Sunteți pe pagina 1din 34

Building a Juniper "Olive" running latest JUNOS in VMWare

Two of my work objectives for FY07/08 are passing two Juniper "Enterprise Routing track" exams: Juniper Networks Certified Internet Associate (JNCIA-ER exam JN0-341) [update: passed 6th Aug 07] Juniper Networks Certified Internet Specialist (JNCIS-ER exam JN0-350)

As my networking background is traditionally based upon Cisco routing and switching, I thought it would be sensible to get some half-decent CLI time on JUNOS, as opposed to just reading books and PDFs etc. One such way of getting CLI time is to build an "Olive" box which effectively runs JUNOS software on a FreeBSD Unix-like free operating system. For details of what an Olive box is, please visit here. If you did not know, Olive requires managing through the serial port (e.g. COM1) of a PC, similar to a console port of a router. Only the earlier versions such as JUNOS 5 allow you to access the CLI through the PC keyboard and VGA output directly (although this view was still not identical to a serial connection). The recent versions of code after JUNOS 7.4 which stand any chance of detecting your NIC card, can only be accessed through the serial port. I customised a cable to allow me to do this below, but later use some clever free software to create multiple virtual serial ports which I can telnet in to, making physical cables unnecessary. This long page, only concentrates on running Olive in a VMWare virtual environment - I have no interest in building a real Olive by dedicating a whole PC to the task - not even using dual-boot. The primary reason for this is a single Olive is of little use to me - I aim to use a minimum of three so I can get to grips with the routing protocols and filtering techniques where a single Olive would be next to useless. For anybody who has not seen them before, I found the following two URLs helpful resources: JUNOS as a second language (for anyone familiar with Cisco IOS, this shows a clean migration path for the CLI skills you have already mastered) IOS to JUNOS config translator (juniper.net login required)

Page Index - jump to a section...


1. 2. 3. Free Sybex Juniper PDF certification books Credit where it's due On to the Olive branch

VMWare specifics Installing FreeBSD Installing JUNOS Gaining access via the serial port Running multiple Olives on one box using VMWare, and creating virtual serial ports for telnet access 9. Upgrading from a < 7.4 version to a > 7.4 version so the NICs can be detected 10. Installing J-Web (allowing web based administration of the Olive) 11. Screenshots of 3 VMWare Olives 12. Sample VMWare .VMX file 4. 5. 6. 7. 8.

Free Sybex Juniper PDF certification books...


Juniper provide these Sybex books free of charge (to download) as they are now out of print: JNCIA: Juniper Networks Certified Internet Associate Study Guide (Published Feb 03) JNCIS-M: Juniper Networks Certified Internet Specialist Study Guide (Published Feb 03) JNCIP-M: Juniper Networks Certified Internet Professional Study Guide (Published Feb 03) JNCIE-M: Juniper Networks Certified Internet Expert Study Guide (Published Nov 03)

Credit where it's due...


Firstly - none of the below would be possible if it hadn't been for the excellent pages published at the following URLs (in no particular order), of which some of the below is a direct copy and paste: Sid Smokes JuniperClue Packetmischief

Please do not contact me for any JUNOS images - I will not provide them. "Olive" is not supported by J-TAC and they should never be contacted about it. Throughout this document, I never pretend to be a Juniper, JUNOS, VMWare or FreeBSD expert. I know a little, and its good to share knowledge.

On to the Olive branch...


I decided I wanted to run my Olive box in a VMWare virtual session/environment, as I use the box extensively for other functions and did not want to make the device dual boot. I appreciate

this creates a performance trade-off but from an education, flexibility and learning point of view, VMWare is fantastic. My "cupboard server" (which I use for many things including a home web server running Apache, hosting tools to assist with my CCIE revision and running Dynamips/Dynagen) is a second-hand HP-Compaq Evo Small Form Factor (SFF) d530 P4 2.8Ghz, 1.5GB RAM and several hundred GB of disk space over two HDDs, running XP Pro SP2. The box has 9 NICs - 1 on board which is a Broadcom NetXtreme GigE and 2 x PCI 4 port D-Link DFE-570TX NICs (see the card below - bought second-hand from Ebay which uses the DEC tulip (now Intel) 21143 chipset) - these NIC ports can either be "teamed" for load balancing/fault tolerance features, or as I do, use each NIC port as a seperate interface with its own MAC and IP address. I primarily need the 9 NICs to support a Dynamips configuration nearly identical to this for my CCIE revision.

