Junos Operating System

Highlights

Lab Guide

Worldwide Education Services

1133 Innovation Way

Sunnyvale, CA 94089
USA
408-745-2000
www.juniper.net

Course Number: SSFJUN01

This document is produced by Juniper Networks, Inc.
This document or any part thereof may not be reproduced or transmitted in any form under penalty of law, without the prior written permission of Juniper
Networks, Inc.
Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other
countries. The Juniper Networks Logo, the Junos logo, and JunosE are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered
trademarks, or registered service marks are the property of their respective owners.
Junos Operating System Highlights Lab Guide, Revision 12.1a
Copyright © 2016 Juniper Networks, Inc. All rights reserved.
Revision History:
July, 2010
June 2016
The information in this document is current as of the date listed above.
The information in this document has been carefully verified and is believed to be accurate for software Release 12.1X46-D40.2. Juniper Networks assumes no
responsibilities for any inaccuracies that may appear in this document. In no event will Juniper Networks be liable for direct, indirect, special, exemplary,
incidental, or consequential damages resulting from any defect or omission in this document, even if advised of the possibility of such damages.

Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
YEAR 2000 NOTICE
Juniper Networks hardware and software products do not suffer from Year 2000 problems and hence are Year 2000 compliant. The Junos operating system has
no known time-related limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036.
SOFTWARE LICENSE
The terms and conditions for using Juniper Networks software are described in the software license provided with the software, or to the extent applicable, in an
agreement executed between you and Juniper Networks, or Juniper Networks agent. By using Juniper Networks software, you indicate that you understand and
agree to be bound by its license terms and conditions. Generally speaking, the software license restricts the manner in which you are permitted to use the Juniper
Networks software, may contain prohibitions against certain uses, and may state conditions under which the license is automatically terminated. You should
consult the software license for further details.
Document Conventions

CLI and GUI Text

Frequently throughout this course, we refer to text that appears in a command-line interface (CLI) or a graphical user
interface (GUI). To make the language of these documents easier to read, we distinguish GUI and CLI text from standard
text according to the following table.

Style Description Usage Example

Franklin Gothic Normal text. Most of what you read in the Lab Guide and
Student Guide.

Courier New Console text:

commit complete
• Screen captures
• Noncommand-related syntax Exiting configuration mode
GUI text elements:
• Menu names Select File > Open, and then click
Configuration.conf in the Filename
• Text field entry
text box.

Input Text Versus Output Text

You will also frequently see cases where you must enter input text yourself. Often these instances will be shown in the
context of where you must enter them. We use bold style to distinguish text that is input versus text that is simply
displayed.

Style Description Usage Example

Normal CLI No distinguishing variant. Physical interface:fxp0, Enabled

Normal GUI View configuration history by clicking
Configuration > History.

CLI Input Text that you must enter. lab@San_Jose> show route
GUI Input Select File > Save, and type config.ini
in the Filename field.

Defined and Undefined Syntax Variables

Finally, this course distinguishes between regular text and syntax variables, and it also distinguishes between syntax
variables where the value is already assigned (defined variables) and syntax variables where you must assign the value
(undefined variables). Note that these styles can be combined with the input style as well.

Style Description Usage Example

CLI Variable Text where variable value is already policy my-peers

assigned.
GUI Variable Click my-peers in the dialog.

CLI Undefined Text where the variable’s value is the Type set policy policy-name.
user’s discretion or text where the
ping 10.0.x.y
variable’s value as shown in the lab
GUI Undefined guide might differ from the value the Select File > Save, and type filename in
user must input according to the lab the Filename field.
topology.

www.juniper.net Document Conventions • v

vi • Document Conventions www.juniper.net
 Contents

Lab 0: Introduction to the Juniper Networks Virtual Lab . . . . . . . . . . . . . . . . . . . . 0-1

Part 1: Accessing the Virtual Labs Homepage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 0-2
Part 2: Logging in to the Virtual Labs site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 0-2
Part 3: Entering and Exiting a Virtual Lab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 0-3
Part 4: Additional Information and Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 0-7

Lab 1: Junos Operating System Highlights . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1

Part 1: Logging In Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Part 2: Experimenting with the CLI’s Operational Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
Part 3: Entering Configuration Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-8

Lab 2: Configuring Junos OS Using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1

Part 1: Exploring Configuration Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2
Part 2: Using a Rescue Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4

Lab 3: Configuring OSPF on Junos OS Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1

Part 1: Configuring and Monitoring Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2
Part 2: Configuring and Monitoring Static Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-8
Part 3: Configuring and Monitoring OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-10

Appendix A: Lab Diagrams. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . A-1

www.juniper.net •1
2• www.juniper.net
 Lab 0
Introduction to the Juniper Networks Virtual Lab

Overview
Lab 0 describes the basic procedures for accessing the Juniper Networks Virtual Lab (vLab)
environment using a standard Web browser.

The Purpose of the Virtual Labs

The vLabs help partners receive hands-on training through a virtual portal which is available
24 hours a day, 7 days a week. This is not a simulator, but live equipment to promote learning
and development for interested partners in association with the Juniper Networks Partner
Learning Academy.
The vLab exercises assist a student in becoming proficient at installing, configuring, and
troubleshooting Juniper products. The time needed to complete each course track and the
associated virtual lab exercises will vary. You will need your Juniper partner login to access the
virtual lab website.
Once logged in, access is granted on a first come, first served basis. The system will check to
see if the selected vLab has a lab environment available. If a vLab environment for the selected
lab is available, access is granted. If a vLab environment for the selected vLab is not available,
you will be asked to try again later. The vLabs are also available for dedicated instructor-led
courses on an as-needed basis.
Each of the vLab environments is duplicated multiple times, making it more likely that a vLab
environment will be available for you to use.

Note
We recommend that you read through Lab 0 prior to
starting your lab. The guide provides important
information regarding accessing the lab
environment and the lab exercises. Lab 0 is the
same for all vLabs.

Introduction to the Juniper Networks Virtual Lab • Lab 0–1

Part 1: Accessing the Virtual Labs Homepage

The first step in accessing the vLabs is to go to the vLab website. To access the vLab website,
type or copy and paste the URL shown below into a web browser and follow the link provided on
the page to access the Virtual Labs:
https://virtuallabs.juniper.net

Part 2: Logging in to the Virtual Labs site

If you are already logged into the Juniper Networks Partner Learning Academy or Partner
Center, you should already be logged into the Virtual Labs site. However, if you are not logged in
to the Learning Academy or Partner Center, a login screen will be presented, as shown below.

