Hướng dẫn làm bài Lab- Juniper2-pages-3,9-15,17-23,25-35,37-54,56-58

Contents
Lab 1: The Junos CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-1

Part 1: Logging In and Exploring the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Lab 2: Initial System Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-1

Part 1: Loading a Factory-Default Configuration and Performing Initial Configuration . . . . . . . . . . 2-2
Part 2: Saving, Displaying, Loading, and Deleting a Rescue Configuration . . . . . . . . . . . . . . . . . . . 2-5
Part 3: Configuring Interfaces and Verifying Operational State . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6
Lab 3: Secondary System Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-1

Part 1: Configuring User Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2
Part 2: Performing System Management Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7
Lab 4: Operational Monitoring and Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-1

Part 1: Monitoring System and Chassis Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2
Part 2: Using Network Utilities and Monitoring Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6
Part 3: Upgrading the Junos OS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-8
Part 4: Recovering the Root Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-9
Lab 5: The J-Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-1

Part 1: Logging In to and Exploring the J-Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2
Part 2: Exploring J-Web Configuration and Diagnostic Capabilities . . . . . . . . . . . . . . . . . . . . . . . . . 5-6
Appendix A: Lab Diagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1
www.juniper.net Contents • iii

Lab 1
The Junos CLI
Overview
This lab introduces you to the Junos operating system command-line interface (CLI). In
this lab, you will familiarize yourself with various CLI operational mode and configuration
mode features.
The lab is available in two formats: a high-level format designed to make you think through
each step and a detailed format that offers step-by-step instructions complete with
sample output from most commands.
By completing this lab, you will perform the following tasks:
• Log in to and explore the Junos CLI using both operational and configuration
modes.
www.juniper.net The Junos CLI • Lab 1–1

12.a.12.1R1.9
Part 1: Logging In and Exploring the CLI
In this lab part, you become familiar with the access details used to connect to the
lab equipment. Once you are familiar with the access details, you will use the CLI to
log in to your team’s designated station and use the CLI to become familiar with
operational mode and configuration mode. You also gain experience with some of
the tools and functionality available within operational mode and configuration
mode.
Note
Depending on the class, the lab equipment
used might be remote from your physical
location. The instructor will inform you as to
the nature of your access and will provide
you the details needed to access your
assigned device.
Step 1.1
Ensure that you know to which student device you have been assigned. Check with
your instructor if you are not certain. Consult the management network diagram to
determine the management address of your student device
Question: What is the management address

assigned to your station?
Step 1.2
Access the CLI at your station using either the console, Telnet, or SSH as directed by
your instructor. Refer to the management network diagram for the IP address
associated with your team’s station. The following example uses a simple Telnet
access to srxA-1 with the Secure CRT program as a basis:
Lab 1–2 • The Junos CLI www.juniper.net

Step 1.3
Log in to the student device with the username lab using a password of lab123.
Note that both the name and password are case-sensitive. Issue the configure
command to enter configuration mode and load the reset configuration file using
the load override /var/home/lab/ijos/lab1-start.config
command. After the configuration has been loaded, commit the changes and return
to operational mode using the commit and-quit command.
Step 1.4
Determine what system information you can clear from the operational mode
command prompt.
Question: Which command do you use to clear the

contents of a system log (syslog) file?
Step 1.5
Experiment with command completion by entering show i<space>.
Step 1.6
Add characters to disambiguate your command so that you can display
interface-related information; use the Spacebar or Tab key for automatic command
completion.
Note
You can return to the command prompt
without scrolling through all of the
generated output from a command. Enter
the Ctrl+c key sequence or the q key to
abort the operation and return to the
command prompt.
Step 1.7
Try to clear SNMP statistics by entering the clear snmp command.
Question: What do you think the resulting display

means?
Step 1.8
Verify that the CLI does not let you complete invalid commands by trying to enter the
command show ip interface brief.

Question: What happens when you try to enter this
command?
Step 1.9
Enter a show route command followed by a show system users command.
You are entering these commands to demonstrate command history recall. When
finished, enter the keyboard sequences indicated to answer the related questions.
Question: What happens when you press Ctrl+p

twice?
Question: What happens when you press Ctrl+n?
Question: What happens when you use the Up

Arrow and Down Arrow keys?
Step 1.10
In many cases, the output of a command might exceed one full screen. For example,
the show interfaces interface-name extensive command displays a lot
of information about the specified interface. Enter this command now for your
system’s ge-0/0/0 interface, and answer the following questions. Use the h key as
needed to obtain help when CLI output is paused at the ---(more)--- prompt.
Question: What effect does pressing the Spacebar

have?
Question: What effect does pressing the Enter key

have on the paused output?
Question: What effect does pressing the b key

have?