[ Note: you do NOT need one of these 4 port cards for this project - a single on-board NIC will suffice ] VMWare Server is running v1.03 (which I find much faster than MS Virtual PC), and as discussed above, towards the end of my installing Olive, I had to move to VMWare Workstation v6 as VMWare Server would not properly activate the JUNOS NICs (I still do not know why as FreeBSD which sits under JUNOS used the NICs perfectly under VMWare Server).

VMWare specifics...
For nearly all of my efforts getting JUNOS to work in VMWare, I did so using VMWare Server 1.03 (which is Free). I created the virtual machines, installed FreeBSD, installed JUNOS, added a second hard disk image to a <7.4 JUNOS setup so I could get a >7.4 JUNOS jinstall image on the box to allow the detection of my NIC cards, etc. In VMWare Server, JUNOS will run, and it will detect the NIC cards, BUT it will not USE the NIC cards - it absolutely refuses to do anything with them. As soon as you load the image created in VMWare Server into VMWare Workstation, without making any config changes, the NICs suddenly spring into life. I also tried running the self-same identical images on the free VMWare Player but they do not work. I guess what i'm trying to say is if you only have VMWare Server (even though you can get Workstation on a 30 day trial for free), then you will not be hindered until the very end of setting up one of these boxes - FreeBSD will still use the NICs perfectly, it's only JUNOS which appears to have a problem, but you can get all the way up to the final stage of having a working Olive box using VMWare Server (as this is how I did it). If in doubt, and you have Workstation, use it from the start. From a Google, it appears that v5.5 of Workstation will support the latest JUNOS, you do not necessarily need v6.

When it came to using the Olive box however, VMWare Server was no longer useful and only VMWare Workstation was able to work with the virtual NICs. For info I used VMWare Workstation 6.0.0 build 45731. VMWare profile I used: 256MB RAM (I may lower this later once Olive is built); 1 x CDROM (linked to an ISO, not a physical drive); 3 x Ethernet NICs configured as 'bridged' (you would be fine with one NIC); 1 x serial port (output to a text file at first, as opposed to COM1 unless you have an appropriate serial cable); 8 GB hard disk (untick 'allocate all disk space now'); for Operating System profile choose 'Other' then 'FreeBSD'.

Installing FreeBSD...
To allow FreeBSD (and more importantly, JUNOS later) to detect the virtual network cards, you need to add a line to the VMWare machine ".vmx "configuration file, to add a statement that overrides the default NIC behaviour to allow the NICs to be detected as "Intel(R) PRO/1000" which FreeBSD (and then JUNOS) can detect and use - add the blue text below, as appropriate: Ethernet0.present = "TRUE" Ethernet0.virtualDev = "e1000" If you have multiple virtual NICs configured, do the same for the rest:

Ethernet1.present = "TRUE" Ethernet1.virtualDev = "e1000" Ethernet2.present = "TRUE" Ethernet2.virtualDev = "e1000" etc etc. Once you run the machine, the .vmx file will allocate MAC addresses to the virtual interfaces - if you are running multiple machines, and want them to work together at some stage, you need to ensure all virtual NICs have unique MAC addresses (they only need to vary by one hexadecimal character). Once complete, to guarentee these changes are picked up, it may be best to right click on the machine, click "remove from inventory", then re-add it by file, open, browse and navigating to the directory containing the .vmx file you edited. I downlaoded FreeBSD 4.10-RELEASE-i386-miniinst.iso (~220MB) and when bound to a VMWare CDROM, this will boot. Start VMWare machine, and at the "Kernel Configuration Menu" choose the top option of "Skip kernel config<snip>" At the "SysInstall Main Menu" choose "Express - Begin a quick installation (for the impatient)"

At the FDISK Parition Editor type A to use Entire Disk, then type Q to finish For the "Boot Manager" choose "Standard - Install a standard MBR (no boot manager)" For the "Disklabel Editor":

