Dell Powerconnect J Ex8216 Quick Reference Guide Software For JUNOS Version 10.3
Dell-Powerconnect-J-Ex8208-Quick-Reference-Guide-114078 dell-powerconnect-j-ex8208-quick-reference-guide-114078
Dell-Powerconnect-J-Srx240-Quick-Reference-Guide-114565 dell-powerconnect-j-srx240-quick-reference-guide-114565
Dell-Powerconnect-J-Srx210-Quick-Reference-Guide-114560 dell-powerconnect-j-srx210-quick-reference-guide-114560
2014-11-13
: Dell Dell-Powerconnect-J-Ex8216-Quick-Reference-Guide-114083 dell-powerconnect-j-ex8216-quick-reference-guide-114083 dell pdf
Open the PDF directly: View PDF 
.
Page Count: 3660
| Download | |
| Open PDF In Browser | View PDF |
Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Published: 2010-11-10 Dell 501 Dell Way Round Rock , Texas 78682 United States www.dell.com This product includes the Envoy SNMP Engine, developed by Epilogue Technology, an Integrated Systems Company. Copyright © 1986-1997, Epilogue Technology Corporation. All rights reserved. This program and its documentation were developed at private expense, and no part of them is in the public domain. This product includes memory allocation software developed by Mark Moraes, copyright © 1988, 1989, 1993, University of Toronto. This product includes FreeBSD software developed by the University of California, Berkeley, and its contributors. All of the documentation and software included in the 4.4BSD and 4.4BSD-Lite Releases is copyrighted by the Regents of the University of California. Copyright © 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994. The Regents of the University of California. All rights reserved. GateD software copyright © 1995, the Regents of the University. All rights reserved. Gate Daemon was originated and developed through release 3.0 by Cornell University and its collaborators. GateD is based on Kirton’s EGP, UC Berkeley’s routing daemon (routed), and DCN’s HELLO routing protocol. Development of GateD has been supported in part by the National Science Foundation. Portions of the GateD software copyright © 1988, Regents of the University of California. All rights reserved. Portions of the GateD software copyright © 1991, D. L. S. Associates. This product includes software developed by Maker Communications, Inc., copyright © 1996, 1997, Maker Communications, Inc. Information in this document is subject to change without notice. All rights reserved. Reproduction of these materials in any manner whatsoever without the written permission of Dell, Inc. is strictly forbidden. Trademarks used in this text: Dell™, the DELL™ logo, and PowerConnect™ are trademarks of Dell Inc. ® ® ® ® ® Juniper Networks , Junos , NetScreen , ScreenOS , and Steel-Belted Radius are registered trademarks of Juniper Networks, Inc. in the United States and other countries. The Juniper Networks Logo, the Junos logo, and JunosE™ are trademarks of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785. Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS © Copyright Dell, Inc. , 2010. All rights reserved. Writing: Appumon Joseph, Aviva Garrett, Bhargava Y P, Brian Deutscher, Brooke Doverspike, Carolyn Harding, Greg Houde, Hareesh Kumar K N, Hemraj Rao S, Janet Bein, Katherine Kearns, Keldyn West, Praveen G R, Regina Roman, Shikha Kalra, Tim Harrington, Vinita Kurup Editing: Cindy Martin, Rajan V K, Taffy Everts, Chanchal Agrawal Illustration: Faith Bradford Brown Cover Design: Christine Nay Revision History 15 November 2010—Revision 2 4 June 2010—Revision 1 The information in this document is current as of the date listed in the revision history. SOFTWARE LICENSE The terms and conditions for using this software are described in the software license contained in the acknowledgment to your purchase order or, to the extent applicable, to any reseller agreement or end-user purchase agreement executed between you and Juniper Networks. By using this software, you indicate that you understand and agree to be bound by those terms and conditions. ii Generally speaking, the software license restricts the manner in which you are permitted to use the software and may contain prohibitions against certain uses. The software license may state conditions under which the license is automatically terminated. You should consult the license for further details. For complete product documentation, please see the Juniper Networks Web site at www.juniper.net/techpubs. END USER LICENSE AGREEMENT READ THIS END USER LICENSE AGREEMENT (“AGREEMENT”) BEFORE DOWNLOADING, INSTALLING, OR USING THE SOFTWARE. BY DOWNLOADING, INSTALLING, OR USING THE SOFTWARE OR OTHERWISE EXPRESSING YOUR AGREEMENT TO THE TERMS CONTAINED HEREIN, YOU (AS CUSTOMER OR IF YOU ARE NOT THE CUSTOMER, AS A REPRESENTATIVE/AGENT AUTHORIZED TO BIND THE CUSTOMER) CONSENT TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT OR CANNOT AGREE TO THE TERMS CONTAINED HEREIN, THEN (A) DO NOT DOWNLOAD, INSTALL, OR USE THE SOFTWARE, AND (B) YOU MAY CONTACT JUNIPER NETWORKS REGARDING LICENSE TERMS. 1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customer’s principal office is located in the Americas) or Juniper Networks (Cayman) Limited (if the Customer’s principal office is located outside the Americas) (such applicable entity being referred to herein as “Juniper”), and (ii) the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable license(s) for use of the Software (“Customer”) (collectively, the “Parties”). 2. The Software. In this Agreement, “Software” means the program modules and features of the Juniper or Juniper-supplied software, for which Customer has paid the applicable license or support fees to Juniper or an authorized Juniper reseller, or which was embedded by Juniper in equipment which Customer purchased from Juniper or an authorized Juniper reseller. “Software” also includes updates, upgrades and new releases of such software. “Embedded Software” means Software which Juniper has embedded in or loaded onto the Juniper equipment and any updates, upgrades, additions or replacements which are subsequently embedded in or loaded onto the equipment. 3. License Grant. Subject to payment of the applicable fees and the limitations and restrictions set forth herein, Juniper grants to Customer a non-exclusive and non-transferable license, without right to sublicense, to use the Software, in executable form only, subject to the following use restrictions: a. Customer shall use Embedded Software solely as embedded in, and for execution on, Juniper equipment originally purchased by Customer from Juniper or an authorized Juniper reseller. b. Customer shall use the Software on a single hardware chassis having a single processing unit, or as many chassis or processing units for which Customer has paid the applicable license fees; provided, however, with respect to the Steel-Belted Radius or Odyssey Access Client software only, Customer shall use such Software on a single computer containing a single physical random access memory space and containing any number of processors. Use of the Steel-Belted Radius or IMS AAA software on multiple computers or virtual machines (e.g., Solaris zones) requires multiple licenses, regardless of whether such computers or virtualizations are physically contained on a single chassis. c. Product purchase documents, paper or electronic user documentation, and/or the particular licenses purchased by Customer may specify limits to Customer’s use of the Software. Such limits may restrict use to a maximum number of seats, registered endpoints, concurrent users, sessions, calls, connections, subscribers, clusters, nodes, realms, devices, links, ports or transactions, or require the purchase of separate licenses to use particular features, functionalities, services, applications, operations, or capabilities, or provide throughput, performance, configuration, bandwidth, interface, processing, temporal, or geographical limits. In addition, such limits may restrict the use of the Software to managing certain kinds of networks or require the Software to be used only in conjunction with other specific Software. Customer’s use of the Software shall be subject to all such limitations and purchase of all applicable licenses. d. For any trial copy of the Software, Customer’s right to use the Software expires 30 days after download, installation or use of the Software. Customer may operate the Software after the 30-day trial period only if Customer pays for a license to do so. Customer may not extend or create an additional trial period by re-installing the Software after the 30-day trial period. e. The Global Enterprise Edition of the Steel-Belted Radius software may be used by Customer only to manage access to Customer’s enterprise network. Specifically, service provider customers are expressly prohibited from using the Global Enterprise Edition of the Steel-Belted Radius software to support any commercial network access services. The foregoing license is not transferable or assignable by Customer. No license is granted herein to any user who did not originally purchase the applicable license(s) for the Software from Juniper or an authorized Juniper reseller. 4. Use Prohibitions. Notwithstanding the foregoing, the license provided herein does not permit the Customer to, and Customer agrees not to and shall not: (a) modify, unbundle, reverse engineer, or create derivative works based on the Software; (b) make unauthorized iii copies of the Software (except as necessary for backup purposes); (c) rent, sell, transfer, or grant any rights in and to any copy of the Software, in any form, to any third party; (d) remove any proprietary notices, labels, or marks on or in any copy of the Software or any product in which the Software is embedded; (e) distribute any copy of the Software to any third party, including as may be embedded in Juniper equipment sold in the secondhand market; (f) use any ‘locked’ or key-restricted feature, function, service, application, operation, or capability without first purchasing the applicable license(s) and obtaining a valid key from Juniper, even if such feature, function, service, application, operation, or capability is enabled without a key; (g) distribute any key for the Software provided by Juniper to any third party; (h) use the Software in any manner that extends or is broader than the uses purchased by Customer from Juniper or an authorized Juniper reseller; (i) use Embedded Software on non-Juniper equipment; (j) use Embedded Software (or make it available for use) on Juniper equipment that the Customer did not originally purchase from Juniper or an authorized Juniper reseller; (k) disclose the results of testing or benchmarking of the Software to any third party without the prior written consent of Juniper; or (l) use the Software in any manner other than as expressly provided herein. 5. Audit. Customer shall maintain accurate records as necessary to verify compliance with this Agreement. Upon request by Juniper, Customer shall furnish such records to Juniper and certify its compliance with this Agreement. 6. Confidentiality. The Parties agree that aspects of the Software and associated documentation are the confidential property of Juniper. As such, Customer shall exercise all reasonable commercial efforts to maintain the Software and associated documentation in confidence, which at a minimum includes restricting access to the Software to Customer employees and contractors having a need to use the Software for Customer’s internal business purposes. 7. Ownership. Juniper and Juniper’s licensors, respectively, retain ownership of all right, title, and interest (including copyright) in and to the Software, associated documentation, and all copies of the Software. Nothing in this Agreement constitutes a transfer or conveyance of any right, title, or interest in the Software or associated documentation, or a sale of the Software, associated documentation, or copies of the Software. 8. Warranty, Limitation of Liability, Disclaimer of Warranty. The warranty applicable to the Software shall be as set forth in the warranty statement that accompanies the Software (the “Warranty Statement”). Nothing in this Agreement shall give rise to any obligation to support the Software. Support services may be purchased separately. Any such support shall be governed by a separate, written support services agreement. TO THE MAXIMUM EXTENT PERMITTED BY LAW, JUNIPER SHALL NOT BE LIABLE FOR ANY LOST PROFITS, LOSS OF DATA, OR COSTS OR PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR FOR ANY SPECIAL, INDIRECT, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THIS AGREEMENT, THE SOFTWARE, OR ANY JUNIPER OR JUNIPER-SUPPLIED SOFTWARE. IN NO EVENT SHALL JUNIPER BE LIABLE FOR DAMAGES ARISING FROM UNAUTHORIZED OR IMPROPER USE OF ANY JUNIPER OR JUNIPER-SUPPLIED SOFTWARE. EXCEPT AS EXPRESSLY PROVIDED IN THE WARRANTY STATEMENT TO THE EXTENT PERMITTED BY LAW, JUNIPER DISCLAIMS ANY AND ALL WARRANTIES IN AND TO THE SOFTWARE (WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE), INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. IN NO EVENT DOES JUNIPER WARRANT THAT THE SOFTWARE, OR ANY EQUIPMENT OR NETWORK RUNNING THE SOFTWARE, WILL OPERATE WITHOUT ERROR OR INTERRUPTION, OR WILL BE FREE OF VULNERABILITY TO INTRUSION OR ATTACK. In no event shall Juniper’s or its suppliers’ or licensors’ liability to Customer, whether in contract, tort (including negligence), breach of warranty, or otherwise, exceed the price paid by Customer for the Software that gave rise to the claim, or if the Software is embedded in another Juniper product, the price paid by Customer for such other product. Customer acknowledges and agrees that Juniper has set its prices and entered into this Agreement in reliance upon the disclaimers of warranty and the limitations of liability set forth herein, that the same reflect an allocation of risk between the Parties (including the risk that a contract remedy may fail of its essential purpose and cause consequential loss), and that the same form an essential basis of the bargain between the Parties. 9. Termination. Any breach of this Agreement or failure by Customer to pay any applicable fees due shall result in automatic termination of the license granted herein. Upon such termination, Customer shall destroy or return to Juniper all copies of the Software and related documentation in Customer’s possession or control. 10. Taxes. All license fees payable under this agreement are exclusive of tax. Customer shall be responsible for paying Taxes arising from the purchase of the license, or importation or use of the Software. If applicable, valid exemption documentation for each taxing jurisdiction shall be provided to Juniper prior to invoicing, and Customer shall promptly notify Juniper if their exemption is revoked or modified. All payments made by Customer shall be net of any applicable withholding tax. Customer will provide reasonable assistance to Juniper in connection with such withholding taxes by promptly: providing Juniper with valid tax receipts and other required documentation showing Customer’s payment of any withholding taxes; completing appropriate applications that would reduce the amount of withholding tax to be paid; and notifying and assisting Juniper in any audit or tax proceeding related to transactions hereunder. Customer shall comply with all applicable tax laws and regulations, and Customer will promptly pay or reimburse Juniper for all costs and damages related to any liability incurred by Juniper as a result of Customer’s non-compliance or delay with its responsibilities herein. Customer’s obligations under this Section shall survive termination or expiration of this Agreement. 11. Export. Customer agrees to comply with all applicable export laws and restrictions and regulations of any United States and any applicable foreign agency or authority, and not to export or re-export the Software or any direct product thereof in violation of any such iv restrictions, laws or regulations, or without all necessary approvals. Customer shall be liable for any such violations. The version of the Software supplied to Customer may contain encryption or other capabilities restricting Customer’s ability to export the Software without an export license. 12. Commercial Computer Software. The Software is “commercial computer software” and is provided with restricted rights. Use, duplication, or disclosure by the United States government is subject to restrictions set forth in this Agreement and as provided in DFARS 227.7201 through 227.7202-4, FAR 12.212, FAR 27.405(b)(2), FAR 52.227-19, or FAR 52.227-14(ALT III) as applicable. 13. Interface Information. To the extent required by applicable law, and at Customer's written request, Juniper shall provide Customer with the interface information needed to achieve interoperability between the Software and another independently created program, on payment of applicable fee, if any. Customer shall observe strict obligations of confidentiality with respect to such information and shall use such information in compliance with any applicable terms and conditions upon which Juniper makes such information available. 14. Third Party Software. Any licensor of Juniper whose software is embedded in the Software and any supplier of Juniper whose products or technology are embedded in (or services are accessed by) the Software shall be a third party beneficiary with respect to this Agreement, and such licensor or vendor shall have the right to enforce this Agreement in its own name as if it were Juniper. In addition, certain third party software may be provided with the Software and is subject to the accompanying license(s), if any, of its respective owner(s). To the extent portions of the Software are distributed under and subject to open source licenses obligating Juniper to make the source code for such portions publicly available (such as the GNU General Public License (“GPL”) or the GNU Library General Public License (“LGPL”)), Juniper will make such source code portions (including Juniper modifications, as appropriate) available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194 N. Mathilda Ave., Sunnyvale, CA 94089, ATTN: General Counsel. You may obtain a copy of the GPL at http://www.gnu.org/licenses/gpl.html, and a copy of the LGPL at http://www.gnu.org/licenses/lgpl.html . 15. Miscellaneous. This Agreement shall be governed by the laws of the State of California without reference to its conflicts of laws principles. The provisions of the U.N. Convention for the International Sale of Goods shall not apply to this Agreement. For any disputes arising under this Agreement, the Parties hereby consent to the personal and exclusive jurisdiction of, and venue in, the state and federal courts within Santa Clara County, California. This Agreement constitutes the entire and sole agreement between Juniper and the Customer with respect to the Software, and supersedes all prior and contemporaneous agreements relating to the Software, whether oral or written (including any inconsistent terms contained in a purchase order), except that the terms of a separate written agreement executed by an authorized Juniper representative and Customer shall govern to the extent such terms are inconsistent or conflict with terms contained herein. No modification to this Agreement nor any waiver of any rights hereunder shall be effective unless expressly assented to in writing by the party to be charged. If any portion of this Agreement is held invalid, the Parties agree that such invalidity shall not affect the validity of the remainder of this Agreement. This Agreement and associated documentation has been written in the English language, and the Parties agree that the English version will govern. (For Canada: Les parties aux présentés confirment leur volonté que cette convention de même que tous les documents y compris tout avis qui s'y rattaché, soient redigés en langue anglaise. (Translation: The parties confirm that this Agreement and all related documentation is and will be in the English language)). v vi Table of Contents About This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxix How to Use This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxix Downloading Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxx Documentation Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxx Repair and Warranty . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxxi Requesting Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxxi Part 1 Junos OS for J-EX Series Switches Product Overview Chapter 1 Software Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 J-EX Series Switch Software Features Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Layer 3 Protocols Supported on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . 13 Layer 3 Protocols Not Supported on J-EX Series Switches . . . . . . . . . . . . . . . . . . . 14 Security Features for J-EX Series Switches Overview . . . . . . . . . . . . . . . . . . . . . . . 16 High Availability Features for J-EX Series Switches Overview . . . . . . . . . . . . . . . . 18 VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 Graceful Protocol Restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Redundant Routing Engines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Graceful Routing Engine Switchover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 Virtual Chassis Software Upgrade and Failover Features . . . . . . . . . . . . . . . . 20 Link Aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 Understanding Software Infrastructure and Processes . . . . . . . . . . . . . . . . . . . . . 22 Routing Engine and Packet Forwarding Engine . . . . . . . . . . . . . . . . . . . . . . . . 22 Junos OS Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Chapter 2 Supported Hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 J-EX4200 Switches Hardware Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 J-EX4200 Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Uplink Modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 Power over Ethernet (PoE) Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 J-EX4200 Switch Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 J-EX8208 Switch Hardware Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Chassis Physical Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Routing Engines and Switch Fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Line Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Cooling System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Power Supplies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 J-EX8216 Switch Hardware Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Chassis Physical Specifications, LCD Panel, and Midplane . . . . . . . . . . . . . . 30 vii Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Routing Engines and Switch Fabric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 Line Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 Cooling System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 Power Supplies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 Part 2 Complete Software Configuration Statement Hierarchy Chapter 3 Complete Software Configuration Statement Hierarchy . . . . . . . . . . . . . . . . 37 [edit access] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . 37 [edit chassis] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . 38 [edit class-of-service] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . 38 [edit ethernet-switching-options] Configuration Statement Hierarchy . . . . . . . . 40 [edit firewall] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . 42 [edit forwarding-options] Configuration Statement Hierarchy . . . . . . . . . . . . . . . 43 [edit interfaces] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . 44 [edit poe] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 [edit protocols] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . 48 [edit routing-instances] Configuration Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . 55 [edit snmp] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . 55 [edit virtual-chassis] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . 55 [edit vlans] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 Part 3 Software Installation Chapter 4 Software Installation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Installation Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Understanding Software Installation on J-EX Series Switches . . . . . . . . . . . . 61 Overview of the Software Installation Process . . . . . . . . . . . . . . . . . . . . . 61 Software Package Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 Installing Software on a Virtual Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . 62 Installing Software on J-EX8200 Switches with Redundant Routing Engines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 Installing Software Using Automatic Software Download . . . . . . . . . . . 63 Troubleshooting Software Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Junos OS Package Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Understanding System Snapshot on J-EX Series Switches . . . . . . . . . . . . . . 64 Licenses Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 Understanding Software Licenses for the J-EX Series Switch . . . . . . . . . . . . 65 Features Requiring a License . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 License Warning Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 License Key Components for the J-EX Series Switch . . . . . . . . . . . . . . . . . . . 66 Chapter 5 Installing Junos OS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 Downloading Software Packages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 Installing Software on a J-EX Series Switch with a Single Routing Engine (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 Installing Software on a J-EX8200 Switch with Redundant Routing Engines (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Preparing the Switch for the Software Installation . . . . . . . . . . . . . . . . . . . . . 72 Installing Software on the Backup Routing Engine . . . . . . . . . . . . . . . . . . . . . 73 viii Table of Contents Installing Software on the Default Master Routing Engine . . . . . . . . . . . . . . . 74 Returning Routing Control to the Default Master Routing Engine (Optional) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 Installing Software on J-EX Series Switches (J-Web Procedure) . . . . . . . . . . . . . . 75 Installing Software Upgrades from a Server . . . . . . . . . . . . . . . . . . . . . . . . . . 76 Installing Software Upgrades by Uploading Files . . . . . . . . . . . . . . . . . . . . . . . 77 Rebooting or Halting the J-EX Series Switch (J-Web Procedure) . . . . . . . . . . . . . . 77 Chapter 6 Booting the Switch, Upgrading Software, and Managing Licenses . . . . . . . 79 Booting the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Booting a J-EX Series Switch Using a Software Package Stored on a USB Flash Drive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Creating a Snapshot and Using It to Boot a J-EX Series Switch . . . . . . . . . . . 80 Creating a Snapshot on a USB Flash Drive and Using It to Boot the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80 Creating a Snapshot on an Internal Flash Drive and Using it to Boot the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81 Upgrading Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Upgrading Software Using Automatic Software Download on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Managing Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 Managing Licenses for the J-EX Series Switch (CLI Procedure) . . . . . . . . . . . 83 Adding New Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 Deleting Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 Saving License Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84 Managing Licenses for the J-EX Series Switch (J-Web Procedure) . . . . . . . . 84 Adding New Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 Deleting Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85 Displaying License Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 Downloading Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86 Chapter 7 Verifying Software Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Routine Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Verifying That Automatic Software Download Is Working Correctly . . . . . . . 87 Verifying That a System Snapshot Was Created on a J-EX Series Switch . . . 88 Monitoring Licenses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 Monitoring Licenses for the J-EX Series Switch . . . . . . . . . . . . . . . . . . . . . . . . 88 Displaying Installed Licenses and License Usage Details . . . . . . . . . . . . 89 Displaying Installed License Keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 Chapter 8 Troubleshooting Software Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 Troubleshooting Software Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 Recovering from a Failed Software Upgrade on a J-EX Series Switch . . . . . . 91 Rebooting from the Inactive Partition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 Chapter 9 Configuration Statements for Software Installation . . . . . . . . . . . . . . . . . . . 95 [edit chassis] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . 95 auto-image-upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 ix Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Chapter 10 Operational Mode Commands for Software Installation . . . . . . . . . . . . . . . 97 request system license add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 request system license delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 request system license save . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 request system reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 request system reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104 request system snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 request system software add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108 request system software delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111 request system software rollback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 request system software validate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 show system autoinstallation status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117 show system boot-messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 show system license . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 show system snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122 Part 4 User Interfaces Chapter 11 User Interfaces Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 User Interfaces—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 CLI User Interface Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 CLI Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 CLI Help and Command Completion . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127 CLI Command Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 J-Web User Interface for J-EX Series Switches Overview . . . . . . . . . . . . . . . 129 Understanding J-Web Configuration Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 Understanding J-Web User Interface Sessions . . . . . . . . . . . . . . . . . . . . . . . 133 Chapter 12 Using the Configuration Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135 Using the CLI Terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135 Starting the J-Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136 Chapter 13 Operational Mode Commands for User Interfaces . . . . . . . . . . . . . . . . . . . . 137 set cli complete-on-space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138 set cli directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139 set cli idle-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140 set cli prompt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 set cli restart-on-upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142 set cli screen-length . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143 set cli screen-width . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 set cli terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145 set cli timestamp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 show cli . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 show cli authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 show cli directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 show cli history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 start shell . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154 x Table of Contents Part 5 Junos OS for J-EX Series Switches System Setup Chapter 14 System Setup Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 Junos OS—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157 J-EX Series Switch Software Features Overview . . . . . . . . . . . . . . . . . . . . . . 157 Understanding Software Infrastructure and Processes . . . . . . . . . . . . . . . . . 158 Routing Engine and Packet Forwarding Engine . . . . . . . . . . . . . . . . . . . 158 Junos OS Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158 Chapter 15 Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 Connecting and Configuring a J-EX Series Switch (CLI Procedure) . . . . . . . . . . . 161 Connecting and Configuring a J-EX Series Switch (J-Web Procedure) . . . . . . . . 163 Configuring the LCD Panel on J-EX Series Switches (CLI Procedure) . . . . . . . . . 166 Disabling or Enabling Menus and Menu Options on the LCD Panel . . . . . . . 166 Configuring a Custom Display Message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167 Configuring Date and Time for the J-EX Series Switch (J-Web Procedure) . . . . . 167 Configuring System Identity for a J-EX Series Switch (J-Web Procedure) . . . . . . 168 Chapter 16 Configuration Statements for System Setup . . . . . . . . . . . . . . . . . . . . . . . . . 171 arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171 authentication-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172 auxiliary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 boot-server (NTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 broadcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174 broadcast-client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 console (Physical Port) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176 default-address-selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 domain-name (Router) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 gre-path-mtu-discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 host-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 icmpv4-rate-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179 icmpv6-rate-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180 inet6-backup-router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181 internet-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182 ipip-path-mtu-discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 ipv6-duplicate-addr-detection-transmits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 ipv6-path-mtu-discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184 ipv6-path-mtu-discovery-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184 ipv6-reject-zero-hop-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 lcd-menu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 menu-item . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 multicast-client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189 no-multicast-echo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190 no-ping-record-route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190 no-ping-time-stamp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191 no-redirects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191 no-tcp-rfc1323 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192 no-tcp-rfc1323-paws . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192 ntp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193 xi Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS path-mtu-discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193 peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194 ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195 processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196 server (NTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197 tcp-drop-synfin-set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197 traceoptions (SBC Configuration Process) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198 trusted-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200 Chapter 17 Operational Mode Commands for System Setup . . . . . . . . . . . . . . . . . . . . . 201 clear chassis display message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 clear system reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204 configure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 op . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207 request chassis pic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209 request chassis routing-engine master . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210 request system halt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212 request system logout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215 request system power-off . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216 request system reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218 request system reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221 request system scripts convert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223 request system scripts refresh-from commit . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224 request system scripts refresh-from event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225 request system scripts refresh-from op . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 request system storage cleanup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227 restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229 set chassis display message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233 set date . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235 show chassis firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236 show chassis lcd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238 show configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244 show host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247 show ntp associations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248 show ntp status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250 show system firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251 show system reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252 show system snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254 show system software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256 show system storage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258 show system switchover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260 show system uptime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262 show system users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264 show system virtual-memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266 show task replication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295 show version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296 xii Table of Contents Part 6 Junos OS for J-EX Series Switches Power Management Chapter 18 Power Management Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301 Junos OS—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301 J-EX Series Switch Software Features Overview . . . . . . . . . . . . . . . . . . . . . . 301 Power Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302 Understanding Power Management on J-EX Series Switches . . . . . . . . . . . 302 Power Priority of Line Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303 Power Supply Redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304 Chapter 19 Initial Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307 Configuring Power Supply Redundancy (CLI Procedure) . . . . . . . . . . . . . . . . . . . 307 Configuring the Power Priority of Line Cards (CLI Procedure) . . . . . . . . . . . . . . . 308 Chapter 20 Verifying Power Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309 Verifying Power Configuration and Use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309 Chapter 21 Configuration Statements for Power Management . . . . . . . . . . . . . . . . . . . . 311 fpc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312 n-plus-n . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 power-budget-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 psu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314 redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314 Chapter 22 Operational Mode Commands for Power Management . . . . . . . . . . . . . . . 315 show chassis power-budget-statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 316 Part 7 Junos OS for J-EX Series Switches Configuration Management Chapter 23 Configuration Management Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321 Configuration Files—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321 Understanding Configuration Files for J-EX Series Switches . . . . . . . . . . . . . 321 Configuration Files Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322 Understanding Automatic Refreshing of Scripts on J-EX Series Switches . . 323 Understanding Autoinstallation of Configuration Files on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323 Typical Uses for Autoinstallation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323 Autoinstallation Configuration Files and IP Addresses . . . . . . . . . . . . . 324 Typical Autoinstallation Process on a New Switch . . . . . . . . . . . . . . . . 324 J-EX Series Switches Default Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325 J-EX4200 Default Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325 J-EX8200 Switch Default Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329 Chapter 24 Managing Junos OS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331 Using the Configuration Tools in J-Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331 Using the CLI Viewer in the J-Web Interface to View Configuration Text . . . . 331 Using the CLI Editor in the J-Web Interface to Edit Configuration Text . . . . . 331 Using the Point and Click CLI Tool in the J-Web Interface to Edit Configuration Text . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332 xiii Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Using the Commit Options to Commit Configuration Changes (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334 Managing Junos OS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335 Uploading a Configuration File (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . 336 Uploading a Configuration File (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . 337 Managing Configuration Files Through the Configuration History (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338 Displaying Configuration History . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338 Displaying Users Editing the Configuration . . . . . . . . . . . . . . . . . . . . . . . 339 Comparing Configuration Files with the J-Web Interface . . . . . . . . . . . 339 Downloading a Configuration File with the J-Web Interface . . . . . . . . . 340 Loading a Previous Configuration File with the J-Web Interface . . . . . . 340 Loading a Previous Configuration File (CLI Procedure) . . . . . . . . . . . . . . . . 340 Reverting to the Default Factory Configuration for the J-EX Series Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341 Reverting to the Default Factory Configuration by Using the LCD Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342 Reverting to the Default Factory Configuration by Using the Load Factory Default Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342 Reverting to the Rescue Configuration for the J-EX Series Switch . . . . . . . . 343 Setting or Deleting the Rescue Configuration (CLI Procedure) . . . . . . . . . . 344 Setting or Deleting the Rescue Configuration (J-Web Procedure) . . . . . . . . 345 Configuring Autoinstallation of Configuration Files (CLI Procedure) . . . . . . 345 Chapter 25 Verifying Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349 Verifying Autoinstallation Status on a J-EX Series Switch . . . . . . . . . . . . . . . . . . 349 Chapter 26 Configuration Statements for Configuration Management . . . . . . . . . . . . . 351 archival . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351 archive-sites (Configuration File) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352 autoinstallation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 commit synchronize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354 configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 configuration-servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356 interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357 transfer-interval (Configuration) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358 transfer-on-commit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358 Chapter 27 Operational Mode Commands for Configuration Management . . . . . . . . 359 clear log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360 clear system commit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361 file archive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362 file checksum md5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364 file checksum sha1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365 file checksum sha-256 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366 file compare . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367 file copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370 file delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371 file list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372 file rename . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373 xiv Table of Contents file show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375 request system configuration rescue delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376 request system configuration rescue save . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377 request system scripts refresh-from commit . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378 request system scripts refresh-from event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 request system scripts refresh-from op . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380 show system commit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381 show system configuration archival . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383 show system configuration rescue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384 show system rollback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385 test configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387 Part 8 User and Access Management on J-EX Series Switches Chapter 28 User and Access Management on J-EX Series Switches Overview . . . . . . 391 J-EX Series Switch Software Features Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 391 Understanding Software Infrastructure and Processes . . . . . . . . . . . . . . . . . . . . 392 Routing Engine and Packet Forwarding Engine . . . . . . . . . . . . . . . . . . . . . . . 392 Junos OS Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392 Chapter 29 User Access Management Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395 Configuring Management Access for the J-EX Series Switch (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395 Generating SSL Certificates to Be Used for Secure Web Access . . . . . . . . . . . . . 398 Configuring MS-CHAPv2 to Provide Password-Change Support (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399 Chapter 30 Monitoring Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401 Managing Users (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401 Chapter 31 Troubleshooting User Access Management . . . . . . . . . . . . . . . . . . . . . . . . . 405 Troubleshooting Loss of the Root Password . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405 Chapter 32 Configuration Statements for User and Access Management . . . . . . . . . 409 allow-commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409 allow-configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410 announcement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410 authentication (Login) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411 authentication-order . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412 change-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413 class (Assigning a Class to an Individual User) . . . . . . . . . . . . . . . . . . . . . . . . . . . 413 class (Defining Login Classes) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414 deny-commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415 deny-configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416 format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417 full-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417 idle-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418 login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419 login-alarms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 420 login-tip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 420 maximum-length . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421 xv Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421 minimum-changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422 minimum-length . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423 password (Login) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423 permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424 radius-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424 retry-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 425 root-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 426 root-login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427 tacplus-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428 tacplus-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 429 traceoptions (Address-Assignment Pool) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430 uid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431 user (Access) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432 Chapter 33 Operational Mode Commands for User and Access Management . . . . . . 433 request message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 434 show subscribers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 435 Part 9 Junos OS for J-EX Series Switches System Services Chapter 34 System Services Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445 DHCP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445 DHCP Services for J-EX Series Switches Overview . . . . . . . . . . . . . . . . . . . . 445 DHCP/BOOTP Relay for J-EX Series Switches Overview . . . . . . . . . . . . . . . 446 Chapter 35 System Services Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447 Configuring DHCP Services (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . 447 Configuring a DHCP SIP Server (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . 450 Chapter 36 Monitoring System Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451 Monitoring DHCP Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451 Chapter 37 Configuration Statements for System Services . . . . . . . . . . . . . . . . . . . . . . 455 boot-file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455 boot-server (DHCP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456 bootp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 457 ca-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458 cache-size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458 cache-timeout-negative . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 459 certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460 certification-authority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461 client-identifier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461 connection-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462 crl (Encryption Interface) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463 default-lease-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463 description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464 dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465 domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466 domain-name (DHCP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466 domain-search . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467 xvi Table of Contents encoding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467 enrollment-retry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468 enrollment-url . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468 file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469 ftp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469 helpers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470 http . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472 https . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473 interface (BOOTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474 interface (DNS and TFTP Packet Forwarding or Relay Agent) . . . . . . . . . . . . . . 475 ldap-url . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475 load-key-file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476 local . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477 local-certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478 maximum-certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478 maximum-hop-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479 maximum-lease-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479 minimum-wait-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480 name-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480 no-listen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481 outbound-ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482 path-length . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484 pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 485 port (HTTP/HTTPS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486 port (SRC Server) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 486 protocol-version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487 rate-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487 server (DHCP and BOOTP Relay Agent) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488 server (DNS and TFTP Service) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489 server-identifier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490 servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491 service-deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491 services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492 session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494 sip-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495 source-address (SRC Software) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495 source-address-giaddr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496 ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496 static-binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 497 telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 498 tftp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 498 traceoptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499 traceoptions (DHCP Server) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501 traceoptions (DNS and TFTP Packet Forwarding) . . . . . . . . . . . . . . . . . . . . . . . 504 web-management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 506 wins-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 507 xvii Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Chapter 38 Operational Mode Commands for System Services . . . . . . . . . . . . . . . . . . 509 clear system services dhcp binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510 clear system services dhcp conflict . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511 clear system services dhcp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512 request ipsec switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 513 request security certificate (signed) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 514 request security key-pair . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515 request security certificate (unsigned) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 516 show system services dhcp binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517 show system services dhcp conflict . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 519 show system services dhcp global . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 520 show system services dhcp pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522 show system services dhcp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524 show system services service-deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 526 ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527 telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 529 Part 10 Junos OS for J-EX Series Switches System Monitoring Chapter 39 System Monitoring Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 533 Understanding Alarm Types and Severity Levels on J-EX Series Switches . . . . . 533 Dashboard for J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534 System Information Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535 Health Status Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535 Capacity Utilization Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 536 Alarms Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 536 Chassis Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 537 Chapter 40 Administering and Monitoring System Functions . . . . . . . . . . . . . . . . . . . . . 541 Monitoring System Log Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 541 Checking Active Alarms with the J-Web Interface . . . . . . . . . . . . . . . . . . . . . . . . 544 Monitoring Chassis Alarms for a J-EX8200 Switch . . . . . . . . . . . . . . . . . . . . . . . 545 Monitoring Switch Control Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548 Monitoring System Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550 Monitoring Chassis Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 552 Monitoring System Process Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 554 Managing Log, Temporary, and Crash Files on the Switch (J-Web Procedure) . . 555 Cleaning Up Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 555 Downloading Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 556 Deleting Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 556 Chapter 41 Configuration Statements for System Monitoring . . . . . . . . . . . . . . . . . . . . 559 archive (All System Log Files) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 560 archive-sites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561 arguments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561 attributes-match . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 562 commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 563 console (System Logging) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 564 destination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 565 destinations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 566 xviii Table of Contents equals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 566 event-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 567 events (Associating Events with a Policy) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 569 events (Correlating Events with Each Other) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 569 event-script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 570 event-script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 571 execute-commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 572 explicit-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 572 facility-override . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 573 file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 574 file (System Logging) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575 files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576 generate-event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 577 host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 578 ignore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 579 interface (Accounting or Sampling) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 579 log-prefix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 580 match . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 580 not . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 581 output-filename . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 581 output-format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 582 policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 583 raise-trap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 584 refresh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 585 refresh-from . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 585 remote-execution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 586 retry-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 587 size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 588 source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 589 structured-data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 590 syslog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 591 then . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 593 time-format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 594 time-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 595 time-of-day . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 595 time-zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 596 traceoptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 598 traceoptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 600 traceoptions (Commit and Op Scripts) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 602 transfer-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 604 trigger . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 605 upload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 606 user (System Logging) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 607 user-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 608 within . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 608 world-readable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 609 xix Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Chapter 42 Operational Mode Commands for System Monitoring . . . . . . . . . . . . . . . . . 611 clear log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 612 file archive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 613 file checksum md5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 615 file checksum sha1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 616 file checksum sha-256 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 617 file compare . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 618 file copy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621 file delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 622 file list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 623 file rename . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 624 file show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 625 monitor list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 626 monitor start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 627 monitor stop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 628 request system configuration rescue delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 629 request system configuration rescue save . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 630 request system scripts refresh-from commit . . . . . . . . . . . . . . . . . . . . . . . . . . . . 631 request system scripts refresh-from event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 632 request system scripts refresh-from op . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 633 show chassis alarms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 634 show chassis environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 635 show chassis environment fpc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 637 show chassis environment routing-engine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 638 show chassis fpc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 639 show chassis hardware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 643 show chassis led . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 646 show chassis location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 649 show chassis pic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 650 show chassis routing-engine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 653 show chassis temperature-thresholds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 655 show log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 657 show pfe next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 659 show pfe route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 661 show pfe statistics ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 663 show pfe statistics ip6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 666 show pfe terse . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 669 show system alarms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 670 show system audit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 671 show system buffers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 673 show system connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 675 show system core-dumps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 679 show system directory-usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 681 show system processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 682 xx Table of Contents Part 11 Virtual Chassis Chapter 43 Virtual Chassis—Overview, Components, and Configurations . . . . . . . . . . 691 Virtual Chassis Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691 Basic Configuration of a Virtual Chassis with Master and Backup Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 692 Expanding Configurations—Within a Single Wiring Closet and Across Wiring Closets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 692 Global Management of Member Switches in a Virtual Chassis . . . . . . . . . . 693 High Availability Through Redundant Routing Engines . . . . . . . . . . . . . . . . . 693 Adaptability as an Access Switch or Distribution Switch . . . . . . . . . . . . . . . 693 Understanding Virtual Chassis Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . 694 Virtual Chassis Ports (VCPs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 694 Master Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 694 Backup Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 695 Linecard Role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 695 Member Switch and Member ID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 696 Mastership Priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 696 Virtual Chassis Identifier (VCID) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 697 Understanding How the Master in a Virtual Chassis Configuration Is Elected . . 698 Understanding Software Upgrade in a Virtual Chassis Configuration . . . . . . . . 698 Understanding Global Management of a Virtual Chassis Configuration . . . . . . 699 Understanding Nonvolatile Storage in a Virtual Chassis Configuration . . . . . . . . 702 Nonvolatile Memory Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 702 Understanding the High-Speed Interconnection of the Virtual Chassis Members . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 702 Understanding Virtual Chassis Configurations and Link Aggregation . . . . . . . . . 702 Understanding Virtual Chassis Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 704 Understanding Virtual Chassis J-EX4200 Switch Version Compatibility . . . . . . 705 Understanding Fast Failover in a Virtual Chassis Configuration . . . . . . . . . . . . . . 706 Supported Topologies for Fast Failover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 706 How Fast Failover Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 706 Fast Failover in a Ring Topology using Dedicated VCPs . . . . . . . . . . . . . 706 Fast Failover in a Ring Topology Using Uplink Module VCPs . . . . . . . . . 708 Fast Failover in a Virtual Chassis Configuration Using Multiple Ring Topologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 710 Effects of Topology Changes on a Fast Failover Configuration . . . . . . . . . . . . 711 Understanding Split and Merge in a Virtual Chassis Configuration . . . . . . . . . . . . 712 What Happens When a Virtual Chassis Configuration Splits . . . . . . . . . . . . . 