Once you have successfully logged in, you will be presented with the Course Management
homepage, which will look similar to the image shown below.

Lab 0–2 • Introduction to the Juniper Networks Virtual Lab

Part 3: Entering and Exiting a Virtual Lab

Find the lab you wish to enter from amongst the tiles presented in the Courses Catalog on the
Course Management homepage. You can use Search courses in the upper left of the
screen if needed. In the default view the courses are presented as tiles, as shown in the first
image below. You can also click List, located on the right of the blue menu bar, to display the
course tiles as an alphabetized list, as shown in the second image below.
Clicking on a tile’s image will show you a high-level diagram of the lab topology (use the back
button on your browser to return to the Course Management page). For additional information
regarding a particular lab, click the More Info link. When you are ready to enter the lab
environment, click the Reserve button.

Introduction to the Juniper Networks Virtual Lab • Lab 0–3

Step 3.1
A RESERVE window which displays the time reserved for you to complete the lab exercises
(SCHEDULE field) will appear. The selected lab name is also displayed (NAME field). The
allotted time (typically 2 or 3 hours) should be more than adequate to complete the exercises,
but you can set the SCHEDULE time to a maximum of 4 hours if needed. The COURSE field
provides a drop down menu in case you want to select a different course.
Click the Reserve button to enter the lab environment for the selected lab.

Lab 0–4 • Introduction to the Juniper Networks Virtual Lab

Step 3.2
The lab environment for the course you selected will be displayed, similar to the image shown
below. The lab environment displays the main devices (represented as tiles) that comprise the
lab. The example below shows two tiles representing the MX Series routers in this particular
lab (mx1 and mx2), along with a virtual router tile (vr-device), and their associated
management IP addresses.
The initial configuration loaded on the devices is a base configuration needed to begin the
particular lab you have selected. Upon first entering the lab environment, a brief setup process
will initiate. The green Active icon on the blue menu bar will change to Setup and then back to
Active to signify the lab is ready to use.

Once you are on this lab environment page and setup is finished, you can begin the lab
exercises available in the lab guide for the selected course (you should begin with Lab 1 and
sequentially work through the lab exercises). A timer in the blue menu bar will show you how
much time you have left in your reservation to complete the lab exercises.

Step 3.3
When you are ready to leave the lab environment, click the END icon located on the right side
of the blue menu bar, as shown in the image below. The environment will go into a Teardown
process. You can leave the lab environment page while the Teardown process is occurring.

Introduction to the Juniper Networks Virtual Lab • Lab 0–5

Step 3.4
Confirm your intent to leave the lab environment by clicking OK in the pop-up window that
appears.

Step 3.5
Upon clicking OK, the lab environment will begin the configuration teardown/reset process,
your reservation timer will end, and the lab environment you were using will be released.
The Course Management menu in the upper left of the screen provides a drop down menu so
that you can return to the Courses page if you want to start another course, or you can go to
the Reservations page. The Reservations page, shown in the first image below, shows a history
of the vLabs you have accessed.
You can logout of the Virtual Lab site from either the Course Management, Reservations, or lab
environment pages by clicking on your user name in the upper right of the screen and selecting
Exit Virtual Labs from the drop down menu, as shown in the second image below.

Lab 0–6 • Introduction to the Juniper Networks Virtual Lab

Part 4: Additional Information and Feedback

Virtual Lab Support:

If you have a question on, or issue with, the lab environment or this lab guide, please contact
Juniper University Support at:
JuniperUsupport@juniper.net
Feedback:
If you would like to provide feedback on ways we can improve your virtual lab experience,
please send an e-mail to elearning@juniper.net.

Be sure to view the appropriate section of the associated

STOP courseware before proceeding to Lab 1.

Introduction to the Juniper Networks Virtual Lab • Lab 0–7

Lab 0–8 • Introduction to the Juniper Networks Virtual Lab
 Lab 1
Junos Operating System Highlights

Overview
This lab introduces you to the Junos OS command-line interface (CLI). In this lab, you will
familiarize yourself with various CLI operational mode features.
By completing this lab, you will perform the following tasks:
• Log in to the CLI.
• Explore the Junos OS CLI operational mode.

www.juniper.net Junos Operating System Highlights • Lab 1–1

12.1X46-D40.2
Junos Operating System Highlights

Part 1: Logging In Using the CLI

The goal of this lab part is for you to become familiar with the access details used to
connect to the lab equipment. Once you are familiar with the access details, you will
use the CLI to log in to your designated device.
Step 1.1
Once you are in the lab environment and the setup process has finished (see Lab 0
for instructions regarding entering a lab environment), access the SRX1 CLI by
hovering the mouse pointer over the tile that displays “(srx1)” in the upper right
corner. Then, hover the mouse pointer over the Action icon that appears
(downward pointing triangle icon) and select Console from the menu that appears.

Step 1.2
A new tab, displaying the CLI for SRX1, will open in the browser. You might have to
press Enter once to display the prompt. Do not close any tabs until instructed to do
so.
Log in as user lab with the password lab123.
login: lab
Password:

--- JUNOS 12.1X46-D40.2 built 2015-09-26 02:25:28 UTC

lab@srxB-1>

Lab 1–2 • Junos Operating System Highlights www.juniper.net

 Junos Operating System Highlights

Part 2: Experimenting with the CLI’s Operational Mode

In this part, you will use the CLI to become familiar with operational mode. You will
also gain experience with some of the tools and functionality available within
operational mode.
Step 2.1
Determine what system information you can clear from the operational mode
command prompt. Press the space bar at the ---(more)--- prompt to continue
the output.
lab@srxB-1> clear ?
lab@srxB-1> clear ?
Possible completions:
amt Show AMT Protocol information
arp Clear address resolution information
auto-configuration Clear auto-configuration action
bfd Clear Bidirectional Forwarding Detection information
bgp Clear Border Gateway Protocol information
bridge Clear learned Layer 2 MAC address information
chassis Clear chassis information
class-of-service Clear class-of-service (CoS) debug information
database-replication Clear database replication information
dhcp Clear DHCP information
dhcpv6 Clear DHCPv6 information
dot1x Clear 802.1X session
esis Clear end system-to-intermediate system information
ethernet-switching Clear ethernet switching information
fabric Clear RPDF Internal data structures
firewall Clear firewall counters
gvrp Clears Generic VLAN Registration Protocol information
helper Clear port-forwarding helper information
igmp Clear Internet Group Management Protocol information
igmp-snooping Clear IGMP snooping information
interfaces Clear interface information
ipv6 Clear IP version 6 information
isdn Clear Integrated Services Digital Network information
isis Clear Intermediate System-to-Intermediate System
information
l2-learning Clear learned Layer 2 MAC address information
lacp Clear Link Aggregation Control Protocol information
ldp Clear Label Distribution Protocol information
lldp Clear Link Layer Discovery Protocol information
log Clear contents of log file
mld Clear multicast listener discovery information
mld-snooping Clear MLD snooping information
monitor Clear monitor information
mpls Clear mpls information
msdp Clear Multicast Source Discovery Protocol information
multicast Clear multicast information
network-access Clear network-access related information
oam Clear Operation, Administration, Management information
ospf Clear Open Shortest Path First information
ospf3 Clear Open Shortest Path First version 3 information