Question: What effect does pressing the u key
have?
Question: Which key would you press to search

forward through a display that consists of multiple
screens of output?
Step 1.11
Use the pipe (|) and match functions of the Junos CLI to list all interfaces that are
physically down.
Question: Are any of your interfaces listed as Down?
Question: Can you think of a way to have the

Junos OS count the number of interfaces that are
physically down? (Hint: Remember that you can use
the results of one pipe as input to another pipe
operation.)
Step 1.12
A large portion of the Junos OS documentation is available directly from the CLI. You
can retrieve high-level topics using the help topic command, whereas you can
obtain detailed configuration-related information with the help reference
command.
Use the help reference command along with the CLI question-mark operator
(?) to find detailed information about configuring a system hostname.
Question: Which CLI command displays reference

information about configuration of the system’s
hostname?
Step 1.13
Enter configuration mode.

Question: What happens to your prompt?
Question: According to the prompt, what is your

position in the configuration hierarchy?
Step 1.14
Display the interfaces portion of the candidate configuration.
Step 1.15
Position yourself at the [edit interfaces] configuration hierarchy.
Question: What happens to the banner?
Question: What is the result of a show command

now?
Step 1.16
Move to the [edit protocols ospf] portion of the hierarchy. This step
requires that you first visit the root of the hierarchy, as you cannot jump directly
between branches. You can perform this step with a single command in the form of
top edit protocols ospf, however.
Question: Which commands can you now enter to

reposition yourself at the [edit] portion of the
hierarchy? Return to the [edit] hierarchy level
now.
Note
If you have not already done so, return to
the [edit] hierarchy level using one of
the available methods.

Step 1.17
Try to display the status of chassis hardware with a show chassis hardware
operational command while in configuration mode.
Question: Why do you think you received an error?

What can you do to execute operational mode
commands while in configuration mode? Try that
now.
Step 1.18
Try to return to operational mode by entering an exit command.
Question: What happens when you execute the

exit command?
Question: Which CLI command can you use to

display differences between the candidate and
active configuration file? Enter no at the current
prompt and issue the required command to view
the differences between the candidate and active
configurations.
Question: Considering that nothing changed, which

command can you enter to allow an exit from
configuration mode without being warned of
uncommitted changes? Issue that command now.
Step 1.19
Log out of your assigned device using the exit command.
STOP Tell your instructor that you have completed Lab 1.

Lab 2
Initial System Configuration
Overview
This lab demonstrates configuration tasks typically performed on new devices running the
Junos operating system. In this lab, you use the CLI to perform initial configuration and
basic interface configuration.
sample output from most commands. Refer to the management network diagram for
access details.
• Load a factory-default configuration and perform initial system configuration.
• Save, delete, and restore a rescue configuration.
• Perform basic interface configuration.
www.juniper.net Initial System Configuration • Lab 2–1

12.a.12.1R1.9
Introduction to the Junos Operating System
Part 1: Loading a Factory-Default Configuration and Performing Initial Configuration
In this lab part, you will load the factory-default configuration and perform initial
configuration tasks using the Junos CLI.
Step 1.1

Step 1.2
Access the CLI at your station using the console connection.
Note
During this lab, your access through the
management network will be affected.
Ensure that you use the console
connection to access your assigned station.
Using the console connection ensures
persistent connectivity even when the
management network access is
unavailable. If needed, ask your instructor
how to connect to your system using the
console port.
Step 1.3
Note that both the name and password are case-sensitive. Enter configuration mode
and load a factory-default configuration using the load factory-default
command.
Lab 2–2 • Initial System Configuration www.juniper.net

Step 1.4
Display the factory-default configuration.
Note
The factory-default configuration displays
several statements pertaining to the
security hierarchy level. This information is
outside the scope of this class but is
covered in the Junos for Security Platforms
(JSEC) course.
Step 1.5
Try to activate the factory-default configuration by issuing a commit command.
Question: Did the commit operation succeed? If

not, why not?
Step 1.6
Navigate to the [edit system root-authentication] hierarchy level. Issue
the set plain-text-password command. When prompted to enter a new
password, type apples.
Question: What happens when you enter the

specified password? Why?
Step 1.7
Again, issue the set plain-text-password command. When prompted to
enter a new password, type Apples. When prompted to confirm the password, type
Oranges.

