teach me Juniper (networks) // ft. the Packet Thrower

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
[Music] you [Music] all right what's going on guys welcome back to network chuck i know i know i'm late it's been the first live stream i've done in a very very long time so relax okay there's no new holes in my doors or anything it's all good um real quick let me know if you guys can hear me it's good to see you or i guess you're seeing me i'm not seeing you but it's good to hang out with you guys today now today i'm doing something i really i really don't enjoy doing and uh i'm you know i'm a cisco guy through and through i love cisco um some of you may not think that because i don't talk about it as much anymore but i do more cisco more power to cisco but however is there no step oh there's no sound let me uh there should be sound can you guys not hear me oh liars okay someone said they couldn't hear me um so today we're not gonna be learning cisco it'll be less cisco today it's okay though today we're going to be doing juniper i don't care for juniper because it's not cisco if it's not cisco it's just it's it's anything else i don't care it's like sam's choice or sam's club or you know the off-branded things but i'm i'm hoping i have my mind proved wrong today so i've got the pack of thrower on today i'm gonna bring him on right now hold on one second he's coming on now hey keith all right so we got mr pack of thrower on uh let me know if you guys can hear him hello hello i think you can so uh what's going on mr donald rob mr packet thrower where do you like to go by uh you know either one pack of throw where it is okay so uh you're gonna teach me some uh juniper today yeah i figured i'd uh show you the dark side i'm uh doing a juniper expert run this month and i figured uh may as well drag you into it okay sounds good so um real quick for those who don't know what the junk we're talking about i'm sure a lot of people are familiar with cisco because it's everywhere it's not the food company not sy but it's ci we're the rapper there's a rapper oh cool there's also a town there's a town in texas called cisco texas which i will drive through and take a picture of every time um anyway so juniper what the junk is that well they are competitors cisco and they mostly focus on the service provider side of things so they focus on really high throughput of packets and really strong running policy uh they do have some enterprise products like switches or what and data center products um they do have security products too but they kind of hate them uh they uh every um so often the uh owners at juniper threatened to sell their security uh division there so they used to have a vpn product and they sold that to pulse and that's their ssl vpn now um but uh they have the srx series which uh actually broke off and started paul alto so uh that's also cutting into the juniper side there so but uh juniper loves the service roger space that's where they're accepted and that's where they do most of their work um some people do use them in the enterprise and there's nothing wrong with that it's just a bit more niche than your standard vendors okay okay i know i'm getting a bit of echo on the uh let me see if i can fix this okay i think i'm gonna fix it here soon hold on let me see okay cool we'll just keep going i think they can hear you just fine um okay real quick guys i made an adjustment so let me know if his audio is still being crazy anyways can i turn the knob if i need to it's probably one of my uh my settings over here again i haven't done this in a while guys i apologize i should have had more testing done um but anyways so don's gonna teach me some uh do you know you know i expect this to happen when we are learning juniper that's just what i expect because juniper um so anyways teach me something that's your commitment it is it is it's it's putting me through the ringer here so um oh they said it sounds better good good awesome okay teach me some juniper don show me the way show me the light um because right now all i see is darkness all right well let's uh share my screen and my whiteboard um get some basic cop or concepts out of the way and then we'll start doing some fun stuff cool cool so we got your screen up right now all right so this is my lovely whiteboard so the biggest thing about juniper that we need to uh figure out is uh how is it different from cisco so if you're going to just dive in a juniper that's really not a good idea you really should be a ccna or at least on your way to ccna before you've been thinking about juniper so let me get this straight so you have to go cisco before you go juniper that makes sense okay keep going because uh when you cisco does their certification program they do it in such a way there that they kind of assume you know networking already so uh they're kind of assuming you're already a ccna or something like that before you go into it there you're not going to learn how let's say arp works from a juniper sir it's going to be more how do we do it on our side okay okay so uh let's just do this we'll have our cisco side and then we'll have our juniper side now we'll have a little divided fence [Laughter] let's keep it that way that look okay by the way yeah it looks good all right so on our cisco side what you're usually familiar with is the ios which is usually actually ios xc which is just a fancy way saying they made it linux and then on the other side you have things like uh ios xr which is their service provider stuff and then you have your nexus and so on and so forth so when you go to juniper they don't really have ios equivalent there rather they focus entirely on the ios xr side because they're more of certified focused so they have junos if i can right here junos so real quick i'm saying that they they mainly have os's that focus on just like they don't have like a cool linux version of it is that what you said or no uh well they do they just came out of it uh but that's kind of like for their ultra high end right now ah gotcha gotcha so they're all i heard was they're not as cool as cisco yet keep going very fair enough so this yeah so this is basically our routers and switches and wireless and stuff but we won't talk about that uh this is basically their asrs which is their big boy routers or their service provider things and then the nexus is their data center side so with junos everything is monolithic there so all the different versions are the same basic operating system there so we have more uniformity so like this uh xr and nexus have similar structure but they're completely different from each other when you configure things with junos the difference is the versions that you have like the features in the image but the same basic image is more or less the same okay okay so uh so basically we have the junos for the xr for the is we have and then for our routers we have things like the mx router we have the ptx which is the real big boy and so on and so forth then we have some legacy stuff that came and went over the years and then for the switches we have the ex switches this is basically the same as your catalyst or whatnot and then to compete with the nexus they have what's called the qfx this is their data center switch uh so if i'm wrong though but you actually have one of these qfxes in your house don't you actually have two you nerd [Laughter] hey uh i'm in the top floor of my house and if i boot that thing you probably hear it from here it's in the basement with a closed door i'm sure you're watching for my significant other once it boots it's nice and quiet but it's rocky for a while good deal it's a beast beast mode juniper device yeah so uh this is uh the basic stuff so today we're going to be looking at and then just to put out there we also have the asa firepower for the security and in juniper land that is the srx all right so those are our different models that we're talking about and uh in our lab we're basically going to be looking at the uh let's get a different color here we're looking at the eso switches we'll look at some virtual uh qfxs there because i don't have enough sfps to make the big boys interesting for you and then we have some srx's that will play around for the routing there and we'll contrast them with cisco as we go all right and then just to close out this section here i'll draw a little line uh so there's basically three versions of juniper that you'll see in the wild there's junos which we all know and maybe we'll love by the end of this then there is juniper enhanced that's a big word for me automation and and i ran out of room but uh basically all this does is it um reconfigures things a bit so it's been more automation friendly like it has puppet agents and chef asians pre-built into it but basically that's the main uh point there and then on the big boy router they have juno's evolved which kind of sounds like a halo game but uh basically this is the linux version and all the other ones are bsd freebsd not what really matters uh from um practical standpoint there but basically they're moving towards uh linux there just like cisco did um like 10 years ago however long ago that was so uh what i have is i have that just grab what i want here so the cleaner so i have my cml which is uh the cisco platform for emulating things and that's probably better and we have a juniper lab this should look nice and scary for you that looks kind of awesome all right so what we have here let me open up my fancy writer thing oh there it is alright so what we have is we have some cisco routers connected to some juniper firewalls so we can now play with some routing we have a switch network and what we have is we have some hosts connected to them so that we can play with vlans and spanning tree and all that fun stuff and then we also have uh some physical stuff that we'll play with there because there are some certain limitations for when you build out these labs but this should be enough for us to play with most of what you would expect to see from the ccna from the junior perspective and we should have a decently fun time with it well i'm ready let's do this all right so we may as well start it up with switching because that seems appropriate to me i don't know how about you oh i'll point out one thing here is that um before i get into it when you uh download uh these images from juniper you can get a trial but um basically you request a juniper reque account and then you can download the qfx uh trial and the um srx trial uh there is also a trial for the virtual mx which is the pure router there but i just didn't feel as necessary for this demonstration but you could also add that into the mix as well if you want to go more really deep into the routing technologies but when you get them it comes in two parts there is a server part