www.juniper.net Junos Operating System Highlights • Lab 1–3

Junos Operating System Highlights
passive-monitoring Clear passive monitoring statistics
pfe Clear Packet Forwarding Engine information
pgm Clear Pragmatic Generalized Multicast information
pim Clear Protocol Independent Multicast information
ppp Clear PPP information
pppoe Clear PPP over Ethernet information
protection-group Clear protection group information
r2cp Clear Radio-to-Router Protocol information
rip Clear Routing Information Protocol information
ripng Clear Routing Information Protocol for IPv6 information
rsvp Clear Resource Reservation Protocol information
security Clear security information
services Clear services
snmp Clear Simple Network Management Protocol information
spanning-tree Clear Spanning Tree Protocol information
system Clear system information
vpls Clear learned Layer 2 MAC address information
vrrp Clear Virtual Router Redundancy Protocol statistics
wlan Clear Wireless LAN information
lab@srxB-1> clear

Question: Which command do you use to clear the

contents of a system log (syslog) file?

Answer: Use the clear log log-filename

command to clear the contents of a particular
syslog file.

Step 2.2
Hit Enter to remove Clear from the prompt. Next experiment with command
completion by entering show i the press the spacebar.
lab@srxB-1> show i<spacebar>
^
'i' is ambiguous.
Possible completions:
iccp Show Inter Chassis Control Protocol information
igmp Show Internet Group Management Protocol information
igmp-snooping Show IGMP snooping information
ingress-replication Show Ingress-Replication tunnel information
interfaces Show interface information
ipv6 Show IP version 6 information
isdn Show Integrated Services Digital Network information
isis Show Intermediate System-to-Intermediate System
information
Step 2.3
If you wanted to display interface related information you would add characters to
disambiguate your command. Use the spacebar or Tab key for automatic command
completion. Enter show int then press the spacebar which will complete the
word interfaces.

Lab 1–4 • Junos Operating System Highlights www.juniper.net

 Junos Operating System Highlights

Note
You can return to the command prompt
without scrolling through all of the
generated output from a command. When
you see ---(more)--- displayed in this
next example, press ‘q’ to abort the
operation and return to the command
prompt.

lab@srxB-1> show int<spacebar>erfaces

Physical interface: ge-0/0/0, Enabled, Physical link is Up
Interface index: 134, SNMP ifIndex: 508
Description: MGMT Interface - DO NOT DELETE
Link-level type: Ethernet, MTU: 1514, Link-mode: Full-dup
lex, Speed: 1000mbps,
BPDU Error: None, MAC-REWRITE Error: None, Loopback: Disa
bled,
Source filtering: Disabled, Flow control: Disabled, Auto-
negotiation: Enabled,
Remote fault: Online
Device flags : Present Running
Interface flags: SNMP-Traps Internal: 0x0
Link flags : None
CoS queues : 8 supported, 8 maximum usable queues
Current address: 88:a2:5e:fb:6b:c3, Hardware address: 88:
a2:5e:fb:6b:c3
Last flapped : 2016-04-06 19:33:19 UTC (1d 00:48 ago)
Input rate : 232 bps (0 pps)
Output rate : 0 bps (0 pps)
Active alarms : None
Active defects : None
Interface transmit statistics: Disabled
...OUTPUT TRIMMED FOR BREVITY...
Step 2.4
Try to clear SNMP statistics by entering the clear snmp command.
lab@srxB-1> clear snmp
^
syntax error, expecting <command>.

www.juniper.net Junos Operating System Highlights • Lab 1–5

Junos Operating System Highlights
Question: What do you think the resulting display
means?

Answer: The display indicates that the command

was incomplete as entered. The carrot symbol (^)
indicates the area of the problem, and the error
message tells you that the system expects
additional command input.

Step 2.5
Verify that the CLI will not let you complete invalid commands by trying to enter the
command show ip interface brief.
lab@srxB-1> show ip<spacebar>

lab@srxB-1> show ipv6

lab@srxB-1> show ipv6 interface

^
syntax error, expecting <command>.

Question: What happens when you try to enter this

command?

Answer: The system’s command completion feature

completes a show ipv6 command in this case
because ipv6 is the only valid completion. If you
attempt to continue with invalid syntax, the system
informs you of your error. Unlike some CLI
implementations, Junos OS will not let you waste
time typing in an illegitimate command!

Step 2.6
Enter a show route command followed by a show system users command.
You are entering these commands to demonstrate command history recall. When
finished, enter the keyboard sequences indicated to answer the related questions.
lab@srxB-1> show route
inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

10.210.41.224/27 *[Direct/0] 14:48:08

> via ge-0/0/0.0
10.210.41.229/32 *[Local/0] 14:48:17
Local via ge-0/0/0.0
Lab 1–6 • Junos Operating System Highlights www.juniper.net
 Junos Operating System Highlights

lab@srxB-1> show system users

1:58PM up 14:51, 1 user, load averages: 0.06, 0.09, 0.08
USER TTY FROM LOGIN@ IDLE WHAT
lab u0 - Wed11PM - -cli (cli)

Question: What happens when you press the

up-arrow key twice?

Answer: The system recalls the show route

command and displays it at the prompt.

Question: What happens when you press the

down-arrow key once?

Answer: The system recalls the next command in

the buffer, which is a show system users
command in this example.

Step 2.7
A large portion of the Junos OS documentation is available directly from the CLI. You
can retrieve high-level topics using the help topic command, whereas you can
obtain detailed configuration-related information with the help reference
command.
Use the backspace key to clear the previous command. Use the help reference
command along with the CLI question-mark operator (?) to find detailed information
about configuring a system hostname.