specified passwords? Why?
Step 1.8
Issue the set plain-text-password command once again. When prompted
to enter a new password, type Rootroot. When prompted to confirm the password,
type Rootroot. Activate the change and return to operational mode by issuing a
commit and-quit command.
Step 1.9
Issue the file list /var/tmp command.

specified command? Why?
Step 1.10
Log out as the lab user and log in as root. Use the newly defined password of
Rootroot.
Note
You should see the previously defined
hostname at the login prompt. The
amnesiac hostname is shown when the
hostname is removed and the system is
rebooted. You do not need to reboot the
system at this time because you will
configure a new hostname shortly.
Step 1.11
Start the CLI with the cli command and enter configuration mode.
Step 1.12
Define the system’s hostname. Use the hostname specified on the management
network diagram provided by your instructor.
Step 1.13
Configure the time zone and system time using the local time zone and current date
and time as input values.
Step 1.14
Remove the DHCP, interface, security, protocols and vlan sections from the
factory-default configuration, as this is not necessary in this lab environment.
Step 1.15
Configure the ge-0/0/0 interface using the address and subnet mask specified on
the management network diagram, and specify an interface description of "MGMT
INTERFACE - DO NOT DELETE".

Step 1.16
Navigate to [edit routing-options] and define a static route for the
10.210.0.0/16 destination prefix to allow for reachability beyond the local
management subnet. Use the gateway address, shown on the management network
diagram, as the next-hop value. When complete commit the configuration and return
to operational mode.
STOP Wait for your instructor before you proceed to the next part.
Part 2: Saving, Displaying, Loading, and Deleting a Rescue Configuration
In this lab part, you will save, display, load, and delete a rescue configuration using
the Junos CLI.
Step 2.1
Enter configuration mode and load the lab2-part2-start.config file from
the/var/home/lab/ijos/ directory. This will return the lab to its original state
and reestablish the lab user. Commit your configuration and return to operational
mode when complete.
Step 2.2
Log out of the root user by issuing the exit command twice, then log in as the
lab user using lab123 as the password.
Step 2.3
Save the active configuration as the rescue configuration.
Step 2.4
Display the contents of the recently saved rescue configuration.
Question: Does the rescue configuration match the

recently created active configuration?
Question: What CLI command could you issue to

compare the active and rescue configuration files?

Step 2.5
Return to configuration mode and delete the [edit system services]
hierarchy level. Activate the change.
Step 2.6
Verify that the [edit system services] hierarchy level is empty and then load
the rescue configuration.
Step 2.7
Verify that the [edit system services] hierarchy level once again contains
the ssh, telnet, and web-management services.
Question: Did the rescue configuration successfully

load? Are the services enabled now? If not, why
not?
Step 2.8
Activate the rescue configuration and return to operational mode.
Step 2.9
Delete the rescue configuration and attempt to display the rescue.conf.gz file to
confirm the deletion.
Question: Did you successfully delete the rescue

configuration?
Part 3: Configuring Interfaces and Verifying Operational State
In this lab part, you will perform interface configuration and verify the operational
state of interfaces using the Junos CLI.
Step 3.1
the /var/home/lab/ijos/ directory. Commit you configuration when complete.

Step 3.2
Refer to the network diagram for this lab and configure the listed interfaces. Use
logical unit 0 on all specified interfaces. Commit the configuration and return to
operational mode when complete.
Step 3.3
Issue the show interfaces terse CLI command to verify the state of the
configured interfaces.
Question: What are the Admin and Link states of

the recently configured interfaces?
Step 3.4

Lab 3
Secondary System Configuration
Overview
This lab demonstrates typical secondary configuration tasks performed on devices
running the Junos operating system.
sample outputs from most commands.
• Define user accounts and authentication options.
• Set up and verify proper operation of system logging (syslog).
• Configure and monitor NTP.
• Enable and monitor the operation of SNMP.
• Configure and monitor the configuration archival feature.
www.juniper.net Secondary System Configuration • Lab 3–1

12.a.12.1R1.9
Part 1: Configuring User Authentication
In this lab part, your team will configure user accounts and related authentication
options.
Step 1.1

Step 1.2
Step 1.3
and load the reset configuration file using the load override /var/home/
lab/ijos/lab3-start.config command. After the configuration has been
loaded, commit the changes.
Step 1.4
Navigate to [edit system login] and define a custom login class named
juniper with the following permissions:
• view
• view-configuration
• reset
Lab 3–2 • Secondary System Configuration www.juniper.net

Step 1.5
Next, define two new user accounts using the information from the following table:
Username Class Plain-Text Password

walter juniper walter123
nancy read-only nancy123
Step 1.6
View the configuration under the [edit system login] hierarchy level. If you
are satisfied with the results, activate your new configuration by issuing the commit
command.
Note
The remainder of this lab part tests user
login options. To prevent yourself from
being locked out, keep the current console
session open!
Step 1.7
Open another terminal window and use Telnet to access your system’s management
IP address. If needed, refer to the management network diagram. Log in with the
username walter.
Step 1.8
Using the new terminal session, try to enter configuration mode.