Step 1 of 4: Type C to create, then delete the values and insert 500M <ENTER>, then choose FS (File System), then type / <ENTER> Step 2 of 4: Type C, delete values, insert 500M <ENTER>, then choose Swap space Step 3 of 4: Type C, delete values, insert 100M <ENTER>, choose FS, type /config <ENTER>

Step 4 of 4: Type C, accept the values presented with an <ENTER>, choose FS, type /var <ENTER> Type Q to finish For "Choose Distributions" choose "Exit this menu - returning to previous" (i.e. no need to install any extras) For "Choose installation media" choose "CD/DVD" At the "User Confirmation Requested" where it asks if you want to proceed with the install, choose "Yes" - Lots of install stuff will now happen At the window where it gives you an opportunity to "Visit the general config menu for a chance to set any last options", choose "Yes" Using the cursor keys, choose "Root password"<ENTER> and enter twice a new 'root' password Using the cursor keys, choose "Interfaces"<ENTER>, then choose "em0", for IPv6 choose "no", for dhcp choose "yes", for host put in a dummy name like "olive" then scroll down to "OK" (using DHCP will give you an IP address, allowing you to FTP jinstall images to your Olive machine. If you do not have a DHCP server on your bridged LAN segment, then configure a static IP and default gateway as appropriate) Then choose "Exit", then choose "Exit install" from the SysInstall main menu A final confirmation will ask if you want to reboot, choose "Yes"

Installing JUNOS...
At this point, before I document the procedure, I guess I should explain some of my findings! When I installed an earlier version of JUNOS (version 5.7R2.4), I found that once rebooted, I could gain access to the JUNOS CLI without the need to use the serial port. The normal keyboard and VGA output allowed me to access the CLI. This version could not see my "e1000" network cards, but still it was nice to get my hands on the CLI for the first time, even though I had no interfaces. Suffice to say, I got bored quickly. To install JUNOS, you need to "host" the jinstall FTP binary image on an FTP server (possibly the VMWare host machine), and pull the file to the FreeBSD virtual machine. I initally wanted to install JUNOS 5.7 "jinstall-5.7R2.4-domestic-signed.tgz", and then later get a more recent JUNOS 8 image on to the virtual machine, so it would detect and use the network cards. You cannot initially install a version greater than 7.4 as it will return an 'ELF binary type "0" not known' error. At this point, you should have a running FreeBSD virtual machine, which can receive files by FTP from an FTP server that you are hosting a "jinstall" JUNOS image on (which is lower than version 7.4).

Do the following (logged in as root): cd /var/tmp ftp <your FTP server> e.g. ftp 192.168.1.251 username: anonymous password: a@b.c binary get <jinstall-filename> e.g. get jinstall-5.7R2.4-domestic-signed.tgz bye

Check file is received: ls -al rm /dev/wd0c ln -s /dev/ad0c /dev/wd0c mkdir /var/etc

touch /var/etc touch /var/etc/master.passwd touch /var/etc/inetd.conf touch /var/etc/group

pkg_add /var/tmp/jinstall-5.7R2.4-domestic-signed.tgz

shutdown -r now NOTE: at this point, if you loaded a JUNOS version of below 7.4, then when you reload - you will lose the ability to use any of the virtual NIC cards in this virtual machine

When the virtual machine reboots, you may lose access to the CLI dependant on which version you loaded. With a version 5 image, you will still have access, with a higher version, you lose access. The following two sections discuss accessing the virtual machine through the serial port, and then the section following those discusses upgrading the JUNOS version to one higher than 7.4 so the "e1000" virtual NICs can be detected and utilised.

Gaining access via the serial port...


[ You may wish to skip this section in preference for using virtual serial ports below ]
My VMWare machine was aching to be configured by the serial port but I had no appropriate cable to do so - currently it was outputting everything to a text file coutersy of VMWare but I had no way of issuing any commands. I had plenty of Cisco rollover console cables so I decided to chop one up, to fit my purpose (see below). I already have a Cisco 2511 console server with 16 asynchronous ports, and I wanted to use this to access my Olive. So my 2 asynch octal cables had RJ45 male connectors, and I did not have an RJ45 male to DB9 serial converter.