which is the packet forwarding engine and then you have the routing engine where all your ports are so what you would do is you connect you connect uh the second interface which is the sync interface to the uh device there and that's how it actually uh adds your ports to it just just like putting a line card in a physical router and then just for completeness sake um actually worried about that but uh if uh hit me up afterwards i'll show you how to add this in cml if you want if you can do this with gns3 just as easily it's just this is more convenient for me but that's that's basically what the actual lab stuff works out so anyway let's hop to the command line so this is the um let's get over here so when you first log in you're gonna have um your log how's that look by the way does that look right yeah can you zoom it up a little bit oh there we go there we go yeah now we're good we're good all right that's the money oh yeah all right so i should be able to log in with root i did not set password so when you log into root this is actually going to take you to the um to the uh f or bsd shell so this is actually linux or while bsd but you get the idea uh so if you want to actually configure anything you have to type cli when you log in with root everything else it just takes you directly to where you need to go huh okay and then when you're here we have the same kind of commands you would expect except for they're all completely different but what i always tell people on these kind of things is that if you can learn cisco and you can learn juniper you're basically ready for any command line because at that point you're really just learning the differences because you already know how osbf works in fury it's the same principle you all you're doing is you're um just doing the differences between them so uh if you can learn these two fairly well like i'm not saying like it's vital for your career you don't have to learn juniper right now chuck but uh i you don't have to tell me that one i'm not gonna make a video about that i'm just saying preemptively but uh if you learn these two you're basically ready for 99 of all the other vendor gear because it's either going to be a set based configuration like juniper or it's going to be something like cisco there okay okay so when we get in here we uh just like cisco you type configure it's just configured there's no um uh conf t boom there's some other stuff we'll talk about as we move through this i'm sure so in configuration mode we can do a couple things if we want to change say the hostname it's under system so we go set system and then if we look i will see hostname now if you're looking at some of these commands one thing you'll notice is that juniper is very chatty it loves long names for configurations like look at compressed dash configuration files but uh fortunately uh cisc or juniper will have space completion so if you type it out it will fill it up for you there so it's not as painful as it seems but if it uh if the space completion messes up then it will be painful so there's a give and take there so to say hostname will say chuck switch01 yeah you can do domain name and we'll keep my packet forward because it's my lab now you can see that uh this is already running out of space there and getting annoying so what we can see or do is go run set cli screen width and then set something like 510 so you have more room so uh you can do something similar in cisco that's when you do the term with command but you can see that nothing actually happened when i do this so if i want this to actually um apply i type commits and what this will do is i'll do a quick sanity check and complete it now the sanity check is not going to say are you going to lose your job this is more does the syntax make sense there so if you tell it to delete all your configuration as long as that's consistent with um what juniper says is allowed it's going to do it so uh interesting so this is very palo alto like because i remember any exactly remember i think i mentioned briefly or earlier that uh paul alto came from janipur he got invented the net screen firewall which uh juniper bought for their firewall uh he uh took that principle and he ran with it in palo alto but it's the same kind of syntax for a lot of the stuff okay okay cool cool so there's another gotcha i'm gonna point out here so a lot of people say what's better cisco what their enter the command is immediately applied and juniper there's two gotchas with this one on cisco if you enter in the wrong thing and you have an issue all you need to do is have someone reboot the router and you're back to where you were this is saved so uh once this is committed it's uh there forever there is a button you can press on the actual physical device to roll it back there but otherwise this is committed configuration the other gotchy here is that if i type a bunch of commands and then i type something that isn't allowed um all those uh things since the last commit need to be resolved for it to work so you might spend some time fixing your configuration if you type like 50 things here and then you uh uh you type commit and you get an error which i'm sure i'm going to boom or something as we uh go through here we'll see that that's the main thing now if i don't like this i can roll back so what i can do is i can say roll back one because this will keep up to 50 or so configurations uh so we can roll back at will so if we want to see what that's going to do i can go show compare rollback one it's boomerang on me but uh basically what it would uh was expecting it excuse me well i was expecting it to uh show as it showed the um difference in the hostname but anyway we'll just go ahead and commit that and what we can do is if we're not sure if we're gonna do it or if we're gonna lose our job there is a commit confirmed and basically if we don't tell it uh that the configuration is fine by committing again it's going to automatically roll back okay and i would assume this is like some kind of timeout you can set right if i go uh our question mark here we can see the timeout and its number of minutes so i'm just going to say one because we probably don't have all night all right so you see it went back to the old hostname and you see after a minute it is going to roll back so we'll just let that run out that's pretty cool okay so they do have a cisco like setting uh my only problem with that my beef with that is you have to remember to add that extra bit of flavor in there to commit that um you have to adjust your workflow a bit but yes you can um uh i've maybe done that once or twice there where i forgot to do it like for emptiness like oh good it worked [Laughter] well i guess on the flip side too is with cisco you have to remember to save your work when you actually enter configuration so i've often yeah cisco does have their own way of doing it in like sd-wan they have uh net conf is how they do it now for automation stuff and then for um the uh they always had like the archival way which is a bit more out of the way but the same kind of idea where it will revert the configuration okay okay gotcha so uh if i am confident this is an amazing configuration what do i do to confirm it so if i'm happy i just go commit again and just by doing that it's going to say okay you want this and it's just going to not revert it so you can see it's no longer bugging us about just going to roll back in a minute and that's okay so if you want to actually create a user because like most things they're running as root is not a great idea we can go set system login and now we do is type user and you can say i was playing with vagrant earlier there but i want to say chuck and we can enter in some information there so class is basically what root or what groups you have or what actions you have i should say okay user is everything uh read only as as you might expect there is you can't change anything uh operator you can do some basic things like you can reset um network connections and that kind of thing and authorized you're just not allowed at all you're basically just explicitly denied and you can of course you can make your own if you want to get deeper into that side of things but we're just going to say you're a super user i trust you chuck all right so so this is all the privilege levels we have as opposed to like the 15 we have with cisco yeah uh by default so basically it's a little bit more simplified here because cisco is basically 15 or nothing unless you add more this is um this gives you a bit more flexibility because you do read only easily but other than that it's kind of a wash i guess you would say okay and now real quick guys if you're just now tuning in you're probably wondering what the junk are we doing we're doing a quick comparison and yeah i'm not really comparison just he's teaching me juniper which is the um the the evil bad guy to cisco's hero um he's like lex luthor and then cisco superman that's kind of what i'm thinking i've been watching justice league so that's on my mind right now um so that was actually a pretty good four-hour movie that's what i'm learning i'm having to watch bits and pieces over like two months and i'm finally going to get through it because my wife hates it anyways we're learning juniper and or i'm learning juniper mr pakitor here is like a juniper expert almost you're almost there right you're doing your your expertise lab here in about a month right yep so uh hopefully i'm uh gonna do uh i actually kind of expect to crash the first time there because yeah you have to have a bit of a hubris there but well with that attitude sure yeah no no no it's gonna be fine i just i'm just really excited to try uh online or like a remote uh expert lab so it's like that should be fun yeah that'll be very interesting but anyway so yeah we're learning juniper because juniper is becoming more and more popular um i mean you're a consultant right don so you see this all the time now right uh not all the time i've uh it's uh it's in data centers it's starting to grow there like they've always been a presence uh they just bought a company called mist which is uh ai driven um access points and they're obviously competing with uh cisco meraki for the cloud managed solution but uh that's going to uh get their foot in the door for some i'm uh for some enterprise bills i'm starting to see so uh uh i think uh next year or two you'll definitely see some more uh juniper kicking around there if missed uh takes off the way it's supposed to um okay that makes sense so the reason i'm having don teach juniper is because i mean first it's a it's a player out there like when you go to a company yeah they might have some cisco stuff but they might also have some juniper stuff they might be a juniper only shop you never know so i'm hoping that in