Question: How does the CLI respond when you try to

enter configuration mode?
Step 1.9
Enter a question mark (?) at the prompt to view the permitted operational mode
command options for the user walter.
Question: Why is the user walter unable to enter

configuration mode?
Step 1.10
Verify that the user walter can view the configuration and other operational
outputs such as interface information.
Question: Can the user walter view the root

password within the configuration? Why?
Step 1.11
Restart the routing process using the restart routing command. This
command restarts the routing protocol daemon (rpd), which can be useful when
troubleshooting routing problems.
Question: Which permission allows the user

walter to perform this command?
Step 1.12
Log out from the user walter and initiate a new Telnet session to the management
interface for the user nancy. (Hint: Use the reconnect option on your terminal
client.) Attempt to restart the routing protocol process using the restart
routing command.
Question: Can nancy successfully issue the

restart command?

Question: What is a quick way to view the top-level
operational mode commands available to nancy?
Question: Can the user nancy view the

configuration?
Step 1.13
Attempt to clear interface statistics for the ge-0/0/0 interface using the clear
interfaces statistics ge-0/0/0 command.
Question: Which permission option would allow the

user nancy to clear the interface statistics on the
ge-0/0/0 interface?
Step 1.14
Return to the original session opened to the lab user.
From the session opened to the lab user attempt to add the clear permission to
the default read-only login class. Issue the show command to view the system
login hierarchy.
Question: What happened when you added the

clear permission to the read-only login class?
Question: How can you add the clear permission

for the user nancy?
Step 1.15
Navigate to the top of the configuration hierarchy and configure a RADIUS server for
use with user authentication. Refer to your management network diagram for the
server address. The RADIUS secret should be Juniper. Configure the
authentication order so that user login attempts use only local password
authentication if the RADIUS server is unreachable. Use commit to activate the
changes.

Question: Must you include password in the
authentication order to enable this behavior?
Step 1.16
Return to the secondary Telnet session opened to you student device
From the secondary Telnet session in which the user nancy is logged in, issue the
exit command to log out. Test the RADIUS server by reconnecting to the Telnet
session and try to log back in as nancy.
Question: Were you able to log in as nancy?
Step 1.17
In the previous lab step, the defined RADIUS server was reachable. Because you did
not define the username on the RADIUS server, the RADIUS server rejected the
authentication. Therefore, the software did not consult the local password database.
From the session opened to the lab user and change the IP address of the RADIUS
server to 10.1.1.1. You can use the rename command for this change. Do not forget
to issue commit to activate the change.
Step 1.18
Return to the secondary Telnet session opened to you student device
From the secondary Telnet session, try to log in to the system with the nancy
username once again.
Question: What was different about the login

behavior in this step as compared to the last step
with respect to a reachable RADIUS server?
Step 1.19
From the session opened to the lab user and delete the
authentication-order statement. When complete commit your config and
return to operational mode.

Part 2: Performing System Management Options
In this lab part, you will perform configuration of some common system
management features. You will configure and monitor syslog, NTP, SNMP, and
configuration archival.
Step 2.1
the/var/home/lab/ijos/ directory. Commit your configuration when complete.
Step 2.2
Use the show system syslog command to view the current syslog
configuration.
Question: What facilities and severity levels

currently log to the messages log file?
Question: What is the purpose of specifying a

facility of any?
Step 2.3
Navigate to the [edit system syslog] hierarchy and configure a new syslog
file named config-changes. Specify a facility of change-log and a severity of
info. Also, set the severity level for the default messages file to any.
Step 2.4
Configure your system to send logs to a remote server running the standard syslog
utility. Refer to your management network diagram for the server address. (Hint: Use
the host option.) Choose the correct facility that logs access attempts on the
system. (Hint: The current messages log file is already using this facility.) Use a
severity level of info. Commit your changes when complete.
Step 2.5
Using the run file list /var/log/ command, verify the creation of a log file
named config-changes.