712 Merging Virtual Chassis Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 713 Understanding Automatic Software Update on Virtual Chassis Member Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 715 Chapter 44 Virtual Chassis—Configuration Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . 717 Example: Configuring a Virtual Chassis with a Master and Backup in a Single Wiring Closet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 717 Example: Expanding a Virtual Chassis Configuration in a Single Wiring Closet . . 722 Example: Setting Up a Multimember Virtual Chassis Access Switch with a Default Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 727 xxi Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Example: Configuring a Virtual Chassis Interconnected Across Multiple Wiring Closets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 733 Example: Configuring Aggregated Ethernet High-Speed Uplinks Between a Virtual Chassis Access Switch and a Virtual Chassis Distribution Switch . . 740 Example: Configuring Aggregated Ethernet High-Speed Uplinks with LACP Between a Virtual Chassis Access Switch and a Virtual Chassis Distribution Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 746 Example: Configuring a Virtual Chassis Using a Preprovisioned Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 752 Example: Configuring Fast Failover on Uplink Module VCPs to Reroute Traffic When a Virtual Chassis Member Switch or Intermember Link Fails . . . . . . . 763 Example: Assigning the Virtual Chassis ID to Determine Precedence During a Virtual Chassis Merge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 767 Example: Configuring Link Aggregation Groups Using Uplink Virtual Chassis Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 769 Example: Configuring Automatic Software Update on Virtual Chassis Member Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 777 Chapter 45 Configuring Virtual Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 781 Configuring a Virtual Chassis (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 781 Configuring a Virtual Chassis with a Preprovisioned Configuration File . . . . 782 Configuring a Virtual Chassis with a Nonprovisioned Configuration File . . . 783 Configuring a Virtual Chassis (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . 784 Adding a New Switch to an Existing Virtual Chassis Configuration (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 786 Adding a New Switch to an Existing Virtual Chassis Configuration Within the Same Wiring Closet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 786 Adding a New Switch from a Different Wiring Closet to an Existing Virtual Chassis Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 787 Adding a New Switch to an Existing Preprovisioned Virtual Chassis Configuration Using Autoprovisioning . . . . . . . . . . . . . . . . . . . . . . . . . . 789 Configuring Mastership of the Virtual Chassis (CLI Procedure) . . . . . . . . . . . . . . 790 Configuring Mastership Using a Preprovisioned Configuration File . . . . . . . . 791 Configuring Mastership Using a Configuration File That Is Not Preprovisioned . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 792 Setting an Uplink Module Port as a Virtual Chassis Port (CLI Procedure) . . . . . . 792 Setting an Uplink VCP Between Two Member Switches . . . . . . . . . . . . . . . 794 Setting an Uplink VCP on a Standalone Switch . . . . . . . . . . . . . . . . . . . . . . 794 Setting an Uplink Module Port or a J-EX4200-24F Network Port as a Virtual Chassis Port Using the LCD Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 795 Configuring the Virtual Management Ethernet Interface for Global Management of a Virtual Chassis (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 797 Configuring the Timer for the Backup Member to Start Using Its Own MAC Address, as Master of Virtual Chassis (CLI Procedure) . . . . . . . . . . . . . . . . . 797 Configuring Fast Failover in a Virtual Chassis Configuration . . . . . . . . . . . . . . . . 798 Disabling Fast Failover in a Virtual Chassis Configuration . . . . . . . . . . . . . . . . . . 799 Disabling Split and Merge in a Virtual Chassis Configuration (CLI Procedure) . . 799 Assigning the Virtual Chassis ID to Determine Precedence During a Virtual Chassis Merge (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 800 xxii Table of Contents Configuring Automatic Software Update on Virtual Chassis Member Switches (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 800 Configuring Graceful Routing Engine Switchover in a Virtual Chassis (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 801 Chapter 46 Verifying Virtual Chassis Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 803 Command Forwarding Usage with a Virtual Chassis Configuration . . . . . . . . . . 803 Verifying the Member ID, Role, and Neighbor Member Connections of a Virtual Chassis Member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 807 Verifying That the Virtual Chassis Ports Are Operational . . . . . . . . . . . . . . . . . . 808 Monitoring Virtual Chassis Configuration Status and Statistics . . . . . . . . . . . . . 809 Replacing a Member Switch of a Virtual Chassis Configuration (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 811 Remove, Repair, and Reinstall the Same Switch . . . . . . . . . . . . . . . . . . . . . . 811 Remove a Member Switch, Replace with a Different Switch, and Reapply the Old Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 812 Remove a Member Switch and Make Its Member ID Available for Reassignment to a Different Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . 812 Verifying That Graceful Routing Engine Switchover Is Working in the Virtual Chassis Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 813 Chapter 47 Troubleshooting Virtual Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 815 Troubleshooting a Virtual Chassis Configuration . . . . . . . . . . . . . . . . . . . . . . . . . Clear Virtual Chassis NotPrsnt Status and Make Member ID Available for Reassignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Load Factory Default Does Not Commit on a Multimember Virtual Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Member ID Persists When a Member Switch Is Disconnected From a Virtual Chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Chapter 48 815 815 815 815 Configuration Statements for Virtual Chassis . . . . . . . . . . . . . . . . . . . . . . . . 817 [edit virtual-chassis] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . 817 auto-sw-update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 818 fast-failover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 819 graceful-switchover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 820 id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 820 mac-persistence-timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 821 mastership-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 822 member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 823 no-management-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 824 no-split-detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 825 package-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 826 preprovisioned . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 827 redundancy (Graceful Switchover) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 828 role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 829 serial-number . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 831 traceoptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 832 virtual-chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 834 xxiii Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Chapter 49 Operational Mode Commands for Virtual Chassis . . . . . . . . . . . . . . . . . . . . 835 clear virtual-chassis vc-port statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 836 request session member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 837 request virtual-chassis recycle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 838 request virtual-chassis renumber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 839 request virtual-chassis vc-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 840 request virtual-chassis vc-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 841 show system uptime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 842 show virtual-chassis active topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 844 show virtual-chassis fast-failover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 846 show virtual-chassis status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 847 show virtual-chassis vc-path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 849 show virtual-chassis vc-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 851 show virtual-chassis vc-port statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 854 Part 12 Interfaces on J-EX Series Switches Chapter 50 Interfaces—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 863 J-EX Series Switches Interfaces Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 863 Network Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 863 Special Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 864 Understanding Interface Naming Conventions on J-EX Series Switches . . . . . . 865 Physical Part of an Interface Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 865 Logical Part of an Interface Name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 866 Wildcard Characters in Interface Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . 867 Understanding Aggregated Ethernet Interfaces and LACP . . . . . . . . . . . . . . . . . 867 Link Aggregation Group (LAG) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 867 Link Aggregation Control Protocol (LACP) . . . . . . . . . . . . . . . . . . . . . . . . . . 868 Understanding Interface Ranges on J-EX Series Switches . . . . . . . . . . . . . . . . . 869 Understanding Layer 3 Subinterfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 871 Understanding Unicast RPF for J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . 872 Unicast RPF for J-EX Series Switches Overview . . . . . . . . . . . . . . . . . . . . . . 872 Unicast RPF Implementation for J-EX Series Switches . . . . . . . . . . . . . . . . . 873 Unicast RPF Packet Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 873 Bootstrap Protocol (BOOTP) and DHCP Requests . . . . . . . . . . . . . . . . 873 Default Route Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 873 When to Enable Unicast RPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 873 When Not to Enable Unicast RPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 874 Limitations of the Unicast RPF Implementation on J-EX4200 Switches . . . 875 Understanding IP Directed Broadcast for J-EX Series Switches . . . . . . . . . . . . . 876 IP Directed Broadcast for J-EX Series Switches Overview . . . . . . . . . . . . . . 876 IP Directed Broadcast Implementation for J-EX Series Switches . . . . . . . . . 876 When to Enable IP Directed Broadcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 877 When Not to Enable IP Directed Broadcast . . . . . . . . . . . . . . . . . . . . . . . . . . 877 High Availability Features for J-EX Series Switches Overview . . . . . . . . . . . . . . . 877 VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 878 Graceful Protocol Restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 878 Redundant Routing Engines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 878 Graceful Routing Engine Switchover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 879 xxiv Table of Contents Virtual Chassis Software Upgrade and Failover Features . . . . . . . . . . . . . . . 879 Link Aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 880 Chapter 51 Examples: Interfaces Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 881 Example: Configuring Aggregated Ethernet High-Speed Uplinks Between a Virtual Chassis Access Switch and a Virtual Chassis Distribution Switch . . . 881 Example: Configuring Aggregated Ethernet High-Speed Uplinks with LACP Between a Virtual Chassis Access Switch and a Virtual Chassis Distribution Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 887 Example: Configuring Layer 3 Subinterfaces for a Distribution Switch and an Access Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 893 Example: Configuring Unicast RPF on a J-EX Series Switch . . . . . . . . . . . . . . . . 900 Example: Configuring IP Directed Broadcast on a J-EX Series Switch . . . . . . . . 904 Chapter 52 Configuring Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 909 Configuring Gigabit Ethernet Interfaces (J-Web Procedure) . . . . . . . . . . . . . . . . 909 Port Role Configuration with the J-Web Interface (with CLI References) . . . . . . 915 Configuring Gigabit Ethernet Interfaces (CLI Procedure) . . . . . . . . . . . . . . . . . . . 919 Configuring VLAN Options and Port Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . 919 Configuring the Link Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 919 Configuring the IP Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 920 Setting the Mode on an SFP+ Uplink Module (CLI Procedure) . . . . . . . . . . . . . . . 921 Configuring Aggregated Ethernet Interfaces (CLI Procedure) . . . . . . . . . . . . . . . 922 Configuring Aggregated Ethernet Interfaces (J-Web Procedure) . . . . . . . . . . . . 923 Configuring Aggregated Ethernet LACP (CLI Procedure) . . . . . . . . . . . . . . . . . . . 926 Configuring Unicast RPF (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 927 Disabling Unicast RPF (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 928 Configuring IP Directed Broadcast (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . 929 Configuring a Layer 3 Subinterface (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . 930 Chapter 53 Verifying Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 931 Monitoring Interface Status and Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 931 Verifying the Status of a LAG Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 932 Verifying That LACP Is Configured Correctly and Bundle Members Are Exchanging LACP Protocol Packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 933 Verifying the LACP Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 933 Verifying That the LACP Packets Are Being Exchanged . . . . . . . . . . . . . . . . 933 Verifying That Layer 3 Subinterfaces Are Working . . . . . . . . . . . . . . . . . . . . . . . . 934 Verifying Unicast RPF Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 935 Verifying IP Directed Broadcast Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 937 Chapter 54 Troubleshooting Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 939 Troubleshooting Network Interfaces on J-EX4200 Switches . . . . . . . . . . . . . . . 939 The interface on the port in which an SFP or SFP+ transceiver is installed in an SFP+ uplink module is down . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 939 Troubleshooting an Aggregated Ethernet Interface . . . . . . . . . . . . . . . . . . . . . . . 940 Troubleshooting Interface Configuration and Cable Faults . . . . . . . . . . . . . . . . . 940 Interface Configuration or Connectivity Is Not Working . . . . . . . . . . . . . . . . 940 Troubleshooting Unicast RPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 941 Legitimate Packets Are Discarded . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 941 xxv Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Troubleshooting Uplink Module Installation or Replacement on J-EX4200 Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 942 Virtual Chassis port (VCP) connection does not work . . . . . . . . . . . . . . . . . 942 Chapter 55 Configuration Statements for Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . 943 [edit chassis] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . 943 [edit interfaces] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . 943 802.3ad . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 948 aggregated-devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 949 aggregated-ether-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 950 auto-negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 951 chassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 952 description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 953 device-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 954 ether-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 955 ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 956 family (for J-EX Series switches) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 957 filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 960 flow-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 961 force-up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 961 interface-range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 962 interfaces (for J-EX Series switches) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 963 lacp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 968 lacp (802.3ad) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 969 link-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 970 link-speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 971 member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 972 members . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 973 member-range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 974 minimum-links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 974 mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 975 native-vlan-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 976 periodic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 977 pic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 978 pic-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 978 port-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 979 rpf-check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 980 sfpplus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 981 speed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 982 targeted-broadcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 983 unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 984 vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 985 vlan-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 986 vlan-tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 987 Chapter 56 Operational Mode Commands for Interfaces . . . . . . . . . . . . . . . . . . . . . . . . 989 clear ipv6 neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 990 monitor interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 991 show ethernet-switching interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 997 show interfaces diagnostics optics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1000 xxvi Table of Contents show interfaces ge- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1005 show interfaces queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1016 show interfaces xe- . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1019 show ipv6 neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1031 show lacp interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1033 test interface restart-auto-negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1037 Part 13 Layer 2 Bridging and VLANs Chapter 57 Bridging and VLANs—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1041 Understanding Bridging and VLANs on J-EX Series Switches . . . . . . . . . . . . . . . 1041 Ethernet LANs, Transparent Bridging, and VLANs . . . . . . . . . . . . . . . . . . . . 1041 How Bridging Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1042 Types of Switch Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1044 IEEE 802.1Q Encapsulation and Tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1044 Assignment of Traffic to VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1044 Ethernet Switching Tables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1045 Layer 2 and Layer 3 Forwarding of VLAN Traffic . . . . . . . . . . . . . . . . . . . . . 1045 GVRP and MVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1045 Routed VLAN Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1046 Understanding Private VLANs on J-EX Series Switches . . . . . . . . . . . . . . . . . . . 1047 Understanding Virtual Routing Instances on J-EX Series Switches . . . . . . . . . . 1048 Understanding Redundant Trunk Links on J-EX Series Switches . . . . . . . . . . . . 1049 Understanding Q-in-Q Tunneling on J-EX Series Switches . . . . . . . . . . . . . . . . . 1051 How Q-in-Q Tunneling Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1051 Disabling MAC Address Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1052 Mapping C-VLANs to S-VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1052 All-in-One Bundling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1053 Many-to-One Bundling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1053 Mapping a Specific Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1053 Routed VLAN Interfaces on Q-in-Q VLANs . . . . . . . . . . . . . . . . . . . . . . . . . 1053 Limitations for Q-in-Q Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1054 Understanding Multiple VLAN Registration Protocol (MVRP) on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1054 How MVRP Works on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . 1054 Basics of MVRP on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . 1055 MVRP Registration Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1055 MRP Timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1055 MRP VLAN Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1056 Understanding Layer 2 Protocol Tunneling on J-EX Series Switches . . . . . . . . . 1056 Layer 2 Protocols Supported by L2PT on J-EX Series Switches . . . . . . . . . 1057 How L2PT Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1057 L2PT Basics on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1058 Understanding Proxy ARP on EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . 1059 What Is ARP? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1059 Proxy ARP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1059 Best Practices for Proxy ARP on J-EX Series Switches . . . . . . . . . . . . . . . . 1060 Understanding MAC Notification on J-EX Series Switches . . . . . . . . . . . . . . . . 1060 xxvii Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Chapter 58 Examples: Bridging and VLAN Configuration . . . . . . . . . . . . . . . . . . . . . . . 1063 Example: Setting Up Basic Bridging and a VLAN for a J-EX Series Switch . . . . 1063 Example: Setting Up Bridging with Multiple VLANs for J-EX Series Switches . . 1070 Example: Connecting an Access Switch to a Distribution Switch . . . . . . . . . . . 1078 Example: Configure Automatic VLAN Administration Using GVRP . . . . . . . . . . 1087 Example: Configuring Redundant Trunk Links for Faster Recovery . . . . . . . . . . . 1101 Example: Setting Up Q-in-Q Tunneling on J-EX Series Switches . . . . . . . . . . . . 1105 Example: Configuring a Private VLAN on a J-EX Series Switch . . . . . . . . . . . . . . 1107 Example: Using Virtual Routing Instances to Route Among VLANs on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1112 Example: Configuring Automatic VLAN Administration Using MVRP on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1115 Example: Configuring Layer 2 Protocol Tunneling on J-EX Series Switches . . . . 1126 Chapter 59 Configuring Bridging and VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1133 Configuring VLANs for J-EX Series Switches (J-Web Procedure) . . . . . . . . . . . . 1133 Configuring VLANs for J-EX Series Switches (CLI Procedure) . . . . . . . . . . . . . . . 1136 Configuring Routed VLAN Interfaces (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . 1137 Configuring MAC Table Aging (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . 1138 Configuring the Native VLAN Identifier (CLI Procedure) . . . . . . . . . . . . . . . . . . . 1139 Creating a Series of Tagged VLANs (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . 1140 Configuring Virtual Routing Instances (CLI Procedure) . . . . . . . . . . . . . . . . . . . . 1142 Creating a Private VLAN (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1143 Configuring Q-in-Q Tunneling (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . 1144 Configuring GVRP (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1144 Configuring Redundant Trunk Groups (J-Web Procedure) . . . . . . . . . . . . . . . . . 1146 Configuring Multiple VLAN Registration Protocol (MVRP) (CLI Procedure) . . . . 1147 Enabling MVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1147 Disabling MVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1147 Disabling Dynamic VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1148 Configuring Timer Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1148 Configuring MVRP Registration Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1149 Configuring Layer 2 Protocol Tunneling on J-EX Series Switches (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1150 Configuring MAC Notification (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . 1151 Enabling MAC Notification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1152 Disabling MAC Notification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1152 Setting the MAC Notification Interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1152 Configuring Proxy ARP (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1153 Chapter 60 Verifying Bridging and VLAN Configuration . . . . . . . . . . . . . . . . . . . . . . . . . 1155 Verifying That a Series of Tagged VLANs Has Been Created . . . . . . . . . . . . . . . . 1155 Verifying That Virtual Routing Instances Are Working . . . . . . . . . . . . . . . . . . . . . 1157 Verifying That Q-in-Q Tunneling Is Working . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1158 Verifying That a Private VLAN Is Working . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1159 Monitoring Ethernet Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1160 Monitoring GVRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1161 Verifying That MVRP Is Working Correctly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1162 Verifying That MAC Notification Is Working Properly . . . . . . . . . . . . . . . . . . . . . . 1163 xxviii Table of Contents Verifying That Proxy ARP Is Working Correctly . . . . . . . . . . . . . . . . . . . . . . . . . . . 1164 Chapter 61 Troubleshooting Bridging and VLAN Configuration . . . . . . . . . . . . . . . . . . 1165 Troubleshooting Ethernet Switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1165 MAC Address in the Switch’s Ethernet Switching Table Is Not Updated After a MAC Address Move . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1165 Chapter 62 Configuration Statements for Bridging and VLANs . . . . . . . . . . . . . . . . . . . 1167 [edit ethernet-switching-options] Configuration Statement Hierarchy . . . . . . . 1167 [edit interfaces] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . 1169 [edit protocols] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . 1173 [edit routing-instances] Configuration Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . 1180 [edit vlans] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . 1180 arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1181 bridge-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1182 customer-vlans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1183 description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1184 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1184 disable (MVRP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1185 dot1q-tunneling (Ethernet Switching) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1185 dot1q-tunneling (VLANs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1186 drop-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1187 ether-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1188 ethernet-switching-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1189 filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1192 group-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1193 gvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1194 instance-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1195 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1195 interface (MVRP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1196 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1197 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1197 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1198 interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1198 join-timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1199 join-timer (MVRP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1200 l3-interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1201 layer2-protocol-tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1202 leave-timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1203 leave-timer (MVRP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1204 leaveall-timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1205 leaveall-timer (MVRP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1206 mac-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1207 mac-notification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1208 mac-table-aging-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1209 mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1210 members . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1211 mvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1212 native-vlan-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1213 no-dynamic-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1214 xxix Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS no-local-switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1214 no-mac-learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1215 no-mac-learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1215 notification-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1216 port-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1217 primary-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1218 redundant-trunk-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1218 registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1219 routing-instances . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1219 shutdown-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1220 vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1221 vlan-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1221 vlan-range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1222 vlans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1223 Chapter 63 Operational Mode Commands for Bridging and VLANs . . . . . . . . . . . . . . . 1225 clear ethernet-switching layer2-protocol-tunneling error . . . . . . . . . . . . . . . . . . 1226 clear ethernet-switching layer2-protocol-tunneling statistics . . . . . . . . . . . . . . 1227 clear ethernet-switching table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1228 clear gvrp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1229 clear mvrp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1230 show ethernet-switching interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1231 show ethernet-switching layer2-protocol-tunneling interface . . . . . . . . . . . . . . 1234 show ethernet-switching layer2-protocol-tunneling statistics . . . . . . . . . . . . . 1236 show ethernet-switching layer2-protocol-tunneling vlan . . . . . . . . . . . . . . . . . 1239 show ethernet-switching mac-learning-log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1241 show ethernet-switching mac-notification . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1243 show ethernet-switching statistics aging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1244 show ethernet-switching statistics mac-learning . . . . . . . . . . . . . . . . . . . . . . . . 1246 show ethernet-switching table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1249 show gvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1253 show gvrp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1255 show mvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1257 show mvrp dynamic-vlan-memberships . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1259 show mvrp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1260 show redundant-trunk-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1262 show vlans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1263 Part 14 Spanning-Tree Protocols Chapter 64 Spanning-Tree Protocols—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1275 Understanding STP for J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . 1275 Understanding RSTP for J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . 1276 Understanding MSTP for J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . 1277 Understanding BPDU Protection for STP, RSTP, and MSTP on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1278 Understanding Loop Protection for STP, RSTP, VSTP, and MSTP on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1279 Understanding Root Protection for STP, RSTP, VSTP, and MSTP on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1280 xxx Table of Contents Understanding VSTP for J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . 1281 Chapter 65 Examples of Spanning-Tree Protocols Configuration . . . . . . . . . . . . . . . . 1283 Example: Configuring Faster Convergence and Improving Network Stability with RSTP on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1283 Example: Configuring Network Regions for VLANs with MSTP on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1297 Example: Configuring BPDU Protection on STP Interfaces to Prevent STP Miscalculations on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1317 Example: Configuring BPDU Protection on non-STP Interfaces to Prevent STP Miscalculations on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1321 Example: Configuring Loop Protection to Prevent Interfaces from Transitioning from Blocking to Forwarding in a Spanning Tree on J-EX Series Switches . . 1325 Example: Configuring Root Protection to Enforce Root Bridge Placement in Spanning Trees on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . 1329 Chapter 66 Configuring Spanning-Tree Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1335 Unblocking an Interface That Receives BPDUs in Error (CLI Procedure) . . . . . . 1335 Configuring STP (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1336 Configuring Spanning-Tree Protocols (J-Web Procedure) . . . . . . . . . . . . . . . . . 1336 Configuring VLAN Spanning Tree Protocol (CLI Procedure) . . . . . . . . . . . . . . . 1340 Chapter 67 Verifying Spanning Tree Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1343 Monitoring Spanning-Tree Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1343 Chapter 68 Configuration Statements for Spanning-Tree Protocols . . . . . . . . . . . . . . 1347 [edit protocols] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . 1347 alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1354 block . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1355 bpdu-block . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1356 bpdu-block-on-edge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1357 bpdu-timeout-action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1358 bridge-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1359 configuration-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1360 cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1361 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1362 disable-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1363 edge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1364 force-version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1365 forward-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1366 hello-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1367 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1368 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1369 max-age . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1370 max-hops . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1371 mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1372 msti . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1373 mstp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1374 no-root-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1375 priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1376 xxxi Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS revision-level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1377 rstp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1378 stp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1380 traceoptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1381 vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1384 vlan (VSTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1386 vstp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1387 Chapter 69 Operational Mode Commands for Spanning-Tree Protocols . . . . . . . . . . 1389 clear ethernet-switching bpdu-error . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1390 clear spanning-tree statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1391 clear spanning-tree statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1392 show spanning-tree bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1393 show spanning-tree bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1398 show spanning-tree interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1402 show spanning-tree interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1407 show spanning-tree mstp configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1411 show spanning-tree mstp configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1413 show spanning-tree statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1414 show spanning-tree statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1416 Part 15 Layer 3 Protocols Chapter 70 Layer 3 Protocols—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1421 Layer 3 Protocols Supported on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . 1421 Layer 3 Protocols Not Supported on J-EX Series Switches . . . . . . . . . . . . . . . . . 1422 Understanding Distributed Periodic Packet Management on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1424 Understanding VRRP on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . 1425 Overview of VRRP on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . 1425 Examples of VRRP Topologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1426 Understanding IPsec Authentication for OSPF Packets on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1428 Authentication Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1428 Encryption Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1429 IPsec Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1429 Security Associations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1429 IPsec Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1430 Chapter 71 Configuring Layer 3 Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1431 Configuring BGP Sessions (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . 1431 Configuring an OSPF Network (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . 1435 Configuring a RIP Network (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . 1439 Configuring Static Routing (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1444 Configuring Static Routing (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . 1444 xxxii Table of Contents Configuring Routing Policies (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . 1446 Configuring Distributed Periodic Packet Management on a J-EX Series Switch (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1451 Disabling or Enabling Distributed Periodic Packet Management Globally . . 1451 Disabling or Enabling Distributed Periodic Packet Management for Link Aggregation Control Protocol (LACP) Packets . . . . . . . . . . . . . . . . . . . 1452 Configuring VRRP for IPv6 (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1452 Using IPsec to Secure OSPFv3 Networks (CLI Procedure) . . . . . . . . . . . . . . . . . 1453 Configuring Security Associations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1453 Securing OPSFv3 Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1454 Chapter 72 Verifying Layer 3 Protocols Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 1455 Monitoring BGP Routing Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1455 Monitoring OSPF Routing Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1457 Monitoring RIP Routing Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1460 Monitoring Routing Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1461 Chapter 73 Configuration Statements for Layer 3 Protocols . . . . . . . . . . . . . . . . . . . . . 1465 accept-remote-nexthop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1465 active . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1466 advertise-external . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1467 advertise-inactive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1468 advertise-peer-as . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1469 aggregate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1470 aggregate-label . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1471 allow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1472 any-sender . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1473 area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1474 area-range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1475 as-override . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1476 as-path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1477 asm-override-ssm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1478 authentication-algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1479 authentication-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1480 authentication-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1481 authentication-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1482 authentication-key-chain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1483 authentication-key-chains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1484 authentication-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1485 authentication-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1486 autonomous-system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1487 backup-pe-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1488 backups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1489 bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1490 bandwidth-based-metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1491 bfd-liveness-detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1493 bfd-liveness-detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1496 bfd-liveness-detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1498 bfd-liveness-detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1501 bfd-liveness-detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1503 xxxiii Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS bgp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1506 bgp-orf-cisco-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1507 bmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1508 brief . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1509 centralized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1510 check-zero . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1511 checksum . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1512 cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1513 community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1514 confederation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1515 csnp-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1516 damping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1517 dead-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1518 default-lsa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1519 default-metric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1520 description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1521 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1522 disable (IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1523 disable (OSPF) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1524 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1525 discard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1526 domain-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1527 domain-vpn-tag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1527 explicit-null . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1528 export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1529 export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1530 export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1531 export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1532 export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1532 export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1533 export-rib . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1533 external-preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1534 external-preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1535 family . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1536 fate-sharing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1539 flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1540 flow-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1541 forwarding-cache (Flow Maps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1541 forwarding-cache (Multicast) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1542 forwarding-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1542 generate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1543 graceful-restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1544 graceful-restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1545 graceful-restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1546 graceful-restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1547 graceful-restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1548 graceful-restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1549 group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1550 group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1553 xxxiv Table of Contents group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1555 hello-authentication-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1556 hello-authentication-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1557 hello-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1558 hello-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1559 hello-padding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1560 holddown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1561 holddown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1561 hold-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1562 hold-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1563 hold-time (IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1564 idle-after-switch-over . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1565 ignore-attached-bit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1566 ignore-lsp-metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1566 import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1567 import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1568 import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1569 import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1570 import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1571 import-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1571 import-rib . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1572 include-mp-next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1573 indirect-next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1573 inet6-advertise-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1574 install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1575 instance-export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1576 instance-import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1576 inter-area-prefix-export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1577 inter-area-prefix-import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1578 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1579 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1581 interface (Routing Options) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1583 interface (Multicast via Static Routes) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1584 interface-routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1585 interface-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1586 ipv4-multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1587 ipv4-multicast-metric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1587 ipv6-multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1588 ipv6-multicast-metric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1588 ipv6-unicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1589 ipv6-unicast-metric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1589 isis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1590 keep . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1591 labeled-unicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1592 level (Global IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1593 link-protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1594 local-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1595 local-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1596 local-as . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1597 xxxv Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS local-interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1598 local-preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1599 log-updown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1600 loose-authentication-check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1601 lsp-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1601 lsp-lifetime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1602 lsp-metric-into-summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1602 martians . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1603 max-areas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1604 maximum-bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1604 maximum-paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1605 maximum-prefixes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1606 med-igp-update-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1607 mesh-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1608 message-size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1609 metric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1610 metric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1611 metric (Aggregate, Generated, or Static Route) . . . . . . . . . . . . . . . . . . . . . . . . . . 1612 metric-in . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1613 metric-in . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1614 metric-out . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1615 metric-out . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1617 metric-out . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1618 metric-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1619 mtu-discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1620 multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1621 multihop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1622 multipath . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1623 neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1624 neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1627 neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1628 no-adjacency-holddown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1629 no-aggregator-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1630 no-authentication-check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1631 no-client-reflect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1632 no-csnp-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1633 no-eligible-backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1633 no-hello-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1634 no-ipv4-multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1634 no-ipv4-routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1635 no-ipv6-multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1635 no-ipv6-routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1636 no-ipv6-unicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1636 no-nssa-abr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1637 no-psnp-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1637 no-qos-adjust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1638 no-rfc-1583 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1639 no-unicast-topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1640 no-validate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1640 xxxvi Table of Contents node-link-protection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1641 nssa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1642 options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1643 ospf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1644 ospf3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1644 out-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1645 outbound-route-filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1646 overload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1647 overload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1648 passive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1649 passive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1650 passive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1651 peer-as . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1652 pim-to-igmp-proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1653 pim-to-mld-proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1654 point-to-point . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1654 policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1655 policy (Flow Maps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1656 policy (SSM Maps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1656 ppm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1657 ppm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1658 preempt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1659 preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1660 preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1661 preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1662 preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1663 preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1663 preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1664 prefix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1665 prefix-export-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1665 prefix-export-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1666 prefix-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1667 priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1668 priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1669 priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1670 qualified-next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1671 readvertise . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1672 realm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1673 receive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1674 receive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1675 redundant-sources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1676 reference-bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1676 reference-bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1677 remove-private . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1678 resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1679 resolution-ribs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1679 resolve . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1680 restart-duration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1681 retain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1682 xxxvii Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS retransmit-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1683 reverse-oif-mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1684 rib (General) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1685 rib (Route Resolution) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1686 rib-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1687 rib-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1688 rib-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1689 rib-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1690 rib-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1691 rib-groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1692 rip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1693 ripng . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1693 route-distinguisher-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1694 route-record . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1694 route-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1695 route-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1696 route-type-community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1696 router-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1697 routing-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1697 rpf-check-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1698 scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1698 scope-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1699 send . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1700 send . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1701 shortcuts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1702 source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1702 source-routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1703 spf-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1704 spf-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1705 ssm-groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1706 ssm-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1707 static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1708 stub . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1710 subscriber-leave-timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1711 summaries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1712 tag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1713 tcp-mss . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1714 threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1715 timeout (Flow Maps) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1716 timeout (Multicast) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1716 topologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1717 traceoptions (BGP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1718 traceoptions (IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1721 traceoptions (OSPF) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1724 traceoptions (RIP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1727 traceoptions (RIPng) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1730 traceoptions (All Routing Protocols) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1733 traffic-engineering (OSPF) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1735 transit-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1736 xxxviii Table of Contents type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1737 type-7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1738 update-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1739 update-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1739 upstream-interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1740 virtual-inet6-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1741 virtual-link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1742 virtual-link-local-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1743 vrrp-inet6-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1744 wide-metrics-only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1745 Chapter 74 Operational Commands for Layer 3 Protocols . . . . . . . . . . . . . . . . . . . . . . . 1747 clear (ospf | ospf3) database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1748 clear (ospf | ospf3) io-statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1751 clear (ospf | ospf3) neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1752 clear (ospf | ospf3) statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1753 clear bgp damping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1755 clear bgp neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1756 clear bgp table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1758 clear ipv6 neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1759 clear isis adjacency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1760 clear isis database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1762 clear isis overload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1764 clear isis statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1766 clear ospf overload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1768 clear rip general-statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1769 clear rip statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1770 clear ripng general-statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1771 clear ripng statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1772 show (ospf | ospf3) interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1773 show (ospf | ospf3) io-statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1778 show (ospf | ospf3) log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1779 show (ospf | ospf3) neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1782 show (ospf | ospf3) overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1787 show (ospf | ospf3) route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1791 show (ospf | ospf3) statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1796 show as-path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1798 show as-path domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1802 show as-path summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1804 show bgp bmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1805 show bgp group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1806 show bgp neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1812 show bgp summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1824 show ipv6 neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1828 show isis adjacency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1830 show isis authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1834 show isis backup coverage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1836 show isis backup label-switched-path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1838 show isis backup spf results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1840 xxxix Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS show isis database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1843 show isis hostname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1850 show isis interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1851 show isis overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1855 show isis route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1858 show isis spf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1861 show isis statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1866 show ospf3 database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1868 show ospf database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1878 show policy damping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1886 show rip general-statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1888 show rip neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1889 show rip statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1891 show ripng general-statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1894 show ripng neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1895 show ripng statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1897 show route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1899 show route active-path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1903 show route all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1908 show route aspath-regex . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1910 show route best . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1912 show route brief . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1916 show route community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1918 show route community-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1920 show route damping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1922 show route detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1927 show route exact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1941 show route export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1944 show route extensive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1946 show route flow validation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1958 show route inactive-path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1960 show route inactive-prefix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1963 show route instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1965 show route label . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1972 show route label-switched-path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1974 show route martians . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1976 show route next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1978 show route no-community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1984 show route protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1987 show route range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1996 show route receive-protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2000 show route resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2007 show route snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2010 show route source-gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2018 show route summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2024 show route table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2026 show route terse . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2033 show vrrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2036 xl Table of Contents Part 16 IGMP Snooping and Multicast Chapter 75 Understanding IGMP Snooping and Multicast . . . . . . . . . . . . . . . . . . . . . . 2047 IGMP Snooping on J-EX Series Switches Overview . . . . . . . . . . . . . . . . . . . . . . 2047 How IGMP Snooping Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2047 How IGMP Snooping Works with Routed VLAN Interfaces . . . . . . . . . . . . 2048 How Hosts Join and Leave Multicast Groups . . . . . . . . . . . . . . . . . . . . . . . . 2051 IGMP Snooping Support for IGMPv3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2051 Understanding Multicast VLAN Registration on J-EX Series Switches . . . . . . . 2052 How MVR Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2052 MVR Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2053 Chapter 76 Examples: IGMP Snooping and Multicast Configuration . . . . . . . . . . . . . 2055 Example: Configuring IGMP Snooping on J-EX Series Switches . . . . . . . . . . . . 2055 Example: Configuring Multicast VLAN Registration on J-EX Series Switches . . 2058 Chapter 77 Configuring IGMP Snooping and Multicast . . . . . . . . . . . . . . . . . . . . . . . . . 2063 Configuring IGMP Snooping (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . 2063 Configuring IGMP Snooping (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . 2064 Changing the IGMP Snooping Group Query Membership Timeout Value (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2067 Configuring Multicast VLAN Registration (CLI Procedure) . . . . . . . . . . . . . . . . 2068 Chapter 78 Verifying IGMP Snooping and Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . 2069 Monitoring IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2069 Verifying That the IGMP Snooping Group Query Timeout Value Has Been Changed Correctly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2070 Chapter 79 Configuration Statements for IGMP Snooping and Multicast . . . . . . . . . 