Anyway, all I did was use an RJ-45 to RJ-45 line coupler (brown block in the photo above) to connect one of my RJ45 asynch console cables to my chopped up Cisco console cable. I basically flipped the roll-over cable so wires 1-8 were connected to wires 8-1, as follows: pin 1 - pin 8; pin 2 - pin 7; pin 3 - pin 6; pin 4 - pin 5; pin 5 - pin 4; ping 6 - pin 3; pin 7 - pin 2; pin 8 - pin 1 This worked perfectly, first time, and allowed me access to the JUNOS/FreeBSD CLI.

An image that does not allow access to the CLI will just show the following when JUNOS is fully booted (no prompt, or anything):

Running multiple Olives on one box using VMWare, and creating virtual serial ports for telnet access (so no physical com port access required)...
Having one Olive box is great for CLI familiarity but multiple Olives interacting with each other is the only way to really get to grips with the routing protocols and route filtering techniques. Once one Olive session is fully built, it's a piece of cake to mirror this so you can have 2 or 3 or more (resources dependant) on one box. The main limiting factor of this approach is the lack of physical serial ports on the server. Mine only has a single COM1. To get round this, I used the FREEWARE HW Virtual Serial Port v2.5.10 software from HW-group. Using the command line (or creating shortcuts in the Windows user profile startup folder so it was persistent), I created 3 new virtual serial ports that were setup as telnet servers (COM2 on port 2009, COM3 on port 2010, COM4 on port 2011) so I can telnet to these and be "attached" to the various Olive console ports. Yes, this does mean my doctoring of the cable above was interesting, but not entirely necessary ;-) The software in the URL above does not create a COM port that VMWare will recognise and place in a drop-down menu, so you need to remove the virtual machine from VMWare (NOT DELETE!!), then edit the .vmx file and specify the virtual port, then re-open the .vmx into VMWare and it will honour your manual configurations. The important lines are: serial0.present = "TRUE" serial0.fileName = "COM4" serial0.fileType = "device" Creating a virtual COM2 that can be telnetted to VMWare server IP address at port 2009:

"C:\Program Files\HW group\HW VSP\HW_VSP.exe" -R -c2 -S1 s2009 -N0 -H1 -F0 -P1
Creating a virtual COM3 that can be telnetted to VMWare server IP address at port 2010:

"C:\Program Files\HW group\HW VSP\HW_VSP.exe" -R -c3 -S1 s2010 -N0 -H1 -F0 -P1
Creating a virtual COM4 that can be telnetted to VMWare server IP address at port 2011:

"C:\Program Files\HW group\HW VSP\HW_VSP.exe" -R -c4 -S1 s2011 -N0 -H1 -F0 -P1
This worked well with Putty and Windows telnet, however SecureCRT had some issues - I had to configure "Force character at a time mode" in the session options, else the intuitive features built in to JUNOS did not work such as the use of "space" to auto-complete configuration commands.

Upgrading from a < 7.4 version to a > 7.4 version so the NICs can be detected...
When you install JUNOS, it strips the file system to the bare bones, including any other images you may have downloaded (which is a pain!). I found if you built a second FreeBSD virtual machine (which has no intention of running JUNOS), and get it to the point of having IP connectivity, you can FTP an up to date image to the hard disk of that virtual machine, then steal that whole hard disk partition image by copying the hard disk .vmdk file to the JUNOS virtual machine directory, and add it as a second hard disk. Then when JUNOS boots, you can mount the second hard disk, and pull over the new file. Once you have built the second FreeBSD machine, FTP across the latest JUNOS file from your FTP server - I used "jinstall-8.3R2.8-export-signed.tgz" then gracefully shut down the virtual machine using shutdown -h now Now copy the .vmdk file to your JUNOS machine directory, and add it as second hard disk in VMWare. If you have to rename the file so it is different, then that is fine. We will delete it as soon as we have the file from it that we need. To add the second hard disk: Click "edit virtual machine settings"; Click Add; Click Next; Click "use existing virtual disk" radio button; Browse to the .vmdk file; Click Finish. You should now have a second IDE hard disk called "IDE 0:1" Now boot the JUNOS machine - you should see that both hard disks are found in the boot output of the serial port. Now perform the following to get the image across to the primary (and the only long-term hard disk partition): mkdir /var2 mount /dev/ad1s1f /var2 cd /var2/tmp check file exists: ls -al Move the file using: mv <jinstall-filename.tgz> /var/tmp e.g. mv jinstall-8.3R2.8export-signed.tgz /var/tmp cd /var/tmp pkg_add <jinstall-filename.tgz> e.g. pkg_add /var/tmp/jinstall-8.3R2.8-exportsigned.tgz shutdown -h now Edit the virtual machine settings again and remove the second hard disk, and delete the second hard disk partition file if you so choose.

When you restart this virtual machine, you should have a welcome site of all NICs detected and JUNSO 8.3 (or your chosen version) fully working (note, mine has been pre-configured so you won't normally see the IP addresses pre-defined): Console: serial port BIOS drive A: is disk0 BIOS drive C: is disk1 BIOS 638kB/260032kB available memory FreeBSD/i386 bootstrap loader, Revision 0.8 (builder@vasuki.juniper.net, Sat Jul 7 00:06:05 GMT 2007) Loading /boot/defaults/loader.conf /kernel text=0x4ef6eb data=0x3e928+0x59556 syms=[0x4+0x612b0+0x4+0x6dd81]

Hit [Enter] to boot immediately, or space bar for command prompt. Booting [kernel]... Olive CPU Copyright (c) 1996-2007, Juniper Networks, Inc. All rights reserved. Copyright (c) 1992-2004 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. JUNOS 8.3R2.8 #0: 2007-07-07 00:23:06 UTC builder@vasuki.juniper.net:/build/vasuki-c/8.3R2.8/obji386/sys/compile/JUNIPER Timecounter "i8254" frequency 1193182 Hz Timecounter "TSC" frequency 2792217496 Hz CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz (2792.22-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0xf28 Stepping = 8 Features=0xfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE ,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS> real memory = 268435456 (262144K bytes) sio0: gdb debugging port avail memory = 253222912 (247288K bytes) Preloaded elf kernel "kernel" at 0xc0759000. Warning: Pentium 4 CPU: PSE disabled DEVFS: ready for devices Pentium Pro MTRR support enabled md0: Malloc disk Using $PIR table, 9 entries at 0xc00fdf30 npx0: <math processor> on motherboard npx0: INT 16 interface pcib0: <Intel 82443BX (440 BX) host to PCI bridge> on motherboard pci0: <PCI bus> on pcib0 pcib1: <Intel 82443BX (440 BX) PCI-PCI (AGP) bridge> at device 1.0 on pci0 pci1: <PCI bus> on pcib1 isab0: <Intel 82371AB PCI to ISA bridge> at device 7.0 on pci0 isa0: <ISA bus> on isab0 atapci0: <Intel PIIX4 ATA33 controller> port 0x1050-0x105f at device 7.1 on pci0 ata0: at 0x1f0 irq 14 on atapci0 ata1: at 0x170 irq 15 on atapci0