Note
The files stored in the /var/log/
directory might vary between each system.
Question: What other log files from your system’s

configuration does this directory store?
Step 2.6
Configure the system to synchronize its clock with an NTP server. Refer to the
management network diagram for the server’s IP address.
Step 2.7
Use the same server IP address used in the previous step and configure an NTP
boot server. Commit the configuration and return to operational mode when
complete.
Step 2.8
View the config-changes log and verify the logging of the latest configuration
changes.
Step 2.9
Manually force synchronization with the NTP server by issuing the set date ntp
operational mode command.
Step 2.10
Verify synchronization with the NTP server by using the show ntp
associations command. The system is synchronized with the NTP server if you
see the server address in the remote column with an asterisk (*) next to it. Check
the current system time using the show system uptime command.
Note
It might take a few minutes for the system’s

time to synchronize with the NTP server.

Question: What does the asterisk (*) next to the
NTP server address signify?
Step 2.11
Return to configuration mode and configure the system to allow SNMP access using
a community value of junos. The system should allow processing of SNMP
messages only when it receives them from the NMS server’s IP address. Refer to the
Step 2.12
Configure an SNMP trap group to send traps to the NMS server. The SNMP trap
group should send traps whenever an interface transitions to a down state. Name
the trap group interfaces.
Question: What trap category do you enable to

receive traps for an over-temperature condition?
Step 2.13
To test your SNMP configuration, temporarily disable the ge-0/0/0 interface using
the set interfaces ge-0/0/0 disable command. Commit the new setting
and verify that the interface is down using the run show interfaces ge-0/
0/0 terse command. Next, re-enable the interface by issuing the delete
interfaces ge-0/0/0 disable command. Commit the change and return to
Step 2.14
Verify that the interface transition resulted in the sending of a trap by viewing the
messages log. Use the pipe symbol (|) and match on the ge-0/0/0 interface and
the keyword snmp to parse the messages log output. Next, issue the show snmp
statistics command and confirm that the Traps value in the Output section
is not zero.
Question: Does the messages log show trap

entries associated with the interface status
change?

Question: Does the show snmp statistics
command list a non-zero value for outgoing traps?
Step 2.15
Perform an SNMP MIB walk with the Junos CLI using the show snmp mib walk
jnxOperatingDescr command. Note that the resolved object identifier (OID) of
jnxOperatingDescr is case sensitive. The OID is variable; we are simply using
this OID as an example.
Note
The Junos OS accepts both the

dotted-decimal notation and alpha-numeric
notation of SNMP MIB OIDs. The previous
example polls the Juniper Networks
Chassis MIB for a mapping of component
OIDs. This tool is helpful for deciphering
what component might be initiating an
SNMP trap when your NMS station reports
the OID in only a dotted-decimal notation.
You do not need to configure SNMP to
perform SNMP polling from within the
Junos OS.
Question: What OID associates with the Routing

Engine (RE) for your system?
Step 2.16
Enter configuration mode and configure your system to archive its configuration to a
remote FTP server whenever a commit operation occurs. You should configure the
archive-sites as “ftp://ftp@server address:/archive” including
the quotation marks. Refer to the management network diagram for the server’s IP
address. You should configure the password as ftp. You perform this configuration
under the [edit system archival configuration] hierarchy level.
Commit your configuration and return to operational mode when complete.
Step 2.17
Verify that the configuration successfully transferred to the remote FTP server by
using the show log messages | match transfer command.

Note
Even when using the

transfer-on-commit option with
configuration archival, the transfer is
cyclical and uses a short time interval. If
you do not see the transfer in your log, wait
a minute or two and look again.
Question: What do the numbers at the end of the

transferred filename represent?
Step 2.18

Lab 4
Operational Monitoring and Maintenance
Overview
This lab covers common operational monitoring and platform maintenance activities. In
this lab, you monitor system, chassis, and interface operation, use network utilities, and
perform system maintenance tasks.
sample output from most commands.
• Monitor chassis, system, and interface operation.
• Use network utilities.
• Upgrade a device running the Junos operating system and recover the root
password.
www.juniper.net Operational Monitoring and Maintenance • Lab 4–1

12.a.12.1R1.9
Part 1: Monitoring System and Chassis Operation
In this lab part, each team will use key commands within the CLI to monitor system
and chassis operation.
Step 1.1