2073 [edit protocols] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . 2073 accounting (Per Interface) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2080 accounting (Protocol) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2080 address (Anycast RPs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2081 address (Local RPs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2081 anycast-pim . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2082 assert-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2083 auto-rp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2084 bootstrap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2085 bootstrap-export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2085 bootstrap-import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2086 bootstrap-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2086 data-forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2087 dense-groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2088 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2088 disable (PIM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2089 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2089 dr-election-on-p2p . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2090 dr-register-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2090 embedded-rp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2091 export (Bootstrap) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2091 family (Bootstrap) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2092 xli Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS family (Local RP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2093 graceful-restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2094 group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2094 group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2095 group-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2096 group-ranges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2097 groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2098 hello-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2098 hold-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2099 igmp-snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2100 immediate-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2101 immediate-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2102 import (Bootstrap) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2103 import (PIM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2103 infinity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2104 install . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2104 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2105 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2106 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2107 join-load-balance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2108 local . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2109 local-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2110 mapping-agent-election . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2111 maximum-rps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2111 mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2112 multicast-router-interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2112 neighbor-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2113 pim . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2114 priority (Bootstrap) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2116 priority (PIM Interfaces) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2117 priority (PIM RPs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2118 promiscuous-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2118 proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2119 query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2119 query-last-member-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2120 query-response-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2120 receiver . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2121 restart-duration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2121 rib-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2122 robust-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2122 robust-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2123 rp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2124 rp-register-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2125 rp-set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2126 source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2126 source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2127 source-vlans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2127 spt-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2128 ssm-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2128 xlii Table of Contents static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2129 static (IGMP Snooping) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2130 static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2130 traceoptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2131 traceoptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2134 traceoptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2136 version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2138 version (PIM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2139 vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2140 Chapter 80 Operational Mode Commands for IGMP Snooping and Multicast . . . . . . 2143 clear igmp membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2144 clear igmp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2148 clear igmp-snooping membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2150 clear igmp-snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2151 clear multicast bandwidth-admission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2152 clear multicast scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2154 clear multicast sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2155 clear multicast statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2156 clear pim join . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2157 clear pim register . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2158 clear pim statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2159 mtrace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2161 mtrace from-source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2163 mtrace monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2166 mtrace to-gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2168 show igmp group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2171 show igmp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2175 show igmp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2178 show igmp-snooping membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2181 show igmp-snooping route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2183 show igmp-snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2185 show igmp-snooping vlans . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2187 show multicast flow-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2189 show multicast interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2191 show multicast mrinfo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2193 show multicast next-hops . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2195 show multicast pim-to-igmp-proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2197 show multicast pim-to-mld-proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2198 show multicast route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2199 show multicast rpf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2203 show multicast scope . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2207 show multicast sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2209 show multicast usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2211 show pim bootstrap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2214 show pim interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2216 show pim join . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2219 show pim neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2224 show pim rps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2228 xliii Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS show pim source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2233 show pim statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2235 Part 17 Access Control Chapter 81 802.1X and MAC RADIUS Authentication Overview . . . . . . . . . . . . . . . . . 2245 Security Features for J-EX Series Switches Overview . . . . . . . . . . . . . . . . . . . . . 2245 Understanding Authentication on J-EX Series Switches . . . . . . . . . . . . . . . . . . 2248 A Basic Authentication Topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2248 802.1X Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2250 MAC RADIUS Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2250 Captive Portal Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2251 Static MAC Bypass of Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2252 Fallback of Authentication Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2252 802.1X for J-EX Series Switches Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2253 How 802.1X Authentication Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2253 802.1X Features Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2254 Supported Features Related to 802.1X Authentication . . . . . . . . . . . . . . . . 2254 Authentication Process Flow for EX Series Switches . . . . . . . . . . . . . . . . . . . . . 2255 Understanding Server Fail Fallback and Authentication on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2258 Understanding Dynamic VLANs for 802.1X on J-EX Series Switches . . . . . . . . 2259 Understanding Guest VLANs for 802.1X on J-EX Series Switches . . . . . . . . . . . 2259 Understanding 802.1X and RADIUS Accounting on J-EX Series Switches . . . . 2260 Understanding 802.1X and LLDP and LLDP-MED on J-EX Series Switches . . . . 2261 Understanding 802.1X and VoIP on J-EX Series Switches . . . . . . . . . . . . . . . . . 2263 Understanding 802.1X and VSAs on J-EX Series Switches . . . . . . . . . . . . . . . . 2266 Chapter 82 Examples: Access Control Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 2267 Example: Connecting a RADIUS Server for 802.1X to a J-EX Series Switch . . . . 2267 Example: Configuring 802.1X Authentication Options When the RADIUS Server is Unavailable to a J-EX Series Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2271 Example: Setting Up 802.1X in Conference Rooms to Provide Internet Access to Corporate Visitors on a J-EX Series Switch . . . . . . . . . . . . . . . . . . . . . . . 2276 Example: Configuring Static MAC Bypass of Authentication on a J-EX Series Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2281 Example: Configuring MAC RADIUS Authentication on a J-EX Series Switch . . 2286 Example: Setting Up 802.1X for Single Supplicant or Multiple Supplicant Configurations on a J-EX Series Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2290 Example: Applying a Firewall Filter to 802.1X-Authenticated Supplicants Using RADIUS Server Attributes on a J-EX Series Switch . . . . . . . . . . . . . . . . . . . 2296 Example: Setting Up VoIP with 802.1X and LLDP-MED on a J-EX Series Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2302 Example: Configuring VoIP on a J-EX Series Switch Without Including 802.1X Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2309 Example: Configuring VoIP on a J-EX Series Switch Without Including LLDP-MED Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2315 Example: Applying Firewall Filters to Multiple Supplicants on Interfaces Enabled for 802.1X or MAC RADIUS Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . 2318 Example: Setting Up Captive Portal Authentication on a J-EX Series Switch . . 2323 xliv Table of Contents Chapter 83 Configuring Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2329 Specifying RADIUS Server Connections on a J-EX Series Switch (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2330 Configuring 802.1X Interface Settings (CLI Procedure) . . . . . . . . . . . . . . . . . . . . 2331 Configuring 802.1X Authentication (J-Web Procedure) . . . . . . . . . . . . . . . . . . . 2332 Configuring Static MAC Bypass of Authentication (CLI Procedure) . . . . . . . . . 2334 Configuring MAC RADIUS Authentication (CLI Procedure) . . . . . . . . . . . . . . . . 2335 Configuring Server Fail Fallback (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . 2337 Configuring 802.1X RADIUS Accounting (CLI Procedure) . . . . . . . . . . . . . . . . . 2339 Filtering 802.1X Supplicants Using RADIUS Server Attributes . . . . . . . . . . . . . . 2340 Configuring Match Statements on the RADIUS Server . . . . . . . . . . . . . . . . 2341 Applying a Port Firewall Filter from the RADIUS Server . . . . . . . . . . . . . . . 2343 Configuring LLDP (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2344 Enabling LLDP on Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2344 Configuring for Fast Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2344 Adjusting LLDP Advertisement Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . 2344 Adjusting SNMP Notification Settings of LLDP Changes . . . . . . . . . . . . . . 2345 Specifying a Management Address for the LLDP Management TLV . . . . . 2345 Configuring LLDP (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2345 Configuring LLDP-MED (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2346 Enabling LLDP-MED on Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2347 Configuring Location Information Advertised by the Switch . . . . . . . . . . . . 2347 Configuring for Fast Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2347 VSA Match Conditions and Actions for J-EX Series Switches . . . . . . . . . . . . . . 2348 Configuring Captive Portal Authentication (CLI Procedure) . . . . . . . . . . . . . . . 2350 Configuring Secure Access for Captive Portal . . . . . . . . . . . . . . . . . . . . . . . 2350 Enabling an Interface for Captive Portal . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2351 Configuring Bypass of Captive Portal Authentication . . . . . . . . . . . . . . . . . 2351 Designing a Captive Portal Authentication Login Page on a J-EX Series Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2351 Chapter 84 Verifying 802.1X and MAC RADIUS Authentication . . . . . . . . . . . . . . . . . . 2355 Monitoring 802.1X Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2355 Verifying 802.1X Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2356 Chapter 85 Configuration Statements for Access Control . . . . . . . . . . . . . . . . . . . . . . 2359 [edit access] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . 2359 [edit ethernet-switching-options] Configuration Statement Hierarchy . . . . . . 2359 [edit protocols] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . 2362 access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2369 accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2370 accounting (Access Profile) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2371 accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2372 accounting-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2373 accounting-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2373 accounting-session-id-format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2374 accounting-stop-on-access-deny . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2374 accounting-stop-on-access-deny . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2375 accounting-stop-on-failure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2375 xlv Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS accounting-stop-on-failure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2376 address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2376 address-pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2377 address-range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2377 advertisement-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2378 attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2379 authentication-order . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2380 authentication-order . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2381 authentication-profile-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2382 authentication-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2383 authentication-whitelist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2383 authenticator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2384 captive-portal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2385 ca-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2386 ca-value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2387 civic-based . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2388 country-code . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2389 custom-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2390 destination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2392 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2393 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2394 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2394 dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2395 elin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2396 ethernet-port-type-virtual . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2397 ethernet-switching-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2398 events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2400 exclude . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2401 fast-start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2403 forwarding-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2404 guest-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2405 hold-multiplier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2406 ignore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2407 immediate-update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2407 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2408 interface-description-format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2409 interface (Captive Portal) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2410 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2411 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2412 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2413 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2414 lldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2415 lldp-configuration-notification-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2416 lldp-med . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2417 location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2418 mac-radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2419 management-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2420 maximum-requests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2420 nas-identifier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2421 xlvi Table of Contents nas-port-extended-format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2422 no-reauthentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2423 options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2424 order . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2425 order . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2425 port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2426 port (RADIUS Server) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2426 port (TACACS+ Server) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2427 profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2428 ptopo-configuration-maximum-hold-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2429 ptopo-configuration-trap-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2429 quiet-period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2430 quiet-period (Captive Portal) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2430 radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2431 radius (Access Profile) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2432 radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2433 radius-server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2434 reauthentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2435 retries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2436 retries (Captive Portal) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2436 retry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2437 retry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2438 revert-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2438 routing-instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2439 secret . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2439 secret . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2440 secure-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2440 server (RADIUS Accounting) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2441 server (TACACS+ Accounting) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2441 server-fail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2442 server-reject-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2443 server-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2444 server-timeout (Captive Portal) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2445 session-expiry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2445 single-connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2446 source-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2446 source-address (NTP, RADIUS, System Logging, or TACACS+) . . . . . . . . . . . . 2447 static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2448 statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2449 supplicant . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2450 supplicant-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2451 tacplus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2452 timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2453 timeout (RADIUS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2454 traceoptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2455 traceoptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2457 transmit-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2458 transmit-period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2459 update-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2459 xlvii Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS vlan-assignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2460 vlan-nas-port-stacked-format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2460 vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2461 voip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2462 what . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2463 Chapter 86 Operational Commands for 802.1X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2465 clear captive-portal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2466 clear dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2468 clear lldp neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2469 clear lldp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2470 show captive-portal authentication-failed-users . . . . . . . . . . . . . . . . . . . . . . . . 2471 show captive-portal firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2472 show captive-portal interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2474 show dot1x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2477 show dot1x authentication-failed-users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2482 show dot1x firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2483 show dot1x static-mac-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2484 show ethernet-switching interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2486 show lldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2489 show lldp local-information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2493 show lldp neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2495 show lldp remote-global-statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2501 show lldp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2503 show network-access aaa statistics accounting . . . . . . . . . . . . . . . . . . . . . . . . 2505 show network-access aaa statistics authentication . . . . . . . . . . . . . . . . . . . . . 2506 show network-access aaa statistics dynamic-requests . . . . . . . . . . . . . . . . . . 2507 Part 18 Rate Limiting Chapter 87 Rate Limiting Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2511 Understanding Storm Control on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . 2511 Understanding Unknown Unicast Forwarding on J-EX Series Switches . . . . . . . 2512 Chapter 88 Example: Rate Limiting Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2513 Example: Configuring Storm Control to Prevent Network Outages on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2513 Chapter 89 Configuring Rate Limiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2515 Configuring Unknown Unicast Forwarding (CLI Procedure) . . . . . . . . . . . . . . . . 2515 Configuring Autorecovery From the Disabled State on Secure or Storm Control Interfaces (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2516 Chapter 90 Verifying Rate Limiting Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2517 Verifying That Unknown Unicast Packets Are Forwarded to a Trunk Interface . . 2517 Verifying That the Port Error Disable Setting Is Working Correctly . . . . . . . . . . . 2518 Chapter 91 Configuration Statements for Rate Limiting . . . . . . . . . . . . . . . . . . . . . . . . 2519 [edit ethernet-switching-options] Configuration Statement Hierarchy . . . . . . 2519 action-shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2522 bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2523 xlviii Table of Contents disable-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2524 ethernet-switching-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2525 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2528 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2529 no-broadcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2529 no-unknown-unicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2530 port-error-disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2531 storm-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2532 unknown-unicast-forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2533 vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2534 Chapter 92 Operational Mode Commands for Rate Limiting . . . . . . . . . . . . . . . . . . . . 2535 show ethernet-switching interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2536 show ethernet-switching table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2539 Part 19 Port Security Chapter 93 Port Security Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2545 Port Security for J-EX Series Switches Overview . . . . . . . . . . . . . . . . . . . . . . . . 2545 Understanding How to Protect Access Ports on J-EX Series Switches from Common Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2546 Mitigation of Ethernet Switching Table Overflow Attacks . . . . . . . . . . . . . . 2547 Mitigation of Rogue DHCP Server Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . 2547 Protection Against ARP Spoofing Attacks . . . . . . . . . . . . . . . . . . . . . . . . . 2548 Protection Against DHCP Snooping Database Alteration Attacks . . . . . . . 2548 Protection Against DHCP Starvation Attacks . . . . . . . . . . . . . . . . . . . . . . . 2548 Understanding DHCP Snooping for Port Security on J-EX Series Switches . . . 2549 DHCP Snooping Basics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2549 DHCP Snooping Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2550 DHCP Server Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2551 Switch, DHCP Clients, and DHCP Server Are All on the Same VLAN . . 2551 Switch Acts as DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2553 Switch Acts as Relay Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2553 DHCP Snooping Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2554 Static IP Address Additions to the DHCP Snooping Database . . . . . . . . . . 2554 Snooping DHCP Packets That Have Invalid IP Addresses . . . . . . . . . . . . . 2554 Understanding DAI for Port Security on J-EX Series Switches . . . . . . . . . . . . . . 2555 Address Resolution Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2556 ARP Spoofing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2556 DAI on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2556 Understanding MAC Limiting and MAC Move Limiting for Port Security on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2557 MAC Limiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2557 MAC Move Limiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2558 Actions for MAC Limiting and MAC Move Limiting . . . . . . . . . . . . . . . . . . . 2558 MAC Addresses That Exceed the MAC Limit or MAC Move Limit . . . . . . . . 2559 Understanding Trusted DHCP Servers for Port Security on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2559 xlix Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Understanding DHCP Option 82 for Port Security on J-EX Series Switches . . . 2560 DHCP Option 82 Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2560 Suboption Components of Option 82 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2561 Configurations of the J-EX Series Switch That Support Option 82 . . . . . . . 2561 Switch and Clients Are on Same VLAN as DHCP Server . . . . . . . . . . . 2561 Switch Acts as Relay Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2562 Understanding IP Source Guard for Port Security on J-EX Series Switches . . . 2563 IP Address Spoofing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2564 How IP Source Guard Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2564 The IP Source Guard Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2564 Typical Uses of Other Junos OS Features with IP Source Guard . . . . . . . . 2565 Understanding Proxy ARP on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . 2566 What Is ARP? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2566 Proxy ARP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2566 Best Practices for Proxy ARP on J-EX Series Switches . . . . . . . . . . . . . . . . 2567 Chapter 94 Examples: Port Security Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2569 Example: Configuring Port Security, with DHCP Snooping, DAI, MAC Limiting, and MAC Move Limiting, on a J-EX Series Switch . . . . . . . . . . . . . . . . . . . . 2569 Example: Configuring MAC Limiting, Including Dynamic and Allowed MAC Addresses, to Protect the Switch from Ethernet Switching Table Overflow Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2576 Example: Configuring a DHCP Server Interface as Untrusted to Protect the Switch from Rogue DHCP Server Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2579 Example: Configuring MAC Limiting to Protect the Switch from DHCP Starvation Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2583 Example: Configuring DHCP Snooping and DAI to Protect the Switch from ARP Spoofing Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2586 Example: Configuring Allowed MAC Addresses to Protect the Switch from DHCP Snooping Database Alteration Attacks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2590 Example: Configuring DHCP Snooping, DAI , and MAC Limiting on a J-EX Series Switch with Access to a DHCP Server Through a Second Switch . . . . . . . 2593 Example: Configuring IP Source Guard with Other J-EX Series Switch Features to Mitigate Address-Spoofing Attacks on Untrusted Access Interfaces . . 2600 Example: Configuring IP Source Guard on a Data VLAN That Shares an Interface with a Voice VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2608 Example: Setting Up DHCP Option 82 with a J-EX Series Switch as Relay Agent Between Clients and a DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2615 Example: Setting Up DHCP Option 82 on a J-EX Series Switch with No Relay Agent Between Clients and DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . 2617 Example: Configuring Proxy ARP on a J-EX Series Switch . . . . . . . . . . . . . . . . . 2621 Chapter 95 Configuring Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2625 Configuring Port Security (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2626 Configuring Port Security (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . 2627 Enabling DHCP Snooping (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2630 Enabling DHCP Snooping (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . 2631 Enabling a Trusted DHCP Server (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . 2632 Enabling a Trusted DHCP Server (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . 2632 Enabling Dynamic ARP Inspection (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . 2633 l Table of Contents Enabling Dynamic ARP Inspection (J-Web Procedure) . . . . . . . . . . . . . . . . . . . 2634 Configuring MAC Limiting (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2635 Configuring MAC Limiting (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . 2637 Configuring MAC Move Limiting (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . 2639 Configuring MAC Move Limiting (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . 2641 Setting the none Action on an Interface to Override a MAC Limit Applied to All Interfaces (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2642 Configuring IP Source Guard (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . 2643 Configuring Static IP Addresses for DHCP Bindings on Access Ports (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2645 Setting Up DHCP Option 82 with the Switch as a Relay Agent Between Clients and DHCP Server (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2646 Setting Up DHCP Option 82 on the Switch with No Relay Agent Between Clients and DHCP Server (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2649 Configuring Proxy ARP (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2651 Configuring Autorecovery From the Disabled State on Secure or Storm Control Interfaces (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2652 Chapter 96 Verifying Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2653 Monitoring Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2653 Verifying That DHCP Snooping Is Working Correctly . . . . . . . . . . . . . . . . . . . . . 2654 Verifying That a Trusted DHCP Server Is Working Correctly . . . . . . . . . . . . . . . . 2655 Verifying That DAI Is Working Correctly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2656 Verifying That MAC Limiting Is Working Correctly . . . . . . . . . . . . . . . . . . . . . . . . 2657 Verifying That MAC Limiting for Dynamic MAC Addresses Is Working Correctly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2657 Verifying That Allowed MAC Addresses Are Working Correctly . . . . . . . . . 2658 Verifying Results of Various Action Settings When the MAC Limit Is Exceeded . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2658 Customizing the Ethernet Switching Table Display to View Information for a Specific Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2660 Verifying That MAC Move Limiting Is Working Correctly . . . . . . . . . . . . . . . . . . . 2661 Verifying That IP Source Guard Is Working Correctly . . . . . . . . . . . . . . . . . . . . . 2662 Verifying That Proxy ARP Is Working Correctly . . . . . . . . . . . . . . . . . . . . . . . . . . 2662 Verifying That the Port Error Disable Setting Is Working Correctly . . . . . . . . . . 2663 Chapter 97 Troubleshooting Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2665 Troubleshooting Port Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2665 MAC Addresses That Exceed the MAC Limit or MAC Move Limit Are Not Listed in the Ethernet Switching Table . . . . . . . . . . . . . . . . . . . . . . . . . 2665 Multiple DHCP Server Packets Have Been Received on Untrusted Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2665 Chapter 98 Configuration Statements for Port Security . . . . . . . . . . . . . . . . . . . . . . . . 2667 [edit ethernet-switching-options] Configuration Statement Hierarchy . . . . . . 2667 [edit forwarding-options] Configuration Statement Hierarchy . . . . . . . . . . . . . 2669 allowed-mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2671 arp-inspection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2672 circuit-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2673 dhcp-option82 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2674 li Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS dhcp-snooping-file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2675 dhcp-trusted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2676 disable-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2677 ethernet-switching-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2678 examine-dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2681 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2682 ip-source-guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2683 mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2683 mac-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2684 mac-move-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2685 no-allowed-mac-log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2686 no-gratuitous-arp-request . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2687 port-error-disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2688 prefix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2689 prefix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2690 proxy-arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2691 remote-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2692 secure-access-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2693 static-ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2694 timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2695 traceoptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2696 use-interface-description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2698 use-string . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2699 use-vlan-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2700 vendor-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2701 vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2702 vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2703 write-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2704 Chapter 99 Operational Mode Commands for Port Security . . . . . . . . . . . . . . . . . . . . 2705 clear arp inspection statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2706 clear dhcp snooping binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2707 clear dhcp snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2708 show arp inspection statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2709 show dhcp snooping binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2710 show dhcp snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2711 show ethernet-switching table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2712 show ip-source-guard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2716 show system statistics arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2718 Part 20 Routing Policy and Packet Filtering (Firewall Filters) Chapter 100 Firewall Filters—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2721 Firewall Filters for J-EX Series Switches Overview . . . . . . . . . . . . . . . . . . . . . . . . 2721 Firewall Filter Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2721 Firewall Filter Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2722 Firewall Filter Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2723 Understanding Planning of Firewall Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2724 Understanding Firewall Filter Processing Points for Bridged and Routed Packets on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2726 lii Table of Contents Understanding How Firewall Filters Control Packet Flows . . . . . . . . . . . . . . . . . 2727 Firewall Filter Match Conditions and Actions for J-EX Series Switches . . . . . . . 2728 Understanding How Firewall Filters Are Evaluated . . . . . . . . . . . . . . . . . . . . . . . 2746 Understanding Firewall Filter Match Conditions . . . . . . . . . . . . . . . . . . . . . . . . . 2748 Filter Match Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2748 Numeric Filter Match Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2748 Interface Filter Match Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2749 IP Address Filter Match Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2749 MAC Address Filter Match Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2750 Bit-Field Filter Match Conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2750 Understanding How Firewall Filters Test a Packet's Protocol . . . . . . . . . . . . . . 2752 Understanding the Use of Policers in Firewall Filters . . . . . . . . . . . . . . . . . . . . . 2752 Understanding Filter-Based Forwarding for J-EX Series Switches . . . . . . . . . . . 2753 Chapter 101 Examples of Firewall Filters Configuration . . . . . . . . . . . . . . . . . . . . . . . . . 2755 Example: Configuring Firewall Filters for Port, VLAN, and Router Traffic on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2755 Example: Using Filter-Based Forwarding to Route Application Traffic to a Security Device on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2773 Chapter 102 Configuring Firewall Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2779 Configuring Firewall Filters (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2779 Configuring a Firewall Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2779 Applying a Firewall Filter to a Port on a Switch . . . . . . . . . . . . . . . . . . . . . . 2782 Applying a Firewall Filter to a VLAN on a Network . . . . . . . . . . . . . . . . . . . 2782 Applying a Firewall Filter to a Layer 3 (Routed) Interface . . . . . . . . . . . . . . 2783 Configuring Firewall Filters (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . 2784 Configuring Policers to Control Traffic Rates (CLI Procedure) . . . . . . . . . . . . . . 2788 Configuring Policers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2789 Specifying Policers in a Firewall Filter Configuration . . . . . . . . . . . . . . . . . . 2790 Applying a Firewall Filter That Is Configured with a Policer . . . . . . . . . . . . 2790 Assigning Multifield Classifiers in Firewall Filters to Specify Packet-Forwarding Behavior (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2791 Configuring Routing Policies (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . 2792 Chapter 103 Verifying Firewall Filter Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2799 Verifying That Firewall Filters Are Operational . . . . . . . . . . . . . . . . . . . . . . . . . . 2799 Verifying That Policers Are Operational . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2800 Monitoring Firewall Filter Traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2800 Monitoring Traffic for All Firewall Filters and Policers That Are Configured on the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2801 Monitoring Traffic for a Specific Firewall Filter . . . . . . . . . . . . . . . . . . . . . . . 2801 Monitoring Traffic for a Specific Policer . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2801 Chapter 104 Troubleshooting Firewall Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2803 Troubleshooting Firewall Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2803 Firewall Filter Configuration Returns a No Space Available in TCAM Message . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2803 liii Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Chapter 105 Configuration Statements for Firewall Filters . . . . . . . . . . . . . . . . . . . . . . 2805 [edit firewall] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . 2805 Firewall Filter Configuration Statements Supported by the Junos OS for J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2806 apply-path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2809 as-path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2809 as-path-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2810 bandwidth-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2811 burst-size-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2812 community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2813 condition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2815 damping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2816 dynamic-db . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2817 family . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2818 filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2819 filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2820 filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2821 filter-specific . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2821 firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2822 from . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2823 if-exceeding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2824 interface-specific . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2825 policer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2826 policy-statement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2827 prefix-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2829 routing-instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2830 term . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2831 then . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2832 then . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2833 Chapter 106 Operational Mode Commands for Firewall Filters . . . . . . . . . . . . . . . . . . . 2835 clear firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2836 clear firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2837 show firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2838 show firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2841 show firewall log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2844 show interfaces filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2846 show interfaces policers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2848 show policer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2850 show policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2852 show policy conditions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2854 test policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2856 liv Table of Contents Part 21 Class of Service Chapter 107 Class of Service (CoS)—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2859 Junos OS CoS for J-EX Series Switches Overview . . . . . . . . . . . . . . . . . . . . . . . 2860 How Junos OS CoS Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2860 Default CoS Behavior on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . 2861 Understanding Junos OS CoS Components for J-EX Series Switches . . . . . . . 2862 Code-Point Aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2862 Policers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2862 Classifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2862 Forwarding Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2863 Tail Drop Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2863 Schedulers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2863 Rewrite Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2863 Understanding CoS Code-Point Aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2864 Default Code-Point Aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2864 Understanding CoS Classifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2867 Behavior Aggregate Classifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2867 Default Behavior Aggregate Classification . . . . . . . . . . . . . . . . . . . . . . 2868 Multifield Classifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2869 Understanding CoS Forwarding Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2870 Default Forwarding Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2870 Understanding CoS Tail Drop Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2872 Understanding CoS Schedulers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2873 Default Schedulers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2873 Transmission Rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2874 Scheduler Buffer Size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2874 Priority Scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2874 Scheduler Drop-Profile Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2875 Scheduler Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2875 Understanding CoS Two-Color Marking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2876 Understanding CoS Rewrite Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2876 How Rewrite Rules Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2876 Default Rewrite Rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2877 Understanding Port Shaping and Queue Shaping for CoS on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2878 Port Shaping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2878 Queue Shaping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2878 Understanding Junos OS EZQoS for CoS Configurations on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2879 Understanding Using CoS with MPLS Networks on J-EX Series Switches . . . . 2880 Guidelines for Using CoS Classifiers on CCCs . . . . . . . . . . . . . . . . . . . . . . . 2880 Using CoS Classifiers with IP over MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . 2881 Default Classifiers and Default Rewrite Rules . . . . . . . . . . . . . . . . . . . . . . . 2881 EXP Rewrite Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2881 Policer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2882 Schedulers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2882 lv Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Chapter 108 Examples: CoS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2883 Example: Configuring CoS on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . 2883 Example: Combining CoS with MPLS on J-EX Series Switches . . . . . . . . . . . . . 2898 Chapter 109 Configuring CoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2911 Configuring CoS (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2911 Defining CoS Code-Point Aliases (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . 2912 Defining CoS Code-Point Aliases (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . 2914 Defining CoS Classifiers (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2914 Defining CoS Classifiers (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2916 Defining CoS Forwarding Classes (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . 2918 Defining CoS Forwarding Classes (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . 2918 Defining CoS Schedulers (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2920 Defining CoS Schedulers (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . 2920 Defining CoS Scheduler Maps (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . 2923 Defining CoS Drop Profiles (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . 2923 Configuring CoS Tail Drop Profiles (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . 2925 Defining CoS Rewrite Rules (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . 2925 Defining CoS Rewrite Rules (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . 2926 Assigning CoS Components to Interfaces (CLI Procedure) . . . . . . . . . . . . . . . . 2928 Assigning CoS Components to Interfaces (J-Web Procedure) . . . . . . . . . . . . . 2928 Configuring Junos OS EZQoS for CoS (CLI Procedure) . . . . . . . . . . . . . . . . . . . 2930 Configuring CoS on MPLS Provider Edge Switch Using IP Over MPLS (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2931 Configuring CoS on MPLS Provider Edge Switch Using Circuit Cross-Connect (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2932 Chapter 110 Verifying CoS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2935 Monitoring CoS Classifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2935 Monitoring CoS Forwarding Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2936 Monitoring Interfaces That Have CoS Components . . . . . . . . . . . . . . . . . . . . . . 2937 Monitoring CoS Rewrite Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2938 Monitoring CoS Scheduler Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2939 Monitoring CoS Value Aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2940 Monitoring CoS Drop Profiles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2941 Chapter 111 Configuration Statements for CoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2943 [edit class-of-service] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . 2943 broadcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2945 buffer-size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2946 class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2947 class-of-service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2948 classifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2950 code-point-aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2951 code-points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2951 drop-profile-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2952 dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2953 dscp-ipv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2954 ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2955 exp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2956 lvi Table of Contents family . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2957 forwarding-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2958 forwarding-classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2959 ieee-802.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2960 import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2961 inet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2962 inet-precedence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2963 interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2964 loss-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2965 multi-destination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2966 policing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2967 priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2968 protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2968 rewrite-rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2969 scheduler-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2970 scheduler-maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2971 schedulers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2972 shaping-rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2973 shared-buffer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2974 transmit-rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2975 unit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2976 Chapter 112 Operational Mode Commands for CoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2977 show class-of-service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2978 show class-of-service classifier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2983 show class-of-service code-point-aliases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2985 show class-of-service drop-profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2987 show class-of-service forwarding-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2989 show class-of-service interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2991 show pfe statistics traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2994 show pfe statistics traffic cpu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2997 show pfe statistics traffic egress-queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3001 show pfe statistics traffic multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3003 Part 22 Power over Ethernet Chapter 113 Power over Ethernet (PoE)—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3009 PoE and J-EX Series Switches Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3009 PoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3009 PoE Power Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3009 PoE Power Budget . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3009 Power Management Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3010 PoE Interface Power Priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3011 PoE Configuration and Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3011 Chapter 114 Examples: PoE Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3013 Example: Configuring PoE Interfaces on a J-EX Series Switch . . . . . . . . . . . . . . 3013 Example: Configuring PoE Interfaces with Different Priorities on a J-EX Series Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3015 lvii Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Chapter 115 Configuring PoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3021 Configuring PoE (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3021 Configuring PoE (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3023 Chapter 116 Verifying PoE Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3025 Monitoring PoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3025 Monitoring PoE Power Consumption (CLI Procedure) . . . . . . . . . . . . . . . . . . . . 3026 PoE Power Consumption for the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . 3026 Current Power Consumption for PoE Interfaces . . . . . . . . . . . . . . . . . . . . . 3026 Power Consumption for PoE Interfaces over Time . . . . . . . . . . . . . . . . . . . 3027 Verifying PoE Configuration and Status (CLI Procedure) . . . . . . . . . . . . . . . . . . 3028 Number of PoE Ports on the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3028 PoE Controller Configuration and Status . . . . . . . . . . . . . . . . . . . . . . . . . . 3028 PoE Interface Configuration and Status . . . . . . . . . . . . . . . . . . . . . . . . . . . 3029 PoE SNMP Trap Generation Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3029 Chapter 117 Troubleshooting PoE Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3031 Troubleshooting PoE Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3031 Chapter 118 Configuration Statements for PoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3033 [edit poe] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . 3033 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3034 duration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3035 fpc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3036 guard-band . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3037 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3038 interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3039 management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3040 maximum-power . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3041 notification-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3042 priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3043 telemetries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3044 Chapter 119 Operational Mode Commands for PoE . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3045 show poe controller . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3046 show poe interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3048 show poe notification-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3050 show poe telemetries interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3052 Part 23 MPLS Chapter 120 MPLS—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3057 Junos OS MPLS for J-EX Series Switches Overview . . . . . . . . . . . . . . . . . . . . . . 3057 Benefits of MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3057 Additional Benefits of MPLS and Traffic Engineering . . . . . . . . . . . . . . . . . 3058 Understanding Junos OS MPLS Components for J-EX Series Switches . . . . . . 3059 Provider Edge Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3059 MPLS Protocol and Label Switched Paths . . . . . . . . . . . . . . . . . . . . . 3059 Circuit Cross-Connect for Customer-Edge Interfaces . . . . . . . . . . . . . 3059 lviii Table of Contents IP over MPLS For Customer-Edge Interfaces . . . . . . . . . . . . . . . . . . . 3060 Provider Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3060 Components Required for All Switches in the MPLS Network . . . . . . . . . . 3060 Routing Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3061 Traffic Engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3061 MPLS Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3061 RSVP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3061 Family MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3062 Understanding MPLS and Path Protection on J-EX Series Switches . . . . . . . . 3063 Understanding Using CoS with MPLS Networks on J-EX Series Switches . . . . 3064 Guidelines for Using CoS Classifiers on CCCs . . . . . . . . . . . . . . . . . . . . . . . 3064 Using CoS Classifiers with IP over MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . 3065 Default Classifiers and Default Rewrite Rules . . . . . . . . . . . . . . . . . . . . . . . 3065 EXP Rewrite Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3065 Policer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3066 Schedulers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3066 Understanding MPLS Label Operations on J-EX Series Switches . . . . . . . . . . . 3067 MPLS Label Switched Paths and MPLS Labels on J-EX Series Switches . . 3067 Reserved Labels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3068 MPLS Label Operations on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . 3068 Ultimate and Penultimate Hop Popping . . . . . . . . . . . . . . . . . . . . . . . . . . . 3069 Chapter 121 Example of MPLS Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3071 Example: Configuring MPLS on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . 3071 Example: Combining CoS with MPLS on J-EX Series Switches . . . . . . . . . . . . . 3085 Chapter 122 Configuring MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3097 Configuring Path Protection in an MPLS Network (CLI Procedure) . . . . . . . . . . 3097 Configuring the Primary Path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3099 Configuring the Secondary Path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3099 Configuring the Revert Timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3100 Configuring MPLS on Provider Switches (CLI Procedure) . . . . . . . . . . . . . . . . . 3102 Configuring CoS on MPLS Provider Edge Switch Using IP Over MPLS (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3104 Configuring CoS on MPLS Provider Edge Switch Using Circuit Cross-Connect (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3105 Configuring CoS on Provider Switches of an MPLS Network (CLI Procedure) . . 3106 Configuring MPLS on Provider Edge Switches Using IP Over MPLS (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3107 Configuring the Ingress PE Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3108 Configuring the Egress PE Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3109 Configuring MPLS on Provider Edge Switches Using Circuit Cross-Connect (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3111 Chapter 123 Verifying MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3115 Verifying That MPLS Is Working Correctly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3115 Verifying the Physical Layer on the Switches . . . . . . . . . . . . . . . . . . . . . . . . 3115 Verifying the Routing Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3116 Verifying the Core Interfaces Being Used for the MPLS Traffic . . . . . . . . . . . 3116 Verifying RSVP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3116 lix Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Verifying the Assignment of Interfaces for MPLS Label Operations . . . . . . . 3117 Verifying the Status of the CCC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3117 Verifying Path Protection in an MPLS Network . . . . . . . . . . . . . . . . . . . . . . . . . . 3118 Verifying the Primary Path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3118 Verifying the RSVP-Enabled Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3119 Verifying a Secondary Path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3119 Chapter 124 Configuration Statements for MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3121 [edit protocols] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . . 3121 connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3128 exp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3129 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3130 label-switched-path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3131 mpls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3132 path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3133 policing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3134 primary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3134 remote-interface-switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3135 revert-timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3136 rsvp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3137 secondary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3137 standby . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3138 traffic-engineering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3138 Chapter 125 Operational Mode Commands for MPLS . . . . . . . . . . . . . . . . . . . . . . . . . . . 3139 clear mpls lsp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3140 clear rsvp session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3142 clear rsvp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3144 ping mpls l2circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3145 ping mpls l2vpn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3147 ping mpls l3vpn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3149 ping mpls ldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3151 ping mpls lsp-end-point . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3153 ping mpls rsvp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3155 request mpls lsp adjust-autobandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3160 show connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3161 show connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3164 show link-management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3168 show link-management peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3171 show link-management routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3173 show link-management statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3176 show link-management te-link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3178 show mpls admin-groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3180 show mpls call-admission-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3181 show mpls cspf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3183 show mpls diffserv-te . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3185 show mpls interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3187 show mpls interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3188 show mpls lsp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3189 show mpls path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3198 lx Table of Contents show route forwarding-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3199 show rsvp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3206 show rsvp neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3211 show rsvp session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3216 show rsvp session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3221 show rsvp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3229 show rsvp version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3233 show ted database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3235 show ted link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3239 show ted protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3241 Part 24 Network Management and Monitoring Chapter 126 Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3245 Port Mirroring—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3245 Understanding Port Mirroring on J-EX Series Switches . . . . . . . . . . . . . . . . 