Question: Which CLI command displays reference

information about configuration of the system’s
hostname?

Answer: The help reference system

host-name command displays information
regarding system hostnames.

lab@srxB-1> help reference system host-name

host-name

Syntax

host-name hostname;

Hierarchy Level
www.juniper.net Junos Operating System Highlights • Lab 1–7
Junos Operating System Highlights

[edit system]

Release Information

Statement introduced before JUNOS Release 7.4.

Statement introduced in JUNOS Release 9.0 for EX Series switches.

Description

Set the hostname of the router or switch.

Options

hostname--Name of the router or switch.

Required Privilege Level

system--To view this statement in the configuration.

system-control--To add this statement to the configuration.

Related Topics

* Configuring the Hostname of the Router

Part 3: Entering Configuration Mode

In this part, you will enter and explore configuration mode.

Step 3.1
Enter configuration mode.
lab@srxB-1> configure
Entering configuration mode

[edit]
lab@srxB-1#

Question: What happens to your prompt?

Answer: A pound sign (#) replaces the angle bracket

(>), and a configuration hierarchy banner displays.

Lab 1–8 • Junos Operating System Highlights www.juniper.net

 Junos Operating System Highlights
Question: According to the prompt, what is your
position in the configuration hierarchy?

Answer: The display indicates that you are now at

the [edit] hierarchy, which is the root of the
configuration tree.

Step 3.2
Display the interfaces portion of the candidate configuration.
[edit]
lab@srxB-1# show interfaces
ge-0/0/0 {
description "MGMT Interface - DO NOT DELETE";
unit 0 {
family inet {
address 10.210.41.229/27;
}
}
}
Step 3.3
Do not close any browser tabs. You will return to the SRX1 CLI tab to perform the
exercises in Lab 2.

STOP
You have completed Lab 1. Please return to the course and complete
the next section before proceeding to Lab 2.

www.juniper.net Junos Operating System Highlights • Lab 1–9

Junos Operating System Highlights

Lab 1–10 • Junos Operating System Highlights www.juniper.net

 Lab 2
Configuring Junos OS Using the CLI

Overview
This lab continues to explore the functionality of the Junos OS command-line interface
(CLI). In this lab, you will familiarize yourself with various CLI configuration mode features.
By completing this lab, you will perform the following tasks:
• Explore the Junos OS CLI using configuration mode.
• Save, view, and use a rescue configuration.

www.juniper.net Configuring Junos OS Using the CLI • Lab 2–1

12.1X46-D40.2
Junos Operating System Highlights

Part 1: Exploring Configuration Mode

In this part, you will use the CLI to explore configuration mode.
Step 1.1
To begin this lab, move to the [edit protocols ospf] portion of the hierarchy.
[edit]
lab@srxB-1# edit protocols ospf

[edit protocols ospf]

Question: Which commands can you now enter to

reposition yourself at the [edit] portion of the
hierarchy? Return to the [edit] hierarchy level
now.

Answer: You can issue an up command twice, or an

up 2 command. You can also issue an exit
command or a top command.

[edit protocols ospf]

lab@srxB-1# top

[edit]
lab@srxB-1#
Note
If you have not already done so, return to
the [edit] hierarchy level using one of
the available methods.

Step 1.2
Next, try to display the status of chassis hardware with a show chassis
hardware operational command while in configuration mode.
[edit]
lab@srxB-1# show chassis hardware
^
syntax error.

Lab 2–2 • Configuring Junos OS Using the CLI www.juniper.net

 Junos Operating System Highlights
Question: Why do you think you received an error?
What can you do to execute operational mode
commands while in configuration mode?

Answer: The command issued is not valid in

configuration mode. Precede operational mode
commands with the keyword run to execute them
while in configuration mode. Try it now:

[edit]
lab@srxB-1# run show chassis hardware
Hardware inventory:
Item Version Part number Serial number Description
Chassis BD5009AA0022 SRX240H2
Routing Engine REV 37 750-024366 AABA9253 RE-SRX240H2
FPC 0 FPC
PIC 0 16x GE Base PIC
Power Supply 0
Step 1.3
Try to return to operational mode by entering an exit command.
[edit]
lab@srxB-1# exit
The configuration has been changed but not committed
Exit with uncommitted changes? [yes,no] (yes)

Question: What happens when you execute the

exit command?

Answer: You should see a message indicating that

uncommitted changes exist. This message results
from the creation of an empty [edit protocols
ospf] stanza. This empty stanza causes the
configuration database to believe that the
configuration actually changed.

www.juniper.net Configuring Junos OS Using the CLI • Lab 2–3

Junos Operating System Highlights
Question: Which CLI command can you use to
display differences between the candidate and
active configuration file? Enter no at the current
prompt and issue the required command to view
the differences between the candidate and active
configurations.

Answer: Use the show command with the results

piped to compare rollback number. In this
example, you should not see any actual
configuration changes, as shown in the following
sample capture:

The configuration has been changed but not committed

Exit with uncommitted changes? [yes,no] (yes) no

Exit aborted

[edit]
lab@srxB-1# show | compare rollback 0

[edit]
lab@srxB-1#

Question: Considering that nothing changed, which

command can you enter in order to exit from
configuration mode without being warned of
uncommitted changes? Issue that command now.

Answer: Issue a rollback 0 command to replace

the candidate configuration with a new copy of the
active configuration. You can now exit configuration
mode without any being warned of uncommitted
changes:

[edit]
lab@srxB-1# rollback 0
load complete

[edit]
lab@srxB-1# exit
Exiting configuration mode

lab@srxB-1>

Part 2: Using a Rescue Configuration

In this part, you will save, display, load, and delete a rescue configuration using the
Junos OS CLI.
Lab 2–4 • Configuring Junos OS Using the CLI www.juniper.net
 Junos Operating System Highlights
Step 2.1
Save the active configuration as the rescue configuration.
lab@srxB-1> request system configuration rescue save