this process i'll kind of see it and maybe you'll see that it's not so bad to go from cisco to juniper not a huge learning curve but there are some differences anyways let's keep going there's also uh just a quick uh thing about that is that i always tell people no matter what they wanna there's like hey i wanna be a hacker hey i wanna do this i always say like yeah do the ccna because it's a good foundation for a junior to get most of the networking building blocks down there and then yeah if you're a ccna hopefully this will show that you can still figure your way out in a juniper shop like bill stop they'll still interview you and they'll sell you in and whatnot it's uh uh but it's uh sea snake is always a good thing there but if you got like a jnc ia which is their ccna kind of light um that that won't necessarily get you into a cisco shop because it doesn't really teach you anything that a cisco shop cares about right right so what i'm hearing is you can't go wrong with any cisco certification but you can with juniper or hp or anything they're like they're very more they're much more niche but they're also um they're also uh i'll have to talk about uh i'll point out some of the differences as we go there but it's uh their certs are kind of weird think of being honest they're uh they uh i don't know who wrote some of the questions i did in their uh gncip exam though which is their uh like basically the qualifier for the expert like this the old cci written but uh it reminds me of uh i'll put it this way uh i once did a interview for a senior network architect position at isp and one of the questions they asked me was can you name a writing protocol and i was going to look at them like what exactly are you trying to filter out of this question here like like what is this uh and i kind of had that same kind of thought process when i uh did the exams but we'll talk as we go i'm sure interesting interesting yeah i'd like to hear more about that but anyways we have some more juniper to learn let's do this all right so next we have uh so anyway we pick our authentication method and this is pretty much no surprise this year we have plain text password for a password uh we can also uh load an ssh key if we want now this is a console session so that's not going to work very well for me so we're going to do plain tell airplane text and we afterwards it becomes automatically encrypted for you so to say plain text and it's going to prompt you for a password it won't let you do it in the command line so they do have some built-in security uh in junos there to try and stop you from uh doing anything silly so go ahead and type in a password exactly there we go and if we're not quite sure about the configuration that we don't want to just roll the dice you can't go commit check and what i'll do is i'll just run it through his validations to make sure we're not going to do anything stupid uh stupid hasn't caused a logic here and then it's going to cause there's uh well there's a very easy one i'll show you when we get into the interfaces that will uh cause it to yell anyway so now we have a chuck password so if we want to we can get out of this guy let's chuck and you can see this time it's taking us directly to um the command line is not taking us to the bsd shell okay gotcha and we just get back into the configuration so this is a switch and i have and i have a few hosts uh ready here to go that will uh we'll put in a vlan and then we'll make sure they can ping each other and then we'll make a trunk link here now real quick can i just put off like the irony of us messing with juniper in cisco modeling labs oh do you think that's by accident it just feels dirty anyways let's keep going this is very deliberate [Laughter] anyway we're going to create a trunk link here to the other switch and then we're gonna add these guys to the same vlan and if things go okay we should have uh pinging between these guys before we move on to other things all right so these are connected to port six seven and eight on both so if i want to configure something all i can do or all i need to do is go interface now you can see here it's not telling me an interface name so this is one um major annoyance with uh janitor if i'm being honest there is when you go question mark under cisco it tells you every possible interface it can do this basically saying oh you know what you should know what i'm talking about if not then that's your problem so um you can do a show interface curse and this is basically a show ip interface brief oh i really hate that comment that is the worst game i've ever seen other churches [Laughter] okay okay all right so what we can see here is we don't have to see anything because nothing's configured but it'll show us what it is god run show is like really tripped me up i thought they just did that to be different like hmm cisco will sue us if we say show run let's just do run show we'll avoid all the lawyers yeah no no we'll figure it out later i might have to reboot these guys but we'll see how this goes there uh the routing engine isn't showing up i might have to reboot uh but we'll see we'll get configuration and then we'll um deal with it later so first thing we need to do is we will create a vlan and that's easy enough we go set vlans we give it a name so we're going to call this chuck lab yeah now we'll get a bit more options than what we normally have for cisco but they're basically all what you would expect so vln id is what we probably want so we'll save vlan id and give it a number so we're just going to say one two three four or one two three whatever maybe one if you're working one we want to really matter um and what we can do is if you want to create an svi which we do we have to tell it to create a layer 3 interface interesting and there's a special format with that and that is actually what we'll do is i'm going to type in something else and it should yellow so i'm going to enter in this and it's going to say no it has to be an irb which if you're really old at cisco you might remember doing uh bridging with irbs which is integrated routing bridges and basically this is how you do routing um they used to do it differently but juniper decided this is the way forward so you know why to argue with them so what we'll do is we will go fireb and one two three for the vlog so tell me again what what exactly is irb this is basically your svi so in cisco you have your uh v interface vlan one two three mm-hmm which i'll just do that here so this is my cisco so if i go to vlan one two three we're basically doing the same thing here oh i i already feel better just back over here okay okay i got my blanket let's get back there so this is our first logic error so i type commit and it's basically saying hey you defined this interface but this doesn't exist so we have to create this before we move forward so we're going to say set interface irb and remember there's no help here just gonna you know what that is right now in juniper everything is a sub interface so uh when you do a router like this guy here we would just go gigabyte1 and enter an ip address and if we wanted to do router on the stick we would do something like badge and then we do encapsulated.1q123 like so okay uh in juniper everything is a sub interface like this there is no um there is no just the main interface there uh if we don't want to do that we need to type dot zero and we'll see that when we get into the switch side okay okay i'm gonna have to see that yeah so the long form is saying unit and then one two three or if you're a cool kid you can just go dot one two three uh so basically that's just a truncate in there but uh you basically need unit is the sub interface number so when we're in here we have to tell what family it is for the protocol so we're going to go ahead and type family and if it's ib version 4 it's inet it's like a weird weird mixture of like networking and and cisco and then linux it's just it's weird yep it takes some getting used to if it's cyber version six it's imp6 if you are doing is is routing it is iso mpos is you probably guess and vpos is a layer to uh vpn that we probably won't be talking about today but uh those are your options for this platform so we're just going to say that this is finex from here we tell it that we want it to have an ip address by the way if you want dhp you say uh like this you say dhcp okay i've got otherwise address and you give it a address so that's gonna be one two three one six eight one two three dot one so real quick catch me up and also the audience up what are we doing right now we're making a sub interface you said yeah so what we're doing is we're doing the equivalent of yeah where was i here we're doing the equivalent of this we're saying let's go land this will be vlan 123 name chuck lab and then vlam123 that is all we're doing on the juniper it's just goodness yeah so i can see that juniper loves being more verbose there so if you can say something in 10 words instead of 5 it's going to pick the 10 words oh yeah but essentially what we're done is we created the vlan we just created this and we're just about to put the ip address on there okay so the address is slash notification so you don't do any uh two five five two five five two five five so uh but i like doing that i like doing that well then uh you might have a problem no no it's it's okay i think it's better yeah it's definitely pros and cons um it's uh i find that this is easier if you're no network or subnetting really well but if you're uncomfortable with it there uh and you have to figure out that this is slash 27 why not it comes and goes it really depends on your preference so anyway with that i should now be able to go to commit all right committing does it always take this long or just just because it's virtual uh mostly because it's virtual okay okay i was gonna blame it on juno it's just being crappy yeah uh i do have a physical on that if we have some issues we can bail over to it cool cool cool so anyway now we have a route so and an interface so if i go run show route we now have our interface so we can see that it's coming up now it's not actually giving us the whole route there because we don't have a trunk captive so it's not that same rules as uh cisco um a vlan interface needs to have uh active interface before it comes live okay okay so if actually i'll go hidden actually that won't show me there but i'll uh we'll come back to later if it comes on so what i'm going to do is just take a quick second here to hopefully fix an issue we're just going to oh we have issues now okay i mean i'm not surprised oh yeah yeah uh basically the uh when i was looking at it there uh i noticed the um uh the uh control plans like oh yeah i don't have any interfaces so i'm just rebooting them now so hopefully it uh catches up by