Device Management Flashcards
What are the two modes you might end up in when accessing a Juniper device?
Linux/BSD Shell
Operational Mode
Whats the console port for?
Local access via console cable
useful for first device setup when the device has no IP
Where does console port put you?
Puts you in the BSD/Linux Shell
What does Amnesiac mean?
Means the device has factory default config
How do you get to Operational mode from Shell?
“cli” command
Whats the management port for?
an OOB IP management port for CLI access - SSH or telnet
What are the common management interface names?
FXP0
EM0
ME0
what inband management options are there?
SSH, Telnet J-Web
What mode does SSH/Telnet put you in?
Operational mode
What is J-WEB?
Its a GUI for configuring a Juniper device.
What things do you need to enable J-web?
- Root Password
- An IP on a reachable interface
- Enable web-management
“Set system services web-management https interface fxp0.0”
What APIs can be used to configure JUNOS?
Junos XML API
REST API
JET API
Whats the craic with the XML API?
Its Netconf. Junos made netconf.
All Junos CLI commands have an XML quilivent.
Executes XML RPC’s over netconf.
Whats the craic with REST?
Supports get and post. Get executes, post sends data.
Theres a web-based GUI where you can experiment and download data via ASCI, XML, or JSON
Backend wise, all rest queries are converted and executed as XML API.
Whats JET?
Juniper Extension Toolkit
Standards interface into Junos to allow people to customise or augment device functionality
Can run on or off-box.
When logging in, whats the difference between root and non root?
Root hits shell. non-root hits CLI
what does % in your CLI prompt mean?
Means you’re in shell.
What help options are there?
? - context sensitive completion.
help topic <topic> - like manpage explaining stuff.</topic>
help reference <command></command> - gives reference config and explanation.
help apropos <variable - gives a list of commands within the current hierarchy that use that variable.
How do you turn CLI completion off?
set cli complete-on-space off
What VT does the CLI use and why?
VT100 so arrow keys work
What are the EMACS commands?
Key combos to move around the CLI…
CTRL+B goes left one char
CTRL+F goes right one char
CTRL+A goes to the start of a line
CTRL+E goes to the end of a line
CTRL +D deletes the highlighted char
CTRL + K deletes the rest of the line
CTRL + U deletes all chars and the current command
CTRL + W = Deletes the word to the left
CTRL + L = redraws current line
CTRL + P and CTRL+N cycles through previous and next in the command history
ESC + D - Deletes word to the right
ESC + B - move back one word
Esc + F move forward one word
How do you execute an operational mode command from config mode?
run.
How do you configure config archival?
edit system archival
set transfer-on-commit
or
set transfer-on-interval <interval>
set archive-sites "scp://user@x.x.x.x" password "x" ##SECRET_DATA
or FTP or w/e</interval>
if more than 1 is listed it tries top down, and stops after successful archive.
Archival configs… What are frequency options for interval?
15 to 2880 minutes (48h)
where do archival log messages go?
/var/log/messages
Where are archival configs put before they get backed up?
/var/transfer/config
Where is syslog?
/var/log/messages
In syslog, what are Facility and Severity?
Facility defines the class of log
Severity determines the logging detail
where is syslog configured/
edit system syslog
and
edit routing-options options syslog
Whats the default max number and size of archive configs?
10 128k
what does file <filename> do?</filename>
within syslog, it defines a new syslog file.
what does files <n> do?</n>
defines max number of syslog files
How do you add priority info to syslog entries?
edit system syslog file <file>
facility severity;
set explicit-priority</file>
syslog priority. 7 high or low?
7 is low (debug)
Where can trace outputs go?
into /var/log/<filename>
or syslog</filename>
over-ride with
edit system tracing
set destination-override syslog host 1.1.1.1
How do you trace a protocol?
edit protocols <protocol> traceoptions
set file <file> size <size> files <num>
set flag event detail
set error detail</num></size></file></protocol>
what happens when a tracefil hits max size?
gets named <file>0, the next one is <file>1, etc</file></file>
how do you remove timestamps from a trace?
with hidden no-stamp option
how do you trace an interface?
add the traceoptions parameters you want to
edit interfaces <name> traceoptions</name>
goes into /var/log/messages – cannot be changed
if you trace the whole interface proccess it goes into /var/log/dcd
how do you view logs?
show log <file></file>
you can use “h” at a more page to see the prompt on how to navigate… search the file, etc
easiest way to filter a logfile?
show log messages | match “suport info”..
ANDs
show log messages | match “kernel” | match “error”
ORs
show log messages | match “error|kernel|panic”
What does monitor do?
watches for realtime log file entries…
How do you use monitor?
show monitor <file> | match "something"</file>
How do you stop monitor from outputting to screen?
ESC+Q
how do you stop monitor?
monitor stop
how do you stop a trace?
delete traceoptions
it deletes all traceoptions at that hierarchy.
how do you clear and delete a logfile?
clear log <file>
file delete <file></file></file>
What 4 NTP modes are supported?
Client, server, broadcast, and symmetric active
How does NTP auth work?
no fucking clue. my head hurts.
Trusted key, authentication key, and server key. something.
How can you see NTP connections?
show ntp associations
- or O to the right of the host IP= good
how do you do a mib walk from CLI?
show snmp mib walk <mib></mib>