Step 1.2
Step 1.3
loaded, commit the changes and return to operational mode.
Step 1.4
Issue the show system processes extensive command to check the status
of the routing protocol daemon (rpd). Alternatively, issue the show system
processes extensive | match "pid | rpd" command to parse the
output. The use of two pipes (|) in this command allows you to make multiple
matches. In this case it matches rpd for the routing protocol process as well as PID
to view the column headers.
Lab 4–2 • Operational Monitoring and Maintenance www.juniper.net

Question: What is the weighted CPU usage of rpd?
Step 1.5
Issue the show system statistics command to view protocol statistics
related to your team’s device.
Question: How many TCP packets did your assigned

device send since the last clearing of the system
statistics?
Step 1.6
Issue the show system storage command to view information regarding the
device storage space.
Question: How much free space is available on your

device?
Step 1.7
Issue the show system uptime command to view the current system time.
Question: When was your team’s device last

booted?
Step 1.8
Open another terminal window and use Telnet to access your system’s management
IP address. If needed, refer to the management network diagram. Log in with the
username walter and the password walter123.

Step 1.9
Return to the original session opened to your device.
Return to the original session logged in as lab and issue the show system users
command to view information about users logged in to your team’s device.
Question: What is the source IP address of the

Telnet session established by the user walter?
Step 1.10
Issue the request system logout user walter command to force a log
out for the user walter. Next, issue the show system users command to verify
that the user session for walter was terminated.
Question: Was the user Telnet session for walter

properly closed?
Step 1.11
Check the environmental status of your team’s device by issuing the show
chassis environment command.
Question: What is the temperature and status of the

Routing Engine (RE)?
Question: Name another show chassis

command that displays the RE temperature. (Hint:
Use the ?.)
Step 1.12
Issue the show chassis temperature-thresholds command.
Question: At what temperature is a red alarm

generated for the RE?
Step 1.13
View details about your system’s hardware components using the show chassis
hardware command.
Question: What is the chassis serial number for your

team’s device?

Step 1.14
Issue the show interface terse command to quickly verify the administrative
and link state for your device’s interfaces.
Question: What are the Admin and Link states for

all configured interfaces?
Step 1.15
Issue the show interfaces ge-0/0/0 extensive command and answer
the questions that follow:
Question: What is the SNMP ifIndex for

ge-0/0/0? What about for ge-0/0/0.0?
Question: What is the current hardware address for

the ge-0/0/0 interface?
Question:
Does the ge-0/0/0 interface show any input errors?
Question: Does the ge-0/0/0 interface show input

and output traffic statistics? How are those
statistics counted?
Step 1.16
Issue the clear interfaces statistics ge-0/0/0 command followed by
the show interfaces ge-0/0/0 extensive | find "traffic"
command.
Question: Were the statistics for the ge-0/0/0

interface successfully cleared?

Part 2: Using Network Utilities and Monitoring Traffic
In this lab part, each team will use network utilities within the CLI and monitor local
system traffic.
Step 2.1
the/var/home/lab/ijos/ directory. Commit your configuration and return to
Step 2.2
Start a continuous ping to the server with a data size of 500 bytes. Refer to the
Note
If you are not receiving Internet Control
Message Protocol (ICMP) echo replies from
the server, notify your instructor.
Question: Which command option do you use to

make the ping continuous?
Step 2.3
Note
You can stop the ping operation by using
the Ctrl+c keystroke combination. You
should, however, let the ping operation
continue at this time for the subsequent
monitoring step.
Open a new terminal session to your team’s device. Use Telnet to access your
system’s management IP address. If needed, refer to the management network
diagram. Log in with the lab user account and the password provided by the
instructor. You will use this separate terminal session to monitor ping traffic
generation.

Step 2.4
Use the monitor traffic interface ge-0/0/0 command to begin
monitoring the ge-0/0/0 management interface.
Note
You can stop the monitoring operation by
using the Ctrl+c keystroke combination.
You can also increase the capture size
using the size option to avoid truncated
packets.
Question: Does the capture display ICMP traffic?
Question: How can you filter the output to show only

the ICMP traffic?
Question: What command option allows you to view

source and destination MAC addresses for the
captured packets?

Note
The monitor traffic command
captures only packets that are local to the
device. It does not capture transit packets.
Step 2.5
In preparation for the next lab part, stop the monitor operation using the Ctrl+c
keystroke combination, and close the extra terminal session that you opened.
Step 2.6
Return to the original session opened to your device.
From the original session opened to your device, issue the Ctrl+c keystroke
combination to stop the continuous ping.
Part 3: Upgrading the Junos OS
In this lab part, you will retrieve a Junos OS package from a remote server and
upgrade your assigned device. Note that to keep the software consistent, you
upgrade the device to the same version of the Junos OS that it is currently running.
Step 3.1
the/var/home/lab/ijos/ directory. Commit your configuration and return to
Step 3.2
Use the file copy command in conjunction with FTP to retrieve the install image
named junos-srxsme-12.1R1.9-domestic.tgz from the server. Refer to
the management network diagram for the server’s IP address. Use the username
ftp and a password of ftp. Save the image to the /var/tmp directory on the
local device.
Question: Did the image successfully transfer from

the server to the /var/tmp directory on your
device?