the time we get to it now now real quick the the cml lab you have right now how how many devices you do you have there right now uh does it tell me i think it does um i have to do the old-fashioned way i guess one two three four uh six seven eight nine 10 11 12 13 14 15 16 17 18. about 20. okay that's not too bad it seems bigger so what kind of machine do you have uh running this oh this is actually running on um uh my esx lab ooh fancy what version of vsphere is this oh this is the lightest oh nice but yeah i give it uh 96 gigs of ram and a bunch of cpu there so uh it uh doesn't complain too much when i throw a bunch of random things out ooh okay i love this what hardware are you running oh this is actually uh apparently i lost a host i'll fix that later but uh but this is running on um a cluster with uh 200 gigs of ram uh one minus ho so about 300 gigs of ram and uh 33 terabytes and uh basically yeah this is a really stupidly large um environment i love it now guys if you're just tuning in now i'm talking with packet thrower he is a i mean he knows everything in technology it's hard to put him in a box um big on cisco and now pretty big on juniper uh we're looking in his lab right now he's got a massive server he's got a data center in his house and uh it's not in my house highest race remote but uh oh oh well that's even fancier that's so this is like a work lab or something yeah so basically it's a shared lab with a couple other companies that um basically i provide um architectural services and i can use my lab because if my lab goes down then in fury i'll notice that hey there's another distribution it's a it's a win-win situation nice nice okay all right so i distributed these guys so in theory they will pop up eventually and if not we'll deal with it later but uh that is one thing there is the virtual um qfx uh images in particular are very uh finicky so uh you it's kind of a cisco's like or jumper is here's your image do whatever you want with it we don't really care and it kind of shows sometimes but uh it is good for learning uh for the most part you know are all i know you said this before but are all juniper images free no well the trials are so uh basically when you sign up for jana prayer you request an account there and then whenever they get around to it they approve you and then once you uh once you get in there you can download the trial images so for example if i grab a window here and i go view qfx trial all right so if we just uh search for trial this will tell us uh basically here's about the image download your trial and basically uh i'm already signed in but uh have you signed in and then you can download the pack up forwarding engine and the routing engine that you need for running both of them okay that's pretty cool and and from what i understand and i haven't tried this in a while but cisco doesn't do that at all like you have to have a license you have to be a customer you have um they do for it's actually kind of weird cisco if i'm being honest um for example if you want to download the wireless lan controller there's exactly one image that you can download without a without a service account oh yeah i didn't see that right here uh so they do have some spots there i have someone that feels like a bose but i have like so much random access for cisco i have no idea what's uh uh what's uh available or what's not because like i'm a partner and all that other stuff so it's like i don't know i press the down button it works for me but probably not for other people that used to be me i used to be you and i was like yeah why can't people download cisco stuff why do they have problems and then when i lost all my access i'm like oh this is what they see this sucks yeah every now and then i bump into it and i'll be like i'll bug someone to get access for it but uh it is what it is um this is the way the industry is going but uh anyway uh so if i go back here let's just see if that maps could fix their issues and not quite yet so give that a minute but uh basically what we want this to be is online so this is my um maybe i'll do this i'll just show you so this is our real qfx okay so if i type this there what i was expecting to see is online and um it uh can go over there but so um i do have an ex ex switch that we can jump to if we really need to i'll just sign into it and this is the uh enterprise switch uh so what we'll do is maybe i'll change gears a bit and uh we'll work on uh port channels and then we'll come back and uh see if our vlans are working okay cool yeah so i'm imagining they probably do port channels vastly differently and backwards and it takes 15 years to do it uh pretty much yeah okay cool let's do this the first thing you need to do when you do a port channel is uh first of all figure out what ports are connected uh by the way ldp uh jennifer don't have cdp uh you can see i have ports 36 and 37 connected to uh cisco switch so what we need to do is we need to tell the system how many port channels we want so we're just going to say that i want let's say so you have to tell it how much you want before you create them or is just like just you're creating two so you're telling me i want no you have to this actually creates the poor channel interface in the system there so you have to tell it how many you want okay okay yeah so we're just going to go ahead and go commit i i don't like this so far [Laughter] well it's uh growing planes what can i say so you can see we have a bunch of interfaces there but you can see it's always showing us the configured interfaces it's not showing us the rest of them so if i wanted to see everything i could go show run interface you said show run liar it's run show oh yeah i'm dyslexic at heart what can i say but uh that's what i meant to show you there so you can see that um we have pours 37 and 36 up and we also have this sub interface the 16386 this means that there's no configuration on the port like like like the whole port like 36 has no configuration yeah like it's just an empty port if i go like uh show 36 there's nothing there that is so weird yeah so basically uh that's one big difference there cisco always has all the interfaces ready to go and uh this one doesn't ah that is strange what's the significance of 16 386 16 what the the every one of those says like so i want to call it sub interface it's some bsd thing but basically uh i looked it up one day and is basically saying that this is just unconfigured so if i was to say that this is going to be a switch port for example so interface 36 we'll say this is an ethernet switch and this is going to be a trunk and we want to allow all the exactly the same cisco right that family thing throws me off like when you say family i start thinking a dress family and like i don't know what's happening that's still strange unless we have that old biscuit song it's all in the family i've never heard that i'm sure someone in the chat has though i made someone happy i don't know so anyway if i check this again what we'll see is that that is gone and now we have the actual switch configuration i put okay and it being zero it will always be like that for ethernet switching or will it change for like a routed interface or whatever yeah so when we uh when we get to it there we'll talk about how to do like router on the stick and that's basically the only time this would be not zero okay okay so what we're going to do is just delete what i did because y be uh efficient right and we're just going to delete all of it so to make it our uh actually you know what i'm just going to be proactive here because only you could prevent forest fires i'm gonna stop these entirely oh and no no this is gonna be good it's gonna be good okay i'll take your word for it we're fixing it we're fixing it all right and you and we're going to wipe them which in cml terms basically just means delete the hard drive wait someone asked can we get some network chuck under bridges would you wear those under bridges yeah i don't know i wear what my fiance says i can wear do you think she'll let you wear those probably or should probably anytime i get like a vendor shirt like a dabnet jacket or whatnot or fortnite or whatever she immediately steals it so uh because she's in security [Music] uh if it makes it through uh her stealing it i might be able to wear it next time all right so now we're we're starting up all the devices right and we're so uh while we're talking on the other one hopefully it'll come back properly so we don't need to helm in hall see that's why i get paid the big bucks i think exactly one step ahead yep yep if you do any more it's too much but oh my god yeah i don't want to overdo it all right so there to add a configuration on uh multiple interfaces we can do one of two things so the first one is we can do wildcard range and here is where we can actually push a similar configuration everywhere we can say interfaces and this is going to be a range so that's 36 or 35 and 36 i can talk properly this is so weird man i got those right here i'm not boomer in this 36 and there's some this is why you check things [Applause] then what we'll do is we say gigabit options and 802 380 which is the standard for lacp and then we tell it what interface to use so we're just going to say ae 0. then zero was just the first interface i could pick whatever i felt like there okay so instead of po it's a e yeah weird exactly so if i look at these interfaces by the way this is what your show input looks like it's all done in uh fancy uh braces like this there so you can read it if you don't like that you can go display set and it'll show you the set command that you use where if you're going faster you'd be like show xml or show rp and it can do with that command you can do like show xml and see what that looks like to you so whatever suits your need there can you do yaml i believe uh there is a way to do it but not in this way oh we can do json that's that's good so uh um all right so uh we have our two interfaces and now what we do is we actually create actually first we go aggravate what is with me today um anyway go here apparently i can't speak and um we tell it that we want oacp that's all it can do it can't do peg nope it uh for some reason doesn't uh do any of those cisco pro calls doesn't do ah jrp either way it's weird i always thought that was really stupid on jennifer's part not to adopt eigrp when cisco partially opened it there because it would make it easier to adopt juniper yeah yeah like if it became open source and you could finally open source yeah i mean like uh eigrp they they took it because they do uh free range routing the uh running stack uh juniper's like no we don't feel like it it's like okay i mean like you could use that to easily move people off cisco if you wanted to yeah at least bridge it somehow okay