3245 Port Mirroring Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3245 Port Mirroring Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3247 Examples: Port Mirroring Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3249 Example: Configuring Port Mirroring for Local Monitoring of Employee Resource Use on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . 3249 Example: Configuring Port Mirroring for Remote Monitoring of Employee Resource Use on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . 3254 Configuring Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3260 Configuring Port Mirroring to Analyze Traffic (CLI Procedure) . . . . . . . . . . 3260 Configuring Port Mirroring for Local Traffic Analysis . . . . . . . . . . . . . . . 3261 Configuring Port Mirroring for Remote Traffic Analysis . . . . . . . . . . . . . 3261 Filtering the Traffic Entering an Analyzer . . . . . . . . . . . . . . . . . . . . . . . 3262 Configuring Port Mirroring to Analyze Traffic (J-Web Procedure) . . . . . . . . 3263 Verifying Port Mirroring Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3265 Verifying Input and Output for Port Mirroring Analyzers on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3265 Configuration Statements for Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . 3266 [edit ethernet-switching-options] Configuration Statement Hierarchy . . . 3267 analyzer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3270 egress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3271 ethernet-switching-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3272 ingress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3275 input . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3276 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3277 loss-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3278 output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3279 ratio . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3280 vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3280 Operational Mode Commands for Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . 3280 show analyzer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3281 lxi Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Chapter 127 sFlow Monitoring Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3283 sFlow Technology—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3283 Understanding How to Use sFlow Technology for Network Monitoring on a J-EX Series Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3283 Sampling Mechanism and Architecture of sFlow Technology on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3283 Adaptive Sampling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3284 sFlow Agent Address Assignment . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3285 Example: sFlow Technology Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3285 Example: Configuring sFlow Technology to Monitor Network Traffic on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3285 Configuring sFlow Technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3290 Configuring sFlow Technology for Network Monitoring (CLI Procedure) . . 3290 Configuration Statements for sFlow Technology . . . . . . . . . . . . . . . . . . . . . . . . 3291 [edit protocols] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . 3292 collector . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3299 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3299 interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3300 polling-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3301 sample-rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3302 sflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3303 udp-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3304 Operational Mode Commands for sFlow Technology . . . . . . . . . . . . . . . . . . . . 3304 show sflow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3305 show sflow collector . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3307 show sflow interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3308 Chapter 128 SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3309 Configuring SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3309 Configuring SNMP (J-Web Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3309 Configuration Statements for SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3312 [edit snmp] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . . . . 3312 address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3313 address-mask . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3313 agent-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3314 alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3315 authorization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3316 bucket-size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3316 categories . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3317 client-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3317 client-list-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3318 clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3318 commit-delay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3319 community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3320 community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3321 community-name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3322 contact . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3323 description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3323 description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3324 lxii Table of Contents destination-port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3324 engine-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3325 event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3326 falling-event-index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3326 falling-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3327 falling-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3328 falling-threshold-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3328 filter-duplicates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3329 filter-interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3329 group (Configuring Group Name) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3330 group (Defining Access Privileges for an SNMPv3 Group) . . . . . . . . . . . . . 3330 health-monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3331 history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3332 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3333 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3333 interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3334 interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3334 interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3335 location . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3335 logical-system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3336 message-processing-model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3336 name . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3337 nonvolatile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3337 notify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3338 notify-filter (Configuring the Profile Name) . . . . . . . . . . . . . . . . . . . . . . . . 3338 notify-filter (Applying to the Management Target) . . . . . . . . . . . . . . . . . . . 3339 notify-view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3339 oid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3340 oid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3340 owner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3341 parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3341 port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3342 read-view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3342 request-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3343 rising-event-index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3343 rising-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3344 rising-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3345 rmon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3345 rmon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3346 routing-instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3347 routing-instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3348 sample-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3348 security-level (Generating SNMP Notifications) . . . . . . . . . . . . . . . . . . . . . 3349 security-level (Defining Access Privileges) . . . . . . . . . . . . . . . . . . . . . . . . . 3349 security-model (Access Privileges) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3350 security-model (Group) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3350 security-model (SNMP Notifications) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3351 security-name (Security Group) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3351 security-name (Community String) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3352 lxiii Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS security-name (SNMP Notifications) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3353 security-to-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3353 snmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3354 snmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3354 snmp-community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3355 source-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3355 startup-alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3356 syslog-subtag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3356 tag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3357 tag-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3357 target-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3358 target-parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3359 targets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3359 traceoptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3360 trap-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3362 trap-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3363 type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3363 type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3364 v3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3365 vacm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3367 variable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3368 version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3368 view (Configuring a MIB View) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3369 view (Associating a MIB View with a Community) . . . . . . . . . . . . . . . . . . . 3370 write-view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3370 Operational Mode Commands for SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3370 clear snmp rmon history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3371 clear snmp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3372 request snmp spoof-trap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3374 show snmp health-monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3380 show snmp inform-statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3387 show snmp rmon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3388 show snmp rmon history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3392 show snmp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3395 show snmp v3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3399 Chapter 129 Real-Time Performance Monitoring (RPM) . . . . . . . . . . . . . . . . . . . . . . . . 3403 RPM—Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3403 Understanding Real-Time Performance Monitoring on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3404 RPM Packet Collection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3404 Tests and Probe Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3404 Hardware Timestamps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3405 Limitations of RPM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3407 Configuring Real-Time Performance Monitoring (RPM) . . . . . . . . . . . . . . . . . . 3407 Configuring Real-Time Performance Monitoring (J-Web Procedure) . . . . 3407 Configuring the Interface for RPM Timestamping for Client/Server on a J-EX Series Switch (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3414 lxiv Table of Contents Verifying Real-Time Performance Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . 3416 Viewing Real-Time Performance Monitoring Information . . . . . . . . . . . . . . 3416 Operational Mode Commands for Real-Time Performance Monitoring . . . . . . 3416 show services rpm active-servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3417 show services rpm history-results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3418 show services rpm probe-results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3421 Chapter 130 Ethernet OAM Link Fault Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3427 Ethernet OAM Link Fault Management—Overview . . . . . . . . . . . . . . . . . . . . . . . 3427 Understanding Ethernet OAM Link Fault Management for a J-EX Series Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3427 Example of Ethernet OAM Link Fault Management Configuration . . . . . . . . . . 3428 Example: Configuring Ethernet OAM Link Fault Management on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3428 Configuring Ethernet OAM Link Fault Management . . . . . . . . . . . . . . . . . . . . . . 3431 Configuring Ethernet OAM Link Fault Management (CLI Procedure) . . . . . 3431 Configuration Statements for Ethernet OAM Link Fault Management . . . . . . . 3434 [edit protocols] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . 3434 action . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3440 action-profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3441 allow-remote-loopback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3442 ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3443 event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3445 event-thresholds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3445 frame-error . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3446 frame-period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3446 frame-period-summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3447 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3448 link-adjacency-loss . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3449 link-discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3449 link-down . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3450 link-event-rate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3450 link-fault-management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3451 negotiation-options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3452 no-allow-link-events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3452 oam . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3453 pdu-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3455 pdu-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3455 remote-loopback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3456 symbol-period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3456 syslog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3457 Operational Mode Commands for Ethernet OAM Link Fault Management . . . 3457 show oam ethernet link-fault-management . . . . . . . . . . . . . . . . . . . . . . . 3458 lxv Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Chapter 131 Ethernet OAM Connectivity Fault Management . . . . . . . . . . . . . . . . . . . . . 3463 Ethernet OAM Connectivity Fault Management—Overview . . . . . . . . . . . . . . . 3463 Understanding Ethernet OAM Connectivity Fault Management for a J-EX Series Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3463 Example of Ethernet OAM Connectivity Fault Management Configuration . . . 3464 Example: Configuring Ethernet OAM Connectivity Fault Management on J-EX Series Switches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3465 Configuring Ethernet OAM Connectivity Fault Management . . . . . . . . . . . . . . . 3468 Configuring Ethernet OAM Connectivity Fault Management (CLI Procedure) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3468 Creating the Maintenance Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3469 Configuring the Maintenance Domain MIP Half Function . . . . . . . . . . 3469 Creating a Maintenance Association . . . . . . . . . . . . . . . . . . . . . . . . . . 3470 Configuring the Continuity Check Protocol . . . . . . . . . . . . . . . . . . . . . 3470 Configuring a Maintenance Association End Point . . . . . . . . . . . . . . . 3470 Configuring a Connectivity Fault Management Action Profile . . . . . . . 3471 Configuring the Linktrace Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3472 Configuration Statements for Ethernet OAM Connectivity Fault Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3472 [edit protocols] Configuration Statement Hierarchy . . . . . . . . . . . . . . . . . . 3472 action-profile (Applying to OAM CFM, for J-EX Series Switch Only) . . . . . 3479 age (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3480 auto-discovery (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . . . . . . 3480 connectivity-fault-management (J-EX Series Switch Only) . . . . . . . . . . . . 3481 continuity-check (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . . . . . 3482 direction (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3482 hold-interval (OAM CFM, for J-EX Series Switch Only) . . . . . . . . . . . . . . . . 3483 interface (OAM CFM, for J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . 3483 interval (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3484 level (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3485 linktrace (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3485 loss-threshold (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . . . . . . . 3486 maintenance-association (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . 3487 maintenance-domain (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . 3488 mep (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3489 mip-half-function (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . . . . 3490 name-format (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . 3491 path-database-size (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . . . 3491 remote-mep (J-EX Series Switch Only) . . . . . . . . . . . . . . . . . . . . . . . . . . . 3492 Operational Mode Commands for Ethernet OAM Connectivity Fault Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3492 clear oam ethernet connectivity-fault-management statistics . . . . . . . . . 3493 show oam ethernet connectivity-fault-management forwarding-state . . 3494 show oam ethernet connectivity-fault-management interfaces . . . . . . . . 3498 show oam ethernet connectivity-fault-management linktrace path-database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3504 show oam ethernet connectivity-fault-management mep-database . . . 3506 show oam ethernet connectivity-fault-management mip . . . . . . . . . . . . . 3512 lxvi Table of Contents Chapter 132 Monitoring General Network Traffic and Hosts . . . . . . . . . . . . . . . . . . . . . . 3513 Monitoring Hosts Using the J-Web Ping Host Tool . . . . . . . . . . . . . . . . . . . . . . . 3513 Monitoring Network Traffic Using Traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . 3515 Chapter 133 Configuration Statements for General Network Management and Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3517 archive-sites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3517 class-usage-profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3518 counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3519 destination-classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3519 fields (for Interface Profiles) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3520 file (Associating with a Profile) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3521 file (Configuring a Log File) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3522 files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3522 filter-profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3523 interface-profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3524 interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3525 mib-profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3526 object-names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3526 operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3527 routing-engine-profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3527 size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3528 source-classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3528 start-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3529 transfer-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3529 Chapter 134 Operational Mode Commands for General Network Management and Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3531 monitor traffic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3532 ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3539 show snmp mib . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3542 traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3544 Part 25 Index Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3549 lxvii Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS lxviii About This Guide • How to Use This Guide on page lxix • Downloading Software on page lxx • Documentation Conventions on page lxx • Repair and Warranty on page lxxi • Requesting Technical Support on page lxxi How to Use This Guide This guide, the Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS, provides the following information about Juniper Networks Junos Operating System (Junos OS) for J-EX Series switches: software feature descriptions, configuration examples and tasks, management and monitoring instructions, and reference information. To download the Dell PowerConnect J-EX Series documentation listed in Table 1 on page lxix, see the following Dell support website: http://www.support.dell.com/manuals Table 1: List of J-EX Series Guides for Junos OS Release 10.3 Title Description Dell PowerConnect J-Series J-EX4200 Ethernet Switch Hardware Guide Component descriptions, site preparation, installation, replacement, and safety and compliance information for J-EX4200 switches Dell PowerConnect J-Series J-EX8208 Ethernet Switch Hardware Guide Component descriptions, site preparation, installation, replacement, and safety and compliance information for J-EX8208 switches Dell PowerConnect J-Series J-EX8216 Ethernet Switch Hardware Guide Component descriptions, site preparation, installation, replacement, and safety and compliance information for J-EX8216 switches Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Software feature descriptions, configuration examples, and tasks for Juniper Networks Junos OS for J-EX Series switches To download additional Junos OS documentation for J-EX Series and all other PowerConnect J-Series products, see the following Juniper Networks support website: http://www.juniper.net/techpubs/. If the information in the latest release notes differs from the information in the documentation, follow the release notes. lxix Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Downloading Software You can download Junos OS for J-EX Series switches from the Download Software area at http://www.support.dell.com/ . To download the software, you must have a Juniper Networks user account. For information about obtaining an account, see http://www.support.dell.com. Documentation Conventions Table 2: Notice Icons Icon Meaning Description Informational note Indicates important features or instructions. Caution Indicates a situation that might result in loss of data or hardware damage. Warning Alerts you to the risk of personal injury or death. Laser warning Alerts you to the risk of personal injury from a laser. Table 3: Text and Syntax Conventions Convention Description Examples Bold text like this Represents text that you type. To enter configuration mode, type the configure command: user@host> configure Fixed-width text like this Italic text like this Italic text like this Plain text like this < > (angle brackets) lxx Represents output that appears on the terminal screen. user@host> show chassis alarms • Introduces important new terms. • • Identifies book names. A policy term is a named structure that defines match conditions and actions. • Identifies RFC and Internet draft titles. • Junos OS System Basics Configuration Guide • RFC 1997, BGP Communities Attribute No alarms currently active Represents variables (options for which you substitute a value) in commands or configuration statements. Configure the machine’s domain name: Represents names of configuration statements, commands, files, and directories; IP addresses; configuration hierarchy levels; or labels on routing platform components. • To configure a stub area, include the stub statement at the [edit protocols ospf area area-id] hierarchy level. • The console port is labeled CONSOLE. Enclose optional keywords or variables. stub; [edit] root@# set system domain-name domain-name About This Guide Table 3: Text and Syntax Conventions (continued) Convention Description Examples | (pipe symbol) Indicates a choice between the mutually exclusive keywords or variables on either side of the symbol. The set of choices is often enclosed in parentheses for clarity. broadcast | multicast # (pound sign) Indicates a comment specified on the same line as the configuration statement to which it applies. rsvp { # Required for dynamic MPLS only [ ] (square brackets) Enclose a variable for which you can substitute one or more values. community name members [ community-ids ] Indention and braces ( { } ) Identify a level in the configuration hierarchy. ; (semicolon) Identifies a leaf statement at a configuration hierarchy level. (string1 | string2 | string3) [edit] routing-options { static { route default { nexthop address; retain; } } } J-Web GUI Conventions Bold text like this Represents J-Web graphical user interface (GUI) items you click or select. > (bold right angle bracket) Separates levels in a hierarchy of J-Web selections. • In the Logical Interfaces box, select All Interfaces. • To cancel the configuration, click Cancel. In the configuration editor hierarchy, select Protocols>Ospf. Repair and Warranty CAUTION: Many repairs may only be done by a certified service technician. You should only perform troubleshooting and simple repairs as authorized in your product documentation, or as directed by the online or telephone service and support team. Damage due to servicing that is not authorized by Dell is not covered by your warranty. Read and follow the safety instructions that came with the product. For more information, see the “Getting Help” chapter in your hardware guide. Requesting Technical Support For technical support, see http://www.support.dell.com. For more information, see “Getting Help” in the hardware guide for your Dell PowerConnect J-EX Series Ethernet Switch. lxxi Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS lxxii PART 1 Junos OS for J-EX Series Switches Product Overview • Software Overview on page 3 • Supported Hardware on page 25 1 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 2 CHAPTER 1 Software Overview • J-EX Series Switch Software Features Overview on page 3 • Layer 3 Protocols Supported on J-EX Series Switches on page 13 • Layer 3 Protocols Not Supported on J-EX Series Switches on page 14 • Security Features for J-EX Series Switches Overview on page 16 • High Availability Features for J-EX Series Switches Overview on page 18 • Understanding Software Infrastructure and Processes on page 22 J-EX Series Switch Software Features Overview The following tables list the software features for J-EX Series Switches and the switches on which they are supported: • Table 4 on page 4—Access Control Features • Table 5 on page 4—Administration Features • Table 6 on page 4—Class-of-Service (CoS) Features • Table 7 on page 5—High Availability and Resiliency Features • Table 8 on page 6—Interfaces Features • Table 9 on page 7—IP Address Management Features • Table 10 on page 7—IPv6 Features • Table 11 on page 7—Layer 2 Network Protocols Features • Table 12 on page 8—Layer 3 Protocols Features • Table 13 on page 9—MPLS Features • Table 14 on page 10—Multicast Features • Table 15 on page 10—Network Management and Monitoring Features • Table 16 on page 11—Port Security Features • Table 17 on page 12—System Management Features 3 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Table 4: Access Control Features Feature J-EX4200 Switches J-EX8200 Switches 802.1X authentication Junos OS 10.2 or earlier Junos OS 10.2 or earlier Authentication fallback Junos OS 10.3R1 Not supported Captive portal authentication Junos OS 10.2 or earlier Not supported Dynamic allocation of ternary content addressable memory (TCAM) memory to firewall filters Junos OS 10.2 or earlier Junos OS 10.3R1 Dynamic firewall filters for 802.1X authentication Junos OS 10.2 or earlier Not supported Firewall filters and rate limiting Junos OS 10.2 or earlier Junos OS 10.2 or earlier For a list of supported firewall filter match conditions and actions, see “Firewall Filter Match Conditions and Actions for J-EX Series Switches” on page 2728. Firewall filters on LAGs Junos OS 10.2 or earlier Junos OS 10.2 or earlier Firewall filter on loopback interface Junos OS 10.2 or earlier Junos OS 10.2 or earlier Firewall filters with IPv6 Junos OS 10.2 or earlier Junos OS 10.3R1 MAC RADIUS authentication Junos OS 10.2 or earlier Junos OS 10.3R1 Policing Junos OS 10.2 or earlier Junos OS 10.2 or earlier Server fail fallback Junos OS 10.2 or earlier Junos OS 10.2 or earlier TACACS+ Junos OS 10.2 or earlier Junos OS 10.2 or earlier Table 5: Administration Features Feature J-EX4200 Switches J-EX8200 Switches System logging (syslog) over IPv6 Junos OS 10.2 or earlier Not supported System logging (syslog) over IPv4 Junos OS 10.2 or earlier Junos OS 10.2 or earlier System snapshot Junos OS 10.2 or earlier Junos OS 10.2 or earlier Table 6: Class-of-Service (CoS) Features 4 Feature J-EX4200 Switches J-EX8200 Switches Class of service (CoS)—Class-based queuing with prioritization Junos OS 10.2 or earlier Junos OS 10.2 or earlier Chapter 1: Software Overview Table 6: Class-of-Service (CoS) Features (continued) Feature J-EX4200 Switches J-EX8200 Switches CoS—DSCP, IEEE 801.p, and IP precedence packet rewrites on routed VLAN interfaces (RVIs) Junos OS 10.2 or earlier Not supported CoS—Interface-specific classifiers on routed VLAN interfaces (RVIs) Junos OS 10.2 or earlier Not supported CoS—multidestination Not applicable Junos OS 10.2 or earlier CoS support on LAGs Junos OS 10.2 or earlier Junos OS 10.2 or earlier CoS support on routed VLAN interfaces (RVIs) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Interface-specific CoS rewrite rules Junos OS 10.2 or earlier Junos OS 10.2 or earlier Junos OS EZQoS for CoS Junos OS 10.2 or earlier Junos OS 10.2 or earlier Port shaping and queue shaping Junos OS 10.2 or earlier Junos OS 10.2 or earlier Remarking of bridged packets Junos OS 10.2 or earlier Junos OS 10.2 or earlier Table 7: High Availability and Resiliency Features Feature J-EX4200 Switches J-EX8200 Switches Graceful protocol restart for BGP Junos OS 10.2 or earlier Junos OS 10.2 or earlier Graceful protocol restart for IS-IS Junos OS 10.2 or earlier Junos OS 10.2 or earlier Graceful protocol restart for OSPF Junos OS 10.2 or earlier Junos OS 10.2 or earlier Graceful Routing Engine switchover (GRES) for J-EX4200 Virtual Chassis configurations Junos OS 10.2 or earlier Not applicable GRES for ARP entries Junos OS 10.2 or earlier Junos OS 10.2 or earlier GRES for the forwarding database Junos OS 10.2 or earlier Junos OS 10.2 or earlier GRES for port security Junos OS 10.2 or earlier Junos OS 10.2 or earlier Link Aggregation Control Protocol (LACP) Junos OS 10.2 or earlier Junos OS 10.2 or earlier LACP support for dual-homing applications in data centers Junos OS 10.2 or earlier Junos OS 10.2 or earlier Link aggregation groups (LAGs) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Link aggregation groups (LAGs) over Virtual Chassis ports (VCPs) Junos OS 10.2 or earlier Not applicable 5 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Table 7: High Availability and Resiliency Features (continued) Feature J-EX4200 Switches J-EX8200 Switches Redundant trunk groups Junos OS 10.2 or earlier Junos OS 10.2 or earlier Virtual Router Redundancy Protocol (VRRP) Junos OS 10.2 or earlier Junos OS 10.2 or earlier VRRP for IPv6 (except authentication type and authentication key) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Virtual Chassis Junos OS 10.2 or earlier Not applicable Junos OS 10.2 or earlier Not applicable Junos OS 10.2 or earlier Not applicable Junos OS 10.2 or earlier Not applicable Feature J-EX4200 Switches J-EX8200 Switches Digital optical monitoring (DOM) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Interface-range support Junos OS 10.2 or earlier Junos OS 10.2 or earlier Power over Ethernet (PoE) Junos OS 10.2 or earlier Not applicable Power over Ethernet Plus (PoE+) Not supported Not supported PoE power management mode Junos OS 10.2 or earlier Not supported Unicast reverse-path forwarding (RPF) Junos OS 10.2 or earlier Junos OS 10.2 or earlier VLAN-tagged Layer 3 subinterfaces Junos OS 10.2 or earlier Junos OS 10.2 or earlier • Atomic software upgrade • Fast failover • Split and merge Virtual Chassis • Automatic software update on prospective member switches • Front-panel configuration of uplink module ports as Virtual Chassis ports (VCPs) Virtual Chassis • Autoprovisioning of Virtual Chassis ports (VCPs) Virtual Chassis • Support for SFP uplink module ports Table 8: Interfaces Features 6 Chapter 1: Software Overview Table 9: IP Address Management Features Feature J-EX4200 Switches J-EX8200 Switches DHCP server and relay with option 82 for Layer 2 VLANs Junos OS 10.2 or earlier Junos OS 10.2 or earlier DHCPv6 and IPv6 DNS Junos OS 10.2 or earlier Not supported Local DHCP server Junos OS 10.2 or earlier Junos OS 10.2 or earlier Static addresses Junos OS 10.2 or earlier Junos OS 10.2 or earlier J-EX4200 Switches J-EX8200 Switches Table 10: IPv6 Features Feature A separate software license is required for IPv6. See “Understanding Software Licenses for the J-EX Series Switch” on page 65. IPv6 (except multicast protocols) Junos OS 10.2 or earlier Not supported IPv6 CoS (multi-field classification and rewrite, scheduling based on TC), Junos OS 10.2 or earlier Not supported IPv6 multicast protocols (PIM, MLDv1/v2) Junos OS 10.2 or earlier Junos OS 10.2 or earlier IPv6 Management and Services Junos OS 10.2 or earlier Junos OS 10.2 or earlier IPv6 Path MTU Discovery Junos OS 10.2 or earlier Junos OS 10.2 or earlier Feature J-EX4200 Switches J-EX8200 Switches 802.1Q VLAN tagging Junos OS 10.2 or earlier Junos OS 10.2 or earlier BPDU protection for spanning-tree protocols Junos OS 10.2 or earlier Junos OS 10.2 or earlier GARP VLAN Registration Protocol (GVRP) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Layer 2 protocol tunneling (L2PT) Junos OS 10.2 or earlier Not supported Link Layer Discovery Protocol (LLDP) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Link Layer Discovery Protocol-Media Endpoint Discovery (LLDP-MED) with voice over IP (VoIP) integration Junos OS 10.2 or earlier Not supported Loop protection for spanning-tree protocols Junos OS 10.2 or earlier Junos OS 10.2 or earlier MAC-based VLAN Junos OS 10.2 or earlier Not supported Multiple VLAN Registration Protocol (MVRP) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Table 11: Layer 2 Network Protocols Features 7 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Table 11: Layer 2 Network Protocols Features (continued) Feature J-EX4200 Switches J-EX8200 Switches Private VLANs (PVLANs) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Proxy ARP—restricted Junos OS 10.2 or earlier Junos OS 10.2 or earlier Proxy ARP—unrestricted Junos OS 10.2 or earlier Junos OS 10.2 or earlier Proxy ARP per VLAN Junos OS 10.2 or earlier Junos OS 10.2 or earlier Q-in-Q tunneling Junos OS 10.2 or earlier Not supported Q-in-Q VLAN extended support for multiple S-VLANs per access interface, firewall-filter-based VLAN assignment, and routed VLAN interfaces (RVIs) Junos OS 10.2 or earlier Not supported Root protection for spanning-tree protocols Junos OS 10.2 or earlier Junos OS 10.2 or earlier Spanning tree: Junos OS 10.2 or earlier Junos OS 10.2 or earlier Junos OS 10.2 or earlier Junos OS 10.2 or earlier RSTP and VSTP concurrent configuration Junos OS 10.2 or earlier Junos OS 10.2 or earlier Storm control Junos OS 10.2 or earlier Junos OS 10.2 or earlier Unknown Layer 2 unicast forwarding Junos OS 10.2 or earlier Junos OS 10.2 or earlier VLAN ID translation Junos OS 10.2 or earlier Not supported VLAN range Junos OS 10.2 or earlier Junos OS 10.2 or earlier Feature J-EX4200 Switches J-EX8200 Switches Bidirectional Forwarding Detection (BFD) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Border Gateway Protocol (BGP) Junos OS 10.2 or earlier Junos OS 10.2 or earlier • Spanning Tree Protocol (STP) • Rapid Spanning Tree Protocol (RSTP) • Multiple Spanning Tree Protocol (MSTP) Spanning tree: • VLAN Spanning Tree Protocol (VSTP) Table 12: Layer 3 Protocols Features A separate software license is required for BGP and MBGP. See “Understanding Software Licenses for the J-EX Series Switch” on page 65. Filter-based forwarding 8 Junos OS 10.2 or earlier Junos OS 10.2 or earlier Chapter 1: Software Overview Table 12: Layer 3 Protocols Features (continued) Feature J-EX4200 Switches J-EX8200 Switches Intermediate System-to-Intermediate System (IS-IS) Junos OS 10.2 or earlier Junos OS 10.2 or earlier A separate software license is required for IS-IS. See “Understanding Software Licenses for the J-EX Series Switch” on page 65. IPv6 protocols: Open Shortest Path First version 3 (OSPFv3), RIPng, IS-IS for IPv6, IPv6 BGP Junos OS 10.2 or earlier Junos OS 10.2 or earlier IPv6 Layer 3 multicast protocols Junos OS 10.2 or earlier Junos OS 10.2 or earlier Jumbo frames on routed VLAN interfaces (RVIs) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Multicast Source Discovery Protocol (MSDP) Junos OS 10.2 or earlier Junos OS 10.2 or earlier See the Junos OS Routing Protocols Configuration Guide at //www.juniper.net/techpubs/software/junos/index.html. OSPF Multitopology Routing (MT-OSPF) Junos OS 10.2 or earlier Junos OS 10.2 or earlier See the Junos OS Routing Protocols Configuration Guide at //www.juniper.net/techpubs/software/junos/index.html. OSPFv2 Junos OS 10.2 or earlier Junos OS 10.2 or earlier OSPF IPsec support Junos OS 10.3R1 Not supported Routed VLAN interfaces (RVIs) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Routing Information Protocol version 1 (RIPv1) and RIPv2 Junos OS 10.2 or earlier Junos OS 10.2 or earlier Static routes Junos OS 10.2 or earlier Junos OS 10.2 or earlier Virtual routing and forwarding (VRF) with IPv4—virtual routing instances Junos OS 10.2 or earlier Junos OS 10.2 or earlier VRF with IPv4—virtual routing instances for multicast traffic Junos OS 10.2 or earlier Junos OS 10.2 or earlier VRF with IPv6—virtual routing instances for multicast traffic Junos OS 10.2 or earlier Junos OS 10.2 or earlier VRF with IPv6—virtual routing instances for unicast traffic Junos OS 10.2 or earlier Junos OS 10.2 or earlier Feature J-EX4200 Switches J-EX8200 Switches MPLS with RSVP-based label switched paths (LSPs) and MPLS-based circuit cross-connects (CCCs) Junos OS 10.2 or earlier Not supported Table 13: MPLS Features A separate software license is required for MPLS. See “Understanding Software Licenses for the J-EX Series Switch” on page 65. 9 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Table 13: MPLS Features (continued) Feature J-EX4200 Switches J-EX8200 Switches MPLS with class of service (CoS) and IP over MPLS Junos OS 10.2 or earlier Not supported Feature J-EX4200 Switches J-EX8200 Switches Internet Group Management Protocol (IGMP) version1 (v1) and IGMPv2 Junos OS 10.2 or earlier Junos OS 10.2 or earlier IGMPv3 Junos OS 10.2 or earlier Junos OS 10.2 or earlier IGMPv1/v2 snooping Junos OS 10.2 or earlier Junos OS 10.2 or earlier IGMP snooping with routed VLAN interfaces (RVIs) Junos OS 10.2 or earlier Junos OS 10.2 or earlier IGMPv3 snooping Junos OS 10.2 or earlier Junos OS 10.2 or earlier IGMPv3 snooping EXCLUDE modes Junos OS 10.2 or earlier Junos OS 10.2 or earlier Multicast Service Discovery Protocol (MSDP) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Table 14: Multicast Features See the Junos OS Multicast Configuration Guide at http://www.juniper.net/techpubs/software/junos/. Multicast VLAN registration (MVR) Junos OS 10.2 or earlier Not supported Protocol Independent Multicast dense mode (PIM DM) Junos OS 10.2 or earlier Junos OS 10.2 or earlier See the Junos OS Multicast Configuration Guide at http://www.juniper.net/techpubs/software/junos/. Protocol Independent Multicast source-specific multicast (PIM SSM) Junos OS 10.2 or earlier Junos OS 10.2 or earlier See the Junos OS Multicast Configuration Guide at http://www.juniper.net/techpubs/software/junos/. Protocol Independent Multicast sparse mode (PIM SM) Junos OS 10.2 or earlier Junos OS 10.2 or earlier See the Junos OS Multicast Configuration Guide at http://www.juniper.net/techpubs/software/junos/. Single-source multicast Junos OS 10.2 or earlier Junos OS 10.2 or earlier Table 15: Network Management and Monitoring Features Feature J-EX4200 Switches J-EX8200 Switches 802.1ag Ethernet OAM connectivity fault management (CFM) Junos OS 10.2 or earlier Not supported 10 Chapter 1: Software Overview Table 15: Network Management and Monitoring Features (continued) Feature J-EX4200 Switches J-EX8200 Switches Ethernet OAM link fault management (LFM) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Port mirroring Junos OS 10.2 or earlier Junos OS 10.2 or earlier Port mirroring enhancements Junos OS 10.2 or earlier Junos OS 10.2 or earlier Junos OS 10.2 or earlier Not supported Real-time performance monitoring (RPM) Junos OS 10.2 or earlier Junos OS 10.2 or earlier RMON Junos OS 10.2 or earlier Junos OS 10.2 or earlier sFlow monitoring technology Junos OS 10.2 or earlier Junos OS 10.2 or earlier sFlow technology: Persistent IP addresses for agent IDs and use in datagrams Junos OS 10.2 or earlier Junos OS 10.2 or earlier Simple Network Management Protocol version 1 (SNMPv1), SNMPv2, and SNMPv3 Junos OS 10.2 or earlier Junos OS 10.2 or earlier Time Domain Reflectometry (TDR) Junos OS 10.2 or earlier Junos OS 10.2 or earlier Feature J-EX4200 Switches J-EX8200 Switches Automatic recovery for port error disable conditions Junos OS 10.2 or earlier Junos OS 10.2 or earlier DHCP option 82 Junos OS 10.2 or earlier Junos OS 10.2 or earlier DHCP snooping Junos OS 10.2 or earlier Junos OS 10.3R1 Dynamic ARP inspection (DAI) Junos OS 10.2 or earlier Junos OS 10.3R1 IP source guard Junos OS 10.2 or earlier Junos OS 10.3R1 MAC limiting Junos OS 10.2 or earlier Junos OS 10.3R1 MAC move limiting Junos OS 10.2 or earlier Junos OS 10.3R1 Persistent storage for DHCP snooping Junos OS 10.2 or earlier Not supported • Layer 3 interface support • Multiple VLAN support Port mirroring enhancements • Ingress-only and egress-only attributes on VLAN members to avoid flooding mirrored traffic to member interfaces of a VLAN on the intermediate switch Table 16: Port Security Features 11 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Table 16: Port Security Features (continued) Feature J-EX4200 Switches J-EX8200 Switches Static ARP support Junos OS 10.2 or earlier Junos OS 10.2 or earlier Feature J-EX4200 Switches J-EX8200 Switches Autoinstallation of configuration files Junos OS 10.2 or earlier Not supported Automatic software download Junos OS 10.2 or earlier Junos OS 10.2 or earlier Configuration rollback Junos OS 10.2 or earlier Junos OS 10.2 or earlier IP directed broadcast Junos OS 10.2 or earlier Junos OS 10.2 or earlier J-Web interface, for switch configuration and management Junos OS 10.2 or earlier Junos OS 10.2 or earlier Online insertion and removal (OIR) of uplink modules Junos OS 10.2 or earlier Not applicable Power budget management Not applicable Junos OS 10.2 or earlier Table 17: System Management Features NOTE: To access the J-Web interface, your management device must have the following software installed: • Operating system: Microsoft Windows XP Service Pack 3 • Browser version: One of the following. Other browsers might work but are not supported by J-Series platforms. • • Microsoft Internet Explorer version 7.0 • Mozilla Firefox version 3.0 Additional requirements: • Only English-language browsers are supported. • The browser and the network must be able to receive and process HTTP/1.1 gzip compressed data. Related Documentation 12 • High Availability Features for J-EX Series Switches Overview on page 18 • Layer 3 Protocols Supported on J-EX Series Switches on page 13 • Layer 3 Protocols Not Supported on J-EX Series Switches on page 14 • J-EX4200 Switches Hardware Overview on page 25 • J-EX8208 Switch Hardware Overview on page 27 • J-EX8216 Switch Hardware Overview on page 30 Chapter 1: Software Overview Layer 3 Protocols Supported on J-EX Series Switches J-EX Series switches support the Junos OS Layer 3 features and configuration statements listed in Table 18 on page 13: Table 18: Supported Junos OS Layer 3 Protocol Statements and Features Protocol Notes For More Information BGP Fully supported. See the Junos OS Routing Protocols Configuration Guide at http://www.juniper.net/techpubs/software/junos/. BFD Fully supported. See the Junos OS Routing Protocols Configuration Guide at http://www.juniper.net/techpubs/software/junos/. ICMP Fully supported. See the Junos OS Routing Protocols Configuration Guide at http://www.juniper.net/techpubs/software/junos/ IGMPv1, v2 and v3 Fully supported. See the Junos OS Multicast Configuration Guide at http://www.juniper.net/techpubs/software/junos/. IS-IS MLD Supported, with the exceptions noted in “Layer 3 Protocols Not Supported on J-EX Series Switches” on page 14. See the Junos OS Routing Protocols Configuration Guide at Supported (MLD versions 1 and 2 See the Junos OS Multicast Configuration Guide at http://www.juniper.net/techpubs/software/junos/. http://www.juniper.net/techpubs/software/junos/. MPLS OSPFv1, v2 and v3 PIM Supported, with the exceptions noted in “Layer 3 Protocols Not Supported on J-EX Series Switches” on page 14. See the Junos OS MPLS Applications Configuration Guide at Supported, with the exceptions noted in “Layer 3 Protocols Not Supported on J-EX Series Switches” on page 14. See the Junos OS Routing Protocols Configuration Guide at Fully supported See the Junos OS Multicast Configuration Guide at http://www.juniper.net/techpubs/software/junos/. http://www.juniper.net/techpubs/software/junos/. http://www.juniper.net/techpubs/software/junos/. RIP Fully supported. See the Junos OS Routing Protocols Configuration Guide at http://www.juniper.net/techpubs/software/junos/. RIPng Fully supported. See the Junos OS Routing Protocols Configuration Guide at http://www.juniper.net/techpubs/software/junos/. SNMP Fully supported. See the Junos OS Network Management Configuration Guide at http://www.juniper.net/techpubs/software/junos/. 13 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Table 18: Supported Junos OS Layer 3 Protocol Statements and Features (continued) Protocol Notes For More Information VRRP Fully supported with exception of IPv6 support of VRRP on routed VLAN interfaces (RVIs). See “Understanding VRRP on J-EX Series Switches” on page 1425. See also the Junos OS High Availability Guide at http://www.juniper.net/techpubs/software/junos/. Related Documentation • Layer 3 Protocols Not Supported on J-EX Series Switches on page 14 • J-EX Series Switch Software Features Overview on page 3 Layer 3 Protocols Not Supported on J-EX Series Switches J-EX Series switches do not support the Junos OS Layer 3 protocols and features listed in Table 19 on page 14. Table 19: Junos OS Layer 3 Protocol Statements and Features That Are Not Supported Feature Configuration Statements Not Supported on J-EX Series Switches DVMRP • dvmrp and subordinate statements Flow aggregation (cflowd) • cflow and subordinate statements GRE • Not supported IPsec • [edit services] statements related to IPsec IS-IS: • clns-routing statement • ipv6-multicast statement • lsp-interval statement • label-switched-path statement • lsp-lifetime statement • te-metric statement • logical-routers and subordinate statements • ES-IS • IPv6 in multicast routing protocols Logical routers 14 Chapter 1: Software Overview Table 19: Junos OS Layer 3 Protocol Statements and Features That Are Not Supported (continued) Feature Configuration Statements Not Supported on J-EX Series Switches MPLS: • ldp and all subordinate statements Network Address Translation (NAT) • nat and subordinate statements • Policy statements related to NAT OSPF • demand-circuit statement • label-switched-path and subordinate statements • neighbor statement within an OSPF area • peer-interface and subordinate statements within an OSPF area • sham-link statement • te-metric statement • l2vpn and subordinate statements • ldp and subordinate statements • vpls and subordinate statements SAP and SDP • sap and all subordinate statements General routing options in the routing-options hierarchy: • auto-export and subordinate statements • dynamic-tunnels and subordinate statements • • lsp-next-hop and subordinate statements • multicast and subordinate statements • p2mp-lsp-next-hop and subordinate statements • route-distinguisher-id statement • Fast Reroute (FRR) • Label Distribution Protocol (LDP) • Layer 3 VPNs • Multiprotocol BGP (MP-BGP) for VPN-IPv4 family • Pseudowire emulation (PWE3) • Routing policy statements related to Layer 3 VPNs and MPLS • Virtual Private LAN Service (VPLS) Routing instances: • Routing instance forwarding MPLS and label-switched-paths 15 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Table 19: Junos OS Layer 3 Protocol Statements and Features That Are Not Supported (continued) Feature Configuration Statements Not Supported on J-EX Series Switches Traffic sampling and fowarding in the forwarding-options hierarchy • accounting and subordinate statements • family mpls and family multiservice under hash-key hierarchy • Under monitoring group-name family inet output hierarchy: Related Documentation • cflowd statement • export-format-cflowd-version-5 statement • flow-active-timeout statement • flow-export-destination statement • flow-inactive-timeout statement • interface statement • port-mirroring statement (On J-EX Series switches, port mirroring is implemented using the analyzer statement.) • sampling and subordinate statements • Layer 3 Protocols Supported on J-EX Series Switches on page 13 • J-EX Series Switch Software Features Overview on page 3 Security Features for J-EX Series Switches Overview Juniper Networks Junos operating system (Junos OS) is a network operating system that has been hardened through the separation of control forwarding and services planes, with each function running in protected memory. The control-plane CPU is protected by rate limiting, routing policy, and firewall filters to ensure switch uptime even under severe attack. In addition, the switches fully integrate with the Juniper Networks Unified Access Control (UAC) product to provide both standards-based 802.1X port-level access and Layer 2 through Layer 4 policy enforcement based on user identity. Access port security features such as dynamic Address Resolution Protocol (ARP) inspection, DHCP snooping, and MAC limiting are controlled through a single Junos OS CLI command. J-EX Series Switches provide the following hardware and software security features: Console Port—Allows use of the console port to connect to the Routing Engine through an RJ-45 cable. You then use the command-line interface (CLI) to configure the switch. Out-of-Band Management—A dedicated management Ethernet port on the rear panel allows out-of-band management. Software Images—All Junos OS images are signed by Juniper Networks certificate authority (CA) with public key infrastructure (PKI). User Authentication, Authorization, and Accounting (AAA)—Features include: 16 • User and group accounts with password encryption and authentication. • Access privilege levels configurable for login classes and user templates. Chapter 1: Software Overview • RADIUS authentication, TACACS+ authentication, or both, for authenticating users who attempt to access the switch. • Auditing of configuration changes through system logging or RADIUS/TACACS+. 802.1X Authentication—Provides network access control. Supplicants (hosts) are authenticated when they initially connect to a LAN. Authenticating supplicants before they receive an IP address from a DHCP server prevents unauthorized supplicants from gaining access to the LAN. J-EX Series switches support Extensible Authentication Protocol (EAP) methods, including EAP-MD5, EAP-TLS, EAP-TTLS, and EAP-PEAP. Port Security—Access port security features include: • DHCP snooping—Filters and blocks ingress DHCP server messages on untrusted ports; builds and maintains an IP-address/MAC-address binding database (called the DHCP snooping database). • Dynamic ARP inspection (DAI)—Prevents ARP spoofing attacks. ARP requests and replies are compared against entries in the DHCP snooping database, and filtering decisions are made based on the results of those comparisons. • MAC limiting—Protects against flooding of the Ethernet switching table. • MAC move limiting—Detects MAC movement and MAC spoofing on access ports. • Trusted DHCP server—With a DHCP server on a trusted port, protects against rogue DHCP servers sending leases. • IP source guard—Mitigates the effects of IP address spoofing attacks on the Ethernet LAN. The source IP address in the packet sent from an untrusted access interface is validated against the source MAC address in the DHCP snooping database. The packet is allowed for further processing if the source IP address to source MAC address binding is valid; if the binding is not valid, the packet is discarded. • DHCP option 82—Also known as the DHCP relay agent information option. Helps protect the J-EX Series switch against attacks such as spoofing (forging) of IP addresses and MAC addresses and DHCP IP address starvation. Option 82 provides information about the network location of a DHCP client, and the DHCP server uses this information to implement IP addresses or other parameters for the client. • Unrestricted proxy ARP—The switch responds to all ARP messages with its own MAC address. Hosts that are connected to the switch’s interfaces cannot communicate directly with other hosts. Instead, all communications between hosts go through the switch. • Restricted proxy ARP—The switch does not respond to an ARP request if the physical networks of the source and target of the ARP request are the same. It does not matter whether the destination host has the same IP address as the incoming interface or a different (remote) IP address. An ARP request for a broadcast address elicits no reply. Device Security—Storm control permits the switch to monitor unknown unicast and broadcast traffic and drop packets, or shut down, or temporarily disable the interface when a specified traffic level is exceeded, thus preventing packets from proliferating and degrading the LAN. You can enable storm control on access interfaces or trunk interfaces. 17 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Firewall Filters—Allow auditing of various types of security violations, including attempts to access the switch from unauthorized locations. Firewall filters can detect such attempts and create audit log entries when they occur. The filters can also restrict access by limiting traffic to source and destination MAC addresses, specific protocols, or, in combination with policers, to specified data rates to prevent denial of service (DoS) attacks. Policers—Provide rate-limiting capability to control the amount of traffic that enters an interface, which acts to counter DoS attacks. Encryption Standards—Supported standards include: Related Documentation • 128-, 192-, and 256-bit Advanced Encryption Standard (AES) • 56-bit Data Encryption Standard (DES) and 168-bit 3DES • 802.1X for J-EX Series Switches Overview on page 2253 • Firewall Filters for J-EX Series Switches Overview on page 2721 • Port Security for J-EX Series Switches Overview on page 2545 • Understanding Proxy ARP on J-EX Series Switches on page 1059 • Understanding Storm Control on J-EX Series Switches on page 2511 • Understanding the Use of Policers in Firewall Filters on page 2752 High Availability Features for J-EX Series Switches Overview High availability refers to the hardware and software components that provide redundancy and reliability for packet-based communications. This topic covers the following high availability features of J-EX Series Switches: • VRRP on page 18 • Graceful Protocol Restart on page 19 • Redundant Routing Engines on page 19 • Graceful Routing Engine Switchover on page 20 • Virtual Chassis Software Upgrade and Failover Features on page 20 • Link Aggregation on page 20 VRRP You can configure the Virtual Router Redundancy Protocol (VRRP) or VRRP for IPv6 on Gigabit Ethernet interfaces, 10-Gigabit Ethernet interfaces, and logical interfaces on J-EX Series switches. When VRRP is configured, the switches act as virtual routing platforms. VRRP enables hosts on a LAN to make use of redundant routing platforms on that LAN without requiring more than the static configuration of a single default route on the hosts. The VRRP routing platforms share the IP address corresponding to the default route configured on the hosts. At any time, one of the VRRP routing platforms is the master (active) and the others are backups. If the master routing platform fails, one of the backup routing platforms becomes the new master, providing a virtual default routing platform 18 Chapter 1: Software Overview and enabling traffic on the LAN to be routed without relying on a single routing platform. Using VRRP, a backup J-EX Series switch can take over a failed default switch within a few seconds. This is done with minimum loss of VRRP traffic and without any interaction with the hosts. For more information on VRRP, see “Understanding VRRP on J-EX Series Switches” on page 1425. Graceful Protocol Restart With standard implementations of routing protocols, any service interruption requires an affected switch to recalculate adjacencies with neighboring switches, restore routing table entries, and update other protocol-specific information. An unprotected restart of a switch can result in forwarding delays, route flapping, wait times stemming from protocol reconvergence, and even dropped packets. Graceful protocol restart allows a restarting switch and its neighbors to continue forwarding packets without disrupting network performance. Because neighboring switches assist in the restart (these neighbors are called helper switches), the restarting switch can quickly resume full operation without recalculating algorithms from scratch. On J-EX Series switches, graceful protocol restart can be applied to aggregate and static routes and for routing protocols (BGP, IS-IS, OSPF, and RIP). Graceful protocol restart works similarly for the different routing protocols. The main benefits of graceful protocol restart are uninterrupted packet forwarding and temporary suppression of all routing protocol updates. Graceful protocol restart thus allows a switch to pass through intermediate convergence states that are hidden from the rest of the network. Most graceful restart implementations define two types of switches—the restarting switch and the helper switch. The restarting switch requires rapid restoration of forwarding state information so that it can resume the forwarding of network traffic. The helper switch assists the restarting switch in this process. Individual graceful restart configuration statements typically apply to either the restarting switch or the helper switch. Redundant Routing Engines Two to ten J-EX4200 switches can be interconnected to create a Virtual Chassis configuration that operates as a single network entity. Every Virtual Chassis configuration has a master and a backup. The master acts as the master Routing Engine and the backup acts as the backup Routing Engine. The Routing Engine provides the following functionality: • Runs various routing protocols • Provides the forwarding table to the Packet Forwarding Engines (PFEs) in all the member switches of the Virtual Chassis configuration • Runs other management and control processes for the entire Virtual Chassis configuration The master Routing Engine, which is in the master of the Virtual Chassis configuration, runs Junos OS in the master role. It receives and transmits routing information, builds and maintains routing tables, communicates with interfaces and Packet Forwarding 19 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Engine components of the member switches, and has full control over the Virtual Chassis configuration. The backup Routing Engine, which is in the backup of the Virtual Chassis configuration, runs Junos OS in the backup role. It stays in sync with the master Routing Engine in terms of protocol states, forwarding tables, and so forth. If the master becomes unavailable, the backup Routing Engine takes over the functions that the master Routing Engine performs. Graceful Routing Engine Switchover You can configure graceful Routing Engine switchover (GRES) in a Virtual Chassis configuration, allowing the configuration to switch from the master Routing Engine in the master to the backup Routing Engine in the backup with minimal interruption to network communications. When you configure GRES, the backup Routing Engine automatically synchronizes with the master Routing Engine to preserve kernel state information and forwarding state. Any updates to the master Routing Engine are replicated to the backup Routing Engine as soon as they occur. If the kernel on the master Routing Engine stops operating, the master Routing Engine experiences a hardware failure, or the administrator initiates a manual switchover, mastership switches to the backup Routing Engine. When the backup Routing Engine assumes mastership in a redundant failover configuration (that is, when graceful Routing Engine switchover is not enabled), the Packet Forwarding Engines initialize their state to boot up state before they connect to the new master Routing Engine. In contrast, in a graceful switchover configuration, the Packet Forwarding Engines do not reinitialize their state, but resynchronize their state with the new master Routing Engine. The interruption to the traffic is minimal. Virtual Chassis Software Upgrade and Failover Features J-EX4200 switches provide these features for increased resiliency in Virtual Chassis configurations: • Virtual Chassis atomic software upgrade—When you upgrade software in a Virtual Chassis configuration, the upgrade will either succeed or fail on all member switches, preventing the situation in which only some of the Virtual Chassis member switches are upgraded. • Virtual Chassis fast failover—A hardware-assisted failover mechanism that automatically reroutes traffic and reduces traffic loss in the event of a link failure. • Virtual Chassis split and merge—If there is a disruption to the Virtual Chassis configuration due to member switches failing or being removed from the configuration, the Virtual Chassis configuration splits into two separate Virtual Chassis. Link Aggregation You can combine multiple physical Ethernet ports to form a logical point-to-point link, known as a link aggregation group (LAG) or bundle. A LAG provides more bandwidth than a single Ethernet link can provide. Additionally, link aggregation provides network 20 Chapter 1: Software Overview redundancy by load-balancing traffic across all available links. If one of the links should fail, the system automatically load-balances traffic across all remaining links. You can select up to eight Ethernet interfaces and include them within a LAG. In a J-EX4200 Virtual Chassis configuration, the interfaces that form a LAG can be on different members of the Virtual Chassis. See “Understanding Virtual Chassis Configurations and Link Aggregation” on page 702. Related Documentation • For more information on high availability features, see the Junos OS High Availability Configuration Guide at http://www.juniper.net/techpubs/software/junos/. • Virtual Chassis Overview on page 691 • Understanding Virtual Chassis Components on page 694 • Understanding Virtual Chassis Configurations and Link Aggregation on page 702 • Understanding VRRP on J-EX Series Switches on page 1425 21 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Understanding Software Infrastructure and Processes Each switch runs Junos OS for J-EX Series Switches on its general-purpose processors. Junos OS includes processes for Internet Protocol (IP) routing and for managing interfaces, networks, and the chassis. Junos OS runs on the Routing Engine. The Routing Engine kernel coordinates communication among the Junos OS processes and provides a link to the Packet Forwarding Engine. With the J-Web interface and the command-line interface (CLI) to Junos OS, you configure switching features and routing protocols and set the properties of network interfaces on your switch. After activating a software configuration, use either the J-Web or CLI user interface to monitor the switch, manage operations, and diagnose protocol and network connectivity problems. NOTE: To access the J-Web interface, your management device must have the following software installed: • Operating system: Microsoft Windows XP Service Pack 3 • Browser version: One of the following. Other browsers might work but are not supported by J-Series platforms. • • Microsoft Internet Explorer version 7.0 • Mozilla Firefox version 3.0 Additional requirements: • Only English-language browsers are supported. • The browser and the network must be able to receive and process HTTP/1.1 gzip compressed data. • Routing Engine and Packet Forwarding Engine on page 22 • Junos OS Processes on page 23 Routing Engine and Packet Forwarding Engine A switch has two primary software processing components: • Packet Forwarding Engine—Processes packets; applies filters, routing policies, and other features; and forwards packets to the next hop along the route to their final destination. • Routing Engine—Provides three main functions: • 22 Creates the packet forwarding switch fabric for the switch, providing route lookup, filtering, and switching on incoming data packets, then directing outbound packets to the appropriate interface for transmission to the network Chapter 1: Software Overview • Maintains the routing tables used by the switch and controls the routing protocols that run on the switch. • Provides control and monitoring functions for the switch, including controlling power and monitoring system status. Junos OS Processes Junos OS running on the Routing Engine and Packet Forwarding Engine consists of multiple processes that are responsible for individual functions. The separation of functions provides operational stability, because each process accesses its own protected memory space. In addition, because each process is a separate software package, you can selectively upgrade all or part of Junos OS, for added flexibility. Table 20 on page 23 describes the primary Junos OS processes. Table 20: Junos OS Processes Process Name Description Chassis process chassisd Detects hardware on the system that is used to configure network interfaces. Monitors the physical status of hardware components and field-replaceable units (FRUs), detecting when environment sensors such as temperature sensors are triggered. Relays signals and interrupts—for example, when devices are taken offline, so that the system can close sessions and shut down gracefully. Ethernet switching process eswd Handles Layer 2 switching functionality such as MAC address learning, Spanning Tree protocol and access port security. The process is also responsible for managing Ethernet switching interfaces, VLANs, and VLAN interfaces. Manages Ethernet switching interfaces, VLANs, and VLAN interfaces. Forwarding process pfem Defines how routing protocols operate on the switch. The overall performance of the switch is largely determined by the effectiveness of the forwarding process. Interface process dcd Configures and monitors network interfaces by defining physical characteristics such as link encapsulation, hold times, and keepalive timers. Management process mgd Provides communication between the other processes and an interface to the configuration database. Populates the configuration database with configuration information and retrieves the information when queried by other processes to ensure that the system operates as configured. Interacts with the other processes when commands are issued through one of the user interfaces on the switch. If a process terminates or fails to start when called, the management process attempts to restart it a limited number of times to prevent thrashing and logs any failure information for further investigation. 