right now we will be able to configure this device so what has actually happened when I enter in this commit when we talk about commit you have to talk about roll back so rolling back is a feature that is great feature available to us in juniper operating system if I do a show system was it socialism commit I can see all the commits that have been taking place in this device so the first one is made by order and the other one is made by our fire other by root and the other one is being made by me via the CLI so that is number 0 so every time you do a commit let's say I want to change the host name of this device that system host name just caught as a Rex if I commit this and if I run show runs basically the same as do run show system commit I will now have tree in here so everything has moved up 1 so this will be the one made by the other the default configuration the one made by me and this will be the active conformation so rollback 0 or commit 0 is basically the running configuration so before I talk about going back to a previous configuration let's see what actually this rollback 0 does so let's say I want to configure this device and I make a mistake with some configuration let me minimize this for a second let's say I want to say set system services telnet throw whatever reasons and if I do show compared I can see that this is being this is going to be applied to the configuration when I do commit check so everything fine over here let's say I made a mistake when entering this command I can do delete system services tell that which is all fine and dandy but imagine I enter in 50 commands and we're going to delete them all at once so I can just do rollback 0 and then basically whatever I entered in that hasn't been committed will disappear from the configuration so that's very handy do not have it's very hard to not have commands being live as soon as you're entering it's very hard to lock yourself out of a Juniper for that matter so let's get started on some of these other configurations so by default this is an icer X and it has security zones so we have security zone on trust which is this gigabit interface by default if I do show system or show security final zones I can see that my interface isn't a security zone on trust by default which basically does not allow a single thing so I have to set it to the zone trust how do I do this I just delete it from this zone oh that's not what I wanted to do but anyway it doesn't matter let me try and copy this for a second so let me show confer ok I did it actually enter anything that's good so show compare and you can see that it basically deleted everything that was under this sub configuration as well and then we can add it to the other trust zone and I'm going to add services at HTTP and SSH on top of that and finally I'm gonna associate this interface with the address so commit check and commit so right now I have an address on a 10 range so I should be able to ping my PC a dot 100 and I can so instead of having this session over here let's create another session to 1000 long using SSH so SSH keys self-signed certificates are enabled by default so I can just log in I can log with the root okay account by default as well and I'm in the device you can see over here same thing CLI and now I'm in the shell so this this CLI will actually only apply to the root account if I configure it on a user I have a separate video about creating user accounts you will not see that CLI that's only applicable to date will account so let's do some basic configuration stuff I already configured the hostname so let's get that out of here so by default web management is enabled so let me go into edit I can see exactly what other users are also editing this configuration which is very handy so if I do show system services I can see that SSH is enabled by default and I can see that web management is enabled by default so if I want to configure some of these services I can do like set system services web management set such a search as SS age such as web services talent and so on but it's better to just go into the sub configuration so we can go into edit system services for instance and then were on there is sub configuration and then I go for a web management for instance so on the wrap management I can do show I can see everything that is configured on the web management and if I just do delete I can delete everything under this level then there's nothing in here if I do show compared I can see what will be removed from these configurations so these minuses mean remove the plus signs mean add so let's say I want to add in HTTPS instead of that I can see that right now it remove this with the minuses and it will add this to the configuration so it's very handy to have that in here so commit check and it succeeds and let's run commit if I want to go back to the top configuration I just enter in and if I do run show system commit I can see that I have a bunch of commits right now so just by looking at this the only difference between these because I'm using the root account is the time so if another operator or on a technician wants to configure this defines see the difference between these it is it is not very clear to him or her what the changes were so instead of doing this we can actually add comments so you can see it over here we can have a we can set a comment on every commit so let's say I changed something let's say I set system hostname to either x1 show compare probably you can see that the - sets rule as Rex and at as where x1 if I do commit comment and it says changed hostname for instance if I run your system commit I can see that I now have a comment in here which is very handy to have so that's very that's very good practice to just add a comment after every change you made even for yourself not just for other people so let's move on if I want to actually see what the difference is between these versions so if I run show system commit I want to see what these differences are and I don't want to just go by these comments I can actually show the differences between these rollbacks so if I do show compared rollback one I'm comparing the active configuration which is rollback 0 to rollback one likewise I can do show compare rollback - and I will see exactly the changes that were made during rollback or when we went from roll back - to roll back one and then rollback 0 so likewise I can say show if I go to the privilege mode I can show system rollback one and then compared to two so now I will see different between one and two I can also do one and tree for instance I can do two and three and so on so this is a very granular control of what actually changed in the config so very handy to have all these features so let's say you're stuck with something or before I do that before I talk about helps us and let me talk about something else which is the commits confirmed so let's say I'm changing something I'm chaining SSH and I'm changing HTTP sessions and I don't want to lock myself out or I'm confirming for something that might possibly lead to disruptions I could say that system hostname as Rex tree and to commit confirmed comment changed post name again if I enter in this I can see that it will roll back in ten minutes automatically unless I commit it specifically so if I do run shows system commit I can see that this is a commit confirmed and not a regular commit so if I do commit now I can see that the connect up front is still in here however I am now back on rollback zero so that's basically the difference the default time is ten minutes however we can change that to whatever time we want like one minute and so on so a very handy feature the last thing I wanted order the last few things that I want to talk about are the out filtering and the help so let me talk about the I'll prefer to drink first so you've seen me use this a couple of times I just use show and we can use these commands such as match find and save find is basically the same as begin in Cisco CLI if you use to that so if I do show find let's say show security so I can actually so show the entire security sauk configuration I can so show system however let's say I want to show system and a big syslog specifically I can do show system syslog however I can also do show system find syslog and then it will begin at the first instance of the syslog or whatever is matched over here if I do show match I can like Francis show match on interface I can it is basically the same as include end system if I want to show safe I can save this configuration to a file name let's say fire for home or I think it's far away let's just bring here whatever so I wrote the entire configuration basically what I see over here I wrote that to a specific file called in far home file calm so if I want to see that file if I did file show far I'm still like there so I'll show for home I can see that this file is in here off and then I will see the configuration that was put into that file so very handy features to have last thing I want to talk about is the help system so let's say you you're stuck with a command don't know what to do there are two things help apropos and help topic so let's say I want help on hosting you know I just do help apropos hostname and then I can see all commands that have host name in the title such as show commands added commands so so set system host name should be in here somewhere and you will also see help topics so maybe host name was not a good example let's say how I proposed OSPF and we see all commands associated with closed PF and topics let's say i want to match on topics only topic i can see that these are all topics associated with OSPF and then i can go and actually go into this topic so I find let's say I wanted more help on OSPF interfacing to help topical script interface and I was basically see a built-in help system same with this one for MPLS I can see everything in this internal help system so this is very handy you can use help apropos to find the command that you're stuck with so let's say I don't need help on mic match example so here we have three configuration examples for Ike so I can just do help topic services example I proposal based that in and there's a proposal built in same with this help like policy so there's an example of an AI policy that you can use so very powerful system very intuitive in my opinion yeah that's basically it I hope this has been informative thank you

Info

Channel: Ben Pin

Views: 64,786

Rating: 4.9045348 out of 5

Keywords: juniper, jncia, jncis, jncip, jncie, junos, quick configs, commit, srx, rollback, factory default, root

Id: Mw8P4Kgnubc

Channel Id: undefined

Length: 16min 33sec (993 seconds)

Published: Wed May 11 2016