that's so weird dude wow all right now we have lasap open and what we'll do is actually configure it so say interfaces a0 family and again we pick what we want so we want ethernet switching and we'll say that it's going to be interface mode trunk and vlan members going to be all it's fun trying to guess what it does now mind you if you have a ccna you can infer you know what a trunk is and you know right vlan so um uh you're definitely in a good spot there if you're like a solid ccna and uh you uh know like all like you read the books like you read my book or odom's book and you did all the labs like you won't you'll you might have a hard time but you'll figure it out eventually yeah i can say this like i think any ccna or ccnp could probably parse through and see the config and go oh i know what that does but as far as like actually writing it out and configuring something that's a different thing it's weird so if i go to my 3750 all right so if i do show ldp we can see that i'm connected to ports one and two oh man i'm just so happy to be here all right so same idea here we can go range and then we can just say it's going to be 1q because this is an older switch and then trunk and then all we do is port channel did it freeze up on you yeah it looks like it oh no not cisco come on in their own product or you know is this oh no this is uh in your cml right this is live but okay i think i might have caused an oopsie [Laughter] because guess what uh guess what um juniper doesn't run by default oh no it does have a spanning tree okay it's fine oh uh but huh so is it converging like what is it doing i think it's reconverging there let's just see kind of random troubleshooting they do this kind of stuff oh it just makes it life fun it does yeah this is why automation will not take away any jobs because there's always going to be something weird like this yeah um you dumb broke it well that's your lesson chuck you know honestly all right uh well uh here's what we'll if you've got a bit more up your sleeve i'm i'm game i can go for uh whatever i'll keep going till you get bored of me let's do let's do about 10 more minutes so give me your best and then we'll end it because i don't want to keep everyone on too long i know they're all enjoying it but also my wife wants me to cook dinner so and she's pregnant and um she's an aggravated interface so um i don't wanna i don't wanna upset her you gotta put that on t-shirt that's a good idea except no one will get it because no one uses juniper anyways all right let's see if i can fix this real quick i'm just going to say zero disable this is how you do a shut what's happening that's that's that's that's a shut that's the shot set interfaces okay that's not too bad oh i feel like i'm in space so quiet what's happening oh by the way guys uh i will do some q a after we're done teaching here um and if you have any questions for mr packet thrower he might answer some as well so anyways back to learning back to learning well the cisco's refusing to cooperate there ah yeah he he knows what's up it's like i don't know i don't mess with those dirty juniper switches yeah all right here's what we're gonna do we're just going to oh wait did it come back it didn't okay oh cool all right let's try this again we're just going to go channel group channel group one mode active mode is okay let's try this again so how do you do a notion but we don't need to do this because we can go row back zero we don't want to do that we can go row back one because we have um turned it off on the last command so we can just go commit okay okay it's still very convoluted oh we haven't even got your writing policy you might have to do that next time oh gosh i thought we'd have more time but we have some typical things are check everything before i go online there to make sure it's good there and it's like oh we're gonna break anyway apparently i picked [Applause] watching you do this i feel like i'm watching someone speak two languages i feel like you're bilingual yeah sometimes all right well that's gonna come back where it won't but what we'll do is we'll go run show osp interface and it is [Music] one's working one's not but they'll let that work out anyway that's the main thing is the uh interfaces i'm just gonna do one last thing before i wrap up here we're just gonna go [Music] close this and we're gonna open up my handy dandy breakout switch for cml this is how i do my ssh connections goodness yeah i uh i like cml there but uh you have to be a bit of a power user i think most people aren't going to write a 300 line script there to handle connections i i'll be honest right now i don't know what you're doing with all this so uh uses what's called a breakout tool so that you can use like your secure crt to connect but uh it's not very great so what i do is i parse the cml configuration and then use that to [Music] connect to the actual uh secure crt so we're just going to see if they're behaving properly and if they are we'll just do one uh we'll try doing our host thing that we wanted to do and then we'll wrap it up okay okay and if not then we'll blame juniper that was already implied that's my handy dandy uh breakout script in action you're making a secure crt i haven't used that in years oh that's fantastic man oh yeah like uh whatever you need to do just go ahead and get it all right let's try this so we're going to close the ones i don't need all right all right so give that a minute see if it pops up and not there so uh maybe we'll do uh chuck is switch to questions for a bit and then if it comes back up towards the end we'll just oh sure cool so someone already asked are you um live streaming from your toilet yeah good got that cleared up yeah yeah i know um i just moved in this house uh not that long ago there and never really had any decorations i thought about grabbing the green screen but kind of around late and late no it's no worries and i i wasn't exactly prepared today either um so guys we're gonna go ahead and open this up to q a so if you have any questions go ahead and throw them in um i do have a quick question mr packet thrower um why all these certifications why do you go crazy with this because i mean you get to a certain level in your career where you don't need them why are you doing this uh for the most part well there's a few different ways uh for one i'm a consultant a principal consultant so it's my job to be you know at least uh pretend to be the smartest person in the room uh so uh it uh it looks better if you say like hey uh don't do fortinet uh do paul walter or cisco and by the way i'm certified in all three so you can trust my opinion rather than uh well i've never used fortinet before but move away from it i kind of think then there's also there's realities being a partner like there's certain um certification requirements that we have to do to maintain their things there so aruba just sent me a bunch of books uh to [Music] get their arugula stuff for our partner status and so i'll be doing those next and fortinet has the same thing they've all internet books but they uh they're uh sending me uh some lab stuff there so i can do their stuff there so a lot of the vendors are very um um they want it done and two it's uh you know if in this kind of field there it doesn't pay to be uh put your feet up and fall behind because you're going to uh you don't want to be blindsided by like a client asking a question that and uh you have no answer or at least no idea of it yeah i i used to hate that like i was i was never in your shoes i was always the customer and when i would ask them a question and they go hmm that's a great question i have to get back to you on that like dude come on the second thing i tell people like look you learn subnetting in your head there because if you're the network guy you don't want to someone says like hey what's uh how many hosts slash 24 in a meeting and you don't want to go like i'll get back to you on that i don't know like um there's certain implied knowledge that you should know there and especially if you're trying to like walk in and like sometimes it's not always um usually it's pretty chill but sometimes there's the hostile kind of i.t guy who doesn't want you there for a number of reasons either they feel threatened or they don't want to change the way they're doing things or they're just don't have the right coffee but anyway uh you want to at least make sure you can at least do a back and forth conversation there and frankly a lot of the vendors they do what they can to help you out and uh there's other things to you there like i did all the tier four or cash corp certs uh they're because i'm uh building out our develops our practice in our company and uh it helps lead some credibility that uh hey by the way i'm a azure devops expert just got the certification so uh at least we can use this as a hey why don't we try and sell this to clients so that that's that's interesting so you're getting all these series because they do give you credibility to your customers would you recommend the same thing for someone who's not in your position maybe a there are a customer or they are just an admin for a company it depends so um the main thing about it is that um you don't want to um if you're a junior do your ccna and stop like uh don't go uh don't go too crazy because i think we talked about this before but uh uh you don't um and every time you get a certification or credential or whatever and you put on your resume that's one more thing you have to defend and if you're a junior you're probably not as diligent as saying like um okay i did uh i did juniper for a week and i got the certification and now it's a year later and i never looked at it again and it's not a great answer if they say like oh uh how do you do a host name on juniper and you go uh well i haven't touched it in a year like that's not gonna fly so make life easy on yourself just pick like a ccna or something like that if you uh there's something uh similar seasoning is probably more of the most rounded one but uh do that and then uh stop make sure you're really good at your ccna so that when you get questions at it you're not gonna mess up and like uh round out your edges make sure you know everything in the book maybe you do a little bit extra there but don't try and jump to like ccnp or uh whatnot if you're already working then sure absolutely do dream uh because uh for one they have um they might have just ended it but they had uh like thirty percent off for um yeah uh for uh doing this hurts uh yeah i saw that like calvin and i last year we did uh all the um june ncie our jncia stuff onboard site exams uh in like a couple days there because they're free and we challenge each other yeah so that's ridiculous but uh but they're because we already know junior prairie was uh