23 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Table 20: Junos OS Processes (continued) Process Name Description Routing protocol process rpd Defines how routing protocols such as RIP, OSPF, and BGP operate on the device, including selecting routes and maintaining forwarding tables. Related Documentation 24 • For more information about processes, see the Junos OS Network Operations Guide at http://www.juniper.net/techpubs/software/junos/. • For more information about basic system parameters, supported protocols, and software processes, see the Junos OS System Basics Configuration Guide at http://www.juniper.net/techpubs/software/junos/. CHAPTER 2 Supported Hardware • J-EX4200 Switches Hardware Overview on page 25 • J-EX4200 Switch Models on page 26 • J-EX8208 Switch Hardware Overview on page 27 • J-EX8216 Switch Hardware Overview on page 30 J-EX4200 Switches Hardware Overview J-EX Series Switches provide scalable connectivity for the enterprise market, including branch offices, campus locations, and data centers. The switches run under Junos OS, which provides Layer 2 and Layer 3 switching, routing, and security services. The same Junos OS code base that runs on J-EX Series switches also runs on all Dell PowerConnect J-SRX Series Services Gateways. • J-EX4200 Switches on page 25 • Uplink Modules on page 26 • Power over Ethernet (PoE) Ports on page 26 J-EX4200 Switches J-EX4200 switches provide connectivity for medium- and high-density environments and scalability for growing networks. These switches can be deployed wherever you need a high density of Gigabit Ethernet ports (24 to 480 ports) or redundancy. Typically, J-EX4200 switches are used in large branch offices, campus wiring closets, and data centers where they can be positioned as the top device in a rack to provide connectivity for all the devices in the rack. You can connect individual J-EX4200 switches together to form one unit and manage the unit as a single chassis, called a Virtual Chassis. You can add more member switches to the Virtual Chassis as needed, up to a total of 10 members. J-EX4200 switches are available in models with 24 or 48 ports and with 8 ports equipped for PoE. All models provide ports that have 10/100/1000Base-T Gigabit Ethernet connectors and optional 1-gigabit small form-factor pluggable (SFP) transceivers or 10-gigabit small form-factor pluggable (SFP+) transceivers for use with fiber connections. Additionally, a 24-port model provides 100Base-FX/1000Base-X SFP ports. This model is typically used as a small distribution switch. 25 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS All J-EX4200 switches have dedicated 64-Gbps Virtual Chassis ports that allow you to connect the switches to each other. You can also use optional uplink module ports to connect members of a Virtual Chassis across multiple wiring closets. To provide carrier-class reliability, J-EX4200 switches include: • Dual redundant power supplies that are field-replaceable and hot-swappable. An optional additional connection to an external power source is also available. • A field-replaceable fan tray with three fans. The switch remains operational if a single fan fails. • Redundant Routing Engines in a Virtual Chassis configuration. This redundancy enables GRES (graceful Routing Engine switchover) and nonstop active routing. • Junos OS with its modular design that enables failed system processes to gracefully restart. Uplink Modules Optional uplink modules are available for all J-EX4200 switches. Uplink modules provide four 1-gigabit small form-factor pluggable (SFP) transceivers or two 10-gigabit small form-factor pluggable (SFP+) transceivers. You can use SFP or SFP+ ports to connect an access switch to a distribution switch or to interconnect member switches of a Virtual Chassis across multiple wiring closets. Power over Ethernet (PoE) Ports PoE ports provide electrical current to devices through the network cables so that separate power cords for devices such as IP phones, wireless access points, and security cameras are unnecessary. J-EX4200 switches have partial (8-port) PoE capability. Related Documentation • J-EX4200 Switch Models on page 26 • Field-Replaceable Units in J-EX4200 Switches • Site Preparation Checklist for J-EX4200 Switches J-EX4200 Switch Models The J-EX4200 switch is available with 24 or 48 ports and with partial Power over Ethernet (PoE) capability. Table 21 on page 26 lists the J-EX4200 switch models. Table 21: J-EX4200 Switch Models Model Ports Number of PoE-enabled Ports Power Supply (Minimum) J-EX4200-24T 24 Gigabit Ethernet First 8 ports 320 W J-EX4200-48T 48 Gigabit Ethernet First 8 ports 320 W J-EX4200-24F 24 small form-factor pluggable (SFP) transceivers Not applicable 320 W 26 Chapter 2: Supported Hardware Related Documentation • Front Panel of a J-EX4200 Switch • Rear Panel of a J-EX4200 Switch • J-EX4200 Switches Hardware Overview on page 25 J-EX8208 Switch Hardware Overview Dell PowerConnect J-Series J-EX8208 Ethernet Switches provide high performance, scalable connectivity, and carrier-class reliability for high-density environments such as campus-aggregation and data-center networks. The J-EX8208 switch is a modular system that provides high availability and redundancy for all major hardware components, including Routing Engines, switch fabric, fan tray, and power supplies. You can manage J-EX8208 switches using the same Junos OS interfaces that you use for other Junos OS platforms—the Junos OS command-line interface (CLI) and the J-Web graphical interface. • Software on page 27 • Chassis Physical Specifications on page 27 • Routing Engines and Switch Fabric on page 28 • Line Cards on page 29 • Cooling System on page 29 • Power Supplies on page 29 Software The Dell PowerConnect J-EX Series Switches—PowerConnect J-EX4200 Ethernet Switches and PowerConnect J-EX8200 Ethernet Switches—run under Junos OS, which provides Layer 2 and Layer 3 switching, routing, and security services. The same Junos OS code base that runs on J-EX Series switches also runs on Dell PowerConnect J-SRX Series Services Gateways. Chassis Physical Specifications The J-EX8208 switch is 14 rack units (14 U) in size (1/3 rack); three J-EX8208 switches can fit in a standard 42 U rack. Each J-EX8208 switch is designed to optimize rack space and cabling. See Figure 1 on page 28. 27 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Figure 1: J-EX8208 Switch The J-EX8208 switch has a chassis-level LCD panel that displays Routing Engine and switch fabric status as well as chassis components’ alarm information for rapid problem identification. The LCD panel provides a user-friendly interface for performing initial switch configuration, rolling back a configuration, or restoring the switch to its default settings. See LCD Panel in a J-EX8200 Switch. The J-EX8208 chassis backplane distributes the data, control, and management signals to various system components along with distributing power throughout the system. See Chassis Physical Specifications of a J-EX8208 Switch. Routing Engines and Switch Fabric Switching functionality, system management, and system control functions of a J-EX8208 switch are performed by the Switch Fabric and Routing Engine (SRE) module. See Switch Fabric and Routing Engine (SRE) Module in a J-EX8208 Switch. An SRE module contains a Routing Engine and switch fabric. The SRE modules are installed in the front of the chassis in the slots labeled SRE0 and SRE1. See Slot Numbering for a J-EX8208 Switch. 28 Chapter 2: Supported Hardware A base configuration J-EX8208 switch has one SRE module. A redundant configuration J-EX8208 switch has a second SRE module. See J-EX8208 Switch Configurations. The Switch Fabric (SF) module, working with the SRE module, provides the necessary switching functionality to a base configuration J-EX8208 switch. The SF module is installed in the front of the chassis in the slot labeled SF. In a redundant configuration the SF module provides a redundant switch fabric. The additional switch fabric provides full 2+1 switch fabric redundancy to the switch. See Switch Fabric (SF) Module in a J-EX8208 Switch. Line Cards The J-EX8208 switch features eight horizontal line card slots and supports the line rate for each line card. The line cards in J-EX8200 switches combine a Packet Forwarding Engine and Ethernet interfaces on a single assembly. They are field-replaceable units (FRUs) that can be installed in the line card slots labeled 0 through 7 on the front of the switch chassis. See Slot Numbering for a J-EX8208 Switch. All line cards are hot-removable and hot-insertable. The following line cards are available for J-EX8208 switches: • 8-port 10-Gigabit Ethernet SFP+ line card: This line card has eight 10-gigabit SFP+ ports on its faceplate in which you can install SFP+ transceivers. See 8-port SFP+ Line Card in a J-EX8200 Switch. • 48-port 100/1000 SFP line card: This line card has 48 1-gigabit SFP ports on its faceplate in which you can install SFP transceivers. See 48-port SFP Line Card in a J-EX8200 Switch. • 48-port 10/100/1000 RJ-45 line card: This line card had 48 10/100/1000 Gigabit Ethernet ports with RJ-45 connectors on its faceplate. See 48-port RJ-45 Line Card in a J-EX8200 Switch. Cooling System The cooling system in a J-EX8208 switch consists of a hot-removable and hot-insertable fan tray. The fan tray contains 12 fans. The fan tray installs vertically on the left front of the chassis and provides side-to-side chassis cooling. See Cooling System and Airflow in a J-EX8208 Switch. Power Supplies Power supplies for the J-EX8208 switch are fully redundant, load-sharing, and hot-removable and hot-insertable field-replaceable units (FRUs). Each J-EX8208 switch chassis can hold up to six 2000 W AC power supplies. The 2000 W AC power supplies support both low-voltage line (100–120 VAC) and high-voltage line (200–240 VAC) AC power configurations on a J-EX8208 switch. Each 2000 W AC power supply delivers 2000 W of power at high voltage (200–240 VAC) or 1200 W at low voltage (100–120 VAC) to the J-EX8208 chassis. 29 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Only two AC power supplies are required for the base AC configuration and switch powerup. The redundant AC configuration ships with six AC power supplies to provide the capacity to power the system using N+1 or N+N power redundancy. Related Documentation • Field-Replaceable Units in a J-EX8208 Switch • Connecting and Configuring a J-EX Series Switch (CLI Procedure) on page 161 • Connecting and Configuring a J-EX Series Switch (J-Web Procedure) on page 163 J-EX8216 Switch Hardware Overview The Dell PowerConnect J-Series J-EX8216 Ethernet Switch is a half-rack, midplane architecture, modular Ethernet switch that is designed for ultra high-density environments such as campus aggregation, data center, or high performance core switching environments. J-EX8216 switches provide high-availability and redundancy for all major hardware components, including Routing Engine (RE) modules, Switch Fabric (SF) modules, fan trays (with redundant fans), and load-sharing 2000 W AC and 3000 W AC power supplies. Like other J-EX8200 Ethernet Switches, J-EX8216 switches provide high performance, scalable connectivity, and carrier-class reliability. You can manage J-EX8216 switches using the same Junos OS interfaces that you use for other Junos OS platforms—the Junos OS command-line interface (CLI) and the J-Web graphical interface. • Software on page 30 • Chassis Physical Specifications, LCD Panel, and Midplane on page 30 • Routing Engines and Switch Fabric on page 32 • Line Cards on page 33 • Cooling System on page 33 • Power Supplies on page 34 Software The Dell PowerConnect J-EX Series Switches—PowerConnect J-EX4200 Ethernet Switches and PowerConnect J-EX8200 Ethernet Switches—run under Junos OS, which provides Layer 2 and Layer 3 switching, routing, and security services. The same Junos OS code base that runs on J-EX Series switches also runs on Dell PowerConnect J-SRX Series Services Gateways. Chassis Physical Specifications, LCD Panel, and Midplane J-EX8216 switches are designed to optimize rack space and cabling. The J-EX8216 switch is 21 rack units (21 U) in size (1/2 rack); two J-EX8216 switches can fit in a standard 42 U rack. See Figure 2 on page 31 and Figure 3 on page 32 and Chassis Physical Specifications of a J-EX8216 Switch. 30 Chapter 2: Supported Hardware Figure 2: J-EX8216 Switch Front 31 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Figure 3: J-EX8216 Switch Rear The J-EX8216 switch has a chassis-level LCD panel that displays Routing Engine and switch fabric status as well as chassis components’ alarm information for rapid problem identification. The LCD panel provides a user-friendly interface for performing initial switch configuration, rolling back a configuration, or restoring the switch to the factory default configuration. See LCD Panel in a J-EX8200 Switch. The J-EX8216 chassis midplane distributes the data, control, and management signals to system components and distributes power throughout the system. See Midplane in a J-EX8216 Switch. Routing Engines and Switch Fabric System management and system control functions of a J-EX8216 switch are performed by the Routing Engine (RE) module. An RE module contains a Routing Engine. The RE modules are hot-insertable and hot-removable field-replaceable units (FRUs) that are 32 Chapter 2: Supported Hardware installed in the front of the chassis in the slots labeled RE0 and RE1. A base configuration (AC version) J-EX8216 switch has one RE module. A redundant configuration J-EX8216 switch has a second RE module for redundancy. See Routing Engine (RE) Module in a J-EX8216 Switch and J-EX8216 Switch Configurations. The Switch Fabric (SF) modules provide the switching functionality to a J-EX8216 switch. The SF modules are hot-insertable and hot-removable field-replaceable units (FRUs). All eight SF modules are installed in the rear of the chassis in the slots labeled SF7 through SF0. In a J-EX8216 switch, all eight SF modules are active and must be installed in the switch for normal operation. If a single SF module fails, the input/output traffic for that module is load-balanced among the remaining SF modules, providing graceful degradation in midplane performance. The impact of an SF module failure on the performance of a J-EX8216 switch varies based on the type of line cards installed in the switch and the traffic mix flowing through them. In a J-EX8216 switch configuration that is fully loaded with 8-port 10-Gigabit Ethernet SFP+ line cards, if one SF module fails, the remaining seven SF modules still have sufficient switching capacity to maintain continuous switch operation at full wire-rate performance. See Switch Fabric (SF) Modules in a J-EX8216 Switch. Line Cards The J-EX8216 switch features 16 horizontal line card slots and supports wire-rate performance for all packet sizes for the installed line cards. The line cards in J-EX8200 switches combine a Packet Forwarding Engine and Ethernet interfaces on a single assembly. They are field-replaceable units (FRUs), and you can install them in the slots labeled 0 through 15 on the front of the switch chassis. All line cards are hot-insertable and hot-removable. The following line cards are available for J-EX8216 switches: • 8-port 10-Gigabit Ethernet SFP+ line card: This line card has eight 10-gigabit SFP+ ports on its faceplate in which you can install SFP+ transceivers. See 8-port SFP+ Line Card in a J-EX8200 Switch. • 48-port 100/1000 SFP line card: This line card has 48 1-gigabit SFP ports on its faceplate in which you can install SFP transceivers. See 48-port SFP Line Card in a J-EX8200 Switch. • 48-port 10/100/1000 RJ-45 line card: This line card has 48 10/100/1000 Gigabit Ethernet ports with RJ-45 connectors on its faceplate. See 48-port RJ-45 Line Card in a J-EX8200 Switch. Cooling System The cooling system in a J-EX8216 switch consists of two hot-insertable and hot-removable, field-replaceable unit (FRU) fan trays. Each fan tray contains nine fans. Both fan trays install vertically on the left front of the chassis and provide side-to-side chassis cooling and front-to-side cooling. The top and bottom fan trays are identical and interchangeable. However, only the top fan tray cools the SF modules installed in the rear of the chassis. See Cooling System and Airflow in a J-EX8216 Switch. 33 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Power Supplies Power supplies for the J-EX8216 switch are fully redundant, load-sharing, and hot-insertable and hot-removable field-replaceable units (FRUs). Each J-EX8216 switch chassis can hold up to six 2000 W AC or six 3000 W AC power supplies. The 2000 W AC power supplies support both low-voltage line (100–120 VAC) and high-voltage line (200–240 VAC) AC power configurations on a J-EX8216 switch. Each 3000 W AC power supply delivers 3000 W of power at high voltage (200–240 VAC) to the J-EX8216 chassis. Low-voltage input is not supported for the 3000 W AC power supplies on the J-EX8216 switch. The redundant AC configuration ships with six AC power supplies to provide the capacity to power the system using N+1 or N+N power redundancy. See AC Power Supply in a J-EX8200 Switch and J-EX8216 Switch Configurations. CAUTION: Mixing different types of power supplies in the same chassis is not a supported configuration. Related Documentation 34 • Field-Replaceable Units in a J-EX8216 Switch • Slot Numbering for a J-EX8216 Switch • Connecting and Configuring a J-EX Series Switch (CLI Procedure) on page 161 • Connecting and Configuring a J-EX Series Switch (J-Web Procedure) on page 163 PART 2 Complete Software Configuration Statement Hierarchy • Complete Software Configuration Statement Hierarchy on page 37 35 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 36 CHAPTER 3 Complete Software Configuration Statement Hierarchy • [edit access] Configuration Statement Hierarchy on page 37 • [edit chassis] Configuration Statement Hierarchy on page 38 • [edit class-of-service] Configuration Statement Hierarchy on page 38 • [edit ethernet-switching-options] Configuration Statement Hierarchy on page 40 • [edit firewall] Configuration Statement Hierarchy on page 42 • [edit forwarding-options] Configuration Statement Hierarchy on page 43 • [edit interfaces] Configuration Statement Hierarchy on page 44 • [edit poe] Configuration Statement Hierarchy on page 48 • [edit protocols] Configuration Statement Hierarchy on page 48 • [edit routing-instances] Configuration Hierarchy on page 55 • [edit snmp] Configuration Statement Hierarchy on page 55 • [edit virtual-chassis] Configuration Statement Hierarchy on page 55 • [edit vlans] Configuration Statement Hierarchy on page 56 [edit access] Configuration Statement Hierarchy access { profileprofile-name { accounting { order [ radius | none ]; accounting-stop-on-access-deny; accounting-stop-on-failure; } authentication-order [ authentication-method ]; radius { accounting-server [ server-address ]; authentication-server [ server-address ]; } } } Related Documentation • Example: Connecting a RADIUS Server for 802.1X to a J-EX Series Switch on page 2267 37 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS • Configuring 802.1X RADIUS Accounting (CLI Procedure) on page 2339 [edit chassis] Configuration Statement Hierarchy chassis { aggregated-devices { ethernet { device-count number; } } auto-image-upgrade; } fpc slot { pic pic-number { sfpplus { pic-mode mode; power-budget-priority priority; } lcd-menu fpc slot-number { menu-item (menu-name | menu-option); } } psu { redundancy { n-plus-n; } } redundancy{ graceful-switchover ; } Related Documentation • Understanding Aggregated Ethernet Interfaces and LACP on page 867 • Understanding Power Management on J-EX Series Switches on page 302 [edit class-of-service] Configuration Statement Hierarchy class-of-service { classifiers { (dscp | ieee-802.1 | inet-precedence) classifier-name { import (classifier-name | default); forwarding-class class-name { loss-priority loss-priority { code-points [ aliases ] [ 6 bit-patterns ]; } } } } code-point-aliases { (dscp | ieee-802.1 | inet-precedence) { alias-name bits; } } 38 Chapter 3: Complete Software Configuration Statement Hierarchy forwarding-classes { class class-name queue-num queue-number priority ( high | low ); } interfaces { interface-name { scheduler-map map-name; unit logical-unit-number { forwarding-class class-name; classifiers { (dscp | ieee-802.1 | inet-precedence) (classifier-name | default); } } } } multi-destination { family { ethernet { broadcast forwarding-class-name; } inet { classifiers { (dscp |inet-precedence) classifier-name; } } } scheduler-map map-name; } rewrite-rules { (dscp | ieee-802.1 | inet-precedence) rewrite-name { import (rewrite-name | default); forwarding-class class-name { loss-priority loss-priority code-point (alias | bits); } } } scheduler-maps { map-name { forwarding-class class-name scheduler scheduler-name; } } schedulers { scheduler-name { buffer-size (percent percentage | remainder); drop-profile-map loss-priority loss-priority protocol protocol drop-profile profile-name; priority priority; shaping-rate (rate | percent percentage); transmit-rate (rate | percent percentage | remainder); } } } Related Documentation • Example: Configuring CoS on J-EX Series Switches on page 2883 • Defining CoS Code-Point Aliases (CLI Procedure) on page 2914 or Defining CoS Code-Point Aliases (J-Web Procedure) on page 2912 39 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS • Defining CoS Classifiers (CLI Procedure) on page 2914 or Defining CoS Classifiers (J-Web Procedure) on page 2916 • Defining CoS Forwarding Classes (CLI Procedure) on page 2918 or Defining CoS Forwarding Classes (J-Web Procedure) on page 2918 • Configuring CoS Tail Drop Profiles (CLI Procedure) on page 2925 • Defining CoS Schedulers (CLI Procedure) on page 2920 or Defining CoS Schedulers (J-Web Procedure) on page 2920 • Defining CoS Rewrite Rules (CLI Procedure) on page 2925 or Defining CoS Rewrite Rules (J-Web Procedure) on page 2926 • Assigning CoS Components to Interfaces (CLI Procedure) on page 2928 or Assigning CoS Components to Interfaces (J-Web Procedure) on page 2928 [edit ethernet-switching-options] Configuration Statement Hierarchy ethernet-switching-options { analyzer { name { loss-priority priority; ratio number; input { ingress { interface (all | interface-name); vlan (vlan-id | vlan-name); } egress { interface (all | interface-name); } output { interface interface-name; vlan (vlan-id | vlan-name); } } } bpdu-block { disable-timeout timeout; interface (all | [interface-name]); } dot1q-tunneling { ether-type (0x8100 | 0x88a8 | 0x9100); } interfaces interface-name { no-mac-learning; } mac-notification { notification-interval seconds; } mac-table-aging-time seconds; port-error-disable { disable-timeout timeout; } 40 Chapter 3: Complete Software Configuration Statement Hierarchy redundant-trunk-group { group-name name { interface interface-name ; } } secure-access-port { dhcp-snooping-file { location local_pathname | remote_URL; timeout seconds; write-interval seconds; } interface (all | interface-name) { allowed-mac { mac-address-list; } (dhcp-trusted | no-dhcp-trusted ); mac-limit limit action action; no-allowed-mac-log; static-ip ip-address { vlan vlan-name; mac mac-address; } } vlan (all | vlan-name) { (arp-inspection | no-arp-inspection ); dhcp-option82 { circuit-id { prefix hostname; use-interface-description; use-vlan-id; } remote-id { prefix hostname | mac | none; use-interface-description; use-string string; } vendor-id [string]; } (examine-dhcp | no-examine-dhcp ); (ip-source-guard | no-ip-source-guard); mac-move-limit limit action action; } } storm-control { action-shutdown; interface (all | interface-name) { bandwidth bandwidth; no-broadcast; no-unknown-unicast; } } traceoptions { file filename ; flag flag ; } 41 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS unknown-unicast-forwarding { vlan (all | vlan-name) { interface interface-name; } } voip { interface (all | [interface-name | access-ports]) { vlan vlan-name ; forwarding-class ; } } } Related Documentation • Understanding Port Mirroring on J-EX Series Switches on page 3245 • Port Security for J-EX Series Switches Overview on page 2545 • Understanding BPDU Protection for STP, RSTP, and MSTP on J-EX Series Switches on page 1278 • Understanding Redundant Trunk Links on J-EX Series Switches on page 1049 • Understanding Storm Control on J-EX Series Switches on page 2511 • Understanding 802.1X and VoIP on J-EX Series Switches on page 2263 • Understanding Q-in-Q Tunneling on J-EX Series Switches on page 1051 • Understanding Unknown Unicast Forwarding on J-EX Series Switches on page 2512 • Understanding MAC Notification on J-EX Series Switches on page 1060 [edit firewall] Configuration Statement Hierarchy firewall { family family-name { filter filter-name { interface-specific; term term-name { from { match-conditions; } then { action; action-modifiers; } } } } policer policer-name { filter-specific; if-exceeding { bandwidth-limit bps; burst-size-limit bytes; } then { 42 Chapter 3: Complete Software Configuration Statement Hierarchy policer-action; } } } Related Documentation • Firewall Filter Configuration Statements Supported by Junos OS for J-EX Series Switches on page 2806 • Example: Configuring Firewall Filters for Port, VLAN, and Router Traffic on J-EX Series Switches on page 2755 • Configuring Firewall Filters (CLI Procedure) on page 2779 • Configuring Policers to Control Traffic Rates (CLI Procedure) on page 2788 • Firewall Filters for J-EX Series Switches Overview on page 2721 [edit forwarding-options] Configuration Statement Hierarchy helpers { bootp { dhcp-option82 { circuit-id { prefix hostname; use-interface-description; use-vlan-id; } remote-id { prefix hostname | mac | none; use-interface-description; use-string string; } vendor-id ; } interface interface-name { dhcp-option82 { circuit-id { prefix hostname; use-interface-description; use-vlan-id; } remote-id { prefix hostname | mac | none; use-interface-description; use-string string; } vendor-id ; } source-address-giaddr; } source-address-giaddr; } } 43 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Related Documentation • Example: Setting Up DHCP Option 82 with a J-EX Series Switch as Relay Agent Between Clients and a DHCP Server on page 2615 • Setting Up DHCP Option 82 with the Switch as a Relay Agent Between Clients and DHCP Server (CLI Procedure) on page 2646 • Understanding DHCP Option 82 for Port Security on J-EX Series Switches on page 2560 • DHCP/BOOTP Relay for J-EX Series Switches Overview on page 446 • For more information about the [edit forwarding-options] hierarchy and all its options, see the Junos OS Policy Framework Configuration Guide at http://www.juniper.net/techpubs/software/junos/. [edit interfaces] Configuration Statement Hierarchy interfaces { aex { aggregated-ether-options { (flow-control | no-flow-control); lacp mode { periodic interval; } link-speed speed; minimum-links number; } description text; disable; hold-time up milliseconds down milliseconds; mtu bytes; no-gratuitous-arp-request; traceoptions; (traps | no-traps); unit logical-unit-number { description text; disable; family family-name {...} proxy-arp (restricted | unrestricted); (traps | no-traps); vlan-id vlan-id-number; } vlan-tagging; } fe-fpc/pic/port { description text; disable; mtu bytes; no-gratuitous-arp-request; speed speed; traceoptions; (traps | no-traps); unit logical-unit-number { description text; disable; family family-name {...} 44 Chapter 3: Complete Software Configuration Statement Hierarchy proxy-arp (restricted | unrestricted); (traps | no-traps); vlan-id vlan-id-number; } vlan-tagging; } ge-fpc/pic/port { description text; disable; ether-options { 802.3ad aex { lacp { force-up; } } (auto-negotiation | no-auto-negotiation); (flow-control | no-flow-control); link-mode mode; speed (auto-negotiation | speed); } hold-time up milliseconds down milliseconds; mtu bytes; no-gratuitous-arp-request; traceoptions; (traps | no-traps); unit logical-unit-number { description text; disable; family family-name {...} proxy-arp (restricted | unrestricted); rpm; (traps | no-traps); vlan-id vlan-id-number; } vlan-tagging; } interface-range interface-range name { description text; disable; ether-options { 802.3ad aex { lacp { force-up; } } (auto-negotiation | no-auto-negotiation); (flow-control| no-flow-control); link-mode mode; speed (auto-negotiation | speed); } hold-time up milliseconds down milliseconds; member interface-name; member-range starting-interface name to ending-interface name; mtu bytes; unit logical-unit-number { description text; 45 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS disable; family family-name {...} proxy-arp (restricted | unrestricted); rpm; (traps | no-traps); vlan-id vlan-id-number; } } lo0 { description text; disable; hold-time up milliseconds down milliseconds; traceoptions; (traps | no-traps); unit logical-unit-number { description text; disable; family family-name {...} (traps | no-traps); } } me0 { description text; disable; hold-time up milliseconds down milliseconds; no-gratuitous-arp-request; traceoptions; (traps | no-traps); unit logical-unit-number { description text; disable; family family-name {...} (traps | no-traps); vlan-id vlan-id-number; } vlan-tagging; } vlan { description text; disable; hold-time up milliseconds down milliseconds; mtu bytes; no-gratuitous-arp-request; traceoptions; (traps | no-traps); unit logical-unit-number { description text; disable; family family-name {...} proxy-arp (restricted | unrestricted); (traps | no-traps); } } vme { description text; disable; 46 Chapter 3: Complete Software Configuration Statement Hierarchy hold-time up milliseconds down milliseconds; mtu bytes; no-gratuitous-arp-request; traceoptions; (traps | no-traps); unit logical-unit-number { description text; disable; family family-name {...} (traps | no-traps); vlan-id vlan-id-number; } vlan-tagging; } xe-fpc/pic/port { description text; disable; ether-options { 802.3ad aex { lacp (802.3ad) { force-up; } } (auto-negotiation | no-auto-negotiation); (flow-control | no-flow-control); link-mode mode; speed (auto-negotiation | speed); } hold-time up milliseconds down milliseconds; mtu bytes; no-gratuitous-arp-request; traceoptions; (traps | no-traps); unit logical-unit-number { description text; disable; family family-name {...} proxy-arp (restricted | unrestricted); rpm; (traps | no-traps); vlan-id vlan-id-number; } vlan-tagging; } } Related Documentation • Configuring Gigabit Ethernet Interfaces (CLI Procedure) on page 919 • Configuring Aggregated Ethernet Interfaces (CLI Procedure) on page 922 • Configuring a Layer 3 Subinterface (CLI Procedure) on page 930 • Configuring Routed VLAN Interfaces (CLI Procedure) on page 1137 • Configuring the Virtual Management Ethernet Interface for Global Management of a Virtual Chassis (CLI Procedure) on page 797 47 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS • J-EX Series Switches Interfaces Overview on page 863 • Junos OS Network Interfaces Configuration Guide at http://www.juniper.net/techpubs/software/junos/ [edit poe] Configuration Statement Hierarchy poe { guard-band watts; interface (all | interface-name) { disable; maximum-power watts; priority (high | low); telemetries { disable; duration hours; interval minutes; } } management (class | static); notification-control { fpc slot-number { disable; } } } Related Documentation • Example: Configuring PoE Interfaces with Different Priorities on a J-EX Series Switch on page 3015 • Configuring PoE (CLI Procedure) on page 3021 • PoE and J-EX Series Switches Overview on page 3009 [edit protocols] Configuration Statement Hierarchy protocols { connections { remote-interface-switch connection-name { interface interface-name.unit-number; transmit-lsp label-switched-path; receive-lsp label-switched-path; } } dot1x { authenticator { authentication-profile-name profile-name; interface (all | [ interface-names ]) { disable; guest-vlan ( vlan-id | vlan-name); mac-radius ; maximum-requests number; no-reauthentication; 48 Chapter 3: Complete Software Configuration Statement Hierarchy quiet-period seconds; reauthentication { interval seconds; } retries number; server-fail (deny | permit | use-cache | vlan-id | vlan-name); server-reject-vlan (vlan-id | vlan-name); server-timeout seconds; supplicant (multiple | single | single-secure); supplicant-timeout seconds; transmit-period seconds; } static mac-address { interface interface-name; vlan-assignment (vlan-id |vlan-name); } } gvrp { ; interface (all | [interface-name]) { disable; } join-timer millseconds; leave-timer milliseconds; leaveall-timer milliseconds; } igmp-snooping { traceoptions { file filename ; flag flag (detail | disable | receive | send); } vlan (vlan-id | vlan-number) { data-forwarding { source { groups group-prefix; } receiver { source-vlans vlan-list; install ; } } disable { interface interface-name } immediate-leave; interface interface-name { group-limit limit; multicast-router-interface; static { group ip-address; } } proxy ; query-interval seconds; query-last-member-interval seconds; 49 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS query-response-interval seconds; robust-count number; } } lldp { disable; advertisement-interval seconds; hold-multiplier number; interface (all | interface-name) { disable; } traceoptions { file filename ; flag flag (detail | disable | receive | send); } } lldp-med { disable; fast-start number; interface (all | interface-name) { disable; location { elin number; civic-based { what number; country-code code; ca-type { number { ca-value value; } } } } } } mpls { interface ( all | interface-name ); label-switched-path lsp-name to remote-provider-edge-switch; path destination { } mstp { disable; bpdu-block-on-edge; bridge-priority priority; configuration-name name; forward-delay seconds; hello-time seconds; interface (all | interface-name) { disable; bpdu-timeout-action { block; alarm; } cost cost; 50 Chapter 3: Complete Software Configuration Statement Hierarchy edge; mode mode; no-root-port; priority priority; } max-age seconds; max-hops hops; msti msti-id { vlan (vlan-id | vlan-name); interface interface-name { disable; cost cost; edge; mode mode; priority priority; } } revision-level revision-level; traceoptions { file filename ; flag flag; } } mvrp { disable interface (all | interface-name) { disable; join-timer milliseconds; leave-timer milliseconds; leaveall-timer milliseconds; registration (forbidden | normal); } no-dynamic-vlan; traceoptions { file filename ; flag flag; } } oam { ethernet{ connectivity-fault-management { action-profile profile-name { default-actions { interface-down; } } linktrace { age (30m | 10m | 1m | 30s | 10s); path-database-size path-database-size; } maintenance-domain domain-name { level number; mip-half-function (none | default |explicit); name-format (character-string | none | dns | mac+2oct); 51 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS maintenance-association ma-name { continuity-check { hold-interval minutes; interval (10m | 10s | 1m | 1s| 100ms); loss-threshold number; } mep mep-id { auto-discovery; direction down; interface interface-name; remote-mep mep-id { action-profile profile-name; } } } } } link-fault-management { action-profile profile-name; action { syslog; link-down; } event { link-adjacency-loss; link-event-rate; frame-error count; frame-period count; frame-period-summary count; symbol-period count; } interface interface-name { link-discovery (active | passive); pdu-interval interval; event-thresholds threshold-value; remote-loopback; event-thresholds { frame-errorcount; frame-period count; frame-period-summary count; symbol-period count; } } negotiation-options { allow-remote-loopback; no-allow-link-events; } } } } rstp { disable; bpdu-block-on-edge; bridge-priority priority; forward-delay seconds; hello-time seconds; 52 Chapter 3: Complete Software Configuration Statement Hierarchy interface (all | interface-name) { disable; bpdu-timeout-action { block; alarm; } cost cost; edge; mode mode; no-root-port; priority priority; } max-age seconds; } traceoptions { file filename ; flag flag; } } sflow { agent-id collector { ip-address; udp-port port-number; } disable; interfaces interface-name { disable; polling-interval seconds; sample-rate number; } polling-interval seconds; sample-rate number; source-ip } stp { disable; bridge-priority priority; forward-delay seconds; hello-time seconds; interface (all | interface-name) { disable; bpdu-timeout-action { block; alarm; } cost cost; edge; mode mode; no-root-port; priority priority; } max-age seconds; } traceoptions { 53 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS file filename ; flag flag; } vstp { bpdu-block-on-edge; disable; force-version stp; vlan (all | vlan-id | vlan-name) { bridge-priority priority; forward-delay seconds; hello-time seconds; interface (all | interface-name) { bpdu-timeout-action { alarm; block; } cost cost; disable; edge; mode mode; no-root-port; priority priority; } max-age seconds; traceoptions { file filename ; flag flag; } } } } Related Documentation 54 • 802.1X for J-EX Series Switches Overview on page 2253 • Example: Configure Automatic VLAN Administration Using GVRP on page 1087 • Understanding MAC RADIUS Authentication on J-EX Series Switches • Understanding Server Fail Fallback and 802.1X Authentication on J-EX Series Switches on page 2258 • IGMP Snooping on J-EX Series Switches Overview on page 2047 • Understanding 802.1X and LLDP and LLDP-MED on J-EX Series Switches on page 2261 • Understanding MSTP for J-EX Series Switches on page 1277 • Understanding Multiple VLAN Registration Protocol (MVRP) on J-EX Series Switches on page 1054 • Understanding Ethernet OAM Connectivity Fault Management for a J-EX Series Switch on page 3463 • Understanding Ethernet OAM Link Fault Management for a J-EX Series Switch on page 3427 Chapter 3: Complete Software Configuration Statement Hierarchy • Understanding RSTP for J-EX Series Switches on page 1276 • Understanding STP for J-EX Series Switches on page 1275 • Understanding How to Use sFlow Technology for Network Monitoring on a J-EX Series Switch on page 3283 • Understanding VSTP for J-EX Series Switches on page 1281 [edit routing-instances] Configuration Hierarchy routing-instances routing-instance-name { instance-type virtual-router interface interface-name } Related Documentation • Example: Using Virtual Routing Instances to Route Among VLANs on J-EX Series Switches on page 1112 • Configuring Virtual Routing Instances (CLI Procedure) on page 1142 [edit snmp] Configuration Statement Hierarchy snmp { rmon { history index { bucket-size number; interface interface-name; interval seconds; owner owner-name; } } } Related Documentation • Configuring SNMP (J-Web Procedure) on page 3309 • Junos OS Network Management Configuration Guide at http://www.juniper.net/techpubs/software/junos/ [edit virtual-chassis] Configuration Statement Hierarchy virtual-chassis { auto-sw-update { package-name-edit-virtual-chassis.xml package-name; } fast-failover (ge | vcp disable | xe); id id; mac-persistence-timer seconds; member member-id { mastership-priority number; no-management-vlan; serial-number; 55 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS role; } no-split-detection; preprovisioned; traceoptions { file filename ; flag flag ; } } Related Documentation • Example: Configuring a Virtual Chassis with a Master and Backup in a Single Wiring Closet on page 717 • Example: Configuring a Virtual Chassis Interconnected Across Multiple Wiring Closets on page 733 • Example: Configuring a Virtual Chassis Using a Preprovisioned Configuration File on page 752 • Configuring a Virtual Chassis (CLI Procedure) on page 781 • Configuring a Virtual Chassis (J-Web Procedure) on page 784 • Virtual Chassis Overview on page 691 [edit vlans] Configuration Statement Hierarchy vlans { vlan-name { description text-description; dot1q-tunneling { customer-vlans (id | native | range); layer2-protocol-tunneling all | protocol-name { drop-threshold number; shutdown-threshold number; } } filter input filter-name; filter output filter-name; interface interface-name { mapping (native (push | swap) | policy | tag (push | swap)); } l3-interface vlan.logical-interface-number; mac-limit number; mac-table-aging-time seconds; no-local-switching; no-mac-learning; primary-vlan vlan-name; vlan-id number; vlan-range vlan-id-low-vlan-id-high; } } 56 Chapter 3: Complete Software Configuration Statement Hierarchy Related Documentation • Example: Setting Up Basic Bridging and a VLAN for a J-EX Series Switch on page 1063 • Example: Setting Up Bridging with Multiple VLANs for J-EX Series Switches on page 1070 • Example: Configure Automatic VLAN Administration Using GVRP on page 1087 • Example: Connecting an Access Switch to a Distribution Switch on page 1078 • Example: Setting Up Q-in-Q Tunneling on J-EX Series Switches on page 1105 • Example: Configuring Layer 2 Protocol Tunneling on J-EX Series Switches on page 1126 • Creating a Private VLAN (CLI Procedure) on page 1143 • Understanding Q-in-Q Tunneling on J-EX Series Switches on page 1051 57 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 58 PART 3 Software Installation • Software Installation Overview on page 61 • Installing Junos OS on page 69 • Booting the Switch, Upgrading Software, and Managing Licenses on page 79 • Verifying Software Installation on page 87 • Troubleshooting Software Installation on page 91 • Configuration Statements for Software Installation on page 95 • Operational Mode Commands for Software Installation on page 97 59 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 60 CHAPTER 4 Software Installation Overview • Installation Overview on page 61 • Licenses Overview on page 65 Installation Overview • Understanding Software Installation on J-EX Series Switches on page 61 • Junos OS Package Names on page 63 • Understanding System Snapshot on J-EX Series Switches on page 64 Understanding Software Installation on J-EX Series Switches A J-EX Series Switch is delivered with Junos OS preinstalled. As new features and software fixes become available, you must upgrade your software to use them. You can also downgrade Junos OS to a previous release. This topic covers: • Overview of the Software Installation Process on page 61 • Software Package Security on page 62 • Installing Software on a Virtual Chassis on page 62 • Installing Software on J-EX8200 Switches with Redundant Routing Engines on page 62 • Installing Software Using Automatic Software Download on page 63 • Troubleshooting Software Installation on page 63 Overview of the Software Installation Process A J-EX Series switch is delivered with Junos OS preinstalled. When you connect power to the switch, it starts (boots) up from the installed software. You upgrade Junos OS on a J-EX Series switch by copying a software package to your switch or another system on your local network, then use either the J-Web interface or the CLI to install the new software package on the switch. Finally, you reboot the switch; it boots from the upgraded software. After a successful upgrade, you should back up the new current configuration to a secondary device. 61 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS NOTE: To access the J-Web interface, your management device must have the following software installed: • Operating system: Microsoft Windows XP Service Pack 3 • Browser version: One of the following. Other browsers might work but are not supported by J-Series platforms. • • Microsoft Internet Explorer version 7.0 • Mozilla Firefox version 3.0 Additional requirements: • Only English-language browsers are supported. • The browser and the network must be able to receive and process HTTP/1.1 gzip compressed data. During a successful upgrade, the upgrade package removes all files from /var/tmp and completely reinstalls the existing software. It retains configuration files, and similar information, such as secure shell and host keys, from the previous version. The previous software package is preserved in a separate disk partition, and you can manually revert back to it if necessary. If the software installation fails for any reason, such as loss of power during the installation process, the system returns to the originally active installation when you reboot. Software Package Security Junos OS is delivered in signed packages that contain digital signatures to ensure it is official software. For more information about signed software packages, see the Junos OS Installation and Upgrade Guide at http://www.juniper.net/techpubs/software/junos/. Installing Software on a Virtual Chassis You can connect individual J-EX4200 Ethernet Switches together to form one unit and manage the unit as a single chassis, called a Virtual Chassis. The Virtual Chassis operates as a single network entity composed of members. Each member of a Virtual Chassis runs a Junos OS package. For ease of management, the Virtual Chassis provides flexible methods to upgrade software releases. You can deploy a new software release to all members of a Virtual Chassis or to only a particular member. Installing Software on J-EX8200 Switches with Redundant Routing Engines To install software on a J-EX8200 Ethernet Switch that has two Routing Engines with minimal network disruption, you perform a Junos OS installation on each Routing Engine separately, starting with the backup. See “Installing Software on a J-EX8200 Switch with Redundant Routing Engines (CLI Procedure)” on page 71. 62 Chapter 4: Software Installation Overview Installing Software Using Automatic Software Download The automatic software download feature uses the DHCP message exchange process to download and install software packages. Users can define a path to a software package on the DHCP server and then the DHCP server communicates this path to J-EX Series switches acting as DHCP clients as part of the DHCP message exchange process. The DHCP clients that have been configured for automatic software download receive these messages and, when the software package name in the DHCP server message is different from that of the software package that booted the DHCP client switch, download and install the software package. See “Upgrading Software Using Automatic Software Download on J-EX Series Switches” on page 82. Troubleshooting Software Installation If Junos OS loads but the CLI is not working for any reason, or if the switch has no software installed, you can use the recovery installation procedure to install the software on the switch. See “Troubleshooting Software Installation” on page 91. NOTE: You can also use this procedure to load two versions of Junos OS in separate partitions on the switch. Related Documentation • Downloading Software Packages on page 69 • Installing Software on J-EX Series Switches (J-Web Procedure) on page 75 • Installing Software on a J-EX Series Switch with a Single Routing Engine (CLI Procedure) on page 70 • Installing Software on a J-EX8200 Switch with Redundant Routing Engines (CLI Procedure) on page 71 Junos OS Package Names You upgrade Junos OS on a J-EX Series Switch by copying a software package to your switch or another system on your local network, then install the new software package on the switch. A software package name is in the following format: package-name-m.nZx.y-domestic-signed.tgz where: • package-name is the name of the package—for example, jinstall-ex-4200. • m.n is the software release, with m representing the major release number and n representing the minor release number—for example, 10.2. • Z indicates the type of software release, where R indicates released software and B indicates beta-level software. 63 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS • x.y represents the version of the major software release (x) and an internal tracking number (y)—for example, 1.6. • domestic-signed is appended to all J-EX Series package names. For most Junos OS packages, domestic is used for the United States and Canada and export for worldwide distribution. However, for J-EX Series software, domestic is used for worldwide distribution as well. A sample J-EX Series software package name is: jinstall-ex-4200-10.2R1.6-domestic-signed.tgz Related Documentation • Installing Software on J-EX Series Switches (J-Web Procedure) on page 75 • Installing Software on a J-EX Series Switch with a Single Routing Engine (CLI Procedure) on page 70 • Installing Software on a J-EX8200 Switch with Redundant Routing Engines (CLI Procedure) on page 71 • Downloading Software Packages from Juniper Networks on page 69 • Understanding Software Installation on J-EX Series Switches on page 61 Understanding System Snapshot on J-EX Series Switches You can create copies of the software running a J-EX Series Switch using the system snapshot feature. The system snapshot feature takes a “snapshot” of the files currently used to run the switch—the complete contents of the /config and /var directories, which include the running Junos OS, the active configuration, and the rescue configuration—and copies all of these files into an alternate (internal, meaning internal flash, or an external, meaning USB flash) memory source. You can then use this snapshot to boot the switch at the next bootup or as a backup boot option. You can only use snapshots to move files to external memory if the switch was booted from internal memory, or to move files to internal memory if the switch was booted from external memory. You cannot create a snapshot in the memory source that booted the switch even if the snapshot is being created on a different partition in the same memory source. Snapshots are particularly useful for moving files onto USB flash drives. You cannot use the copy command or any other file-moving technique to move files from an internal memory source to USB memory on the switch. System snapshots on J-EX Series switches have the following limitations: 64 • You cannot use snapshots to move files to any destination outside of the switch other than an installed external USB flash drive or to move files between switches that are members of the same virtual chassis. • Snapshot commands, like other virtual chassis commands, are always executed on a local switch. In cases where a different member switches of the same virtual chassis requests the snapshot, the snapshot command is pushed to the VC member creating the snapshot, executed, and the output is then returned to the switch that initiated the Chapter 4: Software Installation Overview process. For instance, if the command to create an external snapshot on virtual chassis member 3 is entered from virtual chassis member 1, the snapshot of internal memory on virtual chassis member 3 is taken on external memory on virtual chassis member 3. The output of the process is seen from virtual chassis member 1. No files move between the switches. Related Documentation • Understanding Software Installation on J-EX Series Switches on page 61 • Creating a Snapshot and Using It to Boot a J-EX Series Switch on page 80 • Understanding Software Licenses for the J-EX Series Switch on page 65 • License Key Components for the J-EX Series Switch on page 66 Licenses Overview Understanding Software Licenses for the J-EX Series Switch To enable and use some Junos OS features, you must purchase, install, and manage separate software licenses. The presence on the switch of the appropriate software license keys (“passwords”) determines whether you are eligible to configure and use certain features. Junos OS feature licenses are device specific. The same feature can be installed and configured on multiple switches. To conform to Junos OS feature licensing requirements, you must purchase a license for each switch. For a Virtual Chassis deployment, two licenses are recommended for redundancy. These licenses can be based on the serial numbers of any two member switches. If you add additional member switches to the Virtual Chassis configuration, you do not need additional licenses. Features Requiring a License The following Junos OS features require an Advanced Feature License (AFL): • Border Gateway Protocol (BGP) and multiprotocol BGP (MBGP) • Intermediate System-to-Intermediate System (IS-IS) • IPv6 routing (except multicast protocols) • MPLS with RSVP-based label switched paths (LSPs) and MPLS-based circuit cross-connects (CCCs) You can purchase a license for your J-EX Series switch model. The license allows you to run all the advanced software features on your switch. For information about how to purchase a software license, contact Dell. 65 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS License Warning Messages For features that require a license, you must install and properly configure a license key to meet the requirements for using the licensable feature. To obtain a license key, use the contact information provided in your Advanced Feature License (AFL) certificate. If you have not purchased the AFL and installed the license key, you receive warnings after you commit a licensible feature. The system generates system log (syslog) alarm messages notifying you that the feature requires a license—for example: Sep 3 05:59:11 craftd[806]: Minor alarm set, BGP Routing Protocol usage requires a license Sep 3 05:59:11 alarmd[805]: Alarm set: License color=YELLOW, class=CHASSIS, reason=BGP Routing Protocol usage requires a license Sep 3 05:59:11 alarmd[805]: LICENSE_EXPIRED: License for feature bgp(47) expired Output from the show system alarms command displays the active alarms—for example: user@switch> show system alarms 1 alarm currently active Alarm time Class 2009-09-03 06:00:11 UTC Minor Description BGP Routing Protocol usage requires a license Every time you edit or view the configuration, a message displays the committed features that require a license. For example, when you edit the BGP configuration, a warning message appears—for example: [edit protocols] user@switch# bgp warning: requires ’bgp’ license Likewise, viewing the configuration causes the system to display a message—for example: user@switch> show configuration protocols ## Warning: requires 'bgp' license ## bgp { hold-time 10; damping; } Related Documentation • Managing Licenses for the J-EX Series Switch (CLI Procedure) on page 83 • Managing Licenses for the J-EX Series Switch (J-Web Procedure) on page 84 • Monitoring Licenses for the J-EX Series Switch on page 88 • License Key Components for the J-EX Series Switch on page 66 • J-EX Series Switch Software Features Overview on page 3 License Key Components for the J-EX Series Switch When you purchase a license for a Junos OS feature that requires a separate license, you receive a license key. A license key consists of two parts: 66 Chapter 4: Software Installation Overview • License ID—Alphanumeric string that uniquely identifies the license key. When a license is generated, it is given a license ID. • License data—Block of binary data that defines and stores all license key objects. For example, in the following typical license key, the string JUNOS204558 is the license ID, and the trailing block of data is the license data: JUNOS204558 aeaqea qmijhd amrqha ztfmbu gqzama uqceds ra32zr lsevik ftvjed o4jy5u fynzzj mgviyl kgioyf ardb5g sj7wnt rsfked wbjf5a sg The license data defines the device ID for which the license is valid and the version of the license. Related Documentation • Managing Licenses for the J-EX Series Switch (CLI Procedure) on page 83 • Managing Licenses for the J-EX Series Switch (J-Web Procedure) on page 84 • Software Licenses for the J-EX Series Switch Overview on page 65 67 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 68 CHAPTER 5 Installing Junos OS • Downloading Software Packages on page 69 • Installing Software on a J-EX Series Switch with a Single Routing Engine (CLI Procedure) on page 70 • Installing Software on a J-EX8200 Switch with Redundant Routing Engines (CLI Procedure) on page 71 • Installing Software on J-EX Series Switches (J-Web Procedure) on page 75 • Rebooting or Halting the J-EX Series Switch (J-Web Procedure) on page 77 Downloading Software Packages To upgrade Junos OS on your Dell PowerConnect J-EX Series switch, you can download software packages from the Dell PowerConnect J-Series—Juniper Networks partner website. Before you can begin to download software upgrades, ensure that you have registered your J-EX Series switch and obtained an account. To register for an account: 1. Locate the chassis serial number (not the Dell Service Tag) on your J-EX Series switch. 2. Go to http://www.juniper.net/partners/dell/ and click Register for an Account. 3. Fill out the registration information required. When your user registration is approved, you receive login information and credentials at the e-mail address you used for registration. If your registration is delayed or additional information is required, you receive a message with further instructions. 4. Save the login information and credentials you receive to use for software download. To download software upgrades from the Dell PowerConnect J-Series—Juniper Networks partner website: 1. Go to http://www.juniper.net/partners/dell/. 2. Select J-EX. 3. Select the appropriate software package for your application. See “Junos OS Package Names” on page 63. 4. Download the software to a local host or to an internal software distribution site. 69 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS If you have questions, contact Dell Customer Support at http://www.support.dell.com. Related Documentation • Installing Software on J-EX Series Switches (J-Web Procedure) on page 75 • Installing Software on a J-EX Series Switch with a Single Routing Engine (CLI Procedure) on page 70 • Understanding Software Installation on J-EX Series Switches on page 61 Installing Software on a J-EX Series Switch with a Single Routing Engine (CLI Procedure) You can use this procedure to upgrade Junos OS on a J-EX Series switch with a single Routing Engine, including an individual member of a Virtual Chassis or all members of a Virtual Chassis, or a J-EX8200 switch using a single Routing Engine. To upgrade software on a J-EX8200 switch running two Routing Engines, see “Installing Software on a J-EX8200 Switch with Redundant Routing Engines (CLI Procedure)” on page 71. To install software upgrades on a J-EX Series switch with a single Routing Engine using the CLI: 1. Download the software package as described in “Downloading Software Packages from Juniper Networks” on page 69. 2. (Optional) Back up the current software configuration to a second storage option. See the Junos OS Installation and Upgrade Guide at http://www.juniper.net/techpubs/software/junos/ for instructions on performing this task. 3. (Optional) Copy the software package to the switch. We recommend that you use FTP to copy the file to the /var/tmp directory. This step is optional because Junos OS can also be upgraded when the software image is stored at a remote location. These instructions describe the software upgrade process for both scenarios. 4. Install the new package on the switch: NOTE: A reboot, which will occur as part of the execution of the following command, is required to complete the software upgrade. If you want to reboot the switch at a later time, do not use the reboot option at this point of the procedure and enter the request system reboot command at a later time to reboot the switch. user@switch> request system software add source reboot Replace source with one of the following paths: • For a software package that is installed from a local directory on the switch—/pathname/package-name-m.nZx-distribution.tgz. • For a software package that is downloaded and installed from a remote location: • 70 ftp://hostname/pathname/package-name-m.nZx-distribution.tgz Chapter 5: Installing Junos OS • http://hostname/pathname/package-name-m.nZx-distribution.tgz where package-name-m.nZx-distribution.tgz is, for example, jinstall-ex-4200-10.2R1.8-domestic-signed.tgz. Include the optional member option to install the software package on only one member of a Virtual Chassis: user@switch> request system software add source member member-id reboot Other members of the Virtual Chassis are not affected. To install the software on all members of the Virtual Chassis, do not include the member option. 5. After the reboot has completed, log in and verify that the new version of the software is properly installed: user@switch> show version Related Documentation • Installing Software on J-EX Series Switches (J-Web Procedure) on page 75 • Troubleshooting Software Installation on page 91 • Junos OS Package Names on page 63 • See the Junos OS System Basics and Services Command Reference at http://www.juniper.net/techpubs/software/junos/ for details about the request system software add command. • Understanding Software Installation on J-EX Series Switches on page 61 Installing Software on a J-EX8200 Switch with Redundant Routing Engines (CLI Procedure) For a J-EX8200 switch with redundant Routing Engines, you can minimize disrupting network operation during a Junos OS upgrade by upgrading the Routing Engines separately, starting with the backup Routing Engine. To upgrade the software package on a J-EX8200 switch with one installed Routing Engine, see “Installing Software on a J-EX Series Switch with a Single Routing Engine (CLI Procedure)” on page 70. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine. After making sure that the new software version is running correctly on the backup Routing Engine, switch device control to the backup Routing Engine. Finally, install the new software on the new backup Routing Engine. To upgrade the Junos OS on the switch, perform the following tasks: 1. Preparing the Switch for the Software Installation on page 72 2. Installing Software on the Backup Routing Engine on page 73 3. Installing Software on the Default Master Routing Engine on page 74 4. Returning Routing Control to the Default Master Routing Engine (Optional) on page 75 71 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Preparing the Switch for the Software Installation Perform the following steps before installing the software: 1. Log in to the master Routing Engine’s console. For information on logging in to the Routing Engine through the console port, see “Connecting and Configuring a J-EX Series Switch (CLI Procedure)” on page 161. 2. Enter Junos OS CLI configuration mode: a. Start the CLI from the shell prompt: user@switch:RE% cli You will see: {master} user@switch> b. Enter configuration mode: user@switch> configure You will see: {master}[[edit] user@switch# 3. Disable GRES (graceful Routing Engine switchover): [edit] user@switch# deactivate chassis redundancy graceful-switchover 4. Save the configuration change on both Routing Engines: [edit] user@switch# commit synchronize NOTE: To ensure the most recent configuration changes are committed before the software upgrade, perform this step even if GRES was previously disabled. 5. Exit out of the CLI configuration mode: [edit] user@switch# exit 6. (Optional) Back up the current software configuration to a second storage option. See the Junos OS Installation and Upgrade Guide at http://www.juniper.net/techpubs/software/junos/ for instructions on performing this task. 72 Chapter 5: Installing Junos OS Installing Software on the Backup Routing Engine Once the J-EX8200 switch is ready, you first install the software on the backup Routing Engine. This enables the master Routing Engine to continue operations, minimizing the disruption to your network. 1. Download the software by following the procedures in “Downloading Software Packages from Juniper Networks” on page 69. 2. Copy the software package to the switch. We recommend that you use FTP to copy the file to the /var/tmp directory. 3. Log in to the backup Routing Engine’s console. 4. Install the new software package: user@switch> request system software add validate /var/tmp/package-name-m.nZx-distribution.tgz where package-name-m.nZx-distribution.tgz is, for example, jinstall-ex-8200–10.2R1.5–domestic-signed.tgz. For more information on the request system software add command, see the Junos OS System Basics and Services Command Reference at http://www.juniper.net/techpubs/software/junos/. NOTE: To abort the installation, do not reboot your device; instead, finish the installation and then issue the request system software delete package-name-m.nZx-distribution.tgz command, where package-name-m.nZx-distribution.tgz is, for example, jinstall-ex-4200–10.2R1.5–domestic-signed.tgz. This is your last chance to stop the installation. 5. Reboot to start the new software: user@switch> request system reboot Reboot the system? [yes, no] (no) yes NOTE: You must reboot the switch to load the new installation of Junos OS. 6. After the reboot has completed, log in and verify the new version of the software is properly installed: user@switch> show version 73 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Installing Software on the Default Master Routing Engine To switch device control to the backup Routing Engine and then upgrade or downgrade the master Routing Engine software: 1. Log in to the master Routing Engine console port. 2. Transfer device control to the backup Routing Engine: user@switch> request chassis routing-engine master switch NOTE: Because GRES is disabled, this switchover causes all line cards in the switch to reload. All network traffic passing through these line cards is lost during the line card reloads. 3. Verify that the default backup Routing Engine (shown as slot 1 in the command output) is now the master Routing Engine: user@switch> show chassis routing-engine You will see: Routing Engine status: Slot 0: Current state Election priority Routing Engine status: Slot 1: Current state Election priority Backup Master (default) Master Backup (default) 4. Install the new software package using the request system software add command: user@switch> request system software add validate /var/tmp/jinstall-ex-8200-10.2R1.5-domestic-signed.tgz 5. Reboot the Routing Engine: user@switch> request system reboot Reboot the system? [yes, no] (no) yes When the reboot completes, the prompt will reappear. Wait for this prompt to reappear before proceeding to the next step. 6. Log in to the default backup Routing Engine (slot 1) through the console port. 7. Re-enable GRES: [edit] user@switch# activate chassis redundancy graceful-switchover Re-enabling GRES allows any future Routing Engine switchovers to occur without the loss of any network traffic. 8. Enter the commit synchronize command to save the configuration change: [edit] 74 Chapter 5: Installing Junos OS user@switch# commit synchronize 9. Log in and verify the version of the software installed. If you want to return routing control to the Routing Engine that was the master Routing Engine at the beginning of the procedure (the default master Routing Engine), perform the next task. Returning Routing Control to the Default Master Routing Engine (Optional) The switch can maintain normal operations with the Routing Engine in slot 1 acting as the master Routing Engine after the software upgrade, so only perform this task if you want to return routing control to the default master Routing Engine in slot 0. 1. Transfer routing control back to the default master Routing Engine: user@switch> request chassis routing-engine master switch 2. Verify that the default master Routing Engine (slot 0) is indeed the master Routing Engine: user@switch> show chassis routing-engine You will see: Routing Engine status: Slot 0: Current state Election priority Routing Engine status: Slot 1: Current state Election priority Related Documentation Master Master (default) Backup Backup (default) • Installing Software on J-EX Series Switches (J-Web Procedure) on page 75 • Troubleshooting Software Installation on page 91 • Junos OS Package Names on page 63 • Understanding Software Installation on J-EX Series Switches on page 61 • Understanding J-EX8208 Switch Component and Functionality Redundancy Installing Software on J-EX Series Switches (J-Web Procedure) You can upgrade software packages on a single fixed-configuration switch, on an individual member of a Virtual Chassis, or for all members of a Virtual Chassis. You can use the J-Web interface to install software upgrades from a server using FTP or HTTP, or by copying the file to the J-EX Series switch. 75 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS NOTE: To access the J-Web interface, your management device must have the following software installed: • Operating system: Microsoft Windows XP Service Pack 3 • Browser version: One of the following. Other browsers might work but are not supported by J-Series platforms. • • Microsoft Internet Explorer version 7.0 • Mozilla Firefox version 3.0 Additional requirements: • Only English-language browsers are supported. • The browser and the network must be able to receive and process HTTP/1.1 gzip compressed data. This topic describes: 1. Installing Software Upgrades from a Server on page 76 2. Installing Software Upgrades by Uploading Files on page 77 Installing Software Upgrades from a Server To install software upgrades from a remote server by using FTP or HTTP: 1. Download the software package as described in “Downloading Software Packages from Juniper Networks” on page 69. 2. Log in to the Juniper Networks authentication system using the username (generally your e-mail address) and password supplied by Juniper Networks representatives. 3. In the J-Web interface, select Maintain>Software>Install Package. 4. On the Install Remote page, enter information into the fields described in Table 22 on page 76. 5. Click Fetch and Install Package. The software is activated after the switch has rebooted. Table 22: Install Remote Summary Field Function Your Action Package Location (required) Specifies the FTP or HTTP server, file path, and software package name. Type the full address of the software package location on the FTP or HTTP server—one of the following: ftp://hostname/pathname/package-name http://hostname/pathname/package-name 76 Chapter 5: Installing Junos OS Table 22: Install Remote Summary (continued) Field Function Your Action User Specifies the username, if the server requires one. Type the username. Password Specifies the password, if the server requires one. Type the password. Reboot If Required If this box is checked, the switching platform is automatically rebooted when the upgrade is complete. Check the box if you want the switching platform to reboot automatically when the upgrade is complete. Installing Software Upgrades by Uploading Files To install software upgrades by uploading files: 1. Download the software package. 2. In the J-Web interface, select Maintain>Software>Upload Package. 3. On the Upload Package page, enter information into the fields described in Table 23 on page 77. 4. Click Upload and Install Package. The software is activated after the switching platform has rebooted. Table 23: Upload Package Summary Field Function Your Action File to Upload (required) Specifies the location of the software package. Type the location of the software package, or click Browse to navigate to the location. Reboot If Required Specifies that the switching platform is automatically rebooted when the upgrade is complete. Select the check box if you want the switching platform to reboot automatically when the upgrade is complete. Related Documentation • Installing Software on a J-EX Series Switch with a Single Routing Engine (CLI Procedure) on page 70 • Understanding Software Installation on J-EX Series Switches on page 61 • Troubleshooting Software Installation on page 91 Rebooting or Halting the J-EX Series Switch (J-Web Procedure) You can use the J-Web interface to schedule a reboot or to halt the switching platform. To reboot or halt the switching platform by using the J-Web interface: 77 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 1. In the J-Web interface, select Maintain>Reboot. 2. Select one: • Reboot Immediately—Reboots the switching platform immediately. • Reboot in number of minutes—Reboots the switch in the number of minutes from now that you specify. • Reboot when the system time is hour:minute —Reboots the switch at the absolute time that you specify, on the current day. You must select a 2-digit hour in 24-hour format and a 2-digit minute. • Halt Immediately— Stops the switching platform software immediately. After the switching platform software has stopped, you can access the switching platform through the console port only. 3. (Optional) In the Message box, type a message to be displayed to any users on the switching platform before the reboot occurs. 4. Click Schedule. The J-Web interface requests confirmation to perform the reboot or halt. 5. Click OK to confirm the operation. Related Documentation 78 • • If the reboot is scheduled to occur immediately, the switch reboots. You cannot access the J-Web interface until the switch has restarted and the boot sequence is complete. After the reboot is complete, refresh the browser window to display the J-Web interface login page. • If the reboot is scheduled to occur in the future, the Reboot page displays the time until reboot. You have the option to cancel the request by clicking Cancel Reboot on the J-Web interface Reboot page. • If the switch is halted, all software processes stop and you can access the switching platform through the console port only. Reboot the switch by pressing any key on the keyboard. Starting the J-Web Interface on page 136 CHAPTER 6 Booting the Switch, Upgrading Software, and Managing Licenses • Booting the Switch on page 79 • Upgrading Software on page 82 • Managing Licenses on page 83 • Booting a J-EX Series Switch Using a Software Package Stored on a USB Flash Drive on page 79 • Creating a Snapshot and Using It to Boot a J-EX Series Switch on page 80 Booting the Switch Booting a J-EX Series Switch Using a Software Package Stored on a USB Flash Drive There are two methods of getting Junos OS onto a USB flash drive before using the software to boot the switch. You can pre-install the software onto the USB flash drive before inserting the USB flash drive into the USB port, or you can use the system snapshot feature to copy files from internal switch memory to the USB flash drive. To move files into USB flash memory using a system snapshot and use those files to boot the switch, see “Creating a Snapshot and Using It to Boot a J-EX Series Switch” on page 80. We recommend that you use this method to boot the switch from a USB flash drive if your switch is running properly. If you need to pre-install the software onto the USB flash drive, you can use the method described in this topic. Pre-installing Junos OS onto a USB flash drive to boot the switch can be done at any time and is particularly useful when the switch boots to the loader prompt because the switch cannot locate Junos OS in internal flash memory. Ensure that you have the following tools and parts available to boot the switch from a USB flash drive: • A USB flash drive that meets the J-EX Series switch USB port specifications. See USB Port Specifications for a J-EX Series Switch. • A computer or other device that you can use to download the software package from the Internet and copy it to the USB flash drive. 79 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS To download a Junos OS package onto a USB flash drive before inserting the USB flash drive: 1. Download the Junos OS package that you would like to place onto the J-EX Series switch from the Internet onto the USB flash drive using your computer or other device. See “Downloading Software Packages from Juniper Networks” on page 69. 2. Remove the USB flash drive from the computer or other device. 3. Insert the USB flash drive into the USB port on the switch. 4. This step can only be performed when the prompt for the loader script (loader>) is displayed. The loader script starts when Junos OS loads but the CLI is not working for any reason or if the switch has no software installed. Install the software package onto the switch: loader> install source where source represents the name and location of the Junos OS package on the USB flash drive. The Junos OS package on a flash drive is commonly stored in the root drive as the only file—for example, file:///jinstall-ex-4200-10.2R1.5-domestic-signed.tgz. Related Documentation • Installing Software on a J-EX Series Switch with a Single Routing Engine (CLI Procedure) on page 70 • Installing Software on J-EX Series Switches (J-Web Procedure) on page 75 • See Rear Panel of a J-EX4200 Switch for USB port location. • See Switch Fabric and Routing Engine (SRE) Module in a J-EX8208 Switch for USB port location. • See Routing Engine (RE) Module in a J-EX8216 Switch for USB port location. • Understanding Software Installation on J-EX Series Switches on page 61 Creating a Snapshot and Using It to Boot a J-EX Series Switch The system snapshot feature takes a “snapshot” of the files currently used to run the J-EX Series switch—the complete contents of the /config and /var directories, which include the running Junos OS, the active configuration, and the rescue configuration—and copies all of these files into an alternate (internal, meaning internal flash, or an external, meaning USB flash) memory source. You can then use these snapshots to boot the switch at the next bootup or as a backup boot option. This topic includes the following tasks: 1. Creating a Snapshot on a USB Flash Drive and Using It to Boot the Switch on page 80 2. Creating a Snapshot on an Internal Flash Drive and Using it to Boot the Switch on page 81 Creating a Snapshot on a USB Flash Drive and Using It to Boot the Switch A snapshot can be created on USB flash memory after a switch is booted using files stored in internal memory. 80 Chapter 6: Booting the Switch, Upgrading Software, and Managing Licenses Ensure that you have the following tools and parts available before creating a snapshot on a USB Flash drive: • A USB flash drive that meets the J-EX Series switch USB port specifications. See USB Port Specifications for a J-EX Series Switch. To create a snapshot on USB flash memory and use it to boot the switch: 1. Place the snapshot into USB flash memory: user@switch> request system snapshot partition media external slice 1 NOTE: This example uses the partition option. If you have already created a partition for the snapshot, you don’t need to use the partition option. 2. (Optional) Perform this step if you want to boot the switch now using the snapshot stored on the USB flash drive. If you created the snapshot as a backup, do not perform this step. • To reboot the switch using the most recently created snapshot: user@switch> request system reboot media external • To reboot the switch using a snapshot in a specific partition on the USB flash drive: user@switch> request system reboot media external slice 1 Creating a Snapshot on an Internal Flash Drive and Using it to Boot the Switch A snapshot can be created on internal memory after a switch is booted using files stored in external memory. To create a snapshot in internal memory and use it to boot the switch: 1. Place the snapshot files in internal memory: user@switch> request system snapshot parition media internal slice 1 NOTE: This example uses the partition option. If you have already created a partition for the snapshot, you don’t need to use the partition option. 2. (Optional) Perform this step if you want to boot the switch now using the newly created snapshot. If you created the snapshot as a backup, do not perform this step. • To reboot the switch using the most recently created snapshot: user@switch> request system reboot media internal • To reboot the switch using a snapshot in a specific partition in internal memory: user@switch> request system reboot media internal slice 1 Related Documentation • Verifying That a System Snapshot Was Created on a J-EX Series Switch on page 88 81 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS • Understanding System Snapshot on J-EX Series Switches on page 64 Upgrading Software • Upgrading Software Using Automatic Software Download on J-EX Series Switches on page 82 Upgrading Software Using Automatic Software Download on J-EX Series Switches The automatic software download feature uses the DHCP message exchange process to download and install software packages. You configure the automatic software download feature on J-EX Series switches acting as DHCP clients. You must enable automatic software download on the J-EX Series switch before the software upgrade can occur. You configure a path to a software package file on the DHCP server. The server communicates the path to the software package file through DHCP server messages. If you enable automatic software download, the DHCP client J-EX Series switch compares the software package name in the DHCP server message to the name of the software package that booted the switch. If the software packages are different, the DHCP client J-EX Series switch downloads and installs the software package specified in the DHCP server message. Before you upgrade software using automatic software download, ensure that you have configured DHCP services for the switch, including configuring a path to a boot server and a boot file. See the Junos OS System Basics Configuration Guide at http://www.juniper.net/techpubs/software/junos/ for information about using the CLI to configure DHCP services and settings. See “Configuring DHCP Services (J-Web Procedure)” on page 447 for information about using the J-Web interface to configure DHCP services and settings. To enable automatic software download on a J-EX Series switch acting as a DHCP client: [edit chassis] user@switch# set auto-image-upgrade Once automatic software download is enabled on your DHCP client J-EX Series switch and once DHCP services are enabled on your network, an automatic software download can occur at any time as part of the DHCP message exchange process. If an automatic software download occurs, you see the following message on the switch: Auto-image upgrade started On successful installation system will reboot automatically The switch reboots automatically to complete the upgrade. Related Documentation 82 • Verifying That Automatic Software Download Is Working Correctly on page 87 • Understanding Software Installation on J-EX Series Switches on page 61 • DHCP Services for J-EX Series Switches Overview on page 445 Chapter 6: Booting the Switch, Upgrading Software, and Managing Licenses Managing Licenses • Managing Licenses for the J-EX Series Switch (CLI Procedure) on page 83 • Managing Licenses for the J-EX Series Switch (J-Web Procedure) on page 84 Managing Licenses for the J-EX Series Switch (CLI Procedure) To enable and use some Junos OS features on a J-EX Series switch, you must purchase, install, and manage separate software licenses. Each switch requires one license. For a Virtual Chassis deployment, two licenses are recommended for redundancy. After you have configured the features, you see a warning message if the switch does not have a license for the feature. Before you begin managing licenses, be sure that you have: • Obtained the needed licenses. For information about how to purchase software licenses, contact Dell. • Understand what makes up a license key. For more information, see “License Key Components for the J-EX Series Switch” on page 66. This topic includes the following tasks: • Adding New Licenses on page 83 • Deleting Licenses on page 84 • Saving License Keys on page 84 Adding New Licenses To add one or more new license keys on the switch, with the CLI: 1. Add the license key or keys: • To add one or more license keys from a file or URL, specify the filename of the file or the URL where the key is located: user@switch> request system license add filename | url • To add a license key from the terminal: user@switch> request system license add terminal 2. When prompted, enter the license key, separating multiple license keys with a blank line. If the license key you enter is invalid, an error appears in the CLI output when you press Ctrl+d to exit the license entry mode. 83 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Deleting Licenses To delete one or more license keys from the switch with the CLI, specify the license ID: user@switch> request system license delete license-id You can delete only one license at a time. Saving License Keys To save the installed license keys to a file (which can be a URL) or to the terminal: user@switch> request system license save filename | url For example, the following command saves the installed license keys to a file named license.conf: user@switch> request system license save ftp://user@switch/license.conf Related Documentation • Managing Licenses for the J-EX Series Switch (J-Web Procedure) on page 84 • Monitoring Licenses for the J-EX Series Switch on page 88 • Understanding Software Licenses for the J-EX Series Switch on page 65 Managing Licenses for the J-EX Series Switch (J-Web Procedure) To enable and use some Junos OS features on a J-EX Series switch, you must purchase, install, and manage separate software licenses. Each switch requires one license. For a Virtual Chassis deployment, two licenses are recommended for redundancy. After you have configured the features, you see a warning message if the switch does not have a license for the feature. Before you begin managing licenses, be sure that you have: 84 • Obtained the needed licenses. For information about how to purchase software licenses, contact Dell. • Understand what makes up a license key. For more information, see “License Key Components for the J-EX Series Switch” on page 66. Chapter 6: Booting the Switch, Upgrading Software, and Managing Licenses NOTE: To access the J-Web interface, your management device must have the following software installed: • Operating system: Microsoft Windows XP Service Pack 3 • Browser version: One of the following. Other browsers might work but are not supported by J-Series platforms. • • Microsoft Internet Explorer version 7.0 • Mozilla Firefox version 3.0 Additional requirements: • Only English-language browsers are supported. • The browser and the network must be able to receive and process HTTP/1.1 gzip compressed data. This topic includes the following tasks: • Adding New Licenses on page 85 • Deleting Licenses on page 85 • Displaying License Keys on page 86 • Downloading Licenses on page 86 Adding New Licenses To add one or more new license keys on the switch, with the J-Web license manager: 1. In the J-Web interface, select Maintain>Licenses. 2. Under Installed Licenses, click Add to add a new license key or keys. 3. Do one of the following, using a blank line to separate multiple license keys: • In the License File URL box, type the full URL to the destination file containing the license key or keys to be added. • In the License Key Text box, paste the license key text, in plain-text format, for the license to be added. 4. Click OK to add the license key or keys. A list of features that use the license key is displayed. The table also lists the ID, state, and version of the license key. Deleting Licenses To delete one or more license keys from a switch with the J-Web license manager: 1. In the J-Web interface, select Maintain>Licenses. 2. Select the check box of the license or licenses you want to delete. 85 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 3. Click Delete. Displaying License Keys To display the license keys installed on a switch with the J-Web license manager: 1. In the J-Web interface, select Maintain>Licenses. 2. Under Installed Licenses, click Display Keys to display all the license keys installed on the switch. A screen displaying the license keys in text format appears. Multiple licenses are separated by a blank line. Downloading Licenses To download the license keys installed on the switch with the J-Web license manager: 1. In the J-Web interface, select Maintain>Licenses. 2. Under Installed Licenses, click Download Keys to download all the license keys installed on the switch to a single file. 3. Select Save it to disk and specify the file to which the license keys are to be written. You can also download the license file to your system. Related Documentation 86 • Managing Licenses for the J-EX Series Switch (CLI Procedure) on page 83 • Monitoring Licenses for the J-EX Series Switch on page 88 • Understanding Software Licenses for the J-EX Series Switch on page 65 CHAPTER 7 Verifying Software Installation • Routine Monitoring on page 87 • Monitoring Licenses on page 88 • Verifying That Automatic Software Download Is Working Correctly on page 87 • Verifying That a System Snapshot Was Created on a J-EX Series Switch on page 88 Routine Monitoring Verifying That Automatic Software Download Is Working Correctly Purpose Action Verify that the automatic software download feature is working correctly. Use the show system services dhcp client interface-name command to verify that the automatic software download feature has been used to install a software package. user@switch> show system services dhcp client ge-0/0/1.0 Logical Interface Name ge-0/0/1.0 Hardware address 00:0a:12:00:12:12 Client Status bound Vendor Identifier ether Server Address 10.1.1.1 Address obtained 10.1.1.89 Lease Obtained at 2009-08-20 18:13:04 PST Lease Expires at 2009-08-22 18:13:04 PST DHCP Options : Name: name-server, Value: [ 10.209.194.131, 2.2.2.2, 3.3.3.3 ] Name: server-identifier, Value: 10.1.1.1 Name: router, Value: [ 10.1.1.80 ] Name: boot-image, Value: jinstall-ex-4200-10.2R1.5-domestic-signed.tgz Name: boot-image-location, Value: 10.1.1.25:/bootfiles/ Meaning The output from this command shows the name and location of the software package under DHCP options when automatic software download was last used to install a software package. The sample output in DHCP options shows that the last DHCP server message to arrive on the DHCP client had a boot server address of 192.168.1.165 and a boot file named jinstall-ex-4200-10.2R1.5-domestic-signed.tgz. If automatic software 87 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS download was enabled on this client switch during the last DHCP message exchange, these values were used by the switch to upgrade the software. Related Documentation • Upgrading Software Using Automatic Software Download on J-EX Series Switches on page 82 • DHCP Services for J-EX Series Switches Overview on page 445 Verifying That a System Snapshot Was Created on a J-EX Series Switch Purpose Action Verify that a system snapshot was created with the proper files on a J-EX Series switch. View the snapshot: user@switch> show system snapshot media external Information for snapshot on external (da1s1) Creation date: Oct 1320:23:23 2009 Junos version on snapshot: jbase : 10.0I20090726_0011_user jcrypto-ex: 10.0I20090726_0011_user jdocs-ex: 10.0I20090726_0011_user jkernel-ex: 10.0I20090726_0011_user jroute-ex: 10.0I20090726_0011_user jswitch-ex: 10.0I20090726_0011_user jweb-ex: 10.0I20090726_0011_user jpfe-ex42x: 10.0I20090726_0011_user Meaning The output shows the date and time when the snapshot was created and the packages that are part of the snapshot. The date and time match the time when you created the snapshot. You can compare the output of this command to the output of the show system software command to ensure that the snapshot contains the same packages as the software currently running the switch. Related Documentation • Creating a Snapshot and Using It to Boot a J-EX Series Switch on page 80 Monitoring Licenses • Monitoring Licenses for the J-EX Series Switch on page 88 Monitoring Licenses for the J-EX Series Switch To enable and use some Junos OS features on the J-EX Series switch, you must purchase, install, and manage the appropriate software licenses. Each switch requires one license. For a Virtual Chassis deployment, two licenses are recommended for redundancy. 88 Chapter 7: Verifying Software Installation To monitor your installed licenses, perform the following tasks: • Displaying Installed Licenses and License Usage Details on page 89 • Displaying Installed License Keys on page 90 Displaying Installed Licenses and License Usage Details Purpose Verify that the expected license is installed and active on the switch and fully covers the switch configuration. Action From the CLI, enter the show system license command. (To display only the License usage list, enter the show system license usage command. To display only the Licenses installed output, enter show system license installed.) user@switch> show system license License usage: Licenses Licenses Licenses used installed needed bgp 1 1 0 permanent isis 0 1 0 permanent ospf3 0 1 0 permanent ripng 0 1 0 permanent mpls 0 1 0 permanent Feature name Expiry Licenses installed: License identifier: JUNOS204558 License version: 2 Valid for device: BN0208380000 Features: ex—series - Licensed routing protocols in ex-series permanent Meaning The output shows the license or licenses (for Virtual Chassis deployments) installed on the switch and license usage. Verify the following information: • If a feature that requires a license is configured (used), a license is installed on the switch. The Licenses needed column must show that no licenses are required. • The appropriate number of licenses is installed. Each switch requires one license. For a Virtual Chassis deployment, two licenses are recommended for redundancy. • The expected license is installed. 89 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Displaying Installed License Keys Purpose Action Verify that the expected license keys are installed on the switch. From the CLI, enter the show system license keys command. user@switch> show system license keys JUNOS204558 aeaqea qmijhd amrqha ztfmbu gqzama uqceds ra32zr lsevik ftvjed o4jy5u fynzzj mgviyl kgioyf ardb5g sj7wnf rsdked wbjf5a sg Meaning Related Documentation 90 The output shows the license key or keys (for Virtual Chassis deployments) installed on the switch. Verify that each expected license key is present. • Managing Licenses for the J-EX Series Switch (CLI Procedure) on page 83 • Managing Licenses for the J-EX Series Switch (J-Web Procedure) on page 84 • Understanding Software Licenses for the J-EX Series Switch on page 65 CHAPTER 8 Troubleshooting Software Installation • Troubleshooting Software Installation on page 91 Troubleshooting Software Installation • Recovering from a Failed Software Upgrade on a J-EX Series Switch on page 91 • Rebooting from the Inactive Partition on page 92 Recovering from a Failed Software Upgrade on a J-EX Series Switch Problem If Junos OS loads but the CLI is not working for any reason, or if the switch has no software installed, you can use this recovery installation procedure to install Junos OS. Solution If there is already a Junos OS image on the system, you can install the new Junos OS package in a separate partition and both images will remain on the system, or you can wipe the disk clean before the new installation proceeds. If there is no Junos OS image on the system, follow the instructions in “Booting a J-EX Series Switch Using a Software Package Stored on a USB Flash Drive” on page 79 to get an image on the system and boot the switch. To perform a recovery installation: 1. Power on the switch. The loader script starts. After the message Loading /boot/defaults/loader.conf displays, you are prompted with: Hit [Enter] to boot immediately, or space bar for command prompt. 2. Press the space bar to enter the manual loader. The loader> prompt displays. 3. Enter the following command: loader> install [– –format] [– –external] source where: • format—Use this option to wipe the installation media before installing the software package. If you do not include this option, the system installs the new Junos OS package in a different partition from that of the most recently installed Junos OS package. 91 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS • external—Use this option to install the software package onto an external media. • source—Represents the name and location of the Junos OS package either on a server on the network or as a file on the USB flash drive: • Network address of the server and the path on the server; for example, tftp://192.17.1.28/junos/jinstall-ex-4200-10.2R1.5-domestic-signed.tgz • The Junos OS package on a USB device is commonly stored in the root drive as the only file; for example, file:///jinstall-ex-4200-10.2R1.5-domestic-signed.tgz The boot process proceeds as normal and ends with a login prompt. Rebooting from the Inactive Partition Problem A J-EX Series switch ships with Junos OS loaded on the system disk in partition 1. The first time you upgrade, the new software package is installed in partition 2. When you finish the installation and reboot, partition 2 becomes the active partition. Similarly, subsequent software packages are installed in the inactive partition which becomes the active partition when you reboot at the end of the installation process. If you performed an upgrade and rebooted, the system resets the active partition. You can use this procedure to manually boot from the inactive partition. NOTE: If you have completed the installation of the software image but have not yet rebooted, you can issue the request system software rollback command to return to the original software installation package. Solution Reboot from the inactive partition: user@switch> request system reboot partition alternate NOTE: If you cannot access the CLI, you can reboot from the inactive partition using the following procedure from the loader script prompt: 1. Unload and clear the interrupted boot from the active partition: loader> unload loader> unset vfs.root.mountfrom 2. Select the new (inactive) partition to boot from: loader> set currdev=diskmediaspartition: where media is either 0 (internal) or 1 (external) and partition indicates the partition number, either 1 or 2. You must include the colon (:) at the end of this command. 3. Boot Junos OS from the inactive partition: loader> boot 92 Chapter 8: Troubleshooting Software Installation Related Documentation • Installing Software on a J-EX Series Switch with a Single Routing Engine (CLI Procedure) on page 70 • Installing Software on J-EX Series Switches (J-Web Procedure) on page 75 • Understanding Software Installation on J-EX Series Switches on page 61 93 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 94 CHAPTER 9 Configuration Statements for Software Installation • [edit chassis] Configuration Statement Hierarchy on page 95 [edit chassis] Configuration Statement Hierarchy chassis { aggregated-devices { ethernet { device-count number; } } auto-image-upgrade; fpc slot { pic pic-number { sfpplus { pic-modemode; } } power-budget-priority priority; } lcd-menu fpc slot-number { menu-item (menu-name | menu-option); } psu { redundancy { n-plus-n; } } redundancy { graceful-switchover; } } Related Documentation • Upgrading Software Using Automatic Software Download on J-EX Series Switches on page 82 • Configuring the LCD Panel on J-EX Series Switches (CLI Procedure) on page 166 • Configuring Graceful Routing Engine Switchover in a Virtual Chassis Configuration (CLI Procedure) on page 801 95 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS • Configuring Power Supply Redundancy (CLI Procedure) on page 307 • Configuring the Power Priority of Line Cards (CLI Procedure) on page 308 • Configuring Nonstop Software Upgrade (CLI Procedure) auto-image-upgrade Syntax Hierarchy Level Release Information Description auto-image-upgrade; [edit chassis] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Enable automatic software download on a J-EX Series switch acting as a DHCP client. The DHCP client J-EX Series switch compares the software package name in the DHCP server message to the name of the software package that booted the switch. If the software packages are different, the DHCP client J-EX Series switch downloads and installs the software package specified in the DHCP server message. Before you upgrade software using automatic software download, ensure that you have configured DHCP services for the switch, including configuring a path to a boot server and a boot file. See the Junos OS System Basics Configuration Guide at http://www.juniper.net/techpubs/software/junos/index.html for information about using the CLI to configure DHCP services and settings. See “Configuring DHCP Services (J-Web Procedure)” on page 447 for information about using the J-Web interface to configure DHCP services and settings. Default Required Privilege Level Related Documentation 96 Automatic software download is disabled. interface—To view this statement in the configuration. interface-control—To add this statement to the configuration. • Upgrading Software Using Automatic Software Download on J-EX Series Switches on page 82 • Understanding Software Installation on J-EX Series Switches on page 61 • DHCP Services for J-EX Series Switches Overview on page 445 CHAPTER 10 Operational Mode Commands for Software Installation 97 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system license add Syntax Release Information Description Options request system license add (filename | terminal) Command introduced before Junos OS Release 10.2 for J-EX Series switches. Add a license key. filename—License key from a file or URL. Specify the filename or the URL where the key is located. terminal—License key from the terminal. Required Privilege Level List of Sample Output Output Fields request system license add 98 maintenance request system license add on page 98 When you enter this command, you are provided feedback on the status of your request. user@host> request system license add terminal Chapter 10: Operational Mode Commands for Software Installation request system license delete Syntax Release Information Description Options Required Privilege Level List of Sample Output Output Fields request system license delete request system license delete license-id Command introduced before Junos OS Release 10.2 for J-EX Series switches. Delete a license key. You can delete only one license at a time. license-id—License ID that uniquely identifies a license key. maintenance request system license delete on page 99 When you enter this command, you are provided feedback on the status of your request. user@host> request system license delete G03000002223 99 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system license save Syntax Release Information Description Options request system license save (filename | terminal) Command introduced before Junos OS Release 10.2 for J-EX Series switches. Save installed license keys to a file or URL. filename—License key from a file or URL. Specify the filename or the URL where the key is located. terminal—License key from the terminal. Required Privilege Level List of Sample Output Output Fields request system license save 100 maintenance request system license save on page 100 When you enter this command, you are provided feedback on the status of your request. user@host> request system license save ftp://user@host/license.conf Chapter 10: Operational Mode Commands for Software Installation request system reboot Syntax Syntax (J-EX Series Switch) Release Information Description Options request system reboot request system reboot Command introduced before Junos OS Release 10.2 for J-EX Series switches. Reboot the software. none—Reboot the software immediately. all-members—(J-EX4200 switches only) (Optional) Reboot all members of the Virtual Chassis configuration. at time—(Optional) Time at which to reboot the software, specified in one of the following ways: • now—Stop or reboot the software immediately. This is the default. • +minutes—Number of minutes from now to reboot the software. • yymmddhhmm—Absolute time at which to reboot the software, specified as year, month, day, hour, and minute. • hh:mm—Absolute time on the current day at which to stop the software, specified in 24-hour time. in minutes—(Optional) Number of minutes from now to reboot the software. This option is an alias for the at +minutes option. local—(J-EX4200 switches only) (Optional) Reboot the local Virtual Chassis member. media (compact-flash | disk | removable-compact-flash | usb)—(Optional) Boot medium for next boot. media (external | internal)—(J-EX Series switches only) (Optional) Reboot the boot media: • external—Reboot the external mass storage device. • internal—Reboot the internal flash device. 101 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS member member-id—(J-EX4200 switches only) (Optional) Reboot the specified member of the Virtual Chassis configuration Replace member-id with a value from 0 through 9. message "text"—(Optional) Message to display to all system users before stopping or rebooting the software. other-routing-engine—(Optional) Reboot the other Routing Engine from which the command is issued. For example, if you issue the command from the master Routing Engine, the backup Routing Engine is rebooted. Similarly, if you issue the command from the backup Routing Engine, the master Routing Engine is rebooted. slice slice—(J-EX Series switches only) (Optional) Reboot a partition on the boot media. This option has the following suboptions: Additional Information • 1—Power off partition 1. • 2—Power off partition 2. • alternate—Reboot from the alternate partition. Reboot requests are recorded in the system log files, which you can view with the show log command (see show log). Also, the names of any running processes that are scheduled to be shut down are changed. You can view the process names with the show system processes command (see show system processes). NOTE: To reboot a router that has two Routing Engines, reboot the backup Routing Engine (if you have upgraded it) first, and then reboot the master Routing Engine. Required Privilege Level Related Documentation List of Sample Output Output Fields maintenance • clear system reboot on page 204 request system reboot on page 102 request system reboot (at 2300) on page 102 request system reboot (in 2 Hours) on page 103 request system reboot (Immediately) on page 103 request system reboot (at 1:20 AM) on page 103 When you enter this command, you are provided feedback on the status of your request. request system reboot user@host> request system reboot Reboot the system ? [yes,no] (no) request system reboot (at 2300) user@host> request system reboot at 2300 message ?Maintenance time!? Reboot the system ? [yes,no] (no) yes shutdown: [pid 186] 102 Chapter 10: Operational Mode Commands for Software Installation *** System shutdown message from root@berry.network.net *** System going down at 23:00 request system reboot (in 2 Hours) The following example, which assumes that the time is 5 PM (17:00), illustrates three different ways to request the system to reboot in two hours: user@host> request system reboot at +120 user@host> request system reboot in 120 user@host> request system reboot at 19:00 request system reboot (Immediately) user@host> request system reboot at now request system reboot (at 1:20 AM) To reboot the system at 1:20 AM, enter the following command. Because 1:20 AM is the next day, you must specify the absolute time. user@host> request system reboot at 06060120 request system reboot at 120 Reboot the system at 120? [yes,no] (no) yes 103 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system reboot Syntax Release Information Description request system reboot Command introduced before Junos OS Release 10.2 for J-EX Series switches. Reboot Junos OS. Reboot requests are recorded in the system log files, which you can view with the show log command. You can view the process names with the show system processes command. Options none—Reboots the software immediately. all-members | local | member member-id—(J-EX4200 switch only) (Optional) Specify which member of the Virtual Chassis to reboot: • all-members—Reboots each switch that is a member of the Virtual Chassis. • local—Reboots the local switch, meaning the switch you are logged into, only. • member member-id—Reboots the specified member switch of the Virtual Chassis. at time—(Optional) Time at which to reboot the software, specified in one of the following ways: • +minutes—Number of minutes from now to reboot the software. • hh:mm—Absolute time on the current day at which to reboot the software, specified in 24-hour time. • now—Stop or reboot the software immediately. This is the default. • yymmddhhmm—Absolute time at which to reboot the software, specified as year, month, day, hour, and minute. in minutes—(Optional) Number of minutes from now to reboot the software. This option is an alias for the at +minutes option. media (external | internal)—(Optional) Boot medium for the next boot. The external option reboots the switch using a software package stored on an external boot source, such as a USB flash drive. The internal option reboots the switch using a software package stored in an internal memory source. message “text”—(Optional) Message to display to all system users before rebooting the software. 104 Chapter 10: Operational Mode Commands for Software Installation slice (1 | 2 | alternate)—(Optional) Reboot using the specified partition on the boot media. This option has the following suboptions: • 1—Reboot from partition 1. • 2—Reboot from partition 2. • alternate—Reboot from the alternate partition, which is the partition that did not boot the switch at the last bootup. Required Privilege Level Related Documentation Output Fields maintenance • clear system reboot on page 204 When you enter this command, you are provided feedback on the status of your request. request system reboot user@host> request system reboot Reboot the system ? [yes,no] (no) request system reboot (at 2300) user@host> request system reboot at 2300 message ?Maintenance time!? Reboot the system ? [yes,no] (no) yes shutdown: [pid 186] *** System shutdown message from root@berry.network.net *** System going down at 23:00 request system reboot (in 2 Hours) The following example, which assumes that the time is 5 PM (17:00), illustrates three different ways to request the system to reboot in two hours: user@host> request system reboot at +120 user@host> request system reboot in 120 user@host> request system reboot at 19:00 request system reboot (Immediately) user@host> request system reboot at now request system reboot (at 1:20 AM) To reboot the system at 1:20 AM, enter the following command. Because 1:20 AM is the next day, you must specify the absolute time. user@host> request system reboot at 06060120 request system reboot at 120 Reboot the system at 120? [yes,no] (no) yes 105 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system snapshot Syntax Release Information Description Options request system snapshot Command introduced before Junos OS Release 10.2 for J-EX Series switches. Take a snapshot of the files currently used to run the switch—the complete contents of the /config and /var directories, which include the running Junos OS, the active configuration, and the rescue configuration—and copy all of these files into an alternate (internal, meaning internal flash, or an external, meaning USB flash) memory source. none—Create a snapshot on the alternate media, meaning the external media if you booted the switch using software stored on internal media or internal media if you booted the switch using software stored on external media. all-members | local | member member-id—(J-EX4200 switch only) (Optional) Specify where to place the snapshot in Virtual Chassis configurations: • all-members—Create a snapshot for each switch that is a member of the Virtual Chassis. • local—Create a snapshot on the local switch only. • member member-id—Create a snapshot for the specified member or member switches of the Virtual Chassis. as-primary—(Optional) Create a bootable snapshot. NOTE: The snapshot is always bootable on J-EX Series switches. The as-primary option has no effect on snapshots on J-EX Series switches. media (external | internal)—(Optional) Specify the destination media location for the snapshot. The external option copies the snapshot to an external mass storage device, such as a USB flash drive. The internal option copies the snapshot to an internal memory source, such as internal flash memory. partition—(Optional) Partition the destination media before copying over the snapshot. re0 | re1 | routing-engine routing-engine-id—(J-EX8200 switch only) Specify where to place the snapshot in dual Routing Engine configurations. 106 • re0—Create a snapshot on Routing Engine 0. • re1—Create a snapshot on Routing Engine 1. Chapter 10: Operational Mode Commands for Software Installation • routing-enginerouting-engine-id—Create a snapshot on the specified Routing Engine. slice ( 1 | 2 | alternate)—(Optional) Specify the destination partition for the snapshot: • 1—Copy the snapshot to partition 1. • 2—Copy the snapshot to partition 2. • alternate—Copy the snapshot to the alternate partition, which is the partition that did not boot the switch at the last bootup. Required Privilege Level Related Documentation Output Fields request system snapshot media external slice 1 view • show system snapshot on page 122 • Creating a Snapshot and Using It to Boot a J-EX Series Switch on page 80 When you enter this command, you are provided feedback on the status of your request. user@switch> request system snapshot media external slice 1 107 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system software add Syntax Release Information Description Options request system software add package-name Command introduced before Junos OS Release 10.2 for J-EX Series switches. Install a software package or bundle on the router or switch. package-name—Location from which the software package or bundle is to be installed. For example: • /var/tmp/package-name—For a software package or bundle that is being installed from a local directory on the router or switch. • protocol://hostname/pathname/package-name—For a software package or bundle that is to be downloaded and installed from a remote location. Replace protocol with one of the following: • ftp—File Transfer Protocol. Use ftp://hostname/pathname/package-name. To specify authentication credentials, use ftp:// : @hostname/pathname/package-name. To have the system prompt you for the password, specify prompt in place of the password. If a password is required, and you do not specify the password or prompt, an error message is displayed. • http—Hypertext Transfer Protocol. Use http://hostname/pathname/package-name. To specify authentication credentials, use http:// : @hostname/pathname/package-name. If a password is required and you omit it, you are prompted for it. • scp—Secure copy (available only for Canada and U.S. version). Use scp://hostname/pathname/package-name. To specify authentication credentials, use scp:// : @hostname/pathname/package-name. NOTE: The pathname in the protocol is the relative path to the user’s home directory on the remote system and not the root directory. 108 Chapter 10: Operational Mode Commands for Software Installation best-effort-load—(Optional) Activate a partial load and treat parsing errors as warnings instead of errors. delay-restart—(Optional) Install software package or bundle, but do not restart software processes. force—(Optional) Force the addition of the software package or bundle (ignore warnings). no-copy—(Optional) Install a software package or bundle, but do not save copies of package or bundle files. no-validate—(Optional) When loading a software package or bundle with a different release, suppress the default behavior of the validate option. re0 | re1—(Optional) On routers that support dual or redundant Routing Engines, load a software package or bundle on the Routing Engine in slot 0 (re0) or Routing Engine in slot 1 (re1). reboot—(Optional) After adding the software package or bundle, reboot the system. unlink—(Optional) Remove the software package from this directory after a successful upgrade is completed. validate—(Optional) Validate the software package or bundle against the current configuration as a prerequisite to adding the software package or bundle. This is the default behavior when the software package or bundle being added is a different release. Additional Information Before upgrading the software on the router or switch, when you have a known stable system, issue the request system snapshot command to back up the software, including the configuration, to the /altroot and /altconfig file systems. After you have upgraded the software on the router or switch and are satisfied that the new package or bundle is successfully installed and running, issue the request system snapshot command again to back up the new software to the /altroot and /altconfig file systems. After you run the request system snapshot command, you cannot return to the previous version of the software, because the running and backup copies of the software are identical. If you are upgrading more than one package at the same time, delete the operating system package, jkernel, last. Add the operating system package, jkernel, first and the routing software package, jroute, last. If you are upgrading all packages at once, delete and add them in the following order: user@host> request system software add /var/tmp/jbase user@host> request system software add /var/tmp/jkernel user@host> request system software add /var/tmp/jpfe user@host> request system software add /var/tmp/jdocs user@host> request system software add /var/tmp/jroute user@host> request system software add /var/tmp/jcrypto 109 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Required Privilege Level Related Documentation List of Sample Output maintenance • request system software delete on page 111 • request system software rollback on page 113 • request system storage cleanup on page 227 request system software add validate on page 110 Output Fields When you enter this command, you are provided feedback on the status of your request. request system software add validate user@host> request system software add validate /var/tmp/ jinstall-7.2R1.7-domestic-signed.tgz Checking compatibility with configuration Initializing... Using jbase-7.1R2.2 Using /var/tmp/jinstall-7.2R1.7-domestic-signed.tgz Verified jinstall-7.2R1.7-domestic.tgz signed by PackageProduction_7_2_0 Using /var/validate/tmp/jinstall-signed/jinstall-7.2R1.7-domestic.tgz Using /var/validate/tmp/jinstall/jbundle-7.2R1.7-domestic.tgz Checking jbundle requirements on / Using /var/validate/tmp/jbundle/jbase-7.2R1.7.tgz Using /var/validate/tmp/jbundle/jkernel-7.2R1.7.tgz Using /var/validate/tmp/jbundle/jcrypto-7.2R1.7.tgz Using /var/validate/tmp/jbundle/jpfe-7.2R1.7.tgz Using /var/validate/tmp/jbundle/jdocs-7.2R1.7.tgz Using /var/validate/tmp/jbundle/jroute-7.2R1.7.tgz Validating against /config/juniper.conf.gz mgd: commit complete Validation succeeded Validating against /config/rescue.conf.gz mgd: commit complete Validation succeeded Installing package '/var/tmp/jinstall-7.2R1.7-domestic-signed.tgz' ... Verified jinstall-7.2R1.7-domestic.tgz signed by PackageProduction_7_2_0 Adding jinstall... WARNING: WARNING: WARNING: WARNING: WARNING: WARNING: WARNING: This package will load JUNOS 7.2R1.7 software. It will save JUNOS configuration files, and SSH keys (if configured), but erase all other files and information stored on this machine. It will attempt to preserve dumps and log files, but this can not be guaranteed. This is the pre-installation stage and all the software is loaded when you reboot the system. Saving the config files ... Installing the bootstrap installer ... WARNING: WARNING: WARNING: WARNING: WARNING: A REBOOT IS REQUIRED TO LOAD THIS SOFTWARE CORRECTLY. Use the 'request system reboot' command when software installation is complete. To abort the installation, do not reboot your system, instead use the 'request system software delete jinstall' command as soon as this operation completes. Saving package file in /var/sw/pkg/jinstall-7.2R1.7-domestic-signed.tgz ... Saving state for rollback ... 110 Chapter 10: Operational Mode Commands for Software Installation request system software delete Syntax Release Information Description request system software delete software-package Command introduced before Junos OS Release 10.2 for J-EX Series switches. Remove a software package or bundle from the router or switch. CAUTION: Before removing a software package or bundle, make sure that you have already placed the new software package or bundle that you intend to load onto the router or switch. Options software-package—Software package or bundle name. You can delete any or all of the following software bundles or packages: • jbase—(Optional) Junos OS base software suite • jcrypto—(Optional, in domestic version only) Junos OS security software • jdocs—(Optional) Junos OS online documentation file • jkernel—(Optional) Junos OS kernel software suite • jpfe—(Optional) Junos OS Packet Forwarding Engine support • jroute—(Optional) Junos OS routing software suite • junos—(Optional) Junos OS base software force—(Optional) Ignore warnings and force removal of the software. Additional Information Required Privilege Level Related Documentation List of Sample Output Before upgrading the software on the router or switch, when you have a known stable system, issue the request system snapshot command to back up the software, including the configuration, to the /altroot and /altconfig file systems. After you have upgraded the software on the router or switch and are satisfied that the new packages are successfully installed and running, issue the request system snapshot command again to back up the new software to the /altroot and /altconfig file systems. After you run the request system snapshot command, you cannot return to the previous version of the software, because the running and backup copies of the software are identical. maintenance • request system software add on page 108 • request system software rollback on page 113 • request system software validate on page 115 request system software delete jdocs on page 112 111 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Output Fields When you enter this command, you are provided feedback on the status of your request. request system software delete jdocs The following example displays the system software packages before and after the jdocs package is deleted through the request system software delete command: user@host> show system software Information for jbase: Comment: JUNOS Base OS Software Suite [7.2R1.7] Information for jcrypto: Comment: JUNOS Crypto Software Suite [7.2R1.7] Information for jdocs: Comment: JUNOS Online Documentation [7.2R1.7] Information for jkernel: Comment: JUNOS Kernel Software Suite [7.2R1.7] ... user@host> request system software delete jdocs Removing package 'jdocs' ... user@host> show system software Information for jbase: Comment: JUNOS Base OS Software Suite [7.2R1.7] Information for jcrypto: Comment: JUNOS Crypto Software Suite [7.2R1.7] Information for jkernel: Comment: JUNOS Kernel Software Suite [7.2R1.7] ... 112 Chapter 10: Operational Mode Commands for Software Installation request system software rollback Syntax request system software rollback Syntax (J-EX Series Switch) request system software rollback Release Information Description Options Command introduced before Junos OS Release 10.2 for J-EX Series switches. Revert to the software that was loaded at the last successful request system software add command. none—Revert to the set of software as of the last successful request system software add. all-members—(J-EX4200 switches only) (Optional) Attempt to roll back to the previous set of packages on all members of the Virtual Chassis configuration. local—(J-EX4200 switches only) (Optional) Attempt to roll back to the previous set of packages on the local Virtual Chassis member. member member-id—(J-EX4200 switches only) (Optional) Attempt to roll back to the previous set of packages on the specified member of the Virtual Chassis configuration. Replace member-id with a value from 0 through 9. Additional Information Use this command only to recover from a failed software upgrade—you cannot issue this command to return to the previously installed software after using a jinstall package. To return to the previously installed software, use the corresponding jinstall package. A software rollback fails if any required package (or a jbundle package containing the required package) cannot be found in /var/sw/pkg. Required Privilege Level Related Documentation List of Sample Output Output Fields maintenance • request system software add on page 108 • request system software delete on page 111 • request system software validate on page 115 • request system configuration rescue delete on page 376 • request system configuration rescue save on page 377 request system software rollback on page 114 When you enter this command, you are provided feedback on the status of your request. 113 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system software rollback user@host> request system software rollback Verified SHA1 checksum of ./jbase-7.2R1.7.tgz Verified SHA1 checksum of ./jdocs-7.2R1.7.tgz Verified SHA1 checksum of ./jroute-7.2R1.7.tgz Installing package './jbase-7.2R1.7.tgz' ... Available space: 35495 require: 7335 Installing package './jdocs-7.2R1.7.tgz' ... Available space: 35339 require: 3497 Installing package './jroute-7.2R1.7.tgz' ... Available space: 35238 require: 6976 NOTICE: uncommitted changes have been saved in /var/db/config/juniper.conf.pre-install Reloading /config/juniper.conf.gz ... Activating /config/juniper.conf.gz ... mgd: commit complete Restarting mgd ... Restarting aprobed ... Restarting apsd ... Restarting cosd ... Restarting fsad ... Restarting fud ... Restarting gcdrd ... Restarting ilmid ... Restarting irsd ... Restarting l2tpd ... Restarting mib2d ... Restarting nasd ... Restarting pppoed ... Restarting rdd ... Restarting rmopd ... Restarting rtspd ... Restarting sampled ... Restarting serviced ... Restarting snmpd ... Restarting spd ... Restarting vrrpd ... WARNING: cli has been replaced by an updated version: CLI release 7.2R1.7 built by builder on 2005-04-22 02:03:44 UTC Restart cli using the new version ? [yes,no] (yes) yes Restarting cli ... user@host 114 Chapter 10: Operational Mode Commands for Software Installation request system software validate Syntax Syntax (J-EX Series Switch) Release Information Description Options request system software validate package-name request system software validate Command introduced before Junos OS Release 10.2 for J-EX Series switches. Validate candidate software against the current configuration of the router or switch. member member-id—(J-EX4200 switches only) (Optional) Validate the software bundle or package on the specified member of the Virtual Chassis configuration. Replace member-id with a value from 0 through 9. package-name—Name of the software bundle or package to test. Required Privilege Level Related Documentation List of Sample Output Output Fields maintenance • request system software add on page 108 • request system software delete on page 111 • request system software rollback on page 113 request system software validate (Successful Case) on page 116 request system software validate (Failure Case) on page 116 When you enter this command, you are provided feedback on the status of your request. 115 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system software validate (Successful Case) user@host> request system software validate /var/sw/pkg/jbundle-5.3I20020124_0520_sjg.tgz Checking compatibility with configuration Initializing... Using /packages/jbase-5.3I20020122_1901_sjg Using /var/sw/pkg/jbundle-5.3I20020124_0520_sjg.tgz Using /var/chroot/var/tmp/jbundle/jbase-5.3I20020124_0520_sjg.tgz Using /var/chroot/var/tmp/jbundle/jkernel-5.3I20020124_0520_sjg.tgz Using /var/chroot/var/tmp/jbundle/jcrypto-5.3I20020124_0520_sjg.tgz Using /var/chroot/var/tmp/jbundle/jpfe-5.3I20020124_0520_sjg.tgz Using /var/chroot/var/tmp/jbundle/jdocs-5.3I20020124_0520_sjg.tgz Using /var/chroot/var/tmp/jbundle/jroute-5.3I20020124_0520_sjg.tgz Validating against /config/juniper.conf.gz mgd: commit complete WARNING: cli has been replaced by an updated version: CLI release 5.3I0 built by sjg on 2002-01-24 05:23:53 UTC Restart cli using the new version ? [yes,no] (yes) request system software validate (Failure Case) user@host> request system software validate 6.3/ Pushing bundle to lcc0-re0 error: Failed to transfer package to lcc0-re0 user@host> request system software validate test Pushing bundle to lcc0-re0 Pushing bundle to lcc2-re0 lcc0-re0: gzip: stdin: not in gzip format tar: child returned status 1 ERROR: Not a valid package: /var/tmp/test 116 Chapter 10: Operational Mode Commands for Software Installation show system autoinstallation status Syntax Release Information Description Options Required Privilege Level show system autoinstallation status Command introduced before Junos OS Release 10.2 for J-EX Series switches. Display autoinstallation status information. This command has no options. view List of Sample Output show system autoinstallation status on page 117 show system autoinstallation status user@host> show system autoinstallation status Autoinstallation status: Master state: Active Last committed file: None Configuration server of last committed file: 0.0.0.0 Interface: Name: fe-0/0/1 State: None Address acquisition: Protocol: DHCP Client Acquired address: None Protocol: RARP Client Acquired address: None 117 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS show system boot-messages Syntax show system boot-messages Syntax (J-EX Series Switch) show system boot-messages Release Information Description Options Command introduced before Junos OS Release 10.2 for J-EX Series switches. Display initial messages generated by the system kernel upon startup. These messages are the contents of /var/run/dmesg.boot. none—Display all boot time messages. all-members—(J-EX4200 switches only) (Optional) Display boot time messages on all members of the Virtual Chassis configuration. local—(J-EX4200 switches only) (Optional) Display boot time messages on the local Virtual Chassis member. member member-id—(J-EX4200 switches only) (Optional) Display boot time messages on the specified member of the Virtual Chassis configuration. Replace member-id with a value from 0 through 9. Required Privilege Level 118 view Chapter 10: Operational Mode Commands for Software Installation show system license Syntax show system license Release Information Command introduced before Junos OS Release 10.2 for J-EX Series switches. Description Display licenses and information about how they are used. Options none—Display all license information. installed—(Optional) Display installed licenses only. keys—(Optional) Display a list of license keys. Use this information to verify that each expected license key is present. usage—(Optional) Display the state of licensed features. Required Privilege Level maintenance List of Sample Output show system license on page 120 show system license installed on page 120 show system license keys on page 120 show system license usage on page 120 Output Fields Table 24 on page 119 lists the output fields for the show system license command. Output fields are listed in the approximate order in which they appear. Table 24: show system license Output Fields Field Name Field Description Feature name Name assigned to the configured feature. You use this information to verify that all the features for which you installed licenses are present. Licenses used Number of licenses used by a router or switch. You use this information to verify that the number of licenses used matches the number configured. If a licensed feature is configured, the feature is considered used. Licenses installed Information about the installed license key: • License identifier—Identifier associated with a license key. • State—State of the license key:valid or invalid. An invalid state indicates that the key was entered incorrectly or is not valid for the specific device. • License version—Version of a license. The version indicates how the license is validated, the type of signature, and the signer of the license key. Licenses needed • Valid for device—Device that can use a license key. • Group defined—Group membership of a device. • Features—Feature associated with a license, such as data link switching (DLSw). Number of licenses required for features being used but not yet properly licensed. 119 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Table 24: show system license Output Fields (continued) Field Name Field Description Expiry Amount of time left within the grace period before a license is required for a feature being used. show system license user@host> show system license License usage: Feature name subscriber-accounting subscriber-authentication subscriber-address-assignment subscriber-vlan subscriber-ip scale-subscriber scale-l2tp scale-mobile-ip Licenses used 0 0 0 0 0 0 0 0 Licenses installed 1 1 1 1 1 1000 1000 1000 Licenses needed 0 0 0 0 0 0 0 0 Expiry permanent permanent permanent permanent permanent permanent permanent permanent Licenses installed: License identifier: XXXXXXXXXX License version: 2 Features: subscriber-accounting - Per Subscriber Radius Accounting permanent subscriber-authentication - Per Subscriber Radius Authentication permanent subscriber-address-assignment - Radius/SRC Address Pool Assignment permanent subscriber-vlan - Dynamic Auto-sensed Vlan permanent subscriber-ip - Dynamic and Static IP permanent show system license installed user@host> show system license installed License identifier: XXXXXXXXXX License version: 2 Features: subscriber-accounting - Per Subscriber Radius Accounting permanent subscriber-authentication - Per Subscriber Radius Authentication permanent subscriber-address-assignment - Radius/SRC Address Pool Assignment permanent subscriber-vlan - Dynamic Auto-sensed Vlan permanent subscriber-ip - Dynamic and Static IP permanent show system license keys user@host> show system license keys XXXXXXXXXX xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxx show system license usage user@host> show system license usage Feature name 120 Licenses used Licenses installed Licenses needed Expiry Chapter 10: Operational Mode Commands for Software Installation subscriber-accounting 1 1 0 permanent subscriber-authentication 1 1 0 permanent subscriber-address-assignment 1 1 0 permanent subscriber-vlan 0 1 0 permanent subscriber-ip 0 1 0 permanent 121 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS show system snapshot Syntax Release Information Description Options show system snapshot Command introduced before Junos OS Release 10.2 for J-EX Series switches. Display the complete collection of files in a snapshot. none—Display the system snapshot on the alternate media, which is the media that does not have the software packages that last booted the switch. all-members | local | member member-id—(J-EX4200 switch only) Display the snapshot in a Virtual Chassis configuration: • all-members—Display the snapshot for each switch that is a member of the Virtual Chassis. • local—Display the snapshot on the switch that you are currently logged into. • member member-id—Display the snapshot for the specified member switch of the Virtual Chassis. media (external | internal)—(Optional) Display the destination media location for the snapshot. The external option specifies the snapshot on an external mass storage device, such as a USB flash drive. The internal option specifies the snapshot on an internal memory source, such as internal flash memory. slice (1 | 2 | alternate)—Display the snapshot in a partition: • 1—Display the snapshot in partition 1. • 2—Display the snapshot in partition 2. • alternate—Display the snapshot in the alternate partition, which is the partition that did not boot the switch at the last bootup. Required Privilege Level Related Documentation show system snapshot media external 122 view • request system snapshot on page 106 • Creating a Snapshot and Using It to Boot a J-EX Series Switch on page 80 • Verifying That a System Snapshot Was Created on a J-EX Series Switch on page 88 user@switch> show system snapshot media external Information for snapshot on external (da1s1) Creation date: Oct 13 20:23:23 2009 JUNOS version on snapshot: jbase : 10.0I20090726_0011_user jcrypto-ex: 10.0I20090726_0011_user Chapter 10: Operational Mode Commands for Software Installation jdocs-ex: 10.0I20090726_0011_user jkernel-ex: 10.0I20090726_0011_user jroute-ex: 10.0I20090726_0011_user jswitch-ex: 10.0I20090726_0011_user jweb-ex: 10.0I20090726_0011_user jpfe-ex42x: 10.0I20090726_0011_user 123 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 124 PART 4 User Interfaces • User Interfaces Overview on page 127 • Using the Configuration Tools on page 135 • Operational Mode Commands for User Interfaces on page 137 125 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 126 CHAPTER 11 User Interfaces Overview • User Interfaces—Overview on page 127 User Interfaces—Overview • CLI User Interface Overview on page 127 • J-Web User Interface for J-EX Series Switches Overview on page 129 • Understanding J-Web Configuration Tools on page 131 • Understanding J-Web User Interface Sessions on page 133 CLI User Interface Overview You can use two interfaces to monitor, configure, troubleshoot, and manage a J-EX Series Switch: the J-Web graphical user interface and the Junos OS command-line interface (CLI). Both of these user interfaces are shipped with the switch. This topic describes the CLI. For information about the J-Web user interface, see “J-Web User Interface for J-EX Series Switches Overview” on page 129. • CLI Overview on page 127 • CLI Help and Command Completion on page 127 • CLI Command Modes on page 128 CLI Overview Junos OS CLI is a command shell that runs on top of a UNIX-based operating system kernel. The CLI provides command help and command completion. The CLI also provides a variety of UNIX utilities, such as Emacs-style keyboard sequences that allow you to move around on a command line and scroll through recently executed commands, regular expression matching to locate and replace values and identifiers in a configuration, filter command output, or log file entries, store and archive router files on a UNIX-based file system, and exit from the CLI environment and create a UNIX C shell or Bourne shell to navigate the file system, manage switch processes, and so on. CLI Help and Command Completion To access CLI Help, type a question mark (?) at any level of the hierarchy. The system displays a list of the available commands or statements and a short description of each. 127 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS To complete a command, statement, or option that you have partially typed, press the Tab key or the Spacebar. If the partially typed letters uniquely identify a command, the complete command name appears. Otherwise, a beep indicates that you have entered an ambiguous command and the possible completions are displayed. This completion feature also applies to other strings, such as filenames, interface names, usernames, and configuration statements. CLI Command Modes The CLI has two modes, operational mode and configuration mode. In operational mode, you enter commands to monitor and troubleshoot switch hardware and software and network connectivity. Operational mode is indicated by the > prompt—for example, user@switch>. In configuration mode, you can define all properties of Junos OS, including interfaces, VLANs, Virtual Chassis information, routing protocols, user access, and several system hardware properties. To enter configuration mode, enter the configure command: . user@switch> configure Configuration mode is indicated by the # prompt, and includes the current location in the configuration hierarchy—for example: [edit interfaces ge-0/0/12] user@switch# In configuration mode, you are actually viewing and changing the candidate configuration file. The candidate configuration allows you to make configuration changes without causing operational changes to the current operating configuration, called the active configuration. When you commit the changes you added to the candidate configuration, the system updates the active configuration. Candidate configurations enable you to alter your configuration without causing potential damage to your current network operations. To activate your configuration changes, enter the commit command. To return to operational mode, go to the top of the configuration hierarchy and then quit—for example: [edit interfaces ge-0/0/12] user@switch# top [edit] user@switch# exit You can also activate your configuration changes and exit configuration mode with a single command, commit and-quit. This command succeeds only if there are no mistakes or syntax errors in the configuration. TIP: When you commit the candidate configuration, you can require an explicit confirmation for the commit to become permanent by using the commit 128 Chapter 11: User Interfaces Overview confirmed command. This is useful for verifying that a configuration change works correctly and does not prevent management access to the switch. After you issue the commit confirmed command, you must issue another commit command within the defined period of time (10 minutes by default) or the system reverts to the previous configuration. Related Documentation • J-EX Series Switch Software Features Overview on page 3 • Junos OS CLI User Guide at http://www.juniper.net/techpubs/software/junos/. J-Web User Interface for J-EX Series Switches Overview You can use two interfaces to monitor, configure, troubleshoot, and manage a J-EX Series Switch: the J-Web graphical user interface and the Junos OS command-line interface (CLI). Both of these user interfaces are shipped with the switch. This topic describes the J-Web interface. You can navigate the J-Web interface, scroll pages, and expand and collapse elements as you do in a typical Web browser interface. For information about the CLI user interface, see “CLI User Interface Overview” on page 127. NOTE: To access the J-Web interface, your management device must have the following software installed: • Operating system: Microsoft Windows XP Service Pack 3 • Browser version: One of the following. Other browsers might work but are not supported by J-Series platforms. • • Microsoft Internet Explorer version 7.0 • Mozilla Firefox version 3.0 Additional requirements: • Only English-language browsers are supported. • The browser and the network must be able to receive and process HTTP/1.1 gzip compressed data. Each page of the J-Web interface is divided into panes. • Top pane—Displays system identity information and links. • Main pane—Location where you monitor, configure, diagnose (troubleshoot), and manage (maintain) the switch by entering information in text boxes, making selections, and clicking buttons. • Side pane—Displays suboptions of the Monitor, Configure, Troubleshoot, or Maintain task currently displayed in the main pane. Click a suboption to access it in the main pane. 129 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS The layout of the panes allows you to quickly navigate through the interface. Table 25 on page 130 summarizes the elements of the J-Web interface. The J-Web interface provides CLI tools that allow you to perform all of the tasks that you can perform from the Junos OS command-line interface (CLI), including a CLI Viewer to view the current configuration, a CLI Editor for viewing and modifying the configuration, and a Point & Click CLI editor that allows you to click through all of the available CLI statements. Table 25: J-Web Interface J-Web Interface Element Description Top Pane Host The hostname of the switch. Logged in as: username The user name you used to log in to the switch. Commit Options A set of options using which you can configure committing multiple changes with a single commit. • Commit—Commits the candidate configuration of the current user session, along with changes from other user sessions. • Compare—Displays the XML log of pending configurations on the device. • Discard—Discards the candidate configuration of the current user session, along with changes from other user sessions. • Preference—Indicates your choice of committing all configurations changes together or committing each configuration change immediately. The two commit options are: • Commit changes immediately—Sets the system to force an immediate commit on every page after every configuration change. • Validate changes until explicit commit—Loads all configuration changes for an accumulated single commit. If there are errors in loading the configuration, the errors are logged. This is the default mode. NOTE: There are some pages on which configuration changes must be committed immediately. For such pages, if you configure the commit options for a single commit, the system displays warning notifications that remind you to commit your changes immediately. An example for such a page is Switching. Help Logout 130 Displays links to information on help and the J-Web interface. • Help Contents—View context-sensitive help topics. • About—Displays information about the J-Web interface, such as the version number. Ends your current login session with the switch and returns you to the login page. Chapter 11: User Interfaces Overview Table 25: J-Web Interface (continued) J-Web Interface Element Description Taskbar Menu of J-Web main options. Click the tab to access an option. • Dashboard—Displays a high-level, graphical view of the chassis and status of the switch. It displays system health information, alarms, and system status. • Configure—Configure the switch, and view configuration history. • Monitor—View information about configuration and hardware on the switch. • Maintain—Manage files and licenses, upgrade software, and reboot the switch. • Troubleshoot—Run diagnostic tools to troubleshoot network issues. Main Pane Help (?) icon Displays useful information—such as the definition, format, and valid range of an option—when you move the cursor over the question mark. Red asterisk (*) Indicates a required field. Icon legend (Applies to the Point & Click CLI editor only) Explains icons that appear in the user interface to provide information about configuration statements: • C—Comment. Move your cursor over the icon to view a comment about the configuration statement. • I—Inactive. The configuration statement does not affect the switch. • M—Modified. The configuration statement has been added or modified. • *—Mandatory. The configuration statement must have a value. Task Pane Configuration hierarchy Related Documentation (Applies to the Junos OS CLI configuration editor only) Displays the hierarchy of committed statements in the switch configuration. • Click Expand all to display the entire hierarchy. • Click Hide all to display only the statements at the top level. • Click plus signs (+) to expand individual items. • Click minus signs (-) to hide individual items. • Using the Commit Options to Commit Configuration Changes (J-Web Procedure) on page 334 • J-EX Series Switch Software Features Overview on page 3 • J-EX4200 Switches Hardware Overview on page 25 • J-EX Series Switch Software Features Overview on page 3 • Connecting and Configuring a J-EX Series Switch (J-Web Procedure) on page 163 • CLI User Interface Overview on page 127 Understanding J-Web Configuration Tools The J-Web graphical user interface (GUI) allows you to monitor, configure, troubleshoot, and manage the switching platform by means of a Web browser with Hypertext Transfer 131 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Protocol (HTTP) or HTTP over Secure Sockets Layer (HTTPS) enabled. The J-Web interface provides access to all the configuration statements supported by the switch, so you can fully configure the switch without using the CLI. The J-Web interface provides three methods of configuring the switch: • Configure menu • Point & Click CLI Editor • CLI Editor Table 26 on page 132 gives a comparison of the three methods of configuration. Table 26: Switching Platform Configuration Interfaces Tool Description Function Use Configure menu Web browser pages for setting up the switch quickly and easily without configuring each statement individually. Configure basic switch platform services: Use for basic configuration. For example, use the Virtual Chassis Configuration page to configure the Virtual Chassis parameters on the switch. Point & Click CLI editor • Switching • Virtual Chassis • Security • Services • System Properties • Routing Configure all switching platform services: • • System parameters • User Accounting and Access • Interfaces • VLAN properties Expand the entire configuration hierarchy and click a configuration statement to view or edit. The main pane displays all the options for the statement, with a text box for each option. • Paste a complete configuration hierarchy into a scrollable text box, or edit individual lines. • Virtual Chassis properties • Upload or download a complete configuration. • Secure Access • Roll back to a previous configuration. • Services Create or delete a rescue configuration. • Routing protocols Interface in which you do any of the following: • • • • 132 Interfaces Web browser pages divided into panes in which you can do any of the following: • CLI editor • Type commands on a line and press Enter to create a hierarchy of configuration statements. Configure all switching platform services: • System parameters Create an ASCII text file that contains the statement hierarchy. • User Accounting and Access • Interfaces Upload a complete configuration, or roll back to a previous configuration. • VLAN properties • Virtual Chassis properties • Secure Access • Services • Routing protocols Create or delete a rescue configuration. Use for complete configuration if you are not familiar with the Junos OS CLI or prefer a graphical interface. Use for complete configuration if you know the Junos OS CLI or prefer a command interface. Chapter 11: User Interfaces Overview Related Documentation • Understanding J-Web User Interface Sessions on page 133 • J-Web User Interface for J-EX Series Switches Overview on page 129 • Connecting and Configuring a J-EX Series Switch (J-Web Procedure) on page 163 • Configuration Files Terms on page 322 Understanding J-Web User Interface Sessions You establish a J-Web session with the switch through an HTTP-enabled or HTTPS-enabled Web browser. The HTTPS protocol, which uses 128-bit encryption, is available only in domestic versions of Junos OS. To use HTTPS, you must have installed a certificate on the switch and enabled HTTPS. See “Generating SSL Certificates to Be Used for Secure Web Access” on page 398. When you attempt to log in through the J-Web interface, the switch authenticates your username with the same methods used for Telnet and SSH. If the switch does not detect any activity through the J-Web interface for 15 minutes, the session times out and is terminated. You must log in again to begin a new session. To explicitly terminate a J-Web session at any time, click Logout in the top pane. Related Documentation • J-Web User Interface for J-EX Series Switches Overview on page 129 • Configuring Management Access for the J-EX Series Switch (J-Web Procedure) on page 395 133 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 134 CHAPTER 12 Using the Configuration Tools • Using the CLI Terminal on page 135 • Starting the J-Web Interface on page 136 Using the CLI Terminal The J-Web CLI terminal provides access to the Junos OS command line interface (CLI) through the J-Web interface. The functionality and behavior of the CLI available through the CLI terminal page is the same as that of the Junos OS CLI available through the switch console. The CLI terminal supports all CLI commands and other features such as CLI help and autocompletion. Using the CLI terminal page you can fully configure, monitor, and manage the switch. To access the J-Web interface, your management device must have the following software installed: • Operating system: Microsoft Windows XP Service Pack 3 • Browser version: One of the following. Other browsers might work but are not supported by J-Series platforms. • • Microsoft Internet Explorer version 7.0 • Mozilla Firefox version 3.0 Additional requirements: • Only English-language browsers are supported. • The browser and the network must be able to receive and process HTTP/1.1 gzip compressed data. • Before you can use the CLI terminal, you must configure the domain name and hostname of the switch. See “Configuring System Identity for the J-EX Series Switch (J-Web Procedure)” on page 168 for more information. • To access the CLI through the J-Web interface, your management device requires the following features: • SSH access—Enable Secure shell (SSH) on your system. SSH provides a secured method of logging in to the switch, to encrypt traffic so that it is not intercepted. If SSH is not enabled on the system, the CLI terminal page displays an error. 135 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS • Java applet support—Make sure that your Web browser supports Java applets. • JRE installed on the client—Install Java Runtime Environment (JRE) version 1.4 or later on your system. JRE is a software package that must be installed on a system to run Java applications. Download the latest JRE version from the Java Software website http://www.java.com/. Installing JRE installs Java plug-ins, which once installed, load automatically and transparently to render Java applets. NOTE: The CLI terminal is supported on JRE version 1.4 and later only. To access the CLI terminal, select Troubleshoot >CLI Terminal. Related Documentation • CLI User Interface Overview on page 127 • Understanding J-Web Configuration Tools on page 131 Starting the J-Web Interface You can use the J-Web graphical interface to configure and manage the J-EX Series switch. To start the J-Web interface: 1. Launch your HTTP-enabled or HTTPS-enabled Web browser. To use HTTPS, you must have installed a certificate on the switch and enabled HTTPS. 2. After http:// or https:// in your Web browser, type the hostname or IP address of the switch and press Enter. The J-Web login page appears. 3. On the login page, type your username and password, and click Log In. To correct or change the username or password you typed, click Reset, type the new entry or entries, and click Log In. NOTE: The default username is root with no password. You must change this during initial configuration or the system does not accept the configuration. The Chassis Dashboard information page appears. To explicitly terminate a J-Web session at any time, click Logout in the top pane. Related Documentation 136 • J-Web User Interface for J-EX Series Switches Overview on page 129 • Understanding How to Use the J-Web Interface to View System Information CHAPTER 13 Operational Mode Commands for User Interfaces 137 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS set cli complete-on-space Syntax Release Information Description Options set cli complete-on-space (off | on) Command introduced before Junos OS Release 10.2 for J-EX Series switches. Set the command-line interface (CLI) to complete a partial command entry when you type a space or a tab. This is the default behavior of the CLI. off—Turn off command completion. on—Allow either a space or a tab to be used for command completion. Required Privilege Level Related Documentation List of Sample Output view • show cli on page 147 set cli complete-on-space on page 138 Output Fields When you enter this command, you are provided feedback on the status of your request. set cli complete-on-space In the following example, pressing the Spacebar changes the partial command entry from com to complete-on-space. The example shows how adding the keyword off at the end of the command disables command completion. user@host> set cli com user@host>set cli complete-on-space off Disabling complete-on-space 138 Chapter 13: Operational Mode Commands for User Interfaces set cli directory Syntax Release Information Description Options Required Privilege Level Related Documentation List of Sample Output Output Fields set cli directory set cli directory directory Command introduced before Junos OS Release 10.2 for J-EX Series switches. Set the current working directory. directory—Pathname of the working directory. view • show cli directory on page 152 set cli directory on page 139 When you enter this command, you are provided feedback on the status of your request. user@host> set cli directory /var/home/regress Current directory: /var/home/regress 139 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS set cli idle-timeout Syntax Release Information set cli idle-timeout Command introduced before Junos OS Release 10.2 for J-EX Series switches. Description Set the maximum time that an individual session can be idle before the user is logged off the router or switch. Options minutes—(Optional) Maximum idle time. The range of values, in minutes, is 0 through 100,000. If you do not issue this command, and the user's login class does not specify this value, the user is never forced off the system after extended idle times. Setting the value to 0 disables the timeout. Required Privilege Level Related Documentation List of Sample Output Output Fields set cli idle-timeout 140 view • show cli on page 147 set cli idle-timeout on page 140 When you enter this command, you are provided feedback on the status of your request. user@host> set cli idle-timeout 60 Idle timeout set to 60 minutes Chapter 13: Operational Mode Commands for User Interfaces set cli prompt Syntax Release Information Description Options set cli prompt string Command introduced before Junos OS Release 10.2 for J-EX Series switches. Set the prompt so that it is displayed within the CLI. string—CLI prompt string. To include spaces in the prompt, enclose the string in quotation marks. By default, the string is username@hostname. Required Privilege Level Related Documentation List of Sample Output view • show cli on page 147 set cli prompt on page 141 Output Fields When you enter this command, the new CLI prompt is displayed. set cli prompt user@host> set cli prompt lab1-router> lab1-router> 141 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS set cli restart-on-upgrade Syntax Release Information Description Options set cli restart-on-upgrade string (off | on) Command introduced before Junos OS Release 10.2 for J-EX Series switches. For an individual session, set the CLI to prompt you to restart the router or switch after upgrading the software. off—Disables the prompt. on—Enables the prompt. Required Privilege Level Related Documentation List of Sample Output Output Fields set cli restart-on-upgrade 142 view • show cli on page 147 set cli restart-on-upgrade on page 142 When you enter this command, you are provided feedback on the status of your request. user@host> set cli restart-on-upgrade on Enabling restart-on-upgrade Chapter 13: Operational Mode Commands for User Interfaces set cli screen-length Syntax Release Information Description Options set cli screen-length length Command introduced before Junos OS Release 10.2 for J-EX Series switches. Set terminal screen length. length—Number of lines of text that the terminal screen displays. The range of values, in number of lines, is 24 through 100,000. The default is 24. Additional Information Required Privilege Level Related Documentation List of Sample Output Output Fields set cli screen-length The point at which the ---(more)--- prompt appears on the screen is a function of this setting and the settings for the set cli screen-width and set cli terminal commands. view • set cli screen-width on page 144 • set cli terminal on page 145 • show cli on page 147 set cli screen-length on page 143 When you enter this command, you are provided feedback on the status of your request. user@host> set cli screen-length 75 Screen length set to 75 143 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS set cli screen-width Syntax Release Information Description Options set cli screen-width width Command introduced before Junos OS Release 10.2 for J-EX Series switches. Set the terminal screen width. width—Number of characters in a line. The range of values is 80 through 100,000. The default is 80. Additional Information Required Privilege Level Related Documentation List of Sample Output Output Fields set cli screen-width 144 The point at which the ---(more)--- prompt appears on the screen is a function of this setting and the settings for the set cli screen-length and set cli terminal commands. view • set cli screen-length on page 143 • set cli terminal on page 145 • show cli on page 147 set cli screen-width on page 144 When you enter this command, you are provided feedback on the status of your request. user@host> set cli screen-width Screen width set to 132 Chapter 13: Operational Mode Commands for User Interfaces set cli terminal Syntax Release Information Description Options Required Privilege Level Related Documentation List of Sample Output Output Fields set cli terminal set cli terminal terminal-type Command introduced before Junos OS Release 10.2 for J-EX Series switches. Set the terminal type. terminal-type—Type of terminal that is connected to the Ethernet management port: • ansi—ANSI-compatible terminal (80 characters by 24 lines) • small-xterm—Small xterm window (80 characters by 24 lines) • vt100—VT100-compatible terminal (80 characters by 24 lines) • xterm—Large xterm window (80 characters by 65 lines) view • show cli on page 147 set cli terminal on page 145 This command provides no output. user@host> set cli terminal xterm 145 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS set cli timestamp Syntax Release Information Description Options set cli timestamp (format timestamp-format | disable) Command introduced before Junos OS Release 10.2 for J-EX Series switches. Set a timestamp for CLI output. format timestamp-format—Set the date and time format for the timestamp. The timestamp format you specify can include the following placeholders in any order: • %m—Two-digit month • %d—Two-digit date • %T—Six-digit hour, minute, and seconds disable—Remove the timestamp from the CLI. Required Privilege Level Related Documentation List of Sample Output Output Fields set cli timestamp 146 view • show cli on page 147 set cli timestamp on page 146 When you enter this command, you are provided feedback on the status of your request. user@host> set cli timestamp format '%m-%d-%T' '04-21-17:39:13' CLI timestamp set to: '%m-%d-%T' Chapter 13: Operational Mode Commands for User Interfaces show cli Syntax Release Information show cli Command introduced before Junos OS Release 10.2 for J-EX Series switches. Description Display configured CLI settings. Options This command has no options. Required Privilege Level List of Sample Output Output Fields view show cli on page 147 Table 27 on page 147 lists the output fields for the show cli command. Output fields are listed in the approximate order in which they appear. Table 27: show cli Output Fields Field Name Field Description CLI complete-on-space Capability to complete a partial command entry when you type a space or a tab: on or off. CLI idle-timeout Maximum time that an individual session can be idle before the user is logged off the router or switch. When this feature is enabled, the number of minutes is displayed. Otherwise, the state is disabled. CLI restart-on-upgrade CLI is set to prompt you to restart the router or switch after upgrading the software: on or off. CLI screen-length Number of lines of text that the terminal screen displays. CLI screen-width Number of characters in a line on the terminal screen. CLI terminal Terminal type. CLI is operating in Mode: enhanced. CLI timestamp Date and time format for the timestamp. If the timestamp is not set, the state is disabled. CLI working directory Pathname of the working directory. show cli user@host> show cli CLI complete-on-space set to on CLI idle-timeout disabled CLI restart-on-upgrade set to on CLI screen-length set to 47 CLI screen-width set to 132 CLI terminal is 'vt100' CLI is operating in enhanced mode CLI timestamp disabled CLI working directory is '/var/home/regress' 147 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 148 Chapter 13: Operational Mode Commands for User Interfaces show cli authorization Syntax Release Information Description Options Required Privilege Level List of Sample Output Output Fields show cli authorization Command introduced before Junos OS Release 10.2 for J-EX Series switches. Display the permissions for the current user. This command has no options. view show cli authorization on page 150 Table 28 on page 149 lists the output fields for the show cli authorization command. In the table, all possible permissions are displayed and output fields are listed in alphabetical order. Table 28: show cli authorization Output Fields Field Name Field Description access Can view access configuration information. access-control Can modify access configuration. admin Can view user account information. admin-control Can modify user account information. clear Can clear learned network information. configure Can enter configuration mode. control Can modify any configuration. edit Can edit configuration files. field Reserved for field (debugging) support. firewall Can view firewall configuration information. firewall-control Can modify firewall configuration information. floppy Can read from and write to removable media. flow-tap Can view flow-tap configuration information. flow-tap-control Can configure flow-tap configuration information. 149 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Table 28: show cli authorization Output Fields (continued) show cli authorization 150 Field Name Field Description interface Can view interface configuration information. interface-control Can modify interface configuration information. maintenance Can perform system maintenance. network Can access the network by entering the ping, ssh, telnet, and traceroute commands. reset Can reset or restart interfaces and system processes. rollback Can rollback to previous configurations. routing Can view routing configuration information. routing-control Can modify routing configuration information. secret Can view passwords and authentication keys in the configuration. secret-control Can modify passwords and authentication keys in the configuration. security Can view security configuration information. security-control Can modify security configuration information. shell Can start a local shell. snmp Can view SNMP configuration information. snmp-control Can modify SNMP configuration information. system Can view system configuration information. system-control Can modify system configuration information. trace Can view trace file settings information. trace-control Can modify trace file settings information. view Can view current values and statistics. view-configuration Can view all configuration information (not including secrets). user@host> show cli authorization Current user: 'remote' login: 'user' class '' Permissions: admin -- Can view user accounts Chapter 13: Operational Mode Commands for User Interfaces admin-control-- Can modify user accounts clear -- Can clear learned network information configure -- Can enter configuration mode control -- Can modify any configuration edit -- Can edit full files field -- Special for field (debug) support floppy -- Can read and write from the floppy interface -- Can view interface configuration interface-control-- Can modify interface configuration network -- Can access the network reset -- Can reset/restart interfaces and daemons routing -- Can view routing configuration routing-control-- Can modify routing configuration shell -- Can start a local shell snmp -- Can view SNMP configuration snmp-control-- Can modify SNMP configuration system -- Can view system configuration system-control-- Can modify system configuration trace -- Can view trace file settings trace-control-- Can modify trace file settings view -- Can view current values and statistics maintenance -- Can become the super-user firewall -- Can view firewall configuration firewall-control-- Can modify firewall configuration secret -- Can view secret configuration secret-control-- Can modify secret configuration rollback -- Can rollback to previous configurations security -- Can view security configuration security-control-- Can modify security configuration access -- Can view access configuration access-control-- Can modify access configuration view-configuration-- Can view all configuration (not including secrets) flow-tap -- Can view flow-tap configuration flow-tap-control-- Can configure flow-tap service Individual command authorization: Allow regular expression: none Deny regular expression: none Allow configuration regular expression: none Deny configuration regular expression: none 151 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS show cli directory Syntax Release Information Description Options Required Privilege Level List of Sample Output Output Fields show cli directory Command introduced before Junos OS Release 10.2 for J-EX Series switches. Display the current working directory. This command has no options. view show cli directory on page 152 Table 29 on page 152 lists the output fields for the show cli directory command. Output fields are listed in the approximate order in which they appear. Table 29: show cli directory Output Fields show cli directory 152 Field Name Field Description Current directory Pathname of the current working directory. user@host> show cli directory Current directory: /var/home/regress Chapter 13: Operational Mode Commands for User Interfaces show cli history Syntax Release Information Description Options show cli history Command introduced before Junos OS Release 10.2 for J-EX Series switches. Display a list of previous CLI commands. none—Display all previous CLI commands. count—(Optional) Maximum number of commands to display. Required Privilege Level List of Sample Output Output Fields view show cli history on page 153 Table 30 on page 153 lists the output fields for the show cli history command. Output fields are listed in the approximate order in which they appear. Table 30: show cli history Output Fields show cli history Field Name Field Description timestamp Time at which the command was entered. command-syntax Command that was entered. user@host> 11:14:14 11:22:10 11:27:12 show cli history -- show arp -- show cli authorization -- show cli history 153 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS start shell Syntax Release Information Description Options start shell (csh | sh) Command introduced before Junos OS Release 10.2 for J-EX Series switches. Exit from the CLI environment and create a UNIX-level shell. To return to the CLI, type exit from the shell. csh—Create a UNIX C shell. sh—Create a UNIX Bourne shell. user username—(Optional) Start the shell as another user. Additional Information When you are in the shell, the shell prompt has the following format: username@hostname% An example of the prompt is: root@router% Required Privilege Level List of Sample Output shell and maintenance start shell csh on page 154 Output Fields When you enter this command, you are provided feedback on the status of your request. start shell csh user@host> start shell csh % exit % username@hostname% start shell sh % exit user@host> 154 PART 5 Junos OS for J-EX Series Switches System Setup • System Setup Overview on page 157 • Initial Configuration on page 161 • Configuration Statements for System Setup on page 171 • Operational Mode Commands for System Setup on page 201 155 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 156 CHAPTER 14 System Setup Overview • Junos OS—Overview on page 157 Junos OS—Overview • J-EX Series Switch Software Features Overview on page 157 • Understanding Software Infrastructure and Processes on page 158 J-EX Series Switch Software Features Overview The following tables list the J-EX Series Switches software features and the Junos OS release in which they were introduced: Related Documentation • Table 4 on page 4—Access Control Features • Table 5 on page 4—Administration Features • Table 6 on page 4—Class-of-Service (CoS) Features • Table 7 on page 5—High Availability and Resiliency Features • Table 8 on page 6—Interfaces Features • Table 9 on page 7—IP Address Management Features • Table 10 on page 7—IPv6 Features • Table 11 on page 7—Layer 2 Network Protocols Features • Table 12 on page 8—Layer 3 Protocols Features • Table 13 on page 9—MPLS Features • Table 14 on page 10—Multicast Features • Table 15 on page 10—Network Management and Monitoring Features • Table 16 on page 11—Port Security Features • Table 17 on page 12—System Management Features • High Availability Features for J-EX Series Switches Overview on page 18 • Layer 3 Protocols Supported on J-EX Series Switches on page 13 • Layer 3 Protocols Not Supported on J-EX Series Switches on page 14 157 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS • J-EX8208 Switch Hardware Overview on page 27 • J-EX8216 Switch Hardware Overview on page 30 Understanding Software Infrastructure and Processes Each switch runs Junos OS for J-EX Series Switches on its general-purpose processors. The Junos OS includes processes for Internet Protocol (IP) routing and for managing interfaces, networks, and the chassis. Junos OS runs on the Routing Engine. The Routing Engine kernel coordinates communication among the Junos OS processes and provides a link to the Packet Forwarding Engine. With the J-Web interface and the command-line interface (CLI) to Junos OS, you configure switching features and routing protocols and set the properties of network interfaces on your switch. After activating a software configuration, use either the J-Web or CLI user interface to monitor the switch, manage operations, and diagnose protocol and network connectivity problems. • Routing Engine and Packet Forwarding Engine on page 158 • Junos OS Processes on page 158 Routing Engine and Packet Forwarding Engine A switch has two primary software processing components: • Packet Forwarding Engine—Processes packets; applies filters, routing policies, and other features; and forwards packets to the next hop along the route to their final destination. • Routing Engine—Provides three main functions: • Creates the packet forwarding switch fabric for the switch, providing route lookup, filtering, and switching on incoming data packets, then directing outbound packets to the appropriate interface for transmission to the network • Maintains the routing tables used by the switch and controls the routing protocols that run on the switch. • Provides control and monitoring functions for the switch, including controlling power and monitoring system status. Junos OS Processes Junos OS running on the Routing Engine and Packet Forwarding Engine consists of multiple processes that are responsible for individual functions. The separation of functions provides operational stability, because each process accesses its own protected memory space. In addition, because each process is a separate software package, you can selectively upgrade all or part of Junos OS, for added flexibility. Table 55 on page 393 describes the primary Junos OS processes. 158 Chapter 14: System Setup Overview Related Documentation • For more information about processes, see the Junos OS Network Operations Guide at http://www.juniper.net/techpubs/software/junos/. • For more information about basic system parameters, supported protocols, and software processes, see the Junos OS System Basics Configuration Guide at http://www.juniper.net/techpubs/software/junos/. 159 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 160 CHAPTER 15 Initial Configuration • Connecting and Configuring a J-EX Series Switch (CLI Procedure) on page 161 • Connecting and Configuring a J-EX Series Switch (J-Web Procedure) on page 163 • Configuring the LCD Panel on J-EX Series Switches (CLI Procedure) on page 166 • Configuring Date and Time for the J-EX Series Switch (J-Web Procedure) on page 167 • Configuring System Identity for a J-EX Series Switch (J-Web Procedure) on page 168 Connecting and Configuring a J-EX Series Switch (CLI Procedure) There are two ways to connect and configure a J-EX Series switch: one method is through the console using the CLI and the other is using the J-Web interface. This topic describes the CLI procedure. NOTE: To run the ezsetup script, the switch must have the factory default configuration as the active configuration. If you have configured anything on the switch and want to run ezsetup, revert to the factory default configuration. See “Reverting to the Default Factory Configuration for the J-EX Series Switch” on page 341. Before you begin connecting and configuring a J-EX Series switch through the console using the CLI: • Set the following parameter values in the console server or PC: • Baud Rate—9600 • Flow Control—None • Data—8 • Parity—None 161 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS • Stop Bits—1 • DCD State—Disregard To connect and configure the switch from the console: 1. Connect the console port to a laptop or PC using the RJ-45 to DB-9 serial port adapter. The RJ-45 cable and RJ-45 to DB-9 serial port adapter are supplied with the switch. • J-EX4200 switch—The console port is located on the rear panel of the switch. • J-EX8200 switch—The console port is located on the Switch Fabric and Routing Engine (SRE) module in slot SRE0 in a J-EX8208 switch or on the Routing Engine (RE) module in slot RE0 in a J-EX8216 switch. 2. At the Junos OS shell prompt root%, type ezsetup. 3. Enter the hostname. This is optional. 4. Enter the root password you plan to use for this device. You are prompted to re-enter the root password. 5. Enter yes to enable services like Telnet and SSH. By default, Telnet is not enabled and SSH is enabled. NOTE: When Telnet is enabled, you will not be able to log in to a J-EX Series switch through Telnet using root credentials. Root login is allowed only for SSH access. 6. Use the Management Options page to select the management scenario: NOTE: On J-EX8200 switches, only the out-of-band management option is available. • • Configure in-band management. In this scenario you have the following two options: • Use the default VLAN. • Create a new VLAN—If you select this option, you are prompted to specify the VLAN name, VLAN ID, management IP address, and default gateway. Select the ports that must be part of this VLAN. Configure out-of-band management. Specify the IP address and gateway of the management interface. Use this IP address to connect to the switch. 7. Specify the SNMP Read Community, Location, and Contact to configure SNMP parameters. These parameters are optional. 8. Specify the system date and time. Select the time zone from the list. These options are optional. The configured parameters are displayed. Enter yes to commit the configuration. 162 Chapter 15: Initial Configuration The configuration is committed as the active configuration for the switch. You can now log in with the CLI or the J-Web interface to continue configuring the switch. If you use the J-Web interface to continue configuring the switch, the Web session is redirected to the new management IP address. If the connection cannot be made, the J-Web interface displays instructions for starting a J-Web session. Related Documentation • Connecting and Configuring a J-EX Series Switch (J-Web Procedure) on page 163 • Installing and Connecting a J-EX4200 Switch • Installing and Connecting a J-EX8208 Switch • Installing and Connecting a J-EX8216 Switch Connecting and Configuring a J-EX Series Switch (J-Web Procedure) There are two ways to connect and configure a J-EX Series switch: one method is through the console using the CLI and the other is using the J-Web interface. This topic describes the J-Web procedure. To access the J-Web interface, your management device must have the following software installed: • Operating system: Microsoft Windows XP Service Pack 3 • Browser version: One of the following. Other browsers might work but are not supported by J-Series platforms. • • Microsoft Internet Explorer version 7.0 • Mozilla Firefox version 3.0 Additional requirements: • Only English-language browsers are supported. • The browser and the network must be able to receive and process HTTP/1.1 gzip compressed data. NOTE: Before you begin the configuration, enable a DHCP client on the management PC you will connect to the switch so that the switch can obtain an IP address dynamically. NOTE: Read the following steps before you begin the configuration. You must complete the initial configuration using EZSetup within 10 minutes. The switch exits EZSetup after 10 minutes and reverts to the factory default configuration, and the PC loses connectivity to the switch. The LCD displays a count-down timer when the switch is in initial setup mode. 163 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS To connect and configure the switch using the J-Web interface: 1. Transition the switch into initial setup mode by using the Menu and Enter buttons located to the right of the LCD panel (see Figure 4 on page 164) Figure 4: LCD Panel in a J-EX4200 or J-EX8200 Switch a. Press the Menu button until you see MAINTENANCE MENU. Then press the Enter button. b. Press Menu until you see ENTER EZSetup. Then press Enter. If EZSetup does not appear as an option in the menu, select Factory Default to return the switch to the factory default configuration. EZSetup is displayed in the menu only when the switch is set to the factory default configuration. c. Press Enter to confirm setup and continue with EZSetup. 2. Connect the Ethernet cable from the Ethernet port on the PC to the switch. • J-EX4200 switch—Connect the cable to port 0 (ge-0/0/0) on the front panel of the switch. • J-EX8200 switch—Connect the cable to the port labeled MGMT on the Switch Fabric and Routing Engine (SRE) module in slot SRE0 in a J-EX8208 switch or on the Routing Engine (RE) module in slot RE0 in a J-EX8216 switch. These ports are configured as the DHCP server with the default IP address, 192.168.1.1. The switch can assign an IP address to the management PC in the IP address range 192.168.1.2 through 192.168.1.253. 3. From the PC, open a Web browser, type http://192.168.1.1 in the address field, and press Enter. 4. On the J-Web login page, type root as the username, leave the password field blank, and click Login. 5. On the Introduction page, click Next. 6. On the Basic Settings page, modify the hostname, the root password, and date and time settings: a. Enter the hostname. This is optional. b. Enter a password and reenter the password. c. Specify the time zone. 164 Chapter 15: Initial Configuration d. Synchronize the date and time settings of the switch with the management PC or set them manually by selecting the appropriate option button. This is optional. e. Click Next. 7. Use the Management Options page to select the management scenario: NOTE: On J-EX8200 switches, only the out-of-band management option is available. • In-band Management—Use VLAN 'default' for management. Select this option to configure all data interfaces as members of the default VLAN. Click Next. Specify the management IP address and the default gateway for the default VLAN. • In-band Management—Create new VLAN for management. Select this option to create a management VLAN. Click Next. Specify the VLAN name, VLAN ID, member interfaces, management IP address, and default gateway for the new VLAN. • Out-of-band Management—Configure management port. Select this option to configure only the management interface. Click Next. Specify the IP address and default gateway for the management interface. 8. Click Next. 9. On the Manage Access page, you may select options to enable Telnet, SSH, and SNMP services. For SNMP, you can configure the read community, location, and contact. 10. Click Next. The Summary screen displays the configured settings. 11. Click Finish. The configuration is committed as the active switch configuration. You can now log in with the CLI or the J-Web interface to continue configuring the switch. If you use the J-Web interface to continue configuring the switch, the Web session is redirected to the new management IP address. If the connection cannot be made, the J-Web interface displays instructions for starting a J-Web session. NOTE: After the configuration is committed, the connectivity between the PC and the switch might be lost. To renew the connection, release and renew the IP address by executing the appropriate commands on the management PC or by removing and reinserting the Ethernet cable. Related Documentation • Connecting and Configuring a J-EX Series Switch (CLI Procedure) on page 161 • Installing and Connecting a J-EX4200 Switch 165 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS • Installing and Connecting a J-EX8208 Switch • Installing and Connecting a J-EX8216 Switch Configuring the LCD Panel on J-EX Series Switches (CLI Procedure) The LCD panel on the front panel of J-EX Series switches displays a variety of information about the switch in the Status menu and provides the Maintenance menu to allow you to perform basic operations such as initial setup and reboot. You can disable these menus or individual menu options if you do not want switch users to use them. You can also set a custom message that will be displayed on the panel. This topic describes: • Disabling or Enabling Menus and Menu Options on the LCD Panel on page 166 • Configuring a Custom Display Message on page 167 Disabling or Enabling Menus and Menu Options on the LCD Panel By default, the Maintenance menu, the Status menu, and the options in those menus in the LCD panel are enabled. Users can configure and troubleshoot the switch using the Maintenance menu and view certain details about the switch using the Status menu. If you do not want users to be able to use those menus or use some of the menu options, you can disable the menus or individual menu options. You can re-enable the menus or menu options. Issue the show chassis lcd operational mode command to see which menus and menu options are currently enabled. NOTE: On some platforms you must specify an FPC slot number in these commands. See the lcd-menu statement for details. To disable a menu: [edit] user@switch# set chassis lcd-menu menu-item menu-name disable To enable a menu: [edit] user@switch# delete chassis lcd-menu menu-item menu-name disable To disable a menu option: [edit] user@switch# set chassis lcd-menu menu-item menu-option disable To enable a menu option: [edit] user@switch# delete chassis lcd-menu menu-item menu-option disable 166 Chapter 15: Initial Configuration Configuring a Custom Display Message You can configure the second line of the LCD to display a custom message temporarily for 5 minutes or permanently. To display a custom message temporarily: • On a standalone J-EX4200 switch or a J-EX8200 switch: user@switch> set chassis display message message • On a J-EX4200 switch in a Virtual Chassis configuration: user@switch> set chassis display message message fpc-slot slot-number To display a custom message permanently: • On a standalone J-EX4200 switch or a J-EX8200 switch: user@switch> set chassis display message message permanent • On a J-EX4200 switch in a Virtual Chassis configuration: user@switch> set chassis display message message fpc-slot slot-number permanent NOTE: The Menu button and the Enter button are disabled if the LCD is configured to display a custom message. To disable the display of the custom message: user@switch> clear chassis display message You can view the custom message by issuing the command show chassis lcd. Related Documentation • LCD Panel in J-EX4200 Switches • LCD Panel in a J-EX8200 Switch Configuring Date and Time for the J-EX Series Switch (J-Web Procedure) To configure date and time on a J-EX Series switch: 1. Select Configure > System Properties > Date & Time. 2. To modify the information, click Edit. Enter information into the Edit Date & Time page as described in Table 31 on page 168. 3. Click one: • To apply the configuration, click OK. • To cancel your entries and return to the System Properties page, click Cancel. 167 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS NOTE: After you make changes to the configuration in this page, you must commit the changes for them to take effect. To commit all changes to the active configuration, select Commit Options > Commit. See “Using the Commit Options to Commit Configuration Changes (J-Web Procedure)” on page 334 for details about all commit options. Table 31: Date and Time Settings Time Function Your Action Time Zone Identifies the timezone that the switching platform is located in. Select the appropriate time zone from the list. Set Time Synchronizes the system time with that of the NTP server. You can also manually set the system time and date. To immediately set the time, click one: • Synchronize with PC time—The switch synchronizes the time with that of the PC. • NTP Servers—The switch sends a request to the NTP server and synchronizes the system time. • Related Documentation • Manual—A pop-up window allows you to select the current date and time from a list. J-Web User Interface for J-EX Series Switches Overview on page 129 Configuring System Identity for a J-EX Series Switch (J-Web Procedure) To configure identification details for a J-EX Series switch: 1. Select Configure > System Properties > System Identity. The System Identity page displays configuration details. 2. To modify the configuration, click Edit. Enter information into the System Identity page as described in Table 32 on page 169. NOTE: After you make changes to the configuration in this page, you must commit the changes for them to take effect. To commit all changes to the active configuration, select Commit Options > Commit. See “Using the Commit Options to Commit Configuration Changes (J-Web Procedure)” on page 334 for details about all commit options. 168 Chapter 15: Initial Configuration Table 32: Set Up Configuration Summary Field Function Your Action Host Name Defines the hostname of the switching platform. Type the hostname. Domain Name Defines the network or subnetwork that the machine belongs to. Type the domain name. Root Password Sets the root password that user root can use to log in to the switching platform. Type a plain-text password. The system encrypts the password. NOTE: After a root password has been defined, it is required when you log in to the J-Web user interface or the CLI. Confirm Root Password Verifies that the root password has been typed correctly. Retype the password. DNS Name Servers Specifies a DNS server for the switching platform to use to resolve hostnames into addresses. To add an IP address, click Add. To edit an IP address, click Edit. To delete an IP address, click Delete. Domain Search Specifies the domains to be searched. To add a domain, click Add. To edit a domain click Edit. To delete a domain, click Delete. Related Documentation • Configuring Date and Time for the J-EX Series Switch (J-Web Procedure) on page 167 169 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 170 CHAPTER 16 Configuration Statements for System Setup arp Syntax Hierarchy Level Release Information arp { aging-timer minutes; passive-learning; } [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Description Specify ARP options. You can enable backup VRRP routers to learn ARP requests for VRRP-IP to VRRP-MAC address translation. You can also set the time interval between ARP updates. Options aging-timer—Time interval in minutes between ARP updates. In environments where the number of ARP entries to update is high (for example, on routers only, metro Ethernet environments), increasing the time between updates can improve system performance. passive-learning—Configures backup VRRP routers or switches to learn the ARP mappings (IP-to-MAC address) for hosts sending the requests. By default, the backup VRRP router drops these requests; therefore, if the master router fails, the backup router must learn all entries present in the ARP cache of the master router. Configuring passive learning reduces transition delay when the backup router is activated. Default: 20 minutes Range: 5 to 240 minutes Required Privilege Level Related Documentation system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS ARP Learning and Aging Options for Mapping IPv4 Network Addresses to MAC Addresses • Junos OS Network Interfaces Configuration Guide 171 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS authentication-key Syntax Hierarchy Level Release Information Description authentication-key key-number type type value password; [edit system ntp] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure Network Time Protocol (NTP) authentication keys so that the router or switch can send authenticated packets. If you configure the router or switch to operate in authenticated mode, you must configure a key. Both the keys and the authentication scheme (MD5) must be identical between a set of peers sharing the same key number. Options key-number—Positive integer that identifies the key. type type—Authentication type. It can only be md5. value password—The key itself, which can be from 1 through 8 ASCII characters. If the key contains spaces, enclose it in quotation marks. Required Privilege Level Related Documentation 172 system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring NTP Authentication Keys • broadcast on page 174 • peer on page 194 • server on page 197 • trusted-key on page 200 Chapter 16: Configuration Statements for System Setup auxiliary Syntax Hierarchy Level Release Information Description Default Options auxiliary { type terminal-type; } [edit system ports] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure the characteristics of the auxiliary port. The auxiliary port is disabled. type terminal-type—Type of terminal that is connected to the port. Range: ansi, vt100, small-xterm, xterm Default: The terminal type is unknown, and the user is prompted for the terminal type. Required Privilege Level Related Documentation system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS to Set Console and Auxiliary Port Properties boot-server (NTP) Syntax Hierarchy Level Release Information Description boot-server address; [edit system ntp] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure the server that NTP queries when the router or switch boots to determine the local date and time. When you boot the router or switch, it issues an ntpdate request, which polls a network server to determine the local date and time. You need to configure a server that the router or switch uses to determine the time when the router or switch boots. Otherwise, NTP will not be able to synchronize to a time server if the server’s time appears to be very far off of the local router’s or switch’s time. Options Required Privilege Level Related Documentation address—Address of an NTP server. You must specify an address, not a hostname. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Synchronizing and Coordinating Time Distribution Using NTP 173 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS broadcast Syntax Hierarchy Level Release Information Description Options broadcast address ; [edit system ntp] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure the local router or switch to operate in broadcast mode with the remote system at the specified address. In this mode, the local router or switch sends periodic broadcast messages to a client population at the specified broadcast or multicast address. Normally, you include this statement only when the local router or switch is operating as a transmitter. address—The broadcast address on one of the local networks or a multicast address assigned to NTP. You must specify an address, not a hostname. If the multicast address is used, it must be 224.0.1.1. key key-number—(Optional) All packets sent to the address include authentication fields that are encrypted using the specified key number. Range: Any unsigned 32-bit integer ttl value—(Optional) Time-to-live (TTL) value to use. Range: 1 through 255 Default: 1 version value—(Optional) Specify the version number to be used in outgoing NTP packets. Range: 1 through 4 Default: 4 Required Privilege Level Related Documentation 174 system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the NTP Time Server and Time Services Chapter 16: Configuration Statements for System Setup broadcast-client Syntax broadcast-client; Hierarchy Level [edit system ntp] Release Information Description Required Privilege Level Related Documentation Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure the local router or switch to listen for broadcast messages on the local network to discover other servers on the same subnet. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Router or Switch to Listen for Broadcast Messages Using NTP 175 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS console (Physical Port) Syntax Hierarchy Level Release Information Description Default Options console { disable; insecure; log-out-on-disconnect; type terminal-type; } [edit system ports] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure the characteristics of the console port. The console port is enabled and its speed is 9600 baud. disable—Disable console login connections. insecure—Disable root login connections to the console and auxiliary ports. Configuring the console port as insecure also prevents superusers and anyone with a user identifier (UID) of 0 from establishing terminal connections in multiuser mode. log-out-on-disconnect—Log out the session when the data carrier on the console port is lost. type terminal-type—Type of terminal that is connected to the port. Range: ansi, vt100, small-xterm, xterm Default: The terminal type is unknown, and the user is prompted for the terminal type. Required Privilege Level Related Documentation 176 system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS to Set Console and Auxiliary Port Properties Chapter 16: Configuration Statements for System Setup default-address-selection Syntax Hierarchy Level Release Information Description Default Required Privilege Level Related Documentation default-address-selection; [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Use the loopback interface, lo0, as the source address for all locally generated IP packets. The lo0 interface is the interface to the router’s or switch’s Routing Engine. The outgoing interface is used as the source address. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS to Select a Fixed Source Address for Locally Generated TCP/IP Packets • Junos OS Network Interfaces Configuration Guide domain-name (Router) Syntax Hierarchy Level Release Information Description Options Required Privilege Level Related Documentation domain-name domain-name; [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure the name of the domain in which the router or switch is located. This is the default domain name that is appended to hostnames that are not fully qualified. domain-name—Name of the domain. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Domain Name for the Router or Switch 177 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS gre-path-mtu-discovery Syntax Hierarchy Level Release Information Description Default Required Privilege Level Related Documentation (gre-path-mtu-discovery | no-gre-path-mtu-discovery); [edit system internet-options] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure path MTU discovery for outgoing GRE tunnel connections: • gre-path-mtu-discovery—Path MTU discovery is enabled. • no-gre-path-mtu-discovery—Path MTU discovery is disabled. Path MTU discovery is enabled. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS for Path MTU Discovery on Outgoing GRE Tunnel Connections host-name Syntax Hierarchy Level Release Information [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Description Set the hostname of the router or switch. Options hostname—Name of the router or switch. Required Privilege Level Related Documentation 178 host-name hostname; system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Hostname of the Router or Switch Chapter 16: Configuration Statements for System Setup icmpv4-rate-limit Syntax Hierarchy Level Release Information Description Options icmpv4-rate-limit { bucket-size seconds; packet-rate pps; } [edit system internet-options] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure rate-limiting parameters for ICMPv4 messages sent. bucket-size seconds—Number of seconds in the rate-limiting bucket. Range: 0 through 4294967295 seconds Default: 5 packet-rate pps—Rate-limiting packets earned per second. Range: 0 through 4294967295 pps Default: 1000 Required Privilege Level Related Documentation admin—To view this statement in the configuration. admin-control—To add this statement to the configuration. • Configuring the Junos OS ICMPv4 Rate Limit for ICMPv4 Routing Engine Messages 179 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS icmpv6-rate-limit Syntax Hierarchy Level Release Information Description Options icmpv6-rate-limit { bucket-size seconds; packet-rate packet-rate; } [edit system internet-options] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure rate-limiting parameters for ICMPv6 messages sent. bucket-size seconds—Number of seconds in the rate-limiting bucket. Range: 0 through 4294967295 seconds Default: 5 packet-rate pps—Rate-limiting packets earned per second. Range: 0 through 4294967295 pps Default: 1000 Required Privilege Level Related Documentation 180 admin—To view this statement in the configuration. admin-control—To add this statement to the configuration. • Configuring the Junos OS ICMPv6 Rate Limit for ICMPv6 Routing Engine Messages Chapter 16: Configuration Statements for System Setup inet6-backup-router Syntax Hierarchy Level Release Information Description Options inet6-backup-router address ; [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Set a default router (running IP version 6 [IPv6]) to use while the local router or switch (running IPv6) is booting and if the routing protocol processes fail to start. The Junos OS removes the route to this router or switch as soon as the software starts. address—Address of the default router. destination destination-address—(Optional) Destination address that is reachable through the backup router. Include this option to achieve network reachability while loading, configuring, and recovering the router or switch, but without the risk of installing a default route in the forwarding table. Default: All hosts (default route) are reachable through the backup router. Required Privilege Level Related Documentation system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring a Backup Router 181 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS internet-options Syntax Hierarchy Level Release Information Description internet-options { (gre-path-mtu-discovery | no-gre-path-mtu-discovery); icmpv4-rate-limit bucket-size bucket-size packet-rate packet-rate; icmpv6-rate-limit bucket-size bucket-size packet-rate packet-rate; (ipip-path-mtu-discovery | no-ipip-path-mtu-discovery); ipv6-duplicate-addr-detection-transmits; (ipv6-reject-zero-hop-limit | no-ipv6-reject-zero-hop-limit); (ipv6-path-mtu-discovery | no-ipv6-path-mtu-discovery); ipv6-path-mtu-discovery-timeout; no-tcp-rfc1323; no-tcp-rfc1323-paws; (path-mtu-discovery | no-path-mtu-discovery); source-port upper-limit ; (source-quench | no-source-quench); tcp-drop-synfin-set; tcp-mss mss-value; } [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure system IP options to protect against certain types of DoS attacks. The remaining statements are explained separately. Required Privilege Level Related Documentation 182 admin—To view this statement in the configuration. admin-control—To add this statement to the configuration. • Configuring the Junos OS ICMPv4 Rate Limit for ICMPv4 Routing Engine Messages • Configuring the Junos OS ICMPv6 Rate Limit for ICMPv6 Routing Engine Messages • Configuring the Junos OS for IP-IP Path MTU Discovery on IP-IP Tunnel Connections • Configuring the Junos OS for Path MTU Discovery on Outgoing GRE Tunnel Connections • Configuring the Junos OS for Path MTU Discovery on Outgoing TCP Connections • Configuring the Junos OS for IPv6 Duplicate Address Detection Attempts • Configuring the Junos OS for Acceptance of IPv6 Packets with a Zero Hop Limit • Configuring the Junos OS to Ignore ICMP Source Quench Messages • Configuring the Junos OS to Enable the Router or Switch to Drop Packets with the SYN and FIN Bits Set • Configuring the Junos OS to Disable TCP RFC 1323 Extensions • Configuring the Junos OS to Disable the TCP RFC 1323 PAWS Extension • Configuring the Junos OS to Extend the Default Port Address Range • Configuring TCP MSS for Session Negotiation Chapter 16: Configuration Statements for System Setup ipip-path-mtu-discovery Syntax Hierarchy Level Release Information Description Default Required Privilege Level Related Documentation (ipip-path-mtu-discovery | no-ipip-path-mtu-discovery); [edit system internet-options] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure path MTU discovery for outgoing IP-IP tunnel connections: • ipip-path-mtu-discovery—Path MTU discovery is enabled. • no-ipip-path-mtu-discovery—Path MTU discovery is disabled. Path MTU discovery is enabled. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS for IP-IP Path MTU Discovery on IP-IP Tunnel Connections ipv6-duplicate-addr-detection-transmits Syntax Hierarchy Level Release Information Description Default Required Privilege Level Related Documentation ipv6-duplicate-addr-detection-transmits; [edit system internet-options] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Control the number of attempts for IPv6 duplicate address detection. The default value is 3. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS for IPv6 Duplicate Address Detection Attempts 183 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS ipv6-path-mtu-discovery Syntax Hierarchy Level Release Information Description Default Required Privilege Level Related Documentation (ipv6-path-mtu-discovery | no-ipv6-path-mtu-discovery); [edit system internet-options] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure path MTU discovery for IPv6 packets: • ipv6-path-mtu-discovery—IPv6 path MTU discovery is enabled. • no-ipv6-path-mtu-discovery—IPv6 path MTU discovery is disabled. IPv6 path MTU discovery is enabled. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS for IPv6 Path MTU Discovery ipv6-path-mtu-discovery-timeout Syntax Hierarchy Level Release Information Description Options ipv6-path-mtu-discovery-timeout minutes; [edit system internet-options] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Set the IPv6 path MTU discovery timeout interval. minutes—IPv6 path MTU discovery timeout. Default: 10 minutes Required Privilege Level Related Documentation 184 system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS for IPv6 Path MTU Discovery Chapter 16: Configuration Statements for System Setup ipv6-reject-zero-hop-limit Syntax Hierarchy Level Release Information Description Required Privilege Level Related Documentation (ipv6-reject-zero-hop-limit | no-ipv6-reject-zero-hop-limit); [edit system internet-options] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Enable and disable rejecting incoming IPv6 packets with a zero hop limit value in their header. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS for Acceptance of IPv6 Packets with a Zero Hop Limit 185 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS lcd-menu Syntax J-EX4200 switch: lcd-menu fpc slot-number { menu-item (menu-name | menu-option); } J-EX8200 switch: lcd-menu { menu-item (menu-name | menu-option); } Hierarchy Level Release Information Description Options [edit chassis] Statement introduced in Junos OS Release 10.2 for J-EX Series switches. Disable or enable the Maintenance menu or the Status menu in the LCD panel. none—(J-EX8200 switches only) Disable or enable the specified menu or menu options. fpc slot-number—(J-EX4200 switches only) Disable or enable the specified menu or menu options, where slot-number is: • 0—On a standalone J-EX4200 switch • 0–9—On a J-EX4200 switch in a Virtual Chassis. The value is the member ID of the switch. The remaining statement is explained separately. Required Privilege Level Related Documentation 186 view-level—To view this statement in the configuration. control-level—To add this statement to the configuration. • Configuring the LCD Panel on J-EX Series Switches (CLI Procedure) on page 166 • LCD Panel in J-EX4200 Switches • LCD Panel in a J-EX8200 Switch Chapter 16: Configuration Statements for System Setup location Syntax Hierarchy Level Release Information Description Options location { altitude feet; building name; country-code code; floor number; hcoord horizontal-coordinate; lata service-area; latitude degrees; longitude degrees; npa-nxx number; postal-code postal-code; rack number; vcoord vertical-coordinate; } [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure the system location in various formats. altitude feet—Number of feet above sea level. building name—Name of building. The name of the building can be 1 to 28 characters in length. If the string contains spaces, enclose it in quotation marks (" "). country-code code—Two-letter country code. floor number—Floor in the building. hcoord horizontal-coordinate—Bellcore Horizontal Coordinate. lata service-area—Long-distance service area. latitude degrees—Latitude in degree format. longitude degrees—Longitude in degree format. npa-nxx number—First six digits of the phone number (area code and exchange). postal-code postal-code—Postal code. rack number—Rack number. vcoord vertical-coordinate—Bellcore Vertical Coordinate. Required Privilege Level Related Documentation system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Physical Location of the Router or Switch 187 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS menu-item Syntax Hierarchy Level Release Information Description Options menu-item (menu-name | menu-option); [edit chassis lcd-menu] Statement introduced in Junos OS Release 10.2 for J-EX Series switches. Disable or enable the Maintenance menu, the Status menu, or an individual option in one of those menus in the LCD panel. menu-name—Name of the LCD menu: • maintenance-menu • status-menu menu-option—Specific option on one of the LCD menus. You must include the quotation marks when you type the option. • ''maintenance-menu halt-menu''—System halt option • ''maintenance-menu system-reboot''—System reboot option • ''maintenance-menu rescue-config''—Load rescue option • ''maintenance-menu vc-uplink-config''—(J-EX4200 switches only) Request VC port option for a J-EX4200 switch in a Virtual Chassis configuration • ''maintenance-menu factory-default''—Factory default option • ''status-menu vcp-status''—(J-EX4200 switches only) Virtual Chassis port (VCP) status for a J-EX4200 switch in a Virtual Chassis configuration • ''status-menu sf-status1-menu''—(J-EX8200 switches only) Status of the switch fabric on the Switch Fabric and Routing Engine (SRE) module in slot SRE0 on J-EX8208 switches. Status of the switch fabric on the Switch Fabric (SF) modules in slots SF0 and SF1 on J-EX8216 switches. • ''status-menu sf-status2-menu''—(J-EX8200 switches only) Status of the switch fabric on the SRE module in slot SRE1 on J-EX8208 switches. Status of the switch fabric on the SF modules in slots SF2–SF5 on J-EX8216 switches. • ''status-menu sf-status3-menu''—(J-EX8216 switches only) Status of the switch fabric on the SF modules in slots SF6 and SF7 • ''status-menu power-status''—(J-EX4200 switches only) Status of the power supply • ''status-menu psu-status1-menu''—(J-EX8200 switches only) Status of the power supplies in slots P0 and P1 • ''status-menu psu-status2-menu''—(J-EX8200 switches only) Status of the power supplies in slots P2–P5 • 188 ''status-menu environ-status''—Status of the fan and the temperature Chapter 16: Configuration Statements for System Setup • ''status-menu show-version''—The version of Junos OS for J-EX Series switches loaded on the switch Required Privilege Level Related Documentation view-level—To view this statement in the configuration. control-level—To add this statement to the configuration. • Configuring the LCD Panel on J-EX Series Switches (CLI Procedure) on page 166 • LCD Panel in J-EX4200 Switches • LCD Panel in a J-EX8200 Switch multicast-client Syntax Hierarchy Level Release Information Description Options multicast-client ; [edit system ntp] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. For NTP, configure the local router or switch to listen for multicast messages on the local network to discover other servers on the same subnet. address—(Optional) One or more IP addresses. If you specify addresses, the router or switch joins those multicast groups. Default: 224.0.1.1. Required Privilege Level Related Documentation system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Router or Switch to Listen for Multicast Messages Using NTP 189 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS no-multicast-echo Syntax Hierarchy Level Release Information Description Default Required Privilege Level Related Documentation no-multicast-echo; [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Disable the Routing Engine from responding to ICMP echo requests sent to multicast group addresses. The Routing Engine responds to ICMP echo requests sent to multicast group addresses. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS to Disable the Routing Engine Response to Multicast Ping Packets no-ping-record-route Syntax Hierarchy Level Release Information Description Required Privilege Level Related Documentation 190 no-ping-record-route; [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure the Junos OS to disable the reporting of the IP address in ping responses. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS to Disable the Reporting of IP Address and Timestamps in Ping Responses Chapter 16: Configuration Statements for System Setup no-ping-time-stamp Syntax Hierarchy Level Release Information Description Required Privilege Level Related Documentation no-ping-time-stamp; [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure the Junos OS to disable the recording of timestamps in ping responses. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS to Disable the Reporting of IP Address and Timestamps in Ping Responses no-redirects Syntax Hierarchy Level Release Information Description no-redirects; [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Disable the sending of protocol redirect messages by the router or switch. To disable the sending of redirect messages on a per-interface basis, include the no-redirects statement at the [edit interfaces interface-name unit logical-unit-number family family] hierarchy level. Default Required Privilege Level Related Documentation The router or switch sends redirect messages. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS to Disable Protocol Redirect Messages on the Router or Switch • Junos OS Network Interfaces Configuration Guide 191 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS no-tcp-rfc1323 Syntax Hierarchy Level Release Information no-tcp-rfc1323; [edit system internet-options] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Description Configure the Junos OS to disable RFC 1323 TCP extensions. Required Privilege Level system—To view this statement in the configuration. system-control—To add this statement to the configuration. Related Documentation • Configuring the Junos OS to Disable TCP RFC 1323 Extensions no-tcp-rfc1323-paws Syntax Hierarchy Level Release Information Description Required Privilege Level Related Documentation 192 no-tcp-rfc1323-paws; [edit system internet-options] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure the Junos OS to disable the RFC 1323 Protection Against Wrapped Sequence (PAWS) number extension. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS to Disable the TCP RFC 1323 PAWS Extension Chapter 16: Configuration Statements for System Setup ntp Syntax Hierarchy Level Release Information Description ntp { authentication-key number type type value password; boot-server address; broadcast ; broadcast-client; multicast-client ; peer address ; server address ; source-address source-address; trusted-key [ key-numbers ]; } [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure NTP on the router or switch. The remaining statements are explained separately. Required Privilege Level Related Documentation system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Synchronizing and Coordinating Time Distribution Using NTP path-mtu-discovery Syntax Hierarchy Level Release Information Description Default Required Privilege Level Related Documentation (path-mtu-discovery | no-path-mtu-discovery); [edit system internet-options] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure path MTU discovery for outgoing Transmission Control Protocol (TCP) connections: • path-mtu-discovery—Path MTU discovery is enabled. • no-path-mtu-discovery—Path MTU discovery is disabled. Path MTU discovery is enabled. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS for Path MTU Discovery on Outgoing TCP Connections 193 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS peer Syntax Hierarchy Level Release Information Description Options peer address ; [edit system ntp] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. For NTP, configure the local router or switch to operate in symmetric active mode with the remote system at the specified address. In this mode, the local router or switch and the remote system can synchronize with each other. This configuration is useful in a network in which either the local router or switch or the remote system might be a better source of time. address—Address of the remote system. You must specify an address, not a hostname. key key-number—(Optional) All packets sent to the address include authentication fields that are encrypted using the specified key number. Range: Any unsigned 32-bit integer prefer—(Optional) Mark the remote system as the preferred host, which means that if all other factors are equal, this remote system is chosen for synchronization among a set of correctly operating systems. version value—(Optional) Specify the NTP version number to be used in outgoing NTP packets. Range: 1 through 4 Default: 4 Required Privilege Level Related Documentation 194 system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the NTP Time Server and Time Services Chapter 16: Configuration Statements for System Setup ports Syntax Hierarchy Level Release Information Description ports { auxiliary { type terminal-type; } console { type terminal-type; } } [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure the properties of the console and auxiliary ports. The ports are located on the router’s craft interface. See the switch’s hardware documentation for port locations. The remaining statements are explained separately. Required Privilege Level Related Documentation system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the Junos OS to Set Console and Auxiliary Port Properties 195 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS processes Syntax Hierarchy Level Release Information Description processes { process-name (enable | disable) failover (alternate-media | other-routing-engine); timeout seconds; } [edit system] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure which Junos OS processes are running on the router or switch. CAUTION: Never disable any of the software processes unless instructed to do so by a customer support engineer. Default Options All processes are enabled by default. (enable | disable)—(Optional) Enable or disable a specified process. failover (alternate-media | other-routing-engine)—(Optional) For routers or switches with redundant Routing Engines only, switch to backup media if a process fails repeatedly. If a process fails four times within 30 seconds, the router or switch reboots from the alternate media or the other Routing Engine. process-name—One of the valid process names. You can obtain a complete list of process names by using the CLI command completion feature. After specifying a process name, command completion also indicates any additional options for that process. timeout seconds—(Optional) How often the system checks the watchdog timer, in seconds. If the watchdog timer has not been checked in the specified number of seconds, the system reloads. If you set the time value too low, it is possible for the system to reboot immediately after it loads. Values: 15, 60, or 180 Default: 180 seconds (rounded up to 291 seconds by the Junos OS kernel) Required Privilege Level Related Documentation 196 system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Disabling Junos OS Processes Chapter 16: Configuration Statements for System Setup server (NTP) Syntax Hierarchy Level Release Information Description Options server address ; [edit system ntp] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. For NTP, configure the local router or switch to operate in client mode with the remote system at the specified address. In this mode, the local router or switch can be synchronized with the remote system, but the remote system can never be synchronized with the local router or switch. address—Address of the remote system. You must specify an address, not a hostname. key key-number—(Optional) Use the specified key number to encrypt authentication fields in all packets sent to the specified address. Range: Any unsigned 32-bit integer prefer—(Optional) Mark the remote system as preferred host, which means that if all other things are equal, this remote system is chosen for synchronization among a set of correctly operating systems. version value—(Optional) Specify the version number to be used in outgoing NTP packets. Range: 1 through 4 Default: 4 Required Privilege Level Related Documentation system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring the NTP Time Server and Time Services tcp-drop-synfin-set Syntax Hierarchy Level Release Information Description Required Privilege Level Related Documentation tcp-drop-synfin-set; [edit system internet-options] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure the router or switch to drop packets that have both the SYN and FIN bits set. admin—To view this statement in the configuration. admin-control—To add this statement to the configuration. • Configuring the Junos OS to Enable the Router or Switch to Drop Packets with the SYN and FIN Bits Set 197 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS traceoptions (SBC Configuration Process) Syntax Hierarchy Level Release Information Description Options traceoptions { file filename ; flag flag; } [edit system processes sbc-configuration-process] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. Configure trace options for the session border controller (SBC) process of the border signaling gateway (BSG). file filename—Name of the file that receives the output of the tracing operation. Enclose the name in quotation marks. All files are placed in the directory /var/log. You can include the following file options: • files number—(Optional) Maximum number of trace files. When a trace file named trace-file reaches its maximum size, it is renamed trace-file.0, then trace-file.1, and so on, until the maximum number of trace files is reached. Then the oldest trace file is overwritten. If you specify a maximum number of files, you must also specify a maximum file size with the size option and a filename. Range: 2 through 1000 Default: 3 files • match regex—(Optional) Refine the output to include lines that contain the regular expression. • no-world-readable—(Optional) Disable unrestricted file access. • size size—(Optional) Maximum size of each trace file, in kilobytes (KB), megabytes (MB), or gigabytes (GB). When a trace file named trace-file reaches this size, it is renamed trace-file.0. When the trace-file again reaches its maximum size, trace-file.0 is renamed trace-file.1 and trace-file is renamed trace-file.0. This renaming scheme continues until the maximum number of trace files is reached. Then the oldest trace file is overwritten. If you specify a maximum file size, you also must specify a maximum number of trace files with the files option and filename. Syntax: xk to specify KB, xm to specify MB, or xg to specify GB. Range: 10 KB through 1 GB Default: 128 KB • world-readable—(Optional) Enable unrestricted file access. flag flag—Tracing operation to perform. To specify more than one tracing operation, include multiple flag statements. You can include the following flags: 198 Chapter 16: Configuration Statements for System Setup • all trace-level—Trace all SBC process operations. • common trace-level—Trace common events. • configuration trace-level—Trace configuration events. • device-monitor trace-level—Trace device monitor events. • ipc trace-level—Trace IPC events. • memory—pool trace-level—Trace memory pool events. • trace-level—Trace level options are related to the severity of the event being traced. When you choose a trace level, messages at that level and higher levels are captured. Enter one of the following trace levels as the trace-level: • debug—Log all code flow of control. • error—Log failures with a short-term effect. • info—Log summary for normal operations, such as the policy decisions made for a call. • Required Privilege Level Related Documentation • trace—Log program trace START and EXIT macros. • warning—Log failure recovery events or failure of an external entity. ui trace-level—Trace user interface operations. system—To view this statement in the configuration. system-control—To add this statement to the configuration. • See “Troubleshooting the IMSG” in the Junos OS Multiplay Solutions Guide • System Management Configuration Statements 199 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS trusted-key Syntax Hierarchy Level Release Information Description Options trusted-key [ key-numbers ]; [edit system ntp] Statement introduced before Junos OS Release 10.2 for J-EX Series switches. For NTP, configure the keys you are allowed to use when you configure the local router or switch to synchronize its time with other systems on the network. key-numbers—One or more key numbers. Each key can be any 32-bit unsigned integer except 0. Required Privilege Level Related Documentation 200 system—To view this statement in the configuration. system-control—To add this statement to the configuration. • Configuring NTP Authentication Keys • authentication-key on page 172 • broadcast on page 174 • peer on page 194 • server on page 197 CHAPTER 17 Operational Mode Commands for System Setup 201 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS clear chassis display message Syntax Release Information Description Options Required Privilege Level Related Documentation List of Sample Output Output Fields clear chassis display message clear chassis display message Command introduced before Junos OS Release 10.2 for J-EX Series switches. Clear or stop a text message on the craft interface display, which is on the front of the router or on the LCD panel display on the switch. The craft interface alternates the display of text messages with standard craft interface messages, switching between messages every 2 seconds. By default, on both the router and the switch, the text message is displayed for 5 minutes. The craft interface display has four 20-character lines. The LCD panel display has two 16-character lines, and text messages appear only on the second line. none—Clear or stop a text message on the craft interface display. clear • Configuring the LCD Panel Display on J-EX Series Switches (CLI Procedure) on page 166 • set chassis display message on page 233 • show chassis craft-interface clear chassis display message on page 202 See show chassis craft-interface for an explanation of output fields. The following example displays and then clears the text message on the craft interface display: user@host> show chassis craft-interface Red alarm: LED off, relay off Yellow alarm: LED off, relay off Host OK LED: On Host fail LED: Off FPCs 0 1 2 3 4 5 6 7 ------------------------------Green .. *.. * *. Red ........ LCD screen: +--------------------+ |NOC contact Dusty | |(888) 526-1234 | +--------------------+ user@host> clear chassis display message user@host> show chassis craft-interface Red alarm: LED off, relay off Yellow alarm: LED off, relay off Host OK LED: On Host fail LED: Off FPCs 0 1 2 3 4 5 6 7 202 Chapter 17: Operational Mode Commands for System Setup ------------------------------Green .. *.. * *. Red ........ LCD screen: +--------------------+ |host | |Up: 0+17:05:47 | | | |Temperature OK | +--------------------+ 203 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS clear system reboot Syntax clear system reboot Syntax (J-EX Series Switch) clear system reboot Release Information Description Options Command introduced before Junos OS Release 10.2 for J-EX Series switches. Clear any pending system software reboots or halts. none—Clear all pending system software reboots or halts. all-members—(J-EX4200 switches only) (Optional) Clear all halt or reboot requests on all members of the Virtual Chassis configuration. both-routing-engines—(Systems with multiple Routing Engines) (Optional) Clear all halt or reboot requests on both Routing Engines. On a TX Matrix router, clear both Routing Engines on all chassis connected to the TX Matrix router. Likewise, on a TX Matrix Plus router, clear both Routing Engines on all chassis connected to the TX Matrix Plus router. local—(J-EX4200 switches only) (Optional) Clear all halt or reboot requests on the local Virtual Chassis member. member member-id—(J-EX4200 switches only) (Optional) Clear all halt or reboot requests on the specified member of the Virtual Chassis configuration. Replace member-id with a value from 0 through 9. Required Privilege Level Related Documentation List of Sample Output Output Fields 204 maintenance • request system reboot on page 101 clear system reboot on page 205 When you enter this command, you are provided feedback on the status of your request. Chapter 17: Operational Mode Commands for System Setup clear system reboot user@host> clear system reboot reboot requested by root at Sat Dec 12 19:37:34 1998 [process id 17855] Terminating... 205 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS configure Syntax Release Information Description Options configure Command introduced before Junos OS Release 10.2 for J-EX Series switches. Enter configuration mode. When this command is entered without any optional keywords, everyone can make configuration changes and commit all changes made to the configuration. none—Enter configuration mode. dynamic—(Optional) Configure routing policies and certain routing policy objects in a dynamic database that is not subject to the same verification required in the standard configuration database. As a result, the time it takes to commit changes to the dynamic database is much shorter than for the standard configuration database. You can then reference these policies and policy objects in routing policies you configure in the standard database. exclusive—(Optional) Lock the candidate configuration for as long as you remain in configuration mode, allowing you to make changes without interference from other users. Other users can enter and exit configuration mode, but they cannot change the configuration. private—(Optional) Allow multiple users to edit different parts of the configuration at the same time and to commit only their own changes, or to roll back without interfering with one another's changes. You cannot commit changes in configure private mode when another user is in configure exclusive mode. Additional Information Required Privilege Level Related Documentation List of Sample Output Output Fields configure 206 For more information about the different methods of entering configuration mode and the restrictions that apply, see the Junos OS System Basics Configuration Guide. configure • show configuration on page 244 configure on page 206 When you enter this command, you are placed in configuration mode and the system prompt changes from hostname> to hostname#. user@host> configure Entering configuration mode [edit] user@host# Chapter 17: Operational Mode Commands for System Setup op Syntax Release Information Description Options op filename Command introduced before Junos OS Release 10.2 for J-EX Series switches. Execute an op script stored in one of the following locations: • On the router or switch in the /var/db/scripts/op directory • At a remote URL detail—(Optional) Display detailed output. argument-name argument-value—(Optional) Specify one or more arguments to the script. For each argument you include on the command line, you must specify a corresponding value for the argument. key (md5 | sha-256 | sha1) key-value—(Optional) With the option, specify a checksum hash to verify the integrity of the script. You can include the option if the checksum statement is included at the [edit system scripts op file filename] hierarchy level. url url—(Optional) Specify a URL where the script is located. Additional Information Required Privilege Level Related Documentation List of Sample Output For more information about Junos OS op scripts, see the Junos OS Configuration and Operations Automation Guide. maintenance • Executing an Op Script in the Junos OS Configuration and Operations Automation Guide • Executing an Op Script from a Remote Site in the Junos OS Configuration and Operations Automation Guide • checksum • file checksum md5 on page 364 • file checksum sha-256 on page 366 • file checksum sha1 on page 365 op on page 208 op url on page 208 207 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Output Fields op op url 208 When you enter this command, you are provided feedback on the status of your request. user@host> op script1 interface ge-0/2/0.0 protocol inet user@host> op url https://www.juniper.net/fa/2009-04-01.01.slax key md5 8de24d09e1d90b2581bb937d2a5ad590 interface ge-0/2/0.0 protocol inet Chapter 17: Operational Mode Commands for System Setup request chassis pic Syntax Release Information Description request chassis pic (offline | online) fpc-slot slot-number pic-slot slot-number Command introduced before Junos OS Release 10.2 for J-EX Series switches. Control the operation of the PIC. NOTE: To view a list of built-in PICs on the router or switch chassis, use the show chassis hardware command. Options offline—Take the PIC offline. online—Bring the PIC online. fpc-slot slot-number—Flexible PIC Concentrator (FPC) slot number. Replace slot-number with a value appropriate for your router or switch: • J-EX Series switches: • J-EX4200 standalone switches—0. • J-EX4200 switches in a Virtual Chassis configuration—0 through 9 (switch’s member ID). • J-EX8208 switches—0 through 7 (line card). • J-EX8216 switches—0 through 15 (line card). pic-slot slot-number—PIC slot number. For J-EX4200 switches, it is 0 for built-in network interfaces and 1 for interfaces on uplink modules. For J-EX8208 and J-EX8216 switches, it is 0. Required Privilege Level Related Documentation List of Sample Output Output Fields request chassis pic maintenance • show chassis hardware on page 643 • show chassis pic on page 650 request chassis pic on page 209 When you enter this command, you are provided feedback on the status of your request. user@host> request chassis pic pic-slot 0 online fpc-slot 0 FPC 0, PIC 0 is already online 209 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request chassis routing-engine master Syntax Release Information Description request chassis routing-engine master (acquire | release | switch) Command introduced before Junos OS Release 10.2 for J-EX Series switches. For routers or switches with multiple Routing Engines, control which Routing Engine is the master. NOTE: Successive graceful Routing Engine switchover events must be a minimum of 240 seconds (4 minutes) apart after both Routing Engines have come up. If the router or switch displays a warning message similar to “Standby Routing Engine is not ready for graceful switchover. Packet Forwarding Engines that are not ready for graceful switchover might be reset,” do not attempt switchover. If you choose to proceed with switchover, only the Packet Forwarding Engines that were not ready for graceful switchover are reset. None of the Flexible PIC concentrators (FPCs) should spontaneously restart. We recommend that you wait until the warning no longer appears and then proceed with the switchover. Options acquire—Attempt to become the master Routing Engine. release—Request that the other Routing Engine become the master. switch—Toggle mastership between Routing Engines. The acquire, release, and switch options have the following suboptions: no-confirm—(Optional) Do not request confirmation for the switch. force—(Optional) Available only with the acquire option. Force the change to a new master Routing Engine. Additional Information Because both Routing Engines are always running, the transition from one to the other as the master Routing Engine is immediate. However, the changeover interrupts communication to the System and Switch Board (SSB). The SSB takes several seconds to reinitialize the Flexible PIC Concentrators (FPCs) and restart the PICs. Interior gateway protocol (IGP) and BGP convergence times depend on the specific network environment. By default, the Routing Engine in slot 0 (RE0) is the master and the Routing Engine in slot 1 (RE1) is the backup. To change the default master Routing Engine, include the routing-engine statement at the [edit chassis redundancy] hierarchy level in the configuration. For more information, see the Junos OS System Basics Configuration Guide 210 Chapter 17: Operational Mode Commands for System Setup To have the backup Routing Engine become the master Routing Engine, use the request chassis routing-engine master switch command. If you use this command to change the master and then restart the chassis software for any reason, the master reverts to the default setting. NOTE: Although the configurations on the two Routing Engines do not have to be the same and are not automatically synchronized, we recommend making both configurations the same. Required Privilege Level Related Documentation List of Sample Output Output Fields request chassis routing-engine master acquire maintenance • show chassis routing-engine on page 653 request chassis routing-engine master acquire on page 211 request chassis routing-engine master switch on page 211 When you enter this command, you are provided feedback on the status of your request. user@host> request chassis routing-engine master acquire warning: Traffic will be interrupted while the PFE is re-initialized warning: The other routing engine's file system could be corrupted Reset other routing engine and become master ? [yes,no] (no) request chassis routing-engine master switch user@host> request chassis routing-engine master switch warning: Traffic will be interrupted while the PFE is re-initialized Toggle mastership between Routing Engines ? [yes,no] (no) yes Resolving mastership... Complete. The other Routing Engine becomes the master. Switch mastership back to the local Routing Engine: user@host> request chassis routing-engine master switch warning: Traffic will be interrupted while the PFE is re-initialized Toggle mastership between routing engines ? [yes,no] (no) yes Resolving mastership... Complete. The local routing engine becomes the master. 211 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system halt Syntax Syntax (J-EX Series Switch) Release Information Description Options request system halt request system halt Command introduced before Junos OS Release 10.2 for J-EX Series switches. Stop the router or switch software. none—Stop the router or switch software immediately. all-members—(J-EX4200 switches only) (Optional) Halt all members of the Virtual Chassis configuration. at time —(Optional) Time at which to stop the software, specified in one of the following ways: • now—Stop the software immediately. This is the default. • +minutes—Number of minutes from now to stop the software. • yymmddhhmm—Absolute time at which to stop the software, specified as year, month, day, hour, and minute. • hh:mm—Absolute time on the current day at which to stop the software. both-routing-engines—(Optional) Halt both Routing Engines at the same time. local—(J-EX4200 switches only) (Optional) Halt the local Virtual Chassis member. in minutes—(Optional) Number of minutes from now to stop the software. This option is an alias for the at +minutes option. media (compact-flash | disk | removable-compact-flash | usb)—(Optional) Boot medium for next boot. (The options removable-compact-flash and usb pertain to J Series routers only.) 212 Chapter 17: Operational Mode Commands for System Setup media (external | internal)—(J-EX Series switches only) (Optional) Halt the boot media: • external—Halt the external mass storage device. • internal—Halt the internal flash device. member member-id—(J-EX4200 switches only) (Optional) Halt the specified member of the Virtual Chassis configuration. Replace member-id with a value from 0 through 9. message "text"—(Optional) Message to display to all system users before stopping the software. other-routing-engine—(Optional) Halt the other Routing Engine from which the command is issued. For example, if you issue the command from the master Routing Engine, the backup Routing Engine is halted. Similarly, if you issue the command from the backup Routing Engine, the master Routing Engine is halted. slice slice—(J-EX Series switches only) (Optional) Halt a partition on the boot media. This option has the following suboptions: Additional Information Required Privilege Level List of Sample Output Output Fields • 1—Halt partition 1. • 2—Halt partition 2. • alternate—Reboot from the alternate partition. NOTE: If you have a router or switch with two Routing Engines and you want to shut the power off to the router or switch or remove a Routing Engine, you must first halt the backup Routing Engine (if it has been upgraded), then halt the master Routing Engine. To halt a Routing Engine, issue the request system halt command. You can also halt both Routing Engines at the same time by issuing the request system halt both-routing-engines command. maintenance request system halt on page 214 request system halt (in 2 Hours) on page 214 request system halt (Immediately) on page 214 request system halt (at 1:20 AM) on page 214 When you enter this command, you are provided feedback on the status of your request. 213 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system halt user@host> request system halt Halt the system ? [yes,no] (no) yes *** FINAL System shutdown message from root@section2 *** System going down IMMEDIATELY Terminated ... syncing disks... 11 8 done The operating system has halted. Please press any key to reboot. request system halt (in 2 Hours) The following example, which assumes that the time is 5 PM (1700), illustrates three different ways to request that the system stop 2 hours from now: user@host> request system halt at +120 user@host> request system halt in 120 user@host> request system halt at 19:00 request system halt (Immediately) user@host> request system halt at now request system halt (at 1:20 AM) To stop the system at 1:20 AM, enter the following command. Because 1:20 AM is the next day, you must specify the absolute time. user@host> request system halt at yymmdd120 request system halt at 120 Halt the system at 120? [yes,no] (no) yes 214 Chapter 17: Operational Mode Commands for System Setup request system logout Syntax Release Information request system logout (pid pid | terminal terminal | user username) Command introduced before Junos OS Release 10.2 for J-EX Series switches. Description Log out users from the router or switch and the configuration database. If a user held the configure exclusive lock, this command clears the exclusive lock. Options all—(Optional) Log out all sessions owned by a particular PID, terminal session, or user. (On a TX Matrix or TX Matrix Plus router, this command is broadcast to all chassis.) pid pid—Log out the user session using the specified management process identifier (PID). The PID type must be management process. terminal terminal—Log out the user for the specified terminal session. user username—Log out the specified user. Additional Information Required Privilege Level List of Sample Output Output Fields request system logout For information about using the configure exclusive command, see the Junos OS System Basics Configuration Guide. configure request system logout on page 215 When you enter this command, you are provided feedback on the status of your request. user@host> request system logout user tammy all Connection closed by foreign host. 215 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system power-off Syntax Syntax (J-EX Series Switch) Release Information Description Options request system power-off request system power-off Command introduced before Junos OS Release 10.2 for J-EX Series switches. Power off the software. none—Power off the router or switch software immediately. all-members—(J-EX4200 switches only) (Optional) Power off all members of the Virtual Chassis configuration. at time—(Optional) Time at which to power off the software, specified in one of the following ways: • now—Power off the software immediately. This is the default. • +minutes—Number of minutes from now to power off the software. • yymmddhhmm—Absolute time at which to power off the software, specified as year, month, day, hour, and minute. • hh:mm—Absolute time on the current day at which to power off the software. both-routing-engines—(Optional) Power off both Routing Engines at the same time. in minutes—(Optional) Number of minutes from now to power off the software. This option is an alias for the at +minutes option. local—(J-EX4200 switches only) (Optional) Power off the local Virtual Chassis member. media (compact-flash | disk | removable-compact-flash | usb)—(Optional) Boot medium for next boot. (The options removable-compact-flash and usb pertain to the J Series routers only.) 216 Chapter 17: Operational Mode Commands for System Setup media (external | internal)—(J-EX Series switches only) (Optional) Power off the boot media: • external—Power off the external mass storage device. • internal—Power off the internal flash device. member member-id—(J-EX4200 switches only) (Optional) Power off the specified member of the Virtual Chassis configuration. Replace member-id with a value from 0 through 9. message "text"—(Optional) Message to display to all system users before powering off the software. other-routing-engine—(Optional) Power off the other Routing Engine from which the command is issued. For example, if you issue the command from the master Routing Engine, the backup Routing Engine is halted. Similarly, if you issue the command from the backup Routing Engine, the master Routing Engine is halted. slice slice—(J-EX Series switches only) (Optional) Power off a partition on the boot media. This option has the following suboptions: Required Privilege Level List of Sample Output Output Fields request system power-off • 1—Power off partition 1. • 2—Power off partition 2. • alternate—Reboot from the alternate partition. maintenance request system power-off on page 217 When you enter this command, you are provided feedback on the status of your request. user@host> request system power-off message “This router will be powered off in 30 minutes. Please save your data and log out immediately.” warning: This command will not halt the other routing-engine. If planning to switch off power, use the both-routing-engines option. Power Off the system ? [yes,no] (no) yes *** FINAL System shutdown message from remote@nutmeg *** System going down IMMEDIATELY This router will be powered off in 30 minutes. Please save your data and log out immediately. Shutdown NOW! [pid 5177] 217 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system reboot Syntax Syntax (J-EX Series Switch) Release Information Description Options request system reboot request system reboot Command introduced before Junos OS Release 10.2 for J-EX Series switches. Reboot the software. none—Reboot the software immediately. all-members—(J-EX4200 switches only) (Optional) Reboot all members of the Virtual Chassis configuration. at time—(Optional) Time at which to reboot the software, specified in one of the following ways: • now—Stop or reboot the software immediately. This is the default. • +minutes—Number of minutes from now to reboot the software. • yymmddhhmm—Absolute time at which to reboot the software, specified as year, month, day, hour, and minute. • hh:mm—Absolute time on the current day at which to stop the software, specified in 24-hour time. in minutes—(Optional) Number of minutes from now to reboot the software. This option is an alias for the at +minutes option. local—(J-EX4200 switches only) (Optional) Reboot the local Virtual Chassis member. media (compact-flash | disk | removable-compact-flash | usb)—(Optional) Boot medium for next boot. (The options removable-compact-flash and usb pertain to the J Series routers only.) media (external | internal)—(J-EX Series switches only) (Optional) Reboot the boot media: • 218 external—Reboot the external mass storage device. Chapter 17: Operational Mode Commands for System Setup • internal—Reboot the internal flash device. member member-id—(J-EX4200 switches only) (Optional) Reboot the specified member of the Virtual Chassis configuration Replace member-id with a value from 0 through 9. message "text"—(Optional) Message to display to all system users before stopping or rebooting the software. other-routing-engine—(Optional) Reboot the other Routing Engine from which the command is issued. For example, if you issue the command from the master Routing Engine, the backup Routing Engine is rebooted. Similarly, if you issue the command from the backup Routing Engine, the master Routing Engine is rebooted. slice slice—(J-EX Series switches only) (Optional) Reboot a partition on the boot media. This option has the following suboptions: Additional Information • 1—Power off partition 1. • 2—Power off partition 2. • alternate—Reboot from the alternate partition. Reboot requests are recorded in the system log files, which you can view with the show log command (see show log). Also, the names of any running processes that are scheduled to be shut down are changed. You can view the process names with the show system processes command (see show system processes). NOTE: To reboot a router that has two Routing Engines, reboot the backup Routing Engine (if you have upgraded it) first, and then reboot the master Routing Engine. Required Privilege Level Related Documentation List of Sample Output Output Fields request system reboot maintenance • clear system reboot on page 204 request system reboot on page 219 request system reboot (at 2300) on page 220 request system reboot (in 2 Hours) on page 220 request system reboot (Immediately) on page 220 request system reboot (at 1:20 AM) on page 220 When you enter this command, you are provided feedback on the status of your request. user@host> request system reboot Reboot the system ? [yes,no] (no) 219 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system reboot (at 2300) user@host> request system reboot at 2300 message ?Maintenance time!? Reboot the system ? [yes,no] (no) yes shutdown: [pid 186] *** System shutdown message from root@berry.network.net *** System going down at 23:00 request system reboot (in 2 Hours) The following example, which assumes that the time is 5 PM (17:00), illustrates three different ways to request the system to reboot in two hours: user@host> request system reboot at +120 user@host> request system reboot in 120 user@host> request system reboot at 19:00 request system reboot (Immediately) user@host> request system reboot at now request system reboot (at 1:20 AM) To reboot the system at 1:20 AM, enter the following command. Because 1:20 AM is the next day, you must specify the absolute time. user@host> request system reboot at 06060120 request system reboot at 120 Reboot the system at 120? [yes,no] (no) yes 220 Chapter 17: Operational Mode Commands for System Setup request system reboot Syntax Release Information Description request system reboot Command introduced before Junos OS Release 10.2 for J-EX Series switches. Reboot the Junos OS. Reboot requests are recorded in the system log files, which you can view with the show log command. You can view the process names with the show system processes command. Options none—Reboots the software immediately. all-members | local | member member-id—(J-EX4200 switch only) (Optional) Specify which member of the Virtual Chassis to reboot: • all-members—Reboots each switch that is a member of the Virtual Chassis. • local—Reboots the local switch, meaning the switch you are logged into, only. • member member-id—Reboots the specified member switch of the Virtual Chassis. at time—(Optional) Time at which to reboot the software, specified in one of the following ways: • +minutes—Number of minutes from now to reboot the software. • hh:mm—Absolute time on the current day at which to reboot the software, specified in 24-hour time. • now—Stop or reboot the software immediately. This is the default. • yymmddhhmm—Absolute time at which to reboot the software, specified as year, month, day, hour, and minute. in minutes—(Optional) Number of minutes from now to reboot the software. This option is an alias for the at +minutes option. media (external | internal)—(Optional) Boot medium for the next boot. The external option reboots the switch using a software package stored on an external boot source, such as a USB flash drive. The internal option reboots the switch using a software package stored in an internal memory source. message “text”—(Optional) Message to display to all system users before rebooting the software. 221 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS slice (1 | 2 | alternate)—(Optional) Reboot using the specified partition on the boot media. This option has the following suboptions: • 1—Reboot from partition 1. • 2—Reboot from partition 2. • alternate—Reboot from the alternate partition, which is the partition that did not boot the switch at the last bootup. Required Privilege Level Related Documentation Output Fields maintenance • clear system reboot on page 204 When you enter this command, you are provided feedback on the status of your request. request system reboot user@host> request system reboot Reboot the system ? [yes,no] (no) request system reboot (at 2300) user@host> request system reboot at 2300 message ?Maintenance time!? Reboot the system ? [yes,no] (no) yes shutdown: [pid 186] *** System shutdown message from root@berry.network.net *** System going down at 23:00 request system reboot (in 2 Hours) The following example, which assumes that the time is 5 PM (17:00), illustrates three different ways to request the system to reboot in two hours: user@host> request system reboot at +120 user@host> request system reboot in 120 user@host> request system reboot at 19:00 request system reboot (Immediately) user@host> request system reboot at now request system reboot (at 1:20 AM) To reboot the system at 1:20 AM, enter the following command. Because 1:20 AM is the next day, you must specify the absolute time. user@host> request system reboot at 06060120 request system reboot at 120 Reboot the system at 120? [yes,no] (no) yes 222 Chapter 17: Operational Mode Commands for System Setup request system scripts convert Syntax Release Information Description Options request system scripts convert (slax-to-xslt | xslt-to-slax) source source/filename destination destination/ Command introduced before Junos OS Release 10.2 for J-EX Series switches. Convert an Extensible Stylesheet Language Transformations (XSLT) script to Stylesheet Language, Alternative syntaX (SLAX), or convert a SLAX script to XSLT. destination destination/ —Specify a destination for the converted file. Optionally, you can specify a filename for the converted file. If you do not specify a filename, the software assigns one automatically. The default destination filename is the same as the source filename, except the file extension is altered. For example, the software converts a source file called test.xsl to test.slax. The software converts a source file called test1.slax to test1.xsl. slax-to-xslt—Convert a SLAX script to XSLT. source source/filename—Specify a source file that you want to convert. xslt-to-slax—Convert an XSLT script to SLAX. Required Privilege Level List of Sample Output Output Fields maintenance request system scripts convert slax-to-xslt on page 223 request system scripts convert xslt-to-slax on page 223 When you enter this command, you are provided feedback on the status of your request. request system scripts convert slax-to-xslt user@host> request system scripts convert slax-to-xslt source /var/db/scripts/op/script1.slax destination /var/db/scripts/op conversion complete request system scripts convert xslt-to-slax user@host> request system scripts convert xslt-to-slax source /var/db/scripts/commit/script1.xsl destination /var/db/scripts/commit conversion complete 223 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system scripts refresh-from commit Syntax Release Information Description request system scripts refresh-from commit file file-name url url-path Command introduced before Junos OS Release 10.2 for J-EX Series switches. Automatically download the initial Junos OS configuration and a set of standard commit scripts during a Junos XML management protocol/NETCONF session when a switch is brought up for the first time. The Junos XML management protocol equivalent for this operational mode command is: Options file file-name—Name of the file to be downloaded. url url-path—URL of the file to be downloaded. Required Privilege Level Related Documentation maintenance • Understanding Automatic Refreshing of Scripts on J-EX Series Switches on page 323 • Junos XML Management Protocol Guide at http://www.juniper.net/techpubs/software/junos/ • Junos OS NETCONF XML Management Protocol Guide at http://www.juniper.net/techpubs/software/junos/ List of Sample Output request system scripts refresh-from commit file config.txt url http://host1.juniper.net on page 224 request system scripts refresh-from commit file config.txt url http://host1.juniper.net user@switch> request system scripts refresh-from commit file config.txt url http://host1.juniper.net user@switch> 224 Chapter 17: Operational Mode Commands for System Setup request system scripts refresh-from event Syntax Release Information Description request system scripts refresh-from event file file-name url url-path Command introduced before Junos OS Release 10.2 for J-EX Series switches. Automatically download the initial Junos OS configuration and a set of standard event scripts during a Junos XML management protocol/NETCONF session when a switch is brought up for the first time. The Junos XML management protocol equivalent for this operational mode command is: commit file-name> URL Options file file-name—Name of the file to be downloaded. url url-path—URL of the file to be downloaded. Required Privilege Level Related Documentation maintenance • Understanding Automatic Refreshing of Scripts on J-EX Series Switches on page 323 • Junos OS Junos XML Management Protocol Guide at http://www.juniper.net/techpubs/software/junos/ • Junos OS NETCONF XML Management Protocol Guide at http://www.juniper.net/techpubs/software/junos/ List of Sample Output request system scripts refresh-from event file config.txt url http://host1.juniper.net on page 225 request system scripts refresh-from event file config.txt url http://host1.juniper.net user@switch> request system scripts refresh-from event file config.txt url http://host1.juniper.net user@switch> 225 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS request system scripts refresh-from op Syntax Release Information Description request system scripts refresh-from op file file-name url url-path Command introduced before Junos OS Release 10.2 for J-EX Series switches. Automatically download the initial Junos OS configuration and a set of standard op scripts during a Junos XML management protocol/NETCONF session when a switch is brought up for the first time. The Junos XML management protocol equivalent for this operational mode command is: event file-name> URL Options file file-name—Name of the file to be downloaded. url url-path—URL of the file to be downloaded. Required Privilege Level Related Documentation maintenance • Understanding Automatic Refreshing of Scripts on J-EX Series Switches on page 323 • Junos OS Junos XML Management Protocol Guide at http://www.juniper.net/techpubs/software/junos/ • Junos OS NETCONF XML Management Protocol Guide at http://www.juniper.net/techpubs/software/junos/ List of Sample Output request system scripts refresh-from op file config.txt url http://host1.juniper.net on page 226 request system scripts refresh-from op file config.txt url http://host1.juniper.net user@switch> request system scripts refresh-from op file config.txt url http://host1.juniper.net user@switch> 226 Chapter 17: Operational Mode Commands for System Setup request system storage cleanup Syntax Syntax (J-EX Series Switch) Release Information Description Options request system storage cleanup op file-name> URL request system storage cleanup Command introduced before Junos OS Release 10.2 for J-EX Series switches. Free storage space on the router or switch by rotating log files and proposing a list of files for deletion. User input is required for file deletion. all-members—(J-EX4200 switches only) (Optional) Delete files on all members of the Virtual Chassis configuration. dry-run—(Optional) List files proposed for deletion (without deleting them). local—(J-EX4200 switches only) (Optional) Delete files on the local Virtual Chassis member. member member-id—(J-EX4200 switches only) (Optional) Delete files on the specified member of the Virtual Chassis configuration. Replace member-id with a value from 0 through 9. Additional Information Required Privilege Level List of Sample Output Output Fields request system storage cleanup dry-run If logging is configured and being used, the dry-run option will rotate the log files. In that case, the output displays the message “Currently rotating log files, please wait.” If no logging is currently underway, the output displays only a list of files to delete. maintenance request system storage cleanup dry-run on page 227 request system storage cleanup on page 228 When you enter this command, you are provided feedback on the status of your request. user@host> request system storage cleanup dry-run Currently rotating log files, please wait. This operation can take up to a minute. List of files to delete: 11.4K 7245B 11.8K 3926B 3962B 4146B 4708B Size Date Mar 8 15:00 Feb 5 15:00 Feb 22 13:00 Mar 16 13:57 Feb 22 12:47 Mar 8 12:20 Dec 21 11:39 Name /var/log/messages.1.gz /var/log/messages.3.gz /var/log/messages.2.gz /var/log/messages.0.gz /var/log/sampled.1.gz /var/log/sampled.0.gz /var/log/sampled.2.gz 227 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS 7068B 13.7K 890B 65.8M 63.1M request system storage cleanup Jan Dec Feb Oct Oct 16 27 22 26 26 18:00 22:00 17:22 09:10 09:13 /var/log/messages.4.gz /var/log/messages.5.gz /var/tmp/sampled.pkts /var/sw/pkg/jinstall-7.4R1.7-export-signed.tgz /var/sw/pkg/jbundle-7.4R1.7.tgz user@host> request system storage cleanup Currently rotating log files, please wait. This operation can take up to a minute. List of files to delete: 11.4K 7245B 11.8K 3926B 11.6K 7254B 12.9K 3726B 3962B 4146B 4708B 7068B 13.7K 890B 65.8M 63.1M Size Date Mar 8 15:00 Feb 5 15:00 Feb 22 13:00 Mar 16 13:57 Mar 8 15:00 Feb 5 15:00 Feb 22 13:00 Mar 16 13:57 Feb 22 12:47 Mar 8 12:20 Dec 21 11:39 Jan 16 18:00 Dec 27 22:00 Feb 22 17:22 Oct 26 09:10 Oct 26 09:13 Name /var/log/messages.1.gz /var/log/messages.3.gz /var/log/messages.2.gz /var/log/messages.0.gz /var/log/messages.5.gz /var/log/messages.6.gz /var/log/messages.8.gz /var/log/messages.7.gz /var/log/sampled.1.gz /var/log/sampled.0.gz /var/log/sampled.2.gz /var/log/messages.4.gz /var/log/messages.5.gz /var/tmp/sampled.pkts /var/sw/pkg/jinstall-7.4R1.7-export-signed.tgz /var/sw/pkg/jbundle-7.4R1.7.tgz Delete these files ? [yes,no] (yes) 228 Chapter 17: Operational Mode Commands for System Setup restart Syntax restart | sampling | service-deployment | services pgcp gateway gateway-name |sbc-configuration-process | snmp | usb-control| web-management> Syntax (J-EX Series Switch) restart Release Information Description Command introduced before Junos OS Release 10.2 for J-EX Series switches. Restart a Junos OS process. CAUTION: Never restart a software process unless instructed to do so by a customer support engineer. A restart might cause the router or switch to drop calls and interrupt transmission, resulting in possible loss of data. Options none—Same as gracefully. adaptive-services—(Optional) Restart the configuration management process that manages the configuration for stateful firewall, Network Address Translation (NAT), intrusion detection services (IDS), and IP Security (IPsec) services on the Adaptive Services PIC. audit-process—(Optional) Restart the RADIUS accounting process. autoinstallation—(J-EX Series switch only) (Optional) Restart the autoinstallation process. chassis-control—(Optional) Restart the chassis management process. class-of-service—(Optional) Restart the class-of-service (CoS) process, which controls the router's or switch’s CoS configuration. database-replication—(J-EX Series switch only) (Optional) Restart the database replication process. 229 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS dhcp—(J-EX Series switch only) (Optional) Restart the software process for a Dynamic Host Configuration Protocol (DHCP) server. A DHCP server allocates network IP addresses and delivers configuration settings to client hosts without user intervention. dhcp-service—(J-EX Series switch only) (Optional) Restart the Dynamic Host Configuration Protocol process. diameter-service—(Optional) Restart the diameter process. disk-monitoring—(Optional) Restart disk monitoring, which checks the health of the hard disk drive on the Routing Engine. dot1x-protocol—(J-EX Series switch only) (Optional) Restart the port-based network access control process. dynamic-flow-capture—(Optional) Restart the dynamic flow capture (DFC) process, which controls DFC configurations on Monitoring Services III PICs. ecc-error-logging—(Optional) Restart the error checking and correcting (ECC) process, which logs ECC parity errors in memory on the Routing Engine. ethernet-link-fault-management—(J-EX Series switch only) (Optional) Restart the Ethernet OAM link fault management process. ethernet-switching—(J-EX Series switch only) (Optional) Restart the Ethernet switching process. event-processing—(Optional) Restart the event process (eventd). firewall—(Optional) Restart the firewall management process, which manages firewall configuration. general-authentication-service—(J-EX Series switch only) (Optional) Restart the general authentication process. gracefully—(Optional) Restart the software process. immediately—(Optional) Immediately restart the software process. interface-control—(Optional) Restart the interface process, which controls the router's or switch’s physical interface devices and logical interfaces. ipsec-key-management—(Optional) Restart the IPsec key management process. kernel-replication—(Optional) Restart the kernel replication process, which replicates the state of the backup Routing Engine when graceful Routing Engine switchover is configured. l2-learning—(Optional) Restart the Layer 2 address flooding and learning process. lacp—(Optional) Restart the Link Aggregation Control Protocol process. license-service—(J-EX Series switch only) (Optional) Restart the feature license management process. 230 Chapter 17: Operational Mode Commands for System Setup lldpd-service—(J-EX Series switch only) (Optional) Restart the Link Layer Discovery Protocol process. mib-process—(Optional) Restart the Management Information Base (MIB) II process, which provides the router's MIB II agent. mountd-service—(J-EX Series switch only) (Optional) Restart the service for NFS mounts requests. multicast-snooping—(J-EX Series switch only) (Optional) Restart the multicast snooping process. pgcp-service—(Optional) Restart the pgcpd service process running on the Routing Engine. This option does not restart pgcpd processes running on mobile station PICs. To restart pgcpd processes running on mobile station PICs, use the services pgcp gateway option. pgm—(Optional) Restart the process that implements the Pragmatic General Multicast (PGM) protocol for assisting in the reliable delivery of multicast packets. pic-services-logging—(Optional) Restart the logging process for some PICs. With this process, also known as fsad (the file system access daemon), PICs send special logging information to the Routing Engine for archiving on the hard disk. ppp—(Optional) Restart the Point-to-Point Protocol (PPP) process. pppoe—(Optional) Restart the Point-to-Point Protocol over Ethernet (PPPoE) process. protected-system-domain-service—(Optional) Restart the Protected System Domain (PSD) process. redundancy-interface-process—(Optional) Restart the ASP redundancy process. remote-operations—(Optional) Restart the remote operations process, which provides the ping and traceroute MIBs. root-system-domain-service—(Optional) Restart the Root System Domain (RSD) service. routing—(J-EX Series switch only) (Optional) Restart the routing protocol process. routing —(Optional) Restart the routing protocol process, which controls the routing protocols that run on the router or switch and maintains the routing tables. Optionally, restart the routing protocol process for the specified logical system only. sampling—(Optional) Restart the sampling process, which performs packet sampling and cflowd export. secure-neighbor-discovery—(J-EX Series switch only) (Optional) Restart the secure Neighbor Discovery Protocol process. service-deployment—(Optional) Restart the service deployment service process. 231 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS services pgcp gateway gateway-name—(Optional) Restart the pgcpd process for a specific BGF running on an MS-PIC. This option does not restart the pgcpd process running on the Routing Engine. To restart the pgcpd process on the Routing Engine, use the pgcp-service option. sflow-service—(J-EX Series switch only) (Optional) Restart the flow sampling (sFlow technology) process. snmp—(Optional) Restart the SNMP process, which provides the router's or switch’s SNMP master agent. soft—(Optional) Reread and reactivate the configuration without completely restarting the software processes. For example, BGP peers stay up and the routing table stays constant. Omitting this option results in a graceful restart of the software process. vrrp—(J-EX Series switch only) (Optional) Restart the Virtual Router Redundancy Protocol process. web-management—(J-EX Series switch only) (Optional) Restart the Web management process. Required Privilege Level Related Documentation List of Sample Output Output Fields restart interfaces 232 reset • Overview of Junos OS CLI Operational Mode Commands restart interfaces on page 232 When you enter this command, you are provided feedback on the status of your request. user@host> restart interfaces interfaces process terminated interfaces process restarted Chapter 17: Operational Mode Commands for System Setup set chassis display message Syntax Release Information Description Options set chassis display message "message" Command introduced before Junos OS Release 10.2 for J-EX Series switches. Display or stop a text message on the craft interface display, which is on the front of the router, or on the LCD panel display on the switch. The craft interface alternates the display of text messages with standard craft interface messages, switching between messages every 2 seconds. By default, on both the router and the switch, the text message is displayed for 5 minutes. The craft interface display has four 20-character lines. The LCD panel display has two 16-character lines, and text messages appear only on the second line. "message"—Message to display. On the craft interface display, if the message is longer than 20 characters, it wraps onto the next line. If a word does not fit on one line, the entire word moves down to the next line. Any portion of the message that does not fit on the display is truncated. An empty pair of quotation marks (“ ”) deletes the text message from the craft interface display. On the LCD panel, display, the message is limited to 16 characters. fpc-slot slot-number—( J-EX4200 switches only) On the router, display the text message on the craft interface for a specific Flexible PIC Concentrator (FPC). Replace slot-number with a value from 0 through 31. On the switch, display the text message for a specific member of a virtual chassis, where fpc-slot slot-number corresponds to the member ID. Replace slot-number with a value from 0 through 9. permanent—(Optional) Display a text message on the craft interface display or LCD panel display permanently. Required Privilege Level Related Documentation List of Sample Output Output Fields set chassis display message (Creating) clear • Configuring the LCD Panel on J-EX Series Switches (CLI Procedure) on page 166 • clear chassis display message on page 202 • show chassis craft-interface set chassis display message (Creating) on page 233 set chassis display message (Deleting) on page 234 See show chassis craft-interface for an explanation of output fields. The following example shows how to set the display message and verify the result: user@host> set chassis display message "NOC contact Dusty (888) 555-1234" message sent user@host> show chassis craft-interface 233 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS Red alarm: LED off, relay off Yellow alarm: LED off, relay off Host OK LED: On Host fail LED: Off FPCs 0 1 2 3 4 5 6 7 ------------------------------Green .. *.. * *. Red ........ LCD screen: +--------------------+ |NOC contact Dusty | |(888) 555-1234 | +--------------------+ set chassis display message (Deleting) The following example shows how to delete the display message and verify that the message is removed: user@host> set chassis display message "" message sent user@host> show chassis craft-interface Red alarm: LED off, relay off Yellow alarm: LED off, relay off Host OK LED: On Host fail LED: Off FPCs 0 1 2 3 4 5 6 7 ------------------------------Green .. *.. * *. Red ........ LCD screen: +--------------------+ |host | |Up: 0+17:05:47 | | | |Temperature OK | +--------------------+ 234 Chapter 17: Operational Mode Commands for System Setup set date Syntax Release Information Description Options set date (date-time | ntp ) Command introduced before Junos OS Release 10.2 for J-EX Series switches. Set the date and time. date-time—Date and time. Enter this string inside quotation marks. ntp—Use a Network Time Protocol (NTP) server to synchronize the current date and time setting on the router or switch. ntp-server—(Optional) Specify the IP address of one or more NTP servers. source-address source-address—(Optional) Specify the source address that the router or switch uses to contact the remote NTP server. Required Privilege Level Related Documentation List of Sample Output view • show cli on page 147 set date on page 235 Output Fields When you enter this command, you are provided feedback on the status of your request. set date user@host> set date ntp 21 Apr 17:22:02 ntpdate[3867]: step time server 172.17.27.46 offset 8.759252 sec 235 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS show chassis firmware Syntax Release Information Description show chassis firmware Command introduced in Junos OS Release 10.2 for J-EX Series switches. On the routers, display the version levels of the firmware running on the System Control Board (SCB), Switching and Forwarding Module (SFM), System and Switch Board (SSB), Forwarding Engine Board (FEB), and Flexible PIC Concentrators (FPCs). On a TX Matrix Plus router, display the version levels of the firmware running on the FPCs and the Switch Processor Mezzanine Board (SPMBs). On J-EX4200 switches, display the version levels of the firmware running on the switch. On a J-EX8208 switch, display the version levels of the firmware running on the Switch Fabric and Routing Engine (SRE) modules and on the line cards (shown as FPCs). On a J-EX8216 switch, display the version levels of the firmware running on the Routing Engine (RE) modules and on the line cards (shown as FPCs). Options none—Display the version levels of the firmware running. For a J-EX4200 switch that is a member of a Virtual Chassis, display version levels for all members. Required Privilege Level List of Sample Output Output Fields view show chassis firmware (J-EX8200 Switch) on page 236 Table 33 on page 236 lists the output fields for the show chassis firmware command. Output fields are listed in the approximate order in which they appear. Table 33: show chassis firmware Output Fields show chassis firmware (J-EX8200 Switch) Field Name Field Description Part Chassis part name. Type Type of firmware: On routers: ROM or O/S. On switches: uboot or loader. Version Version of firmware running on the chassis part. user@host> show chassis firmware Part FPC 0 FPC 3 FPC 5 FPC 7 Routing Engine 0 236 Type U-Boot loader U-Boot loader U-Boot loader U-Boot loader U-Boot Version U-Boot 1.1.6 (Mar 25 2009 - 06:13:12) 2.4.0 FreeBSD/PowerPC U-Boot bootstrap loader 2.2 U-Boot 1.1.6 (Dec 4 2009 - 13:17:34) 3.1.0 FreeBSD/PowerPC U-Boot bootstrap loader 2.2 U-Boot 1.1.6 (Mar 25 2009 - 06:13:12) 2.4.0 FreeBSD/PowerPC U-Boot bootstrap loader 2.2 U-Boot 1.1.6 (Feb 6 2009 - 05:31:46) 2.4.0 FreeBSD/PowerPC U-Boot bootstrap loader 2.2 U-Boot 1.1.6 (Mar 25 2009 - 06:13:12) 2.4.0 Chapter 17: Operational Mode Commands for System Setup FreeBSD/PowerPC U-Boot bootstrap loader 2.2 Routing Engine 1 loader U-Boot loader U-Boot 1.1.6 (Mar 25 2009 - 06:13:12) 2.4.0 FreeBSD/PowerPC U-Boot bootstrap loader 2.2 237 Dell PowerConnect J-Series Ethernet Switch Complete Software Guide for Junos OS show chassis lcd Syntax Release Information Description Options show chassis lcd >