lab@srxB-1
Step 2.2
Display the contents of the recently saved rescue configuration.
lab@srxB-1> file show /config/rescue.conf.gz
## Last changed: 2016-04-07 13:52:08 UTC
version 12.1X46-D40.2;
system {
host-name srxB-1;
root-authentication {
encrypted-password "$1$KI99zGk6$MbYFuBbpLffu9tn2.sI7l1";
ssh-dsa "ssh-dss
AAAAB3NzaC1kc3MAAACBAMQrfP2bZyBXJ6PC7XXZ+MzErI8Jl6jah5L4/
O8BsfP2hC7EvRfNoX7MqbrtCX/9gUH9gChVuBCB+ERULMdgRvM5uGhC/
gs4UX+4dBbfBgKYYwgmisM8EoT25m7qI8ybpl2YZvHNznvO8h7kr4kpYuQEpKvgsTdH/
Jle4Uqnjv7DAAAAFQDZaqA6QAgbW3O/
zveaLCIDj6p0dwAAAIB1iL+krWrXiD8NPpY+w4dWXEqaV3bnobzPC4eyxQKBUCOr80Q5YBlWXVBH
x9elwBWZwj0SF4hLKHznExnLerVsMuTMA846RbQmSz62vM6kGM13HFonWeQvWia0TDr78+rOEgWF
2KHBSIxL51lmIDW8Gql9hJfD/Dr/
NKP97w3L0wAAAIEAr3FkWU8XbYytQYEKxsIN9P1UQ1ERXB3G40YwqFO484SlyKyYCfaz+yNsaAJu
2C8UebDIR3GieyNcOAKf3inCG8jQwjLvZskuZwrvlsz/xtcxSoAh9axJcdUfSJYMW/
g+mD26JK1Cliw5rwp2nH9kUrJxeI7IReDp4egNkM4i15o= configurator@server1.he";
}
login {
user lab {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$84J5Maes$cni5Hrazbd/IEHr/50oY30";
}
}
}
services {
ssh;
telnet;
}
syslog {
user * {
any emergency;
}
file messages {
any any;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}

www.juniper.net Configuring Junos OS Using the CLI • Lab 2–5

Junos Operating System Highlights
interfaces {
ge-0/0/0 {
description "MGMT Interface - DO NOT DELETE";
unit 0 {
family inet {
address 10.210.41.229/27;
}
}
}
}
security {
forwarding-options {
family {
mpls {
mode packet-based;
}
}
}
}

Question: Does the rescue configuration match the

recently created active configuration?

Answer: Yes, the rescue configuration should match

the recently created active configuration.

Step 2.3
Return to configuration mode and delete either ssh or telnet access to the device
(whichever one you are NOT using), under the [edit system services]
hierarchy level. Activate the change.
lab@srxB-1> configure
Entering configuration mode

[edit]
lab@srxB-1# delete system services telnet

[edit]
lab@srxB-1# commit
commit complete
Step 2.4
Verify that the appropriate service has been deleted under the [edit system
services] hierarchy level and then load the rescue configuration.
[edit]
lab@srxB-1# show system services
ssh;

[edit]
lab@srxB-1# rollback rescue
load complete

Lab 2–6 • Configuring Junos OS Using the CLI www.juniper.net

 Junos Operating System Highlights
Step 2.5
Verify that both the ssh and telnet services are once again enabled.
[edit]
lab@srxB-1# show system services
ssh;
telnet;
Step 2.6
Activate the rescue configuration and return to operational mode.
[edit]
lab@srxB-1# commit and-quit
commit complete
Exiting configuration mode

lab@srxB-1>
Step 2.7
Delete the rescue configuration and attempt to display the rescue.conf.gz file to
confirm the deletion.
lab@srxB-1> request system configuration rescue delete

lab@srxB-1> file show /config/rescue.conf.gz

error: could not resolve file: /config/rescue.conf.gz

Question: Did you successfully delete the rescue

configuration?

Answer: Yes, based on the CLI’s feedback, the

deletion of the rescue configuration was successful.

Step 2.8
Do not close any browser tabs. You will return to the SRX1 CLI tab to perform the
exercises in Lab 3.

STOP
You have completed Lab 2. Please return to the course and complete
the next section before proceeding to Lab 3.

www.juniper.net Configuring Junos OS Using the CLI • Lab 2–7

Junos Operating System Highlights

Lab 2–8 • Configuring Junos OS Using the CLI www.juniper.net

 Lab 3
Configuring OSPF on Junos OS Devices

In this lab, you will use the Junos OS command-line interface (CLI) to configure and
monitor static routing and basic OSPF. Throughout these configuration tasks, you will
become familiar with and describe the contents of the routing and forwarding tables.
By completing this lab, you will perform the following tasks:
• Configure and monitor static routing.
• Configure and monitor OSPF.

www.juniper.net Configuring OSPF on Junos OS Devices • Lab 3–1

12.1X46-D40.2
Junos Operating System Highlights

Part 1: Configuring and Monitoring Interfaces

In this lab part, you will load a basic configuration from flash memory, then configure
a new network interface on your assigned device. You will then verify that the
interface is operational and that the system adds the corresponding route table
entries for all the configured interfaces on your device.
Step 1.1
Lab 2 ended at the operational mode prompt. To begin Lab 3, enter configuration
mode using the configure command.
lab@srxB-1> configure
Entering configuration mode
Step 1.2
Using the load override command, load the file lab3p1s4.config from the
/var/home/lab/ssfjun/ directory. This will load the basic configuration
needed to complete the lab. Issue the commit command to apply the changes and
exit configuration mode.
[edit]
lab@srxB-1# load override /var/home/lab/ssfjun/lab3p1s4.config
load complete

[edit]
lab@srxB-1# commit
commit complete

[edit]
lab@srxB-1#
Step 1.3
Leave the SRX1 CLI tab open and return to the lab environment tab.
Access the CLI for SRX2 by hovering the mouse pointer over the tile that displays
“(srx2)” in the upper right corner. Then, hover the mouse pointer over the Action
icon that appears (downward pointing triangle icon) and select Console from the
menu that appears.

Lab 3–2 • Configuring OSPF on Junos OS Devices www.juniper.net

 Junos Operating System Highlights

Step 1.4
A new tab, displaying the CLI for SRX2, will open in the browser. You might have to
press Enter once to display the prompt. Do not close any tabs until instructed to do
so.
Log in as user lab with the password lab123.
srxB-2 (ttyp0)

login: lab
Password:

--- JUNOS 12.1X46-D40.2 built 2015-09-26 02:25:28 UTC

lab@srxB-2>
Step 1.5
Enter configuration mode.
lab@srxB-2> configure
Entering configuration mode

[edit]
lab@srxB-2#
Step 1.6
Load the configuration file and then exit to operational mode. Exit to the login
prompt and then close the tab for SRX2.
[edit]
lab@srxB-2# load override /var/home/lab/ssfjun/lab3p1s9.config
load complete

[edit]
lab@srxB-2# commit and-quit
commit complete
Exiting configuration mode

lab@srxB-2> exit

srxB-2 (ttyu0)

login:

www.juniper.net Configuring OSPF on Junos OS Devices • Lab 3–3

Junos Operating System Highlights
Step 1.7
Return back to the SRX1 browser tab. Navigate to the [edit interfaces]
hierarchy level.
[edit]
lab@srxB-1# edit interfaces

[edit interfaces]
lab@srxB-1#
Step 1.8
Refer to the following diagram and configure the new interface, ge-0/0/4, for your
assigned device. Use the VLAN-ID as the logical unit value for the tagged interface.

