juniper的觉得有些像linux的层级命令。上班没事儿的时候看看,总结了点儿,写下来。
root@vMX-1% cli
root@JUNOS-1> configure
root@JUNOS-1# show system
root@JUNOS-1# show system host-name
root@JUNOS-1> show arp
root@JUNOS-1> show interfaces em0 extensive
root@JUNOS-1> monitor traffic interface em0
root@JUNOS-1> monitor interface em0
root@JUNOS-1> show arp
root@JUNOS-1> ping 192.168.56.10 count 5
root@JUNOS-1> traceroute 192.168.56.11
root@JUNOS-1# set interfaces em0 unit 0 family inet address 1.1.1.1/30 #添加接口ip
root@JUNOS-1# delete interfaces em0 unit 0 family inet address 1.1.1.1/30 #删除接口ip
root@JUNOS-1> file show /? #查看文件
root@JUNOS-1# commit check #提交检查
root@JUNOS-1# commit and-quit #提交并退出
root@JUNOS-1# commit at 13:30:00 #提交13:30的配置
root@JUNOS-1> file show /config/? #查看配置文件
root@JUNOS-1> file show /var/db/config/? #roolback文件存放目录
root@JUNOS-1# save junos.cfg #保存配置
root@JUNOS-1# run file show junos.cfg #查看配置
root@JUNOS-1# load override junos.cfg #使用cfg覆盖配置
root@JUNOS-1> show system storage #查看文件系统
root@JUNOS-1# set system root-authentication plain-text-password #修改root密码
root@JUNOS-1# set system login user ghostrave class super-user #添加一个用户ghostrave
root@JUNOS-1# set system login user ghostrave authentication plain-text-password #修改ghostrave密码
root@JUNOS-1# set system domain-name wwww.juniper.net #域名
root@JUNOS-1# set system name-server 8.8.8.8 #配置DNS
root@JUNOS-1# set system services telnet connection-limit 20 #设置telnet连接数
root@JUNOS-1# set system services ssh protocol-version v2 # ssh v2
root@JUNOS-1# set system services ssh connection-limit 30 #上线30
root@JUNOS-1# set system services ssh root-login allow #允许root登录
root@JUNOS-1> ssh v2 1.1.1.1
root@JUNOS-1# set system services ftp connection-limit 20
root@JUNOS-1# set system services ftp rate-limit 100
root@vMX-1% ftp 1.1.1.1
root@JUNOS-1> show system uptime
root@JUNOS-1# run show system uptime
root@JUNOS-1# run set date 201905051408
###server###
root@JUNOS-1# edit system ntp
root@JUNOS-1# set authentication-key 1 type md5 value juniper
root@JUNOS-1# set trusted-key 1
root@JUNOS-1# set server 1.1.1.1 key 1 prefer
###client###
root@JUNOS-1# edit system ntp
root@JUNOS-1# set authentication-key 1 type md5 value juniper
root@JUNOS-1# set trusted-key 1
root@JUNOS-1# set peer 1.1.1.1 key 1 prefer
root> request system reboot #重启
root> request system halt #关机
系统更新
tfp 传上去tgz安装文件(默认在/var/home/UID)
request system software add XXX.tgz
静态路由
set routing-options static route 0.0.0.0/0 next-hop 1.1.1.2 [reject | discard]
#reject 丢包的时候会产生一个ICMP destination host unreachable消息
#discard 不会产生消息, 所以在丢弃的时候没有任何消息
qualified-next-hop 允许甚至到同一个目的的多个吓一跳地址和优先级
set routing-options static route 0.0.0.0/0 next-hop 1.1.1.2 preference 10
set routing-options static route 0.0.0.0/0 next-hop 1.1.1.3 preference 20
set routing-options static route 0.0.0.0/0 next-hop 1.1.1.4 preference 30
set routing-options static defaults preference 100
show route protocol static #查看静态路由
#aggregate route 只有当全部的默认路由down后,汇总路由才会down
set routing-options static route 192.168.1.0/0 next-hop 1.1.1.1
set routing-options static route 192.168.2.0/0 next-hop 1.1.1.1
set routing-options static route 192.168.3.0/0 next-hop 1.1.1.1
set routing-options aggregate route 192.168.0.0/16
show route protocol aggregate extensive
#Marians火星路由:公网中不可路由的
set routing-options martians 0/8 orlonger allow
show route martians
run show route
run show route hidden
#路由表
Inet.0 ---->存放Ipv4单播路由
show route table inet.0
intet.1----->存放Ipv多播路由
show route table inet.1
Inet.2 ---->存放Ipv4单播路由,完全和inet.0 不同,这里的单播路由是用来多播路由协议环路的
show route table inet.2
Inet.3 ---->包含一个MPLS label switched path(LSP) 注入IP地址
show route table inet.3
Inet.4 ---->存放使用MSDP(multicast Discovery protocol)学习到的信息
show route table inet.4
Inet.6---->存放Ipv6单播路由
show route table inet.6
Mpls.0---->存放MPLS的标签值
show route table mpls.0
Bgp.l3vpn.0---->存放三层VPN的路由信息
show route table bp.l3vpn.0
Bgp.l2vpn.0---->存放二层VPN的路由信息
show route table bp.l2vpn.0