was basically just uh running for the there's basically like a stupid little race and really meaning thing but okay uh but the point is that uh if you're going to uh if you're going to round it out in terms of like getting better of cli or not absolutely uh juniper is probably not going to get you a job on its own uh at least not now if they miss blows up and you get a bunch of uh juniper only companies popping up then maybe but generally speaking the jnc eia exam is less than the ccna because it just focuses on basically how junos works not any protocols and then the next one up is the jncis which is somewhere between about the ccna and maybe a little bit about the ccnp like it's uh it kind of goes up and down depending on what the topic is like on one hand they'll have you ask like complex questions about like is is like writing protocols that cisco doesn't touch unless you're in the service provider track on the other hand they'll ask you like what is a switch and it'd be like it's you know uh friends between stuff like that so it's not um uh there's no real cohesion there because they're always just kind of like not quite matched to cisco and to make it worse there they cisco did their exam for your organization last year which was a really good one and juniper hasn't done theirs yet so they're still um like a league behind and still uh not quite matched up so it's a little bit weird if you're used to taking exams and take a juniper one it's like i don't quite get what they're going for but it's like what um but they do have a lot of discounts so you can check their learning thing there and you might get like 80 off or something if you want to do it sounds like the discounts are needed because uh the questions are weird um quick question from uh 8bitoni he says uh basically he's asking how reliable are juniper switches compared to cisco do you have to reboot them as often which ones i guess more reliable oh they just came back by the way oh cool um but uh so um you have to be honest with uh juniper or not juniper but vendor stuff there i mean uh you're gonna have weird issues no matter what you pick um generally speaking juniper does worse with uh uh power cuts because it's bsd and uh if you uh don't shut it down properly you can i've seen a lot of chain appears just like uh lose all their stuff there and you have to like rebuild them from scratch are you serious oh my gosh i've seen it i mean uh i'm not saying it happens every time um i also had a really weird bunk once there were actually a couple times where the commit uh function was broken so i literally couldn't commit any configuration um so they're not perfect and like the reason i'm not demoing the um the qfx for you is because um i plugged in the uh g bigs for the copper because it's all fiber uh for the lab and then i did an upgrade and uh they're up down like they don't come up anymore wow are these like off-market gbx or these like juniper g bigs oh they're off market but they worked once and they stopped that uh just they i just had them available ah gotcha but uh uh so anyway uh they have their issues just like anyone else um uh i find their jtac is kind of more painful than cisco tech excuse me um it's called but i don't know i mean like uh you can take it all grain of salt there i mean so someone can come on after we learn and talk about all the really weird stuff they've had in their cisco environment where they uh you know like interfaces disappear i mean uh this kind of weird stuff happens in the real world oh yeah yeah yeah so i mean i'd say yeah i think it's like you still hear stories about cisco routers and switches that haven't been shut down or rebooted in like 20 years they're just sitting there running like a champ yeah so i um i'll say that they're not terrible i mean they're definitely they're not like extreme or anything those are the worst on the market for sure but um they're uh they're fine now completely random question from mr felix watcher um i think it's his name yeah uh he says what do you think about glass wire have you ever heard of glasswire um is that that um open source vpn thing no well no i think it's a a monitor so i've seen it advertised on linus tech tips which is probably why they're asking it's impossible let's see it's a personal firewall and network monitor interesting sounds pretty cool uh if i remember i'll look it into it later yeah so i've got no opinion on it and now that does mr pacquiao throw it here it looks kind of neat but we're used to you know the big stuff the enterprise things where you pay lots of money for it this seems pretty cool too though yeah yeah i mean it seems like it could be cool but yeah i'm uh we're uh upper class we like the uh we like the monocle stuff not the uh peasant uh gear oh be careful with that we just got done demoing juniper so you might want to be careful with the whole upper class [Laughter] no i'm just kidding juniper it's it's nice but i don't know it just feels like i'm just i'm i'm biased i'm biased well if you want we can add the engines came back properly there so if you want to finish up and do those uh hosts if you want or we can just do another time up to you yeah let's do the host real quick and then we'll sign off okay sounds good all right so this is what we were expecting that you see my screen right yes okay uh so this is what we're expecting to see when i ran this command it was supposed to say online and testing yeah because it's presenting the um ports to the uh control plane essentially and we can see that now we actually have the interfaces when we uh do our search here okay all right we also lost our configuration so no more chuck that's fine hostname we'll call this qfx switch one i lost the ability to type and we're going to say green with 510 all right all right so we're going to grab this real quick [Applause] so what are we doing right now we are just uh setting up the hostname so we don't get confused in a minute and then we're going to try and add the uh the lands that we started to do when the things died on us i got you okay yeah apparently uh they didn't get the memo that this was supposed to win you over or not crash so yeah yeah they did their best it's okay yeah yeah it's fine [Laughter] hey whatever it's fine we just need these two all right oh by the way quick question while i'm wondering about it um you're a consultant so you do a lot of stuff do you still see people using solarwinds uh yes or no a lot of people have invested a lot of money into solarwinds so it's uh it's definitely still the best um i don't want to put this up the best in class for um the monitoring there they're always kind of like the small to middle tier and uh usually you tap out at like 10 000 network elements like interfaces uh or devices like you don't uh go too much more um i've done some fairly large solarwinds deployments i'm actually talking with a client there or a bunch of clients about moving off solarwinds so uh i think a lot of it's not so much the hack as much as people have um been frustrated with solarwinds for a while and uh the hack was freezing to get off yeah i mean the there's so much automation and so many great tools that the vendors themselves are putting out the solar winds is losing its value like cisco live for example they're very proud of their 1000 eye acquisition which does a lot of yeah uh really cool network stuff that we'll have to do to look at one of these days but and then they have app dynamics which does the app fraud there so uh there's some really sexy automation stuff for uh network laundry uh yeah yeah i really like that but uh it uh demonetized man cut out that sexy talk all right that's for the only fans [Laughter] but uh that is uh the main thing there uh so anyway they're around uh they're probably not gonna fall but they're um but they're um struggling for sure they might have to rethink how they do things there i've always said that solo one should be like a subscription model where you get all their modules rather than every modules several thousand dollars per license level yeah so i would like to see like an annual like a enterprise agreement there where you just get all the sold on modules and just gonna pay like 50 grand a year or whatever the number is and yeah for those of you who watching who don't understand solarwinds like it's it's a massive monitoring software that doesn't just do network monitoring it does like it monitors everything but it they charge you like per per interface level it's uh it adds up really quick and then if you want like a you know a dr situation you got to pay for a just pay for double basically if you want two solarwinds deployments for backup it's ridiculous anyways back to configuring juniper all right so we're doing our vlan i did a little reminder that you need your irb all right we're gonna say interface irb one two three family inet address so and then what we're gonna do is we're going to set up our posts which are on six seven and eight every time you're on that command i get ugh gag reflex all right so the other way we can do multiple commands is we can make an interface range so here we can say hosts and here's what we say that the [Music] member is going to be some kind of regular expression so we can say that this is [Music] six to eight are you setting a variable right now yep okay basically i'm saying that uh everything in this range is going to be referred to as host from now on okay all right that's not too bad a little little complexity in there but it's not too bad yep so we'll just say unit 0 and then we're just going to go to family or switching and then we're going to say that this is an access port and vlan is going to be um god that was so so convoluted and it failed it failed it did oh you know why because i look at this it has uh the family or the inet family and it can't be in both oh okay so we can just go delete interface six seven eight gosh that's so weird you know all this video did was make me uh love cisco more well it's hard to beat the king you know oh calvin said he's correcting you he said that was more of a template than a variable oh [Laughter] he can believe when he does an interview with you he can explain it how he wants to explain it [Laughter] so anyway now we have this if i go you see oh look there's no configuration what we can do is go display inheritance and we can see that we have our configuration set up there okay all right you probably yeah so basically it's uh another way of doing it there i personally prefer doing the wall card way but this works too so if this is set up right still if we go to our host was doing some kind of ps thing i don't know that is uh so i have the interfaces set up and what i did was just uh simple net plan to set that if this worked out i should be able to ping post 2 and host 3 which are on the