Note
If there is not enough room in the
/var/tmp directory to accommodate the
software package, notify your instructor.
Step 3.3
Verify that the software package transferred correctly to the local /var/tmp
directory by using the file list /var/tmp | match junos command.
Question: Which file list command option

allows you to view the file size of the software
package stored in the /var/tmp directory?
Step 3.4
Issue the request system software add /var/tmp/
junos-srxsme-12.1R1.9-domestic.tgz command to upgrade your assigned
device. Use the reboot option to automatically perform a system reboot, which is a
requirement of the upgrade process. Use the console terminal session to monitor
the upgrade process.
Step 3.5
After the reboot is complete, log in again as the lab user and issue the show
version command.
Part 4: Recovering the Root Password
In this lab part, you will perform root password recovery. The root password recovery
process requires that you use the console connection.
Step 4.1
the /var/home/lab/ijos/ directory. Commit your configuration and return to

Step 4.2
Using a terminal session connected to the console port, reboot the system. Enter
yes to authorize the reboot. When prompted to enter the command prompt, press
the space bar.
Step 4.3
At the prompt, first disable the watchdog process by using the watchdog
disable command. Secondly, type boot -s and press Enter to boot the Junos OS
in single-user mode.
Step 4.4
When prompted to enter a pathname for shell or ‘recovery’ for root password
recovery, type recovery and press Enter.
Step 4.5
Once the prompt is available, enter configuration mode and set a new root password
of lab123. Commit the configuration and return to configuration mode. Use the
exit command to leave operational mode, the software prompts you about
rebooting. Type y and press Enter to reboot the system.
Step 4.6
Once the system boots, verify the root password recovery by logging in with the new
root password.
Question: Were you successfully authenticated

using the new root password?
Step 4.7
Start the CLI and enter configuration mode.
Step 4.8
Restore the lab4-part4-start configuration using the load override /
var/home/lab/ijos/lab4-part4-start.config command. Activate the
configuration and log out of the system.

Lab 5 (Optional)
The J-Web Interface
Overview
This lab introduces you to the J-Web graphical user interface (GUI). In this lab, you will
familiarize yourself with various J-Web features and capabilities.
The lab is available in two formats: a high-level format that is designed to make you think
through each step and a detailed format that offers step-by-step instructions complete
with sample output from most commands.
• Log in to the J-Web interface.
• Explore J-Web monitoring options.
• Explore J-Web configuration and diagnose options.
www.juniper.net The J-Web Interface • Lab 5–1

12.a.12.1R1.9
Part 1: Logging In to and Exploring the J-Web Interface
In this lab part, you will familiarize yourself with the access details for your team’s
station and log in through the J-Web interface. You will also familiarize yourself with
the various monitoring capabilities available in the J-Web user interface.
Note
Depending on the specifics of your class,
you might be accessing a router that is
remote from your physical location. The
instructor will inform you as to the nature of
your access and will provide you with the
details needed to access your router.
Step 1.1

Step 1.2
Step 1.3
loaded, commit the changes and return to operational mode.
Lab 5–2 • The J-Web Interface www.juniper.net

Step 1.4
Open a Web browser on your PC.
From a Web browser on your PC. navigate to the management address of your
deviceRefer to the management network diagram for the IP address associated with
your team’s station.
Step 1.5
Log in as user lab with the password supplied by your instructor.
Step 1.6
After logging in click on the Dashboard tab in the upper left corner. Use the
information found in your browser to answer the following questions.

Question: What is the current system up time in

days?
Question: What is the current memory and CPU

usage on your assigned station?
Step 1.7
Edit the Dashboard Preferences to display the Chassis Status.

Question: What is the Routing Engine (RE)
temperature, and is this temperature considered

normal?
Question: How can you display the serial number

and model of the Routing Engine?
Step 1.8
Navigate to Monitor > Interfaces and view the ge-0/0/0.0 interface.
Question: What is the status of the ge-0/0/0.0

interface?
Question: How can you gain additional information

on a given interface?

