Skip to main content

Juniper switch Basic Configuration Commands

Hello fellow blog reader, after long gap I'm going to write this thread regarding the basic Juniper command and configuration. I try to include as much as troubleshooting/configuration command during day to day work.
I would like to thank to Srijan pointing the error on LACP command.

1. Set username for login
root@jpudasaini#set system root-authentication encrypted-password
New password:
Retype new password:

root@jpudasaini#set system login user jay full-name jaypudasaini uid 400 class super-user authentication encrypted-password


2. Hostname configuration.
root@switch#set system host-name jpudasaini
root@jpudasaini#

3. Set Tacplus authentication for juniper switch.
root@jpudasaini# set system authentication-order tacplus
root@jpudasaini# set system authentication-order password
root@jpudasaini# set system root-authentication encrypted-password "you password here"
root@jpudasaini# set system tacplus-server 10.10.10.10(your tacplus server IP) secret "your server password here"
root@jpudasaini#set system tacplus-options service-name test

4. Configuration VLAN(Group)
root@jpudasaini#set vlans Cust-Fiber vlan-id 500-550
root@jpudasaini#set vlans Cust-Wireless vlan-id 551-575
    single vlan
root@jpudasaini#set vlans Cust-A vland-id 25

5. Trunk Port Configuration
root@jpudasaini#set interfaces ge-0/0/9 description connect-to-sw2
root@jpudasaini#set interfaces ge-0/0/9 unit 0 family ethernet-switching port-mode trunk
root@jpudasaini#set interfaces ge-0/0/9 unit 0 family ethernet-switching vlan members Cust-Fiber

6. Access Port Configuration
root@jpudasaini#set interfaces ge-0/0/0 description Link-to-sw3
root@jpudasaini#set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode access
root@jpudasaini#set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members 25

7. Port Channel Configuration
root@jpudasaini#set chassis aggregated-devices ethernet device-count 10
root@jpudasaini#set interfaces ae0 description TR-2-Jpudasaini-Sw2
root@jpudasaini#set interfaces ae0 aggregated-ether-options lacp active
root@jpudasaini#set interfaces ae0 unit 0 family ethernet-switching port-mode trunk
root@jpudasaini#set interfaces ae0 unit 0 family ethernet-switching vlan members Cust-Fiber
root@jpudasaini#set interfaces ae0 unit 0 family ethernet-switching vlan members Cust-Wireless

8. Port Channel Assign to the Physical Port
root@jpudasaini#set interfaces ge-0/0/16 description test-sw1
root@jpudasaini#set interfaces ge-0/0/16 ether-options 802.3ad ae0
root@jpudasaini#set interfaces ge-0/0/17 description test-sw1
root@jpudasaini#set interfaces ge-0/0/17 ether-options 802.3ad ae0

9. Configuration management IP for switch.
root@jpudasaini#set interfaces vlan unit 20 family inet address 10.10.10.11/24

10. Configuration snmp.
root@jpudasaini#set snmp name Test-SNMP
root@jpudasaini#set snmp description test-sw2
root@jpudasaini#set snmp location "Jpudasaini-NOC"
root@jpudasaini#set snmp contact "system@jpudasaini.com.np"
root@jpudasaini#set snmp client-list list0 10.10.10.0/24
root@jpudasaini#set snmp community ax3R5vgW authorization read-only
root@jpudasaini#set snmp community ax3R5vgW client-list-name jpudasaini

11. Enable LLDP
root@jpudasaini# set protocols lldp interface all
root@jpudasaini#set protocols lldp-med interface all

12. Configure port as L3
root@jpudasaini#set interface ge-0/0/23 unit 0 family ethernet-switching port-mode trunk
root@jpudasaini#set interface ge-0/0/23 unit 0 family ethernet-switching vlan member 25
root@jpudasaini#set vlan Mgmt vlan-id 25
root@jpudasaini#set vlan Mgmt l3-interface vlan.25
root@jpudasaini#set interface vlan.250 family inet address xxx.xxx.xxx.xxx

13.Rate Limit
 Configure the policer

root@jpudasaini# set firewall policer Policer_2M if-exceeding bandwidth-limit 1M
root@jpudasaini# set firewall policer Policer_2M if-exceeding burst-size-limit 2k
root@jpudasaini# set firewall policer Policer_2M then discard

Configure the firewall filter

root@jpudasaini# set firewall family ethernet-switching filter Limit term 1 then accept
root@jpudasaini# set firewall family ethernet-switching filter Limit term 1 then policer Poicer_2M

Apply filter on interface (can be any interface as required)

root@jpudasaini# set interface ge-0/0/24.0 family ethernet-switching filter input Limit

Note: Remember that EX series switches apply rate limit only on ingress. 
Labels:

Comments

  1. srijanDecember 31, 2014 at 8:39 PM

    you should set number of aggregate ether-channel before creating LACP links with CMD.
    " set chassis aggregated-devices ethernet device-count 10".

    ReplyDelete

Post a Comment

Popular posts from this blog

MongoDB Failed to start lsb an object/document-oriented database

After long gap I'm going to post new blog. Due to the work load and research I have little time.  MongoDB could not started after installation of 3.6 version, However downgrade to the 3.4, still the Mongodb couldn't start and show below error message. Search don't help to resolved the issue. After so much hit and trail nothing work. One Chinese forum posted this command and its works for me.  cd /var/lib sudo rm -rf ./mongodb sudo mkdir mongodb sudo chown -R mongodb mongodb/ sudo serivce mongodb restart
Post a Comment
Read more

Mikrotik Hotspot Redirect After Login

This tutorial assumed you already create Hotspot in your router. If you don't know how to create a hotspot in Mikrotik router, click here and create the Hotspot. . After successfully creating the hotspot server go to "Files" Menu of  the main Window of Mikrotik router Copy "hotspot" folder into your PC. Open "alogin" file with text editor Replace "link-redirect" text with your desire URL Now you're done! After successfully logging into the Hotspot server your client automatically redirects to your external link.  Don't forget to copy this folder into Mikrotik Router "Files" Menu. You can also drag and drop this folder into "Files" menu. 
8 comments
Read more