same switch but we can't ping one of four because we haven't done our trunk link yet so let's do that real quick for a wrap-up sure so we'll say first of all we're gonna set up our spanning tree so spanning tree you got three options you got your rapid spanning tree which basically means that you have a single instance for everything you have your multiple spanning tree and then you have your vlan spanning tree and this is basically the per vlan instance from juniper okay so it's like pvst but it's yeah uh by the way you notice how juniper groups things there so like cisco would say like a rotor and then all your running protocols this basically says it's a protocol so we're just going to throw them all in here with no rhyme and reason oh gross so we're just going to turn on wrap this band tree and we'll say all um so you have to turn on rapid spanning tree per interface uh well you can uh it's per interface yeah so cisco will take care of it globally and you have to tell it not to do it this will basically say on a per interface basis ah okay so we're also just going to say you know we're just going to do this show at once there it's just your risk is if something goes wrong here you're gonna have to fix it before you can commit all your stuff and if it goes really bad you might have to lose all your changes so we're just going to do is we're going to this time do the wall cards we'll say wall card range set interface and we can say that we want e0 and one and then the family ethernet switching and then we want interface mode trunk i can type remember all all right so you can see i probably made a typo here because it's xe not ge oh right right right so we can fix this so first of all we're just going to make sure we don't hit our usual issue if we didn't delete these guys this seems like so much work dude oh my gosh yeah i can go replace pattern and i can say ge with xe i'm just going to go ahead and do a find and replace now if i commit this this should work out nicely i can see why juniper is really pushing hard on automation because who wouldn't want to automate this crap yeah goodness all right so you you replace the ge with xe and we're committing our our trunk now okay so if everything worked out the way i thought it should if i go to zero see that worked out nicely ah okay okay we're good we're good yeah that's fine so we're just gonna go wild card range show interface and if we want to do this for show commands we can so we'll say zero one like so now that's useless to us we're just gonna say display set well it's not useless but i don't feel like doing it the other way you can also load this configuration as is yeah we can just go here and we can go paste that in and then we're just going to say is set and we'll do another set interfaces is going to be six to eight switching i feel like i want an alien planet right now okay all right access vlan remember is going to be chuck lab and we're gonna have to delete actually no we're just gonna go up and we're just going to say that this is not set it [Music] [Laughter] is and it failed well you know you gotta win some to lose some as they say all right see i told you i'd remember some configuration so that we could see the uh logic checks something that that is interesting but i mean yeah i don't know but like i said if you can master like cisco and you can at least get familiar with this there if they throw something at you like palo alto you're gonna be like okay i can do what i need to do uh because i understand how both works and i can basically i'm just learning the differences at that point yeah yeah i can definitely see how once you get your ccna going to juniper is not like a heavy lift you can pretty much fumble your way through anything especially if you have documentation like documentation you're golden um without ccna knowledge you'd be really really freaking hard you know what you're doing yeah pretty much all right so let's just see how we're doing here all right so on fury these should be fine seven eight did i one two three show scanning interface so this is the root and then if we look here round two interface you can see that it's blocking one so everything is talking right so fury yeah okay so i can ping 104 in fact yep all right so i'm pinging across now so all right so what we have in our fi finale for the switching side is what do we do here we where's my little pen thing uh there's this okay so what we did is we configured these guys in same vlan and these guys in same vlan and then we set up a trunk between them and it is working the way it should so we have communication so if we care we could do things like mess with the spanning tree because we can see that this is the root switch and this one has one of the interfaces blocked and we could uh mess with the cost and the poor priority and stuff if we just like we could with cisco and mess that around we had an unfortunate demonstration that uh this is not the most stable thing in the world so um if you're going to work with it uh just keep in mind that it's a product of love and uh yeah it's uh not necessarily um something that will um do the test third however the srx's if we talk about routing next time or uh or whatever we deal with it there those are pretty solid because they're just a single unit there's no control plane so you can just deploy these as you want to there and you can quickly do your osbf or your rip or whatever you want to do okay okay not too bad at all um so that that wasn't oh well actually i'm going to take that back i was expecting a more simple uh ramp up and no what i mean is like i thought it'd be simpler to do certain things in juniper rather as cisco but it's not it's like a lot more complicated it's more yeah like i said it's um the main thing to remember is that it's uh juniper loves being verbose there so it will it knows that it has these uh spacebar completion and it just loves it so uh yeah if it can like uh if you wanted to do something like uh bpdu card on cisco you just say bpdu card and that off you go there on um on juniper it is uh what do they call that uh bp do you block on edge i mean granted you could read that and probably understand what they're getting at but yeah see on one hand i i appreciate like if i were first getting into it that that would be helpful i'm like okay i can understand that better it's it's more verbose and it explains it better um but coming from a cisco world it's like why i totally see that anyways um quick question from superchat if you got time for it mr sure i got time for whatever you want yeah uh mr justin miller says um i've completed the comptia trifecta is the ccna necessary before moving on to ejpt and i don't know if you know much about the egypt i'm sure you do though because you're like circle yeah well my mantra is the ccna is always necessary i would say the same thing my other mantra is not very kind to comptia so i'll shy away from that um you can watch my previous interviews they were a bit harsh to run them and that's a diminished call like to have your comptia certifications is it is valuable on your resume it'll help you land to help desk job it is fit for your first thing so um if you get your comptia it can absolutely help you get your first help desk job or whatnot but it's if you do anything else it becomes uh really negligible like if you get your ccna you don't really need to refer to your county anymore because it's probably not going to be a decision maker in your future promotions or new jobs yeah that's all it is yeah i the way i see the ccna i've said it before um even with the recent changes it's still one of the most and probably the most valuable certification for anyone coming into it just because it covers you have to know networking to be successful in pretty much any area and it's just such a solid powerful certification it just tells your employers a lot of things yeah well i had a look at the um ejpt on ine because i was looking at it for my uh uh fiance if you'd be interested in them like the first like lab that they clicked was um uh basically at a static route it's like oh that kind of reinforces my point like uh there you go like uh there is adding it on a host there but if you know a ccna that's uh you understand what you're doing like they're still uh your computer is still routers just uh it doesn't have all the fancy stuff absolutely so yeah that's your answer uh justin um yeah get your ccna and that's almost like you can use that as a template or a variable determining after kelvin it's good starting off point even if you never touch a networking role again the amount of times that i've seen departments like mad at each other because like the server team can't talk to the networking team or vice versa like uh anytime you can learn something there where you can talk to the firewall guy or the network guy and not be uh thought of as an idiot uh quote unquote like uh it's uh it's good so i mean like it's uh it you know the you know the talk you're not gonna in theory you're not gonna do anything stupid like [Music] you small of a subnet mask or something like that there and you have at least a basic understanding if uh there's a troubleshooting issue and you get pulled into uh like a bridge where everyone uh jumps on the issue so yeah i can't i can't say how valuable that is like when yeah in case you don't know what he's talking about like oftentimes when there's an issue um no one really knows what the issue is so they'll bring on the firewall team networking systems team virtualization team and we all try to talk it out and pinpoint it and it's helpful to know some of the other team's information to help pinpoint it and you could be the hero in that situation otherwise you're like uh i don't know it could be a network issue i'm not sure it's yeah which is why i also tell network people like start inching towards infrastructure stuff like learn a little bit about active directory or what that is if nothing else if uh you can say hey well active directory is basically dns so like uh uh let's check that kind of stuff out before uh we blame the network because uh network yeah that's a good point it's knowing the other uh departments and what they do can help you get them off your back sooner because like it's always the network it always is but it's actually always dns and people don't understand that yeah um last super chat from epic games hd and i feel like you're you're poised to answer this um he's currently a knock technician with weekends off but currently uh hold on he's currently a knock technician with weekends off but currently a noc engineer role is offering great amount but pays but it's a 24 7 shift would this be a good career move to be a network engineer so i guess he's going from knocking not technician to noc engineer but it's a bit more laborious