platform and interface operations

Question 1

What tools exist to monitor Junos?

Answer 1

J-WEB (GUI)
Junos Space
Paragon Insights
CLI
LEDs
LCDs SNMP

Question 2

How do you monitor system level things?

Answer 2

monitor system ?

alarms, boot-messsages, connections = local TCP and UDP

Question 3

How do you monitor the chassis?

Answer 3

show chassis ?

Environmental stuff, things about the hardware, inventory, operational stats of the RE, etc

Question 4

on show commands, what the equivalent to ciscos “detail”?

Answer 4

extensive

Question 5

how do you get real time packet and error counters from an interface?

Answer 5

monitor interface <interface> for a specific interface - lots of into</interface>

monitor interface traffic for all interfaces.. but less detail

Question 6

what does monitor traffic do?

Answer 6

Gives you tcpdump functionality.

you can pull just headers, or full packet. You can use match to match specific packets.

write-file puts it into a pcap

monitor traffic interface fxp0 layer2-headers no-resolve matching icmp

Gives tcp-dump-like output to CLI for icmp from management interface.

Question 7

What do you need to do a root PW recovery?

Answer 7

console access!

Question 8

How do you disable password recovery?

Answer 8

edit system ports
set console insecure

Question 9

how do you recover root pw?

Answer 9

connect to console.

1. Reboot.

push space when prompted

enter “boot -s” to get into single user mode

2. when prompted to enter the shell path, type “recovery”
3. set a new root password, same as normal;

set system root-authentication plain-text-password

4. commit, exit, reboot.

Question 10

how do you recover root PW on “upgraded freeBSD”?

Answer 10

reboot

Ctrl +C after the wind river linux starts

at the main menu, M or 5 for more options.

C or 2 to go into recovery.

change the pw, commit, exit and reboot.

Question 11

How do you see how much space you have?

Answer 11

show system storage (its just df -h)

Question 12

how do you do an easy cleanup?

Answer 12

request system storage cleanup

Does log rotation and offers up files you dont need anymore to delete.

request system storage cleanup dry-run will do the listing but not actually delete them.

Question 13

how do you nuke the box and delete anything sensitive?

Answer 13

request system zeroize – Nukes the REs entirely and restores factory config

request system zeroize media – scrubs the flash to make the files unrecoverable.

Question 14

What are the parts of the Junos software package naming conventions?

Package-prefix-arch-abi-release-edition.extension

Answer 14

package-prefix indicates what product its for
arch = CPU architecture
abi = 32 or 64 bit
release = eg 21.1R1
edition = null for domestic. “limited” for versions with no payload encryption.

Question 15

what are the package prefixes?

Answer 15

jinstall = EX and QFX
jinstall-ex = EX
junos-install - MX and EX
junos-srx

Question 16

how do you upgrade Junos?

Answer 16

1. Download the image. You need a login. You can do this to your machine or direct-on-box using the temp URL the download process generates and then file copy
2. request system software add <path/image> to upgrade/downgrade (local, FTP, SCP)

It does its thing and then reboots at the end.

Question 17

what protections are there in a Junos UPgrade?

Answer 17

• only executes signed binaries
  wont execute a binary without a registered fingerprint

Question 18

where should you store images before you install them?

Answer 18

/var/tmp

Question 19

how do you do an ISSU?

Answer 19

1. Enable GRES and NSR, make sure REs are synced
2. Download and copy to router
3. request system software in-service-upgrade <image> on primary RE</image>