Step 1.9
Navigate to Monitor > Routing > Route Information to view the current
static routes.
Part 2: Exploring J-Web Configuration and Diagnostic Capabilities
In this lab part, you will familiarize yourself with the configuration and diagnostic
capabilities available in the J-Web interface. You will also identify the key pages that
relate to those capabilities.
Step 2.1
Access the J-Web configuration page by clicking the Configure tab.
Question: How do you display your station’s current

configuration?
Step 2.2
Navigate to Configure > System Properties > User Management.

Step 2.3
Click Edit. In the Edit User Management window, click Add and create the
user Jweb. Use the password lab123 and fullname Jweb User. Keep the login
class as read-only. Leave the User ID field blank. Click OK when complete.
Step 2.4
Commit the new user by clicking on Actions in the upper right corner, then click
Commit.
Step 2.5
Return to User Management and remove the Jweb user created earlier.
Step 2.6
Click Actions, then click Compare to display changes in the configuration.
Step 2.7
Commit the changes by clicking on Actions then Commit.
Step 2.8
Navigate to Troubleshoot > Ping Host. Enter the IP address of the server in
the management network and click Start to begin the ping.

Question: Does the ping succeed?
Step 2.9
Logout of your J-Web session. Return to the cli session opened to your device and
log out using the exit command.

A–2 • Lab Diagrams www.juniper.net

www.juniper.net Lab Diagrams • A–3

A–4 • Lab Diagrams www.juniper.net

Hướng dẫn làm bài Lab- Juniper2-pages-3,9-15,17-23,25-35,37-54,56-58

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Hướng dẫn làm bài Lab- Juniper2-pages-3,9-15,17-23,25-35,37-54,56-58

Uploaded by

Copyright:

Available Formats

Contents

Lab 1: The Junos CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-1

Lab 2: Initial System Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-1

Lab 3: Secondary System Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-1

Lab 4: Operational Monitoring and Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-1

Lab 5: The J-Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-1

Appendix A: Lab Diagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1

www.juniper.net Contents • iii

www.juniper.net The Junos CLI • Lab 1–1

Question: What is the management address

Lab 1–2 • The Junos CLI www.juniper.net

Question: Which command do you use to clear the

Question: What do you think the resulting display

www.juniper.net The Junos CLI • Lab 1–3

Question: What happens when you press Ctrl+p

Question: What happens when you press Ctrl+n?

Question: What happens when you use the Up

Question: What effect does pressing the Spacebar

Question: What effect does pressing the Enter key

Question: What effect does pressing the b key

Lab 1–4 • The Junos CLI www.juniper.net

Question: Which key would you press to search

Question: Are any of your interfaces listed as Down?

Question: Can you think of a way to have the

Question: Which CLI command displays reference

www.juniper.net The Junos CLI • Lab 1–5

Question: According to the prompt, what is your

Question: What happens to the banner?

Question: What is the result of a show command

Question: Which commands can you now enter to

Lab 1–6 • The Junos CLI www.juniper.net

Question: Why do you think you received an error?

Question: What happens when you execute the

Question: Which CLI command can you use to

Question: Considering that nothing changed, which

STOP Tell your instructor that you have completed Lab 1.

www.juniper.net The Junos CLI • Lab 1–7

www.juniper.net Initial System Configuration • Lab 2–1

Part 1: Loading a Factory-Default Configuration and Performing Initial Configuration

Question: What is the management address

Lab 2–2 • Initial System Configuration www.juniper.net

Question: Did the commit operation succeed? If

Question: What happens when you enter the

Question: What happens when you enter the

www.juniper.net Initial System Configuration • Lab 2–3

Lab 2–4 • Initial System Configuration www.juniper.net

Part 2: Saving, Displaying, Loading, and Deleting a Rescue Configuration

Question: Does the rescue configuration match the

Question: What CLI command could you issue to

www.juniper.net Initial System Configuration • Lab 2–5

Question: Did the rescue configuration successfully

Question: Did you successfully delete the rescue

Part 3: Configuring Interfaces and Verifying Operational State

Lab 2–6 • Initial System Configuration www.juniper.net

Question: What are the Admin and Link states of

STOP Tell your instructor that you have completed Lab 2.

www.juniper.net Initial System Configuration • Lab 2–7

www.juniper.net Secondary System Configuration • Lab 3–1

Part 1: Configuring User Authentication

Question: What is the management address

Lab 3–2 • Secondary System Configuration www.juniper.net

Username Class Plain-Text Password

www.juniper.net Secondary System Configuration • Lab 3–3