VLAN Assignments

Hostname VLAN-ID
srxA-1 101
srxB-1 103
srxC-1 105
srxD-1 107

[edit interfaces]
lab@srxB-1# set ge-0/0/4 vlan-tagging

[edit interfaces]
lab@srxB-1# set ge-0/0/4 unit 10v vlan-id 10v

[edit interfaces]
lab@srxB-1# set ge-0/0/4 unit 10v family inet address 172.20.10v.1/24
Note

VLAN tagging is used on the ge-0/0/4

interface to support the underlying lab
architecture for this course. The use of a
VLAN ID serves no other specific purpose in
this lab.

Step 1.9
Display the interface configuration and ensure it matches the details outlined on the
network diagram for this lab. When you are comfortable with the interface
configuration, issue the commit-and-quit command to activate the
configuration and return to operational mode.
[edit interfaces]
lab@srxB-1# show
ge-0/0/0 {
description "MGMT Interface - DO NOT DELETE";
unit 0 {
family inet {
address 10.210.41.229/27;

Lab 3–4 • Configuring OSPF on Junos OS Devices www.juniper.net

 Junos Operating System Highlights
}
}
}
ge-0/0/1 {
unit 0 {
family inet {
address 172.20.77.1/30;
}
}
}
ge-0/0/2 {
unit 0 {
family inet {
address 172.20.66.1/30;
}
}
}
ge-0/0/3 {
unit 0 {
family inet {
address 172.18.1.2/30;
}
}
}
ge-0/0/4 {
vlan-tagging;
unit 103 {
vlan-id 103;
family inet {
address 172.20.103.1/24;
}
}
}
lo0 {
unit 0 {
family inet {
address 192.168.1.1/32;
}
}
}

[edit interfaces]
lab@srxB-1# commit and-quit
commit complete
Exiting configuration mode
Step 1.10
Issue the show interfaces terse command to verify the current state of the
interface you just configured. Your output might differ slightly, based on the device
you were assigned.
lab@srxB-1> show interfaces terse
Interface Admin Link Proto Local Remote
ge-0/0/0 up up
ge-0/0/0.0 up up inet 10.210.41.229/27

www.juniper.net Configuring OSPF on Junos OS Devices • Lab 3–5

Junos Operating System Highlights
...OUTPUT TRIMMED..
ge-0/0/1 up up
ge-0/0/1.0 up up inet 172.20.77.1/30
ge-0/0/2 up up
ge-0/0/2.0 up up inet 172.20.66.1/30
ge-0/0/3 up up
ge-0/0/3.0 up up inet 172.18.1.2/30
ge-0/0/4 up up
ge-0/0/4.103 up up inet 172.20.103.1/24
...OUTPUT TRIMMED FOR BREVITY..
lo0 up up
lo0.0 up up inet 192.168.1.1 --> 0/0
...OUTPUT TRIMMED FOR BREVITY..

Question: What is the Admin and Link state for

the ge-0/0/4 interface?

Answer: The new interface should all show an

Admin and Link state of up.

Step 1.11
Issue the show route command to view the current route entries.
lab@srxB-1> show route

inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

10.210.41.224/27 *[Direct/0] 15:47:37

> via ge-0/0/0.0
10.210.41.229/32 *[Local/0] 15:47:46
Local via ge-0/0/0.0
172.18.1.0/30 *[Direct/0] 00:36:20
> via ge-0/0/3.0
172.18.1.2/32 *[Local/0] 00:36:20
Local via ge-0/0/3.0
172.20.66.0/30 *[Direct/0] 00:36:20
> via ge-0/0/2.0
172.20.66.1/32 *[Local/0] 00:36:20
Local via ge-0/0/2.0
172.20.77.0/30 *[Direct/0] 00:36:20
> via ge-0/0/1.0
172.20.77.1/32 *[Local/0] 00:36:20
Local via ge-0/0/1.0
172.20.103.0/24 *[Direct/0] 00:02:10
> via ge-0/0/4.103
172.20.103.1/32 *[Local/0] 00:02:10
Local via ge-0/0/4.103
192.168.1.1/32 *[Direct/0] 00:36:20
> via lo0.0

Lab 3–6 • Configuring OSPF on Junos OS Devices www.juniper.net

 Junos Operating System Highlights
Question: Does the route table display an entry for
all local interface addresses and directly connected
networks?

Answer: The answer should be yes. If needed, you

can refer back to the network diagram and compare
it with the displayed route entries.

Question: What is the route preference for the

Local and Direct route entries?

Answer: The Local and Direct route entries both

have a route preference of 0.

Step 1.12
Use the ping utility to verify reachability to the neighboring devices connected to your
device. The following sample capture shows ping tests from srxB-1 to the Internet
gateway, srxB-2-a, and vr103, which are all directly connected:
Note
Use Ctrl+C to stop a continuous ping
operation if needed.

lab@srxB-1> ping 172.18.1.1 rapid count 25

PING 172.18.1.1 (172.18.1.1): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!
--- 172.18.1.1 ping statistics ---
25 packets transmitted, 25 packets received, 0% packet loss
round-trip min/avg/max/stddev = 3.560/5.276/26.080/4.364 ms

lab@srxB-1> ping 172.20.66.2 rapid count 25

PING 172.20.66.2 (172.20.66.2): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!
--- 172.20.66.2 ping statistics ---
25 packets transmitted, 25 packets received, 0% packet loss
round-trip min/avg/max/stddev = 4.776/6.841/29.045/4.672 ms

lab@srxB-1> ping 172.20.77.2 rapid count 25

PING 172.20.77.2 (172.20.77.2): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!
--- 172.20.77.2 ping statistics ---
25 packets transmitted, 25 packets received, 0% packet loss
round-trip min/avg/max/stddev = 4.817/7.077/27.688/4.360 ms

lab@srxB-1> ping 172.20.10v.10 rapid count 25

PING 172.20.103.10 (172.20.103.10): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!

www.juniper.net Configuring OSPF on Junos OS Devices • Lab 3–7

Junos Operating System Highlights
--- 172.20.103.10 ping statistics ---
25 packets transmitted, 25 packets received, 0% packet loss
round-trip min/avg/max/stddev = 3.499/4.644/6.253/0.871 ms

Question: Are the ping tests successful?

