For example, I will configure the Juniper QFX5100-24Q-AFO switch.
When connected with a console cable, the default speed is 9600, the user is root without a password.
Disable automatic software updates as I described in the article and specify the root password for the user:
Solution of failing auto-image upgrade
Let’s switch to CLI mode:
cli
Let’s see the current device parameters:
show chassis hardware
show chassis fpc
show chassis fpc 0 detail
show chassis pic fpc-slot 0 pic-slot 0
show interfaces
show interfaces ?
An example of viewing DDM information on an optical module:
show interfaces diagnostics optics et-0/0/0
Let’s go to configuration mode:
configure
Set up SSH and Telnet if necessary:
set system services ssh
set system services ssh port 2222
run show system connections extensive | match "22|2222" | match LISTEN
set system services telnet
show system services
Let’s add an administrator who will connect via SSH or Telnet (I note that the root user cannot connect):
set system login user admin authentication plain-text-password
set system login user admin class super-user
Set up time synchronization:
set system ntp server 192.168.5.5
set system time-zone Europe/Kiev
arp records storage time in minutes:
set system arp aging-timer 5
Set up SNMP:
set snmp community IXNFO.COM clients 192.168.5.5/32
An example of viewing logs:
exit
show log ?
show log messages | last 50
show log user | last 50
show log chassisd | last 50
show log chassisd_snmp | last 50
show log cosd | last 50
show log interactive-commands | last 50
show log jddosd | last 50
show log dhcp_logfile | last 50
file list /var/log/
file delete /var/log/dhcp_logfile
Let’s create the necessary vlan lists (using the example, I created users and core):
set vlans users vlan-id-list [226-228 301-302 501 599-612 700-776 778-800 943-1001 1050-1060]
set vlans core vlan-id 500
run show vlans
I will give an example of configuring the Trunk port (in order not to list vlan, you can specify the names of the vlan lists):
set interface et-0/0/7 vlan-tagging
set interface et-0/0/7 unit 0 family ethernet-switching interface-mode trunk
set interface et-0/0/7 unit 0 family ethernet-switching vlan members [ core users ]
edit interface et-0/0/7
set description UPLINK
set interface et-0/0/8 vlan-tagging
set interface et-0/0/8 unit 0 family ethernet-switching interface-mode trunk
set interface et-0/0/8 unit 0 family ethernet-switching vlan members users
An example of changing the MTU:
set interfaces et-0/0/7 mtu 9216
Example of setting up an ACCESS port:
interfaces {
et-0/0/0 {
description ixnfo.com;
unit 0 {
family ethernet-switching {
interface-mode access;
vlan {
members 777;
}
}
}
}
For mass configuration, you can use the “wildcard” command, for example, remove the xe-0/0/9:0-3 interfaces, as well as xe-0/0/0-23:
edit interfaces
wildcard range delete xe-0/0/9:[0-3]
wildcard range delete xe-0/0/[0-23]:[0-3]
Another example:
wildcard range set interfaces et-0/0/[8-9] unit 0 family ethernet switching
Let’s configure the management port em0 (C0), the switch also has an SFP port C1 for management:
edit interfaces em0
set unit 0 family inet address 10.0.5.2/24
exit
set routing-options static route default next-hop 10.0.5.1
Check and apply the configuration (at this point, the connection will be lost for about 1 second):
commit check
commit confirmed 1
commit
I will give examples of viewing the MAC address table:
run show ethernet-switching table
exit
show ethernet-switching table vlan-id 220
show ethernet-switching table 3c:fd:00:bb:7f:00
View statistics:
show chassis routing-engine
show system processes extensive
See also my articles: