Juniper JNCIA JN0-103 – Junos Configuration Basics Part 4
- Summary of Section 4
Hello and welcome back. In this lecture we are going to summarize what we learned in section four. So in section four, we started by talking about initial configuration where we talked about how to set a root authentication password. We also spoke about system services for remote access such as SSH and telnet. We understood how we can set the host name, system time and time zone. We also understood how we can set a login message and how we can configure the command line interface idle timeout value. We then spoke about login classes. A login class is a named container that groups together a set of one or more permissions and all users must belong to a login class.
There are four login classes. By default you have super user which has all permissions, operator which has clear network reset trace and view permissions read only, which has view permissions and unauthorized which has no permissions. We also looked at examples with these classes and of course we can also create custom login classes. We saw an example for that as well. We then spoke about interfaces. There are many different types of interfaces.
You have management interfaces, internal interfaces, network interfaces, service interfaces and loopback interfaces. We understood the interface naming convention which is type FPC picn port FPC stands for a flexible pic concentrator and Pig stands for physical interface card. The type indicates the type of interface, for example gigabit ethernet. We also understood that some interfaces do not follow the naming conventions like loop interfaces and VLAN interfaces.
We understood the two different properties of interfaces physical properties and logical properties. Physical properties are configured under the physical hierarchy, while logical properties are configured under the logical hierarchy which is unit number under the physical interface. We saw that interfaces can have multiple addresses. In case of multiple addresses, we can opt for preferred addresses and primary addresses.
Preferred address is the address used by Junes as the source for traffic that is sent on the directly connected subnet, while primary address is the address used by Juno’s as the source address for broadcast and multicast packets. We then spoke about system logging. System wide high level operations are stored as logs in the VAR log directory. The primary log file is VAR log messages. Each syslog entry belongs to a facility.
A facility is a group of messages that are generated by the same software process or concern a similar activity. Each message is also reassigned a severity level which indicates how seriously the triggering event affects device functions. Sysco entries contain timestamps name, which is your host name. You then have process name or process ID, a message code and you have a message text. We then spoke about tracing. Tracing means debugging trace files are stored in the VAR log directory.
We saw examples of how we can enable tracing. We performed policy tracing and interface tracing. For interface tracing, we understood that Juno supports individual interface tracing and global interface tracing. When we are tracing a specific or individual interface, the specification of a trace file is not supported. That is because the Juno’s kernel does the logging. In this case, the trace information is placed in the system’s messages file.
If we want to look at the trace output in real time, we can use the monitor command. We saw that we can monitor multiple files at the same time as well. We then spoke about SNMP, which is simple network Management protocol. SNMP enables the monitoring of network devices from a central location. We have an SNMP agent which responds to requests for information and actions from the SNMP Manager. The SNMP manager is an SNMP software which runs on a server or a host known as Network Management System.
We saw an example of this as well. We installed an SNMP manager called Spiceworks. We then spoke about SNMP MIB or Management Information Base, which is a collection of information organized hierarchically. It defines properties of the objects on the managed device. We also understood that every object in the MIB also has an object ID. Juno’s devices can send notifications to SNMP managers when significant events occur on a network device, most often errors or failures. These SNMP notifications can be sent as trap or inform requests.
SNMP traps are unconfirmed notifications, while informs are confirmed. Notifications. Juno supports SNMP version one, SNMP version two C, and SNMP version three. We then talked about network time protocol. Network Time Protocol, or NTP, is used to synchronize the clocks of routers and other devices on the Internet. Devices running Juno’s can be configured to act as NTP clients, a secondary NTP server, or a primary NTP server.
We also understood the differences between all of these two. Devices can synchronize only when their current clocks are relatively close. A boot server is used to set a systems clock at boot time to ensure that it is close enough to later synchronize to the configured time server. We also saw an example of how we can configure NTP server on the Juno’s device.
We also spoke about default config, rescue config and backups. The load factory default command can be used to return the device to factory default configuration on SRX devices and J series devices. We can also achieve this by pressing the reset config button, which is at the front panel of the device. Very important when you log into the device. If you see the word amnesiac at the login prompt, it indicates that the device is running on a factory default configuration.
We also have something called Rescue Configuration, which is a user defined known good configuration that is designed to restore connectivity in the event of configuration problems. The Juno’s device can be configured to backup the current configuration using FTP or SCP periodically or after each commit. All right, so that’s all the topics that we covered in what has been a fantastic section. In the next section, we are going to talk about operational monitoring and maintenance.
We’ll look at show commands and monitor commands. We’ll look at interface statistics, network tools like ping and trace route. We’ll talk about Juno’s installation software upgrades, root password recovery, and so on. That’s it for this lecture and for this section. If you have any questions, feel free to let me know in the discussion area. I’d like to thank you for watching and I’m excited to see you in the next lecture. Thank you.