Answer: Yes, the ping tests should be successful at

this time.

Part 2: Configuring and Monitoring Static Routing

In this part, you will configure and monitor static routing.

Step 2.1
Attempt to ping the loopback address of the directly attached virtual router
referenced on the network diagram for this lab.
Note

Use Ctrl+C to stop a continuous ping

operation.

lab@srxB-1> ping 192.168.1.2/32

ping: cannot resolve 192.168.1.2/32: Host name lookup failure

Question: What does the result from the ping

operation indicate?

Answer: The results from the ping operation

indicate that no route to the specified host currently
exists.

Step 2.2
Enter configuration mode, navigate to the [edit routing-options] hierarchy
level, and add a static route to the loopback address of the directly attached virtual
router.
lab@srxB-1> configure
Entering configuration mode

[edit]
lab@srxB-1# edit routing-options

[edit routing-options]
lab@srxB-1# set static route 192.168.1.2/32 next-hop 172.20.10v.10

Lab 3–8 • Configuring OSPF on Junos OS Devices www.juniper.net

 Junos Operating System Highlights
Step 2.3
Define additional static routes to allow end-to-end connectivity to the remote subnet
and loopback addresses within your assigned pod. Use the IP address assigned on
the 172.20.66.0/30 subnet as the next hop for these static routes.
[edit routing-options]
lab@srxB-1# set static route 192.168.2.1/32 next-hop 172.20.66.2

[edit routing-options]
lab@srxB-1# set static route 192.168.2.2/32 next-hop 172.20.66.2

[edit routing-options]
lab@srxB-1# set static route 172.20.104.0/24 next-hop 172.20.66.2
Step 2.4
Display the resulting configuration to review your work. Once satisfied, activate the
configuration changes and return to operational mode.
[edit routing-options]
lab@srxB-1# show
static {
route 192.168.1.2/32 next-hop 172.20.103.10;
route 192.168.2.1/32 next-hop 172.20.66.2;
route 192.168.2.2/32 next-hop 172.20.66.2;
route 172.20.104.0/24 next-hop 172.20.66.2;
}

[edit routing-options]
lab@srxB-1# commit and-quit
commit complete
Exiting configuration mode
Step 2.5
Issue the show route protocol static command to view the current static
routes in your device’s route table.
lab@srxB-1> show route protocol static

inet.0: 15 destinations, 15 routes (15 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

172.20.104.0/24 *[Static/5] 00:00:22

> to 172.20.66.2 via ge-0/0/2.0
192.168.1.2/32 *[Static/5] 00:00:22
> to 172.20.103.10 via ge-0/0/4.103
192.168.2.1/32 *[Static/5] 00:00:22
> to 172.20.66.2 via ge-0/0/2.0
192.168.2.2/32 *[Static/5] 00:00:22
> to 172.20.66.2 via ge-0/0/2.0

www.juniper.net Configuring OSPF on Junos OS Devices • Lab 3–9

Junos Operating System Highlights
Question: How many static routes display?

Answer: Each device should show four static routes.

Step 2.6
Ping the loopback address of all internal devices to verify reachability.
Note
The virtual routers have a preconfigured
default static route using their directly
connected device as the next hop.

lab@srxB-1> ping 192.168.2.1 rapid count 25

PING 192.168.2.1 (192.168.2.1): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!
--- 192.168.2.1 ping statistics ---
25 packets transmitted, 25 packets received, 0% packet loss
round-trip min/avg/max/stddev = 4.714/6.018/13.400/1.758 ms

lab@srxB-1> ping 192.168.1.2 rapid count 25

PING 192.168.1.2 (192.168.1.2): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!
--- 192.168.1.2 ping statistics ---
25 packets transmitted, 25 packets received, 0% packet loss
round-trip min/avg/max/stddev = 3.598/5.839/35.017/6.038 ms

lab@srxB-1> ping 192.168.2.2 rapid count 25

PING 192.168.2.2 (192.168.2.2): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!
--- 192.168.2.2 ping statistics ---
25 packets transmitted, 25 packets received, 0% packet loss
round-trip min/avg/max/stddev = 4.241/5.953/27.162/4.406 ms

Question: Did the ping tests succeed?

Answer: The ping tests should succeed.

Part 3: Configuring and Monitoring OSPF

In this part, you will configure and monitor OSPF. You will configure a single OSPF
area based on the network diagram for this lab. Then you will perform some
verification tasks to ensure that OSPF works properly.
Step 3.1
Enter configuration mode and navigate to the [edit protocols ospf]
hierarchy level.
Lab 3–10 • Configuring OSPF on Junos OS Devices www.juniper.net
 Junos Operating System Highlights
lab@srxB-1> configure
Entering configuration mode

[edit]
lab@srxB-1# edit protocols ospf

[edit protocols ospf]

lab@srxB-1#
Step 3.2
Define OSPF Area 0 and include all internal interfaces that connect to host device
and the directly connected virtual router. Ensure that you also include the lo0
interface. Issue the show command to view the resulting configuration.
Note
Remember to specify the appropriate
logical interface! If the logical unit is not
specified, Junos OS assumes a logical unit
of zero (0).

[edit protocols ospf]

lab@srxB-1# set area 0 interface ge-0/0/1.0

[edit protocols ospf]

lab@srxB-1# set area 0 interface ge-0/0/2.0

[edit protocols ospf]

lab@srxB-1# set area 0 interface ge-0/0/4.10v

[edit protocols ospf]

lab@srxB-1# set area 0 interface lo0.0

[edit protocols ospf]

lab@srxB-1# show
area 0.0.0.0 {
interface ge-0/0/1.0;
interface ge-0/0/2.0;
interface ge-0/0/4.103;
interface lo0.0;
}
Step 3.3
Activate the candidate configuration using the commit command. Issue the run
show ospf neighbor command to verify OSPF neighbor adjacency state
information.
Note
The OSPF adjacency state for each
neighbor is dependent on that neighbor’s
configuration.