smb0: <Intel 82371AB SMB controller> port 0x1040-0x104f at device 7.3 on pci0 smb0: controller initialization failed pci cmd reg = 0x0001, SMB host conf = 0x00 pci0: <VGA-compatible display device> at 15.0 pci0: <unknown card> (vendor=0x1000, dev=0x0030) at 16.0 irq 9 pcib2: <PCI to PCI bridge (vendor=15ad device=0790)> mem 0xe88010000xe8801fff at device 17.0 on pci0 pci2: <PCI bus> on pcib2 em0: <Intel(R) PRO/1000 Network Connection Version - 3.1.10> port 0x2000-0x2007 mem 0xe8900000-0xe890ffff,0xe8940000-0xe895ffff irq 11 at device 0.0 on pci2 em0: Memory Access and/or Bus Master bits were not set! em0: Speed:1000 Mbps Duplex:Full em1: <Intel(R) PRO/1000 Network Connection Version - 3.1.10> port 0x2008-0x200f mem 0xe8910000-0xe891ffff,0xe8960000-0xe897ffff irq 10 at device 1.0 on pci2 em1: Memory Access and/or Bus Master bits were not set! em1: Speed:1000 Mbps Duplex:Full em2: <Intel(R) PRO/1000 Network Connection Version - 3.1.10> port 0x2010-0x2017 mem 0xe8920000-0xe892ffff,0xe8980000-0xe899ffff irq 5 at device 2.0 on pci2 em2: Memory Access and/or Bus Master bits were not set! em2: Speed:1000 Mbps Duplex:Full orm0: <Option ROMs> at iomem 0xc0000-0xc7fff,0xc8000-0xc8fff,0xc90000xc9fff,0xca000-0xcafff,0xdc000-0xdffff,0xe0000-0xe3fff on isa0 fdc0: <Intel 82077 or clone> at port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on isa0 fdc0: FIFO enabled, 8 bytes threshold fd0: <1440-KB 3.5" drive> on fdc0 drive 0 atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0 atkbd0: <AT Keyboard> flags 0x1 irq 1 on atkbdc0 psm0: failed to get data. psm0: <PS/2 Mouse> irq 12 on atkbdc0 psm0: model IntelliMouse, device ID 3 vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0 sc0: <System console> at flags 0x100 on isa0 sc0: VGA <16 virtual consoles, flags=0x100> sio0 at port 0x3f8-0x3ff irq 4 flags 0x90 on isa0 sio0: type 16550A, console sio1: configured irq 5 not in bitmap of probed irqs 0 sio2 at port 0x2f8-0x2ff irq 3 on isa0 sio2: type 16550A sio3: configured irq 7 not in bitmap of probed irqs 0 em2: bus=2, device=2, func=0, Ethernet address 00:0c:29:4d:8e:7e em1: bus=2, device=1, func=0, Ethernet address 00:0c:29:4d:8e:74 em0: bus=2, device=0, func=0, Ethernet address 00:0c:29:4d:8e:6a DEVFS: ready to run if_pfe_ls_alloc_bdl_cb_list: Initializing bundle control block list. ad0: 8192MB <VMware Virtual IDE Hard Drive> [17753/15/63] at ata0master UDMA33 ata1-master: <VMware Virtual IDE CDROM Drive/00000001> CDROM device NO DRIVER! Mounting root from ufs:/dev/ad0s1a if_pfe_open: listener socket opened, listening... Mounted jbase package on /dev/vn0...

Verified manifest signed by PackageProduction_8_3_0 Verified jboot signed by PackageProduction_8_3_0 Mounted jkernel package on /dev/vn1... Verified manifest signed by PackageProduction_8_3_0 Mounted jpfe package on /dev/vn2... Mounted jdocs package on /dev/vn3... Verified manifest signed by PackageProduction_8_3_0 Mounted jroute package on /dev/vn4... Verified manifest signed by PackageProduction_8_3_0 Mounted jpfe-common package on /dev/vn5... swapon: adding /dev/ad0s1b as swap device Automatic reboot in progress... /dev/ad0s1a: FILESYSTEM CLEAN; SKIPPING CHECKS /dev/ad0s1a: clean, 29837 free /dev/ad0s1e: FILESYSTEM CLEAN; SKIPPING CHECKS /dev/ad0s1e: clean, 6137 free (13 frags, 3728 blocks, 0.0% fragmentation) (17 frags, 765 blocks, 0.3% fragmentation) (13 frags, 3728 blocks, 0.0% fragmentation) /dev/ad0s1f: FILESYSTEM CLEAN; SKIPPING CHECKS /dev/ad0s1f: clean, 3598441 free (217 frags, 449778 blocks, 0.0% fragmentation) tunefs: soft updates set Creating initial configuration...mgd: error: schema: dbs_remap_daemon_index: could not find daemon name 'kmd' mgd: error: schema: dbs_remap_daemon_index: could not find daemon name 'kmd' mgd: commit complete Setting initial options: debugger_on_panic=NO debugger_on_break=NO. Doing initial network setup:. Initial interface configuration: pid 2979 (dcd), uid 0: exited on signal 6 (core dumped) additional daemons:. checking for core dump... savecore: Router rebooting after a normal shutdown.... Additional routing options:. Doing additional network setup:. Starting final network daemons:. setting ldconfig path: /usr/lib /opt/lib starting standard daemons: cron. Initial rc.i386 initialization: microcode kld. Local package initialization:. kern.securelevel: -1 -> 1 starting local daemons:. Mon Jul 23 20:31:46 UTC 2007 _COM2_ (ttyd0) login: root Password: --- JUNOS 8.3R2.8 built 2007-07-07 00:23:06 UTC ^@root@_COM2_% cli

