Device Management

Question 1

What are the two modes you might end up in when accessing a Juniper device?

Answer 1

Linux/BSD Shell
Operational Mode

Question 2

Whats the console port for?

Answer 2

Local access via console cable

useful for first device setup when the device has no IP

Question 3

Where does console port put you?

Answer 3

Puts you in the BSD/Linux Shell

Question 4

What does Amnesiac mean?

Answer 4

Means the device has factory default config

Question 5

How do you get to Operational mode from Shell?

Answer 5

“cli” command

Question 6

Whats the management port for?

Answer 6

an OOB IP management port for CLI access - SSH or telnet

Question 7

What are the common management interface names?

Answer 7

FXP0
EM0
ME0

Question 8

what inband management options are there?

Answer 8

SSH, Telnet J-Web

Question 9

What mode does SSH/Telnet put you in?

Answer 9

Operational mode

Question 10

What is J-WEB?

Answer 10

Its a GUI for configuring a Juniper device.

Question 11

What things do you need to enable J-web?

Answer 11

• Root Password
• An IP on a reachable interface
• Enable web-management

“Set system services web-management https interface fxp0.0”

Question 12

What APIs can be used to configure JUNOS?

Answer 12

Junos XML API
REST API
JET API

Question 13

Whats the craic with the XML API?

Answer 13

Its Netconf. Junos made netconf.

All Junos CLI commands have an XML quilivent.

Executes XML RPC’s over netconf.

Question 14

Whats the craic with REST?

Answer 14

Supports get and post. Get executes, post sends data.

Theres a web-based GUI where you can experiment and download data via ASCI, XML, or JSON

Backend wise, all rest queries are converted and executed as XML API.

Question 15

Whats JET?

Answer 15

Juniper Extension Toolkit

Standards interface into Junos to allow people to customise or augment device functionality

Can run on or off-box.

Question 16

When logging in, whats the difference between root and non root?

Answer 16

Root hits shell. non-root hits CLI

Question 17

what does % in your CLI prompt mean?

Answer 17

Means you’re in shell.

Question 18

What help options are there?

Answer 18

? - context sensitive completion.

help topic <topic> - like manpage explaining stuff.</topic>

help reference <command></command> - gives reference config and explanation.

help apropos <variable - gives a list of commands within the current hierarchy that use that variable.

Question 19

How do you turn CLI completion off?

Answer 19

set cli complete-on-space off

Question 20

What VT does the CLI use and why?

Answer 20

VT100 so arrow keys work

Question 21

What are the EMACS commands?

Answer 21

Key combos to move around the CLI…

CTRL+B goes left one char
CTRL+F goes right one char
CTRL+A goes to the start of a line
CTRL+E goes to the end of a line
CTRL +D deletes the highlighted char
CTRL + K deletes the rest of the line
CTRL + U deletes all chars and the current command
CTRL + W = Deletes the word to the left
CTRL + L = redraws current line
CTRL + P and CTRL+N cycles through previous and next in the command history
ESC + D - Deletes word to the right
ESC + B - move back one word
Esc + F move forward one word

Question 22

How do you execute an operational mode command from config mode?

Answer 22

run.

Question 23

How do you configure config archival?

Answer 23

edit system archival
set transfer-on-commit
or
set transfer-on-interval <interval>
set archive-sites "scp://user@x.x.x.x" password "x" ##SECRET_DATA
or FTP or w/e</interval>

if more than 1 is listed it tries top down, and stops after successful archive.

Question 24

Archival configs… What are frequency options for interval?

Answer 24

15 to 2880 minutes (48h)

Question 25

where do archival log messages go?

Answer 25

/var/log/messages

Question 26

Where are archival configs put before they get backed up?

Answer 26

/var/transfer/config

Question 27

Where is syslog?

Answer 27

/var/log/messages

Question 28

In syslog, what are Facility and Severity?

Answer 28

Facility defines the class of log
Severity determines the logging detail

Question 29

where is syslog configured/

Answer 29

edit system syslog
and
edit routing-options options syslog

Question 30

Whats the default max number and size of archive configs?

Answer 30

10 128k

Question 31

what does file <filename> do?</filename>

Answer 31

within syslog, it defines a new syslog file.

Question 32

what does files <n> do?</n>

Answer 32

defines max number of syslog files

Question 33

How do you add priority info to syslog entries?

Answer 33

edit system syslog file <file>
facility severity;
set explicit-priority</file>

Question 34

syslog priority. 7 high or low?

Answer 34

7 is low (debug)

Question 35

Where can trace outputs go?

Answer 35

into /var/log/<filename>
or syslog</filename>

over-ride with

edit system tracing
set destination-override syslog host 1.1.1.1

Question 36

How do you trace a protocol?

Answer 36

edit protocols <protocol> traceoptions
set file <file> size <size> files <num>
set flag event detail
set error detail</num></size></file></protocol>

Question 37

what happens when a tracefil hits max size?

Answer 37

gets named <file>0, the next one is <file>1, etc</file></file>

Question 38

how do you remove timestamps from a trace?

Answer 38

with hidden no-stamp option

Question 39

how do you trace an interface?

Answer 39

add the traceoptions parameters you want to

edit interfaces <name> traceoptions</name>

goes into /var/log/messages – cannot be changed
if you trace the whole interface proccess it goes into /var/log/dcd

Question 40

how do you view logs?

Answer 40

show log <file></file>

you can use “h” at a more page to see the prompt on how to navigate… search the file, etc

Question 41

easiest way to filter a logfile?

Answer 41

show log messages | match “suport info”..

ANDs
show log messages | match “kernel” | match “error”

ORs
show log messages | match “error|kernel|panic”

Question 42

What does monitor do?

Answer 42

watches for realtime log file entries…

Question 43

How do you use monitor?

Answer 43

show monitor <file> | match "something"</file>

Question 44

How do you stop monitor from outputting to screen?

Answer 44

ESC+Q

Question 45

how do you stop monitor?

Answer 45

monitor stop

Question 46

how do you stop a trace?

Answer 46

delete traceoptions

it deletes all traceoptions at that hierarchy.

Question 47

how do you clear and delete a logfile?

Answer 47

clear log <file>
file delete <file></file></file>

Question 48

What 4 NTP modes are supported?

Answer 48

Client, server, broadcast, and symmetric active

Question 49

How does NTP auth work?

Answer 49

no fucking clue. my head hurts.

Trusted key, authentication key, and server key. something.

Question 50

How can you see NTP connections?

Answer 50

show ntp associations

• or O to the right of the host IP= good

Question 51

how do you do a mib walk from CLI?

Answer 51

show snmp mib walk <mib></mib>