[edit protocols ospf]

lab@srxB-1# commit
commit complete

www.juniper.net Configuring OSPF on Junos OS Devices • Lab 3–11

Junos Operating System Highlights

[edit protocols ospf]

lab@srxB-1# run show ospf neighbor
Address Interface State ID Pri Dead
172.20.77.2 ge-0/0/1.0 Full 192.168.2.1 128 38
172.20.66.2 ge-0/0/2.0 Full 192.168.2.1 128 32
172.20.103.10 ge-0/0/4.103 Full 192.168.1.2 128 39

Question: What state do the OSPF neighbor

adjacencies show?

Answer: Although you might see some transitional

states, the state for all three OSPF neighbors should
eventually show Full.

Step 3.4
Issue the run show route protocol ospf to view the active OSPF routes in
your device’s route table.
[edit protocols ospf]
lab@srxB-1# run show route protocol ospf

inet.0: 16 destinations, 20 routes (16 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

172.20.104.0/24 [OSPF/10] 00:01:33, metric 2

to 172.20.77.2 via ge-0/0/1.0
> to 172.20.66.2 via ge-0/0/2.0
192.168.1.2/32 [OSPF/10] 00:02:14, metric 1
> to 172.20.103.10 via ge-0/0/4.103
192.168.2.1/32 [OSPF/10] 00:01:33, metric 1
to 172.20.77.2 via ge-0/0/1.0
> to 172.20.66.2 via ge-0/0/2.0
192.168.2.2/32 [OSPF/10] 00:01:33, metric 2
to 172.20.77.2 via ge-0/0/1.0
> to 172.20.66.2 via ge-0/0/2.0
224.0.0.5/32 *[OSPF/10] 00:02:24, metric 1
MultiRecv

Question: Are all of the OSPF routes for the remote

subnet and loopback destinations active? Why?

Answer: No, the OSPF routes for the remote subnet

and loopback destinations should not be active
(Note the lack of a * in front of most of the OSPF
routes). We still have the static routes in place,
which have a route preference of 5, making them
more preferred than OSPF routes. (Internal OSPF
routes use a route preference of 10, by default.)

Lab 3–12 • Configuring OSPF on Junos OS Devices www.juniper.net

 Junos Operating System Highlights
Step 3.5
Delete all static routes used for internal connectivity.
[edit protocols ospf]
lab@srxB-1# top edit routing-options

[edit routing-options]
lab@srxB-1# show
static {
route 192.168.1.2/32 next-hop 172.20.103.10;
route 192.168.2.1/32 next-hop 172.20.66.2;
route 192.168.2.2/32 next-hop 172.20.66.2;
route 172.22.104.0/24 next-hop 172.20.66.2;

[edit routing-options]
lab@srxB-1# delete static route 192.168.1.2/32

[edit routing-options]
lab@srxB-1# delete static route 192.168.2.1/32

[edit routing-options]
lab@srxB-1# delete static route 192.168.2.2/32

[edit routing-options]
lab@srxB-1# delete static route 172.20.10v.0/24

[edit routing-options]
lab@srxB-1# show

[edit routing-options]
lab@srxB-1#
Step 3.6
Activate the configuration and return to operational mode. Issue the show route
protocol ospf command to verify that the OSPF routes are now active.
[edit routing-options]
lab@srxB-1# commit and-quit
commit complete
Exiting configuration mode

lab@srxB-1> show route protocol ospf

inet.0: 16 destinations, 16 routes (16 active, 0 holddown, 0 hidden)

+ = Active Route, - = Last Active, * = Both

172.20.104.0/24 *[OSPF/10] 00:07:13, metric 2

to 172.20.77.2 via ge-0/0/1.0
> to 172.20.66.2 via ge-0/0/2.0
192.168.1.2/32 *[OSPF/10] 00:07:54, metric 1
> to 172.20.103.10 via ge-0/0/4.103
192.168.2.1/32 *[OSPF/10] 00:07:13, metric 1
to 172.20.77.2 via ge-0/0/1.0
> to 172.20.66.2 via ge-0/0/2.0
192.168.2.2/32 *[OSPF/10] 00:07:13, metric 2

www.juniper.net Configuring OSPF on Junos OS Devices • Lab 3–13

Junos Operating System Highlights
to 172.20.77.2 via ge-0/0/1.0
> to 172.20.66.2 via ge-0/0/2.0
224.0.0.5/32 *[OSPF/10] 00:08:04, metric 1
MultiRecv

lab@srxB-1>

Question: Are all of the OSPF routes for the remote

subnet and loopback destinations active now?

Answer: Yes, all OSPF routes should now be active.

(Notice that the * is now present for all of the OSPF
routes.)

Step 3.7
Ping the loopback address of all internal devices to verify reachability through the
OSPF routes.
lab@srxB-1> ping 192.168.1.2 rapid count 25
PING 192.168.1.2 (192.168.1.2): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!
--- 192.168.1.2 ping statistics ---
25 packets transmitted, 25 packets received, 0% packet loss
round-trip min/avg/max/stddev = 3.445/4.646/9.481/1.217 ms

lab@srxB-1> ping 192.168.2.1 rapid count 25

PING 192.168.2.1 (192.168.2.1): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!
--- 192.168.2.1 ping statistics ---
25 packets transmitted, 25 packets received, 0% packet loss
round-trip min/avg/max/stddev = 4.736/5.888/11.097/1.327 ms

lab@srxB-1> ping 192.168.2.2 rapid count 25

PING 192.168.2.2 (192.168.2.2): 56 data bytes
!!!!!!!!!!!!!!!!!!!!!!!!!
--- 192.168.2.2 ping statistics ---
25 packets transmitted, 25 packets received, 0% packet loss
round-trip min/avg/max/stddev = 4.069/7.120/54.837/9.810 ms

lab@srxB-1>

Question: Do the ping tests succeed?

Answer: Yes, the ping tests should succeed, due to

the OSPF routes in your device’s route table.

Step 3.8
You should now close the CLI tab and end your reservation for this lab environment.
You may then choose another lab or log off of the Virtual Labs website.

Lab 3–14 • Configuring OSPF on Junos OS Devices www.juniper.net

 Junos Operating System Highlights

Congratulations! You have completed Lab 3. Please return to the course

STOP
to complete the presentation.

www.juniper.net Configuring OSPF on Junos OS Devices • Lab 3–15

Junos Operating System Highlights

Lab 3–16 • Configuring OSPF on Junos OS Devices www.juniper.net

Junos Operating System Highlights

Appendix A: Lab Diagrams

Junos Operating System Highlights

A–2 • Lab Diagrams www.juniper.net