root@_COM2_> show version Hostname: _COM2_ Model: olive JUNOS Base OS boot [8.3R2.8] JUNOS Base OS Software Suite [8.3R2.8] JUNOS Kernel Software Suite [8.3R2.8] JUNOS Packet Forwarding Engine Support (M/T Common) [8.3R2.8] JUNOS Packet Forwarding Engine Support (M20/M40) [8.3R2.8] JUNOS Online Documentation [8.3R2.8] JUNOS Routing Software Suite [8.3R2.8] root@_COM2_> show interfaces terse Interface Admin Link Proto Remote dsc up up em0 up up em0.0 up up inet em1 up up em1.0 up up inet em2 up up em2.0 up up inet mpls gre up up ipip up up lo0 up up lo0.0 up up inet lo0.16385 up up inet inet6 lsi up up mtun up up pimd up up pime up up tap down up Local

192.168.1.202/24 1.1.1.1/30 4.4.4.2/24

9.9.9.2

--> 0/0

root@_COM2_> ping 158.43.128.1 count 2 PING 158.43.128.1 (158.43.128.1): 56 data bytes ping: sendto: No route to host ping: sendto: No route to host ^C --- 158.43.128.1 ping statistics --2 packets transmitted, 0 packets received, 100% packet loss root@_COM2_> ping 192.168.1.254 PING 192.168.1.254 (192.168.1.254): 56 data bytes 64 bytes from 192.168.1.254: icmp_seq=0 ttl=64 time=7.336 ms 64 bytes from 192.168.1.254: icmp_seq=1 ttl=64 time=0.988 ms ^C --- 192.168.1.254 ping statistics --2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.988/4.162/7.336/3.174 ms root@_COM2_> edit Entering configuration mode root@_COM2_# edit routing-options static

[edit routing-options static] root@_COM2_# set route 0/0 next-hop 192.168.1.254 root@_COM2_# commit and-quit commit complete Exiting configuration mode root@_COM2_> ping 158.43.128.1 PING 158.43.128.1 (158.43.128.1): 56 data bytes 64 bytes from 158.43.128.1: icmp_seq=0 ttl=241 time=23.847 ms 64 bytes from 158.43.128.1: icmp_seq=1 ttl=241 time=22.508 ms root@_COM2_> ping news.bbc.co.uk ping: cannot resolve news.bbc.co.uk: Host name lookup failure root@_COM2_> edit Entering configuration mode [edit] root@_COM2_# edit system [edit system] root@_COM2_# edit name-server 158.43.128.1 [edit system name-server 158.43.128.1] root@_COM2_# commit and-quit commit complete Exiting configuration mode root@_COM2_> ping news.bbc.co.uk PING newswww.bbc.net.uk (212.58.226.29): 56 data bytes 64 bytes from 212.58.226.29: icmp_seq=0 ttl=52 time=23.335 ms 64 bytes from 212.58.226.29: icmp_seq=1 ttl=52 time=21.708 ms ^C --- newswww.bbc.net.uk ping statistics --2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 21.708/22.521/23.335/0.814 ms

root@_COM2_> show configuration | no-more ## Last commit: 2007-07-23 21:26:47 UTC by root version 8.3R2.8; system { host-name _COM2_; root-authentication { encrypted-password "$1$W2Fu8T7s$t007.TP2tgk6hwDcyGErS1"; ## SECRET-DATA } name-server { 158.43.128.1; } syslog { user * { any emergency; }

file messages { any notice; authorization info; } file interactive-commands { interactive-commands any; } } } interfaces { em0 { unit 0 { family inet { address 192.168.1.202/24; } } } em1 { unit 0 { family inet { address 1.1.1.1/30; } } } em2 { unit 0 { family inet { address 4.4.4.2/24; } family mpls; } } fxp0 { unit 0 { family inet { address 192.168.2.2/24; } } } lo0 { unit 0 { family inet { address 9.9.9.2/32; } } } } routing-options { static { route 0.0.0.0/0 next-hop 192.168.1.254; } } protocols { mpls { interface em2.0; } ldp { interface em2.0;

} rip { traceoptions { file rip-log; flag all; } send broadcast; group moose { export rip-out; neighbor em1.0; neighbor em2.0; neighbor lo0.0; } } } policy-options { policy-statement rip-out { from protocol direct; then accept; } }

Installing J-Web (allowing web based administration of the Olive)...