as far as the schedule what would you say um well first of all i mean you have only you can decide what schedule was acceptable to you there i mean if you're with a significant other and a family and whatnot there and that's more important to you then you know make that decision first before you commit your schedule to that there but as a stepping stone sure i mean um it depends on your environment too like uh 24 7 sounds scary but uh usually that equates to one or two bad days a year now if it's uh more than several bad days a year than what you guys do and like why you always have emergencies but um uh but uh maybe they used juniper and it uh didn't load the interfaces yeah so ask if they have juniper a cisco and then it's a very clear answer yeah but uh no um in practice yes assuming you don't have anything i would say try it um unfortunately you're not gonna know if you like the work or you like the schedule until you're there and no none of us can answer that for you because like you say uh like i said like if you're have one issue once in a while it's a bad day quote unquote then fine but if it's like every day it's like you're getting two hours of sleep and uh you'll have to burn that bridge when you get there but in theory yeah jump forward if unless you have a reason not to yeah um yeah i would say the same thing uh cause i mean it sounds like a a better role a step up and any step up is gonna be good for you uh but yeah if if it's gonna destroy your personal life and your family uh with the work schedule and being on call like that it may not be worth it right now but if you're young and you don't have a lot of commitments it might be worth just hunkering down sometimes it's good just to jump in the fire and uh if you come out the other end then you'll be um in a better spot i mean i've certainly jumped into uh roles i wasn't quite ready for in the past there and one way or another you come out the other end so yeah yeah i mean i've definitely jumped into roles where i'm like i have no idea what i'm doing i hope no one notices while i try to figure that out um and that's the places you learn the most and i find that most managers already kind of know that about you but they they just want to see you grow and learn because they believe you can most people are uh like there's always that kind of stereotype of a guy who causes notice in their fire but that's almost never really the case there like usually as long as you show like a little bit of a contrition like they uh messed up and so on so forth and you know if you cause like a million dollar outage every week you might have a problem but i mean like uh usually you get like one really big mess up maybe two and then if you're not showing uh progress there then you have a problem there but uh usually companies are interested in keeping you and they don't uh it's actually really hard to fire people like uh a lot of people know it's very hard to fire people so uh you can be there for a while that's an excellent point in my experience um definitely the case i mean we we've kept on people much longer than we should have and it took a long time for them to demonstrate that they were not the right fit because yeah you wait a while um we look for a pattern of behavior that leads to outages and i guess just competency or incompetency in certain areas but yeah if you are trying hard and you you're doing okay it's it's you're gonna be there for a while um anyways mr packet thrower i appreciate you coming on and teaching me juniper today um it wasn't as scary as i thought but um it definitely was more complicated than i was prepared for so it and hon honestly i i like it like i'm not like i'm i'm bashing it but i think it's interesting i think it's really cool um i like different but um i love the ability to go back to my fuzzy warm blanket of cisco and saying i love you um yeah i mean it's uh they do have the trials available so i mean anyone who's listening interested just go ahead and um download uh like the srx image and um uh add it in there uh and you know from gns3 or something let's play around with it yeah yeah and if if you're certainly coming from a cisco world it's not a heavy lift you just look it up google it and they've got the context you know walk question mark walking through certain commands in junipers not a big deal um but yeah don't be afraid of it but definitely learn cisco first is that that's kind of the the uh the theme of this video is uh like the uh the entry level juniper is not set up in a way to uh teach you like how let's say rip works it's not gonna i mean cisco doesn't teach europe but these days anyway but well ospf will say osbf it doesn't teach you necessarily how ospf works at least not in any degree so uh you're not going to um uh have an easy time doing it there plus like cisco there's thousands of books including mine there's uh training courses you're making a season anything occasionally and uh it's uh uh like there's tons of resources to learn your ccna but juniper it's uh there's a book from like 2014 for enterprise routing and i think around 2015 for enterprise switching and that's about it oh goodness yeah and then there's um a couple other things there and but you'll have to basically go to uh like ine or i think cbc nuggets has a couple courses now but like it's uh it's a lot more niche and it's not the most friendly ground to learn things uh so uh try it out i mean i'm just saying uh don't if you hate cisco and you looking at this as a way to get out of cisco it's probably not the best thing for you um it's not going to uh most companies uh they either don't know juniper certifications or they know what well enough to know is not going to um at least the low levels aren't going to be like hey you hire that person hmm gosh you got to catch him yeah and that makes sense i mean and and not to say like i think to your point as well learning juniper yeah it may not get you out of cisco but if you're at a shop where they highly value juniper then and they have a lot of stuff well then your skill is extremely valuable there i mean and yeah and and and or no i call them out and also certifications what i call them um where like you have something like a ccna and also you have like uh linux plus or and also you have a juniper but uh it's uh it's usually a secondary thing gotcha gotcha all right oh great like if you work for janipur i mean they're probably gonna want to see a juniper i mean yeah but i mean like uh pick your battles but like uh they're just if you do need to do it just uh wait for one of those discounts that are usual on and um you know download a throttle try it out if you want uh it's easy enough to throw in a lab but at least the uh srx is uh by the way um can you uh share my screen one last time just gotta point out something over there oh yeah sharing it now all right if you are going to do the srx as a router because this is a firewall you need to set the forwarding mode to be packet-based and you need to delete all the other security information if you don't do this then it is going to be treated as like a firewall and uh a zone based firewall that there so you're gonna have to set up your zones and you're gonna have to uh explicitly allow your traffic between those zones so just a quick fyi there oh interesting okay okay so basically you want to set packet based and delete everything else if you're going to lab as a router huh all right all right awesome i didn't want to forget about that because otherwise you have like [Music] again well i lost my trying to bring us both back up here one second where'd we go oh there it is okay cool well anyways uh mr packet thrower thank you so much for coming on and teaching me juniper once again guys if you uh want to hear more about pack of thrower i mean he's someone earlier was asking what's up with him who is he he's a awesome dude like he has like every certification under the planet um he uh you're a consultant and you work with everything from azure to aws to google cloud to cisco to juniper and i can keep going but i run out of breath so you do it all and uh you wrote some books for ccna you do some other fun stuff with security i wrote several books i wrote some firepower books we've talked we just finished our volume one and two uh we're writing i'm finishing up an azure book and um i'm just got approval to start a devnet associate book oh man so yeah later in the year uh they do some training you can check out my youtube at the packet thrower there it is the packet thrower and then twitter you're just at packet thrower right uh yeah i don't really tweet much uh but uh occasionally i remember it i have it and i say something funny uh my linkedin is mostly where i do all my uh it trash jokes there so i'm pretty hilarious if i don't say some myself and humble too so donald rob on linkedin yeah uh i think if you actually search for the packet ferrari pop-up there oh cool cool youtube so uh yeah so yeah guys if you have any questions on juniper just go load him up i'm sure he'll love that um otherwise i talk a lot about automation and cisco and networking and basically whatever i feel like at the time it's uh and lately i've been uploading um live streams i've been doing with keith parker uh that's abc nuggets uh so uh oh yeah so you'll be you'll be live with uh keith barker later this week won't you uh not keith i'm uh going to be on david david yeah yeah yeah and i'm also going to be on um uh jeremy's it lab on friday or so oh yeah so be looking for that guy so you're gonna be live with him on friday yeah he's in japan so uh i think it's friday night for me and i don't i think he's like like like next tuesday for him or something like that yeah we're going to be talking a lot about automation stuff and uh basically kind of the chapters i wrote in limoy's ccna book so uh if you like me uh you can find me and if you don't like me then maybe stay off youtube this week you're gonna be on the trending page man watch out all right guys um anyways appreciate you guys watching with us um let me know what you think in the comments if you're catching this in the replay and uh yeah that's all we got i'll see if my thing will work when i go on the outro and i will catch you guys next time and i want to make that go away right now and you can probably still hear us i'm going to throw in some music right hold on hold on [Music] [Music] so [Music] long again [Music] [Music] again [Music] [Music] so [Music] you're so much better [Music] [Music] oh [Music] [Music] [Music] is thank you [Music] you
Info
Channel: NetworkChuck
Views: 60,121
Rating: 4.9140301 out of 5
Keywords: cisco, ccna, juniper, juniper networks, jncia
Id: udwoT39z-7I
Channel Id: undefined
Length: 114min 32sec (6872 seconds)
Published: Mon Apr 05 2021
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.