Monday 18 November 2013

Junos : Copy/Paste Configuration

Copying and Pasting a Configuration Section to Another Configuration

If you have a section of a configuration that you want include in another configuration, you can use the load merge terminal relative command to copy the configuration section from a file or an application window (for example, a Web browser) and paste the section in the CLI of the terminal window that you are using to configure a device.

To copy and paste a section of a configuration to another configuration:
  1. In the terminal window, navigate to the specific hierarchy where the data will be pasted (in this example, the system hierarchy).

  2. user@host# edit system
    [edit system]


  3. Enter the load merge terminal relative command:

  4. user@host# load merge terminal relative
    [Type ^D at a new line to end input]


  5. Copy the section of the configuration from a file or an application window.

  6. Paste the copied text into the CLI of the terminal window that you are using to configure the device.
  7. user@host# load merge terminal relative
    [Type ^D at a new line to end input]
    location building 2;
    ntp server 78.46.194.186 version 4;
  8. Press Enter once. Make sure that you perform this step before proceeding.

  9. Press Ctrl+d to indicate that the end of the pasted text. You see "load complete" in the terminal window.

  10. To verify the configuration but not activate it, use the show command. You can also use the commit check command to verify the correctness of the syntax for the commands that have been entered.

  11. If the validation is successful, go to the next step. Otherwise, review any error messages and use the CLI to change the configuration and resolve errors.

  12. Commit the configuration to activate it:

  13. user@host# commit
    commit complete

Sunday 10 November 2013

Junos : Configuring Basic Settings with the CLI

Configuring Basic Settings with the CLI

In CLI configuration mode, you use the set command to enable features, and the delete command to disable them. The commands you enter do not update the active configuration on the router until you use the commit command.
To configure basic settings with the CLI:
  1. From the CLI, enter configuration mode:
      root> configure
      root#
  2. Set the IP addresses of the built-in Ethernet ports. For example:
      root# set interfaces ge-0/0/0 unit 0 family inet address 1.1.2.31/24
      root# set interfaces ge-0/0/1 unit 0 family inet address 1.6.2.1/24
      root# set interfaces ge-0/0/2 unit 0 family inet address 2.8.3.1/24
      root# set interfaces ge-0/0/3 unit 0 family inet address 9.1.4.1/24
    The unit number is the logical interface number. IP addresses are configured on the logical interface. Setting the protocol family to inet specifies the routing table of IPv4 addresses.
  3. Set a default route (default gateway) for IPv4 packets. For example:
      root# set routing-options static route 1.6.2.1/24 next-hop 10.1.1.50
  4. Configure one or more static routes:
      root# set routing-options static route destination-prefix next-hop address
  5. Set the hostname. For example:
      root# set system host-name Chicago
  6. Save your configuration settings and activate them on the Services Router:
      root# commit

Tuesday 5 November 2013

Junos : ALG

JUNOS Software supports voice-over-IP Application Layer Gateways (VoIP ALGs) and basic data ALGs. (Note that supported ALG types vary depending on which hardware device you are using.)
VoIP ALGs provide stateful Application Layer inspection and Network Address Translation (NAT) capabilities to VoIP signaling and media traffic. The ALG inspects the state of transactions, or calls, and forwards or drops packets based on those states.
JUNOS Software supports the following VoIP ALGs:
  • H.323—The H.323 ALG provides support for the H.323 legacy VoIP protocol. The ALG lets you secure VoIP communication between terminal hosts, such as IP phones and multimedia devices. In such a telephony system, the gatekeeper device manages call registration, admission, and call status for VoIP calls. Gatekeepers can reside in the two different zones or in the same zone.
  • SIP—The SIP ALG provides support for the Session Initiation Protocol (SIP). SIP is an Internet Engineering Task Force (IETF)-standard protocol for initiating, modifying, and terminating multimedia sessions over the Internet. Such sessions might include conferencing, telephony, or multimedia, with features such as instant messaging and application-level mobility in network environments.
  • SCCP—The SCCP ALG provides support for Skinny Client Control Protocol (SCCP). SCCP is a Cisco proprietary protocol for call signaling. Skinny is based on a call-agent-based call-control architecture. The control protocol uses binary-coded frames encoded on TCP frames sent to well-known TCP port number destinations to set up and tear down RTP media sessions.
  • MGCP—The MGCP ALG provides support for Media Gateway Control Protocol (MGCP). MGCP is a text-based Application Layer protocol used for call setup and call control between the media gateway and the media gateway controller (MGC). .
JUNOS Software also supports the following data ALGs:
  • DNS—Provides an ALG for the Domain Name System. The DNS ALG monitors DNS query and reply packets and closes session if the DNS flag indicates the packet is a reply message.
  • FTP—Provides an ALG for the File Transfer Protocol (FTP).The FTP ALG monitors PORT, PASV, and 227 commands. It performs NAT on the IP, port, or both in the message and gate opening on the device as necessary. The FTP ALG supports FTP put and FTP get command blocking. When the FTP_NO_PUT or FTP_NO_GET command is set in the policy, the FTP ALG sends back a blocking command and closes the associated opened gate when the FTP STOR or FTP RETR command is observed.
  • TFTP—Provides an ALG for the Trivial File Transfer Protocol (TFTP). The TFTP ALG processes TFTP packets that initiate the request and opens a gate to allow return packets from the reverse direction to the port that sends the request.
  • PPTP—Provides an ALG for the Point-to-Point Tunneling Protocol (PPTP). The PPTP is a Layer 2 protocol that tunnels PPP data across TCP/IP networks. The PPTP client is freely available on Windows systems and is widely deployed for building Virtual Private Networks (VPNs).
  • REAL—Provides an ALG for the Real-Time Streaming Protocol.
  • MSRPC—Provides an ALG for the Microsoft Remote Procedure Call.
  • SUNRPC—Provides an ALG for the SUN Remote Procedure Call.
  • RSH—Provides an ALG for the Remote Shell (RSH). The RSH ALG handles TCP packets destined for port 514 and processes the RSH port command. The RSH ALG performs NAT on the port in the port command and opens gates as necessary.
  • SQL—Provides an ALG for the Structured Query Language (SQL). The SQLNET ALG processes SQL TNS response frame from the server side. It parses the packet and looks for the (HOST=ipaddress), (PORT=port) pattern and performs NAT and gate opening on the client side for the TCP data channel.
  • TALK—Provides an ALG for the TALK Protocol. The TALK protocol uses UDP port 517 and port 518 for control channel connections. The talk program consists of a server and a client. The server handles client notifications and helps to establish talk sessions. There are two types of talk servers: ntalk and talkd. The TALK ALG processes packets of both ntalk and talkd formats. It also performs NAT and gate opening as necessary.
loading...