J-series Juniper routers automatically come bundled with J-Web (click here for the complete JWeb 8.3 PDF user guide - 1.81 MB). When an Olive is built, the software believes it is an M series device, and does not install J-Web, however if you have the install module, it's a piece of cake. I have installed J-web 8.3 to each of my Olive virtual machines and the process is as follows: 1) you need the install module such as jweb-8.3R2.8-signed.tgz - host this file on an FTP server that your Olive can reach 2) FTP this file (in binary mode) to your Olive /var/tmp directory, as shown below:

3) add the package as shown below:

4) It may not be necessary but it may be good practise to restart your Olive at this point using 'request system reboot' 5) When J-Web is installed, it is not automatically accessible by any of the em0.0 or other interfaces - you must enable it. Do so as follows: configure <enter> set system services web-management http interface em0.0 <enter> commit and-quit <enter> If necessary, ensure em0.0 has an IP address that can be accessed by your VMWare host machine, such as follows: set interfaces em0 unit 0 family inet address 192.168.1.202/24 (this may require a restart if this is the first time you set an IP address on the interface)

The above will allow you to http in to your Olive, e.g. http://192.168.1.202/ from a web browser and log in with your root account, unless you have create any other users

Screenshots of 3 VMWare Olives communicating between themselves [and the outside world if desired...]

RIP running between each Olive and advertising remote routes:

Sample VMWare .VMX file from my 'COM2' Olive virtual machine...


config.version = "8" virtualHW.version = "6" scsi0.present = "TRUE" scsi0.virtualDev = "lsilogic" memsize = "256" ide0:0.present = "TRUE" ide0:0.fileName = "FreeBSD.vmdk" ide1:0.present = "TRUE" ide1:0.fileName = "e:\4.10-RELEASE-i386-miniinst.iso" ide1:0.deviceType = "cdrom-image" floppy0.present = "FALSE" Ethernet0.present = "TRUE" Ethernet0.virtualDev = "e1000" displayName = "FreeBSD Olive COM2" guestOS = "freebsd" priority.grabbed = "normal" priority.ungrabbed = "normal" ide1:0.autodetect = "TRUE" Ethernet1.present = "TRUE" Ethernet1.virtualDev = "e1000" Ethernet2.present = "TRUE" Ethernet2.virtualDev = "e1000" serial0.present = "TRUE" serial0.fileName = "COM2" workingDir = "" ide0:0.redo = "" ethernet0.addressType = "generated" ethernet1.addressType = "generated" ethernet2.addressType = "generated" uuid.location = "56 4d 48 9f 5a 4f ca 2b-15 14 5c 14 d8 4d 8e 6a" uuid.bios = "56 4d 48 9f 5a 4f ca 2b-15 14 5c 14 d8 4d 8e 6a" ethernet0.generatedAddress = "00:0c:29:4d:8e:6a" ethernet0.generatedAddressOffset = "0" ethernet1.generatedAddress = "00:0c:29:4d:8e:74" ethernet1.generatedAddressOffset = "10" ethernet2.generatedAddress = "00:0c:29:4d:8e:7e" ethernet2.generatedAddressOffset = "20" ide1:0.startConnected = "FALSE" serial0.fileType = "device"

ide0:1.present = "FALSE" ide0:1.fileName = "FreeBSD (5)-.vmdk"

ide0:1.redo = "" checkpoint.vmState = "FreeBSD.vmss" serial0.autodetect = "FALSE" Ethernet1.connectionType = "custom" Ethernet1.vnet = "VMnet2" Ethernet2.connectionType = "custom" Ethernet2.vnet = "VMnet4" isolation.tools.hgfs.disable = "TRUE" virtualHW.productCompatibility = "hosted" tools.upgrade.policy = "manual" tools.remindInstall = "TRUE" pciBridge0.present = "TRUE" svga.autodetect = "TRUE" pciBridge0.pciSlotNumber = "17" scsi0.pciSlotNumber = "16" ethernet0.pciSlotNumber = "32" ethernet1.pciSlotNumber = "33" ethernet2.pciSlotNumber = "34"

S-ar putea să vă placă și