Inhaltsverzeichnis

Junos OS Notizzettel

Hinweise

Hinweis (configure Modus)

Systemeinstellungen (cli > configure)

# set system host-name switch1

# set system domain-name mgmt.siningsoft.home

# set system time-zone Europe/Berlin

Nutzer (cli > configure)

# set system root-authentication plain-text-password

# edit system login user $(Username)
        # set class super-user

Interfaces (cli > configure)

# set interfaces ae0 disable

      
* Interface anschalten, wenn abgeschaltet
      <sxh># delete interfaces ae0 disable</sxh>
* Interface-Ranges anlegen Name=FirewallIF member ge-0/0/0 - 1
      <sxh># set interface interface-range FirewallIF member-range ge-0/0/0 to ge-0/0/1</sxh>

# set chassis aggregated-devices ethernet device-count 1
        # delete interfaces ge-0/0/0 unit 0
        # delete interfaces ge-0/0/1 unit 0
        # set interfaces ge-0/0/0 ether-options 802.3ad ae0
        # set interfaces ge-0/0/1 ether-options 802.3ad ae0
        # set interfaces ae0 aggregated-ether-options lacp active periodic fast

      
  * Interface bearbeiten
      <sxh># edit interfaces ge-0/0/17
      # set description "Fahrradhaus"
      # set unit 0 family ethernet-switching port-mode access
      # set unit 0 family ethernet-switching vlan members Kamera</sxh>

Spanning-Tree (https://www.juniper.net/documentation/us/en/software/junos/stp-l2/topics/topic-map/spanning-tree-overview.html) 

  rstp einschalten und bearbeiten
      # edit protocols rstp
      
  Bridge Priorität festlegen (niedrigste Prio = root-bridge)
      {master:0}[edit protocols rstp]
      # set bridge-priority 0
      
  RSTP Interface != edge festlegen
      {master:0}[edit protocols rstp]
      # edit interface ae0.0
      {master:0}[edit protocols rstp interface ae0.0]
      # set priority 0  
      {master:0}[edit protocols rstp interface ae0.0]
      # set mode shared
  RSTP Interface = edge festlegen
      {master:0}[edit protocols rstp]
      # edit interface RSTPp2p
      # set mode p2p
      # set edge

PoE Einstellungen (cli > configure) 

  PoE für alle Ports abschalten
      # set poe interface all disable

VLAN Einstellung (cli > configure) 

  VLAN anlegen, Beispiel: Name=Management ID=26
      # set vlans Management vlan-id 26
      
  VLAN umbennen wie das umbennen eines jeden Elements, siehe oben.  Beispiel umbennen  WLAN-CAM zu Kamera
      # rename vlans WLAN-CAM to Kamera
      
  Interface Mode trunk/access
      # set interfaces ae0 unit 0 family ethernet-switching port-mode trunk
  Interface VLAN Member Beispiel Interface=ae0 VLAN=Management
      # set interfaces ae0 unit 0 family ethernet-switching vlan members Management
  
  Interface VLAN Member Beispiel Interface=ge-0/0/2 VLAN=all
      # set interfaces ge-0/0/2 unit 0 family ethernet-switching vlan members all
    
  Interface native-VLAN-id
      # set interfaces ae0 unit 0 family ethernet-switching native-vlan-id $VLAN-ID

IP Settings (cli > configure) 

  IPv4 Management Port (me0)
      IP Adresse setzen
          # set interface me0 unit 0 family inet address 10.26.1.5/28
      
      Default Route setzen
          # set routing-options static route 0.0.0.0/0 next-hop 10.26.1.1
          
  DNS spezifisches                    
      Domainsuchliste setzen
          # set system domain-search mgmt.siningsoft.home domain-search siningsoft.home
          
      DNS Server setzen
          # set system name-server 10.26.1.1
          
  NTP spezifisches
      Boot-Server
          # set system ntp boot-server 10.26.1.1 
      Sserver
          #  set system ntp server 10.26.1.1

Services konfigurieren 

  SSH
      # set system services ssh key-exchange group-exchange-sha2
      # set system services ssh hostkey-algorithm ssh-rsa
      # set system services ssh macs hmac-sha2-512
      # set system services ssh no-tcp-forwarding
      # set system services ssh protocol-version v2
      # set system services ssh root-login deny
  Telnet ausschalten
      # delete system services telnet
  
  FTP ausschalten
      # delete system services ftp
  
  WebManagement 
      Anzahl Threads
          # set system services web-management control max-threads 2 
      # set system services web-management session session-limit 2 
      URL
          # set system services web-management management-url switch1.mgmt.siningsoft.home
      
      Session Limit
          # set system services web-management session session-limit 2
      Idle Timeout
          # set system services web-management session idle-timeout 15
  HTTP WebInterface
      Auf einem bestimmten Interface nur erlauben
          # set system services web-management http interface me0
      Auf den gewünschten Port konfigurieren
          # set system services web-management http port 80
  
  HTTPS WebInterface
      Auf einem bestimmten Interface nur erlauben    
          # set system services web-management https interface me0  
      Auf den gewünschten Port konfigurieren
          # set system services web-management https port 443        
      Auf ein self-signed Zertifikat konfigurieren
          # set system services web-management https system-generated-certificate

Status abfragen (cli) 

  Alle interfaces samt Vlan und mode
      > show ethernet-switching interfaces
      
  Alle logmeldungen (geht auch mit alt-logs und gepackten
      > show log messages