Example: Adding a New Routing Device to Your Network

This example illustrates how to add a new routing device to your network. The tasks are organized into the following sections:

Requirements

Before you begin, you need to know:

If you do not know where to find any of this information, contact your service provider. If you need help using your asynchronous terminal emulation application or terminal server, contact the supplier of your asynchronous terminal emulation application.

You also need to create:

Connecting to the Management Console Port

You connect to your routing device by connecting to the management console port through a terminal server or by connecting directly to the management console port. This document describes both methods.

Connecting to the Management Console Port Through a Terminal Server

A terminal server, also known as a console server, is a specialized device that provides a network connection to an out-of-band console port.

When configuring a terminal server to communicate with the console port on a network device running the Junos OS, use the following parameters:

After connecting to your routing console, you can log in to the routing device.

Connecting Directly to the Management Console Port

Juniper Network devices include an out-of-band management console port. This management console port is used to configure the device when it is first received from the factory and whenever in-band configuration is not available. Access the management console port using a 9-pin D-subminiature (D-sub) or an RJ-45 Ethernet serial connector. In either case, you must connect to this console port using standard RS-232 protocols.

Note: For more information on RS-232 protocols, refer to http://www.juniper.net/techpubs/software/jseries/junos90/jseries-config-guide-basic/
rs-232.html#serial-interfaces-rs-232-section.

To connect to the management console port:

  1. Physically connect the administration computer’s serial port to the device’s out-of-band console port.
    • If you are using an Ethernet cable, you must use an RJ-45 rollover cable.
    • If you are using a serial cable, you must use a null modem cable.
  2. Launch your asynchronous terminal emulation application.

    Most operating systems have asynchronous terminal emulation applications already installed:

    • The Windows operating system has HyperTerminal installed.
    • The MAC operating system has Terminal.app installed.
    • UNIX or Linux operating systems have a default terminal window application installed.

    Note: Many newer laptops do not include a standard 9-pin serial port. When using a laptop without a serial port, you must have a USB-to-serial-port adapter before you can directly connect to the out-of-band console port with the laptop.

  3. Verify that the asynchronous terminal emulation application is using the correct serial or USB port.
  4. Configure the port settings as follows:
    • Bits per second: 9600
    • Data bits: 8
    • Parity: None
    • Stop bits: 1
    • Flow Control: None

    After connecting to your routing console, you can log in and configure your new routing device.

    To configure a new routing device with a single Routing Engine, see the following section, “Configuring New Routing Devices with a Single Routing Engine.”

    To configure a new routing device with dual Routing Engines, see the section “Configuring New Routing Devices with Dual Routing Engines.”

Configuring New Routing Devices with a Single Routing Engine

This section describes the procedures for configuring a new routing device with a single Routing Engine. The section is organized into the following tasks:

Logging in to the Management Console Interface

Step-by-Step Procedure

To log in to the routing device’s console interface and start the CLI in configuration mode:

  1. Verify that your routing device is powered on. Refer to the specific getting started guide for your routing device for additional information.
  2. Open your SSH, Telnet, and Rlogin application (such as HyperTerminal), and navigate to the console port. If you need help, contact the supplier of your application.
  3. When you first access the console port, the routing device is in the amnesiac state, meaning that it is in the factory install state and ready to be configured.
    Amnesiac <ttyd0>
  4. Log in through the management console port with the username root. You are now logged in as the root administration account, denoted by the @% symbols.
    login: rootroot@%

    Note: When the routing device is in the factory install state, the root administration user account is not associated with a password. You must add a password to the root administration account before you can successfully commit a configuration. For more information about configuring administration user accounts, see the following section, “Configuring Administration User Accounts.”

  5. Start the CLI by typing cli. The CLI initially opens in operational mode, denoted by the > symbol after the root username.
    root@% cliroot>
  6. Enter configuration mode by typing configure. The > symbol is replaced by the # symbol, verifying that you are in configuration mode.
    root> configure[edit]root#

    You are now logged in to the router console and ready to configure the administration user accounts.

Configuring Administration User Accounts

Step-by-Step Procedure

Administration user accounts are used to log in to the routing device through the management console. To configure administration user accounts:

  1. Add a password to the root administration user account by typing set system root-authentication plain-text-password.
    [edit]root# set system root-authentication plain-text-password

    The New password prompt appears. Type in your new password and then retype it at the second prompt.

    New password: passwordRetype new password: password
  2. Create a management console administration user account by typing set system login user user-name authentication plain-text password, where user-name is the username you are creating.
    [edit]root# set system login user user-name authentication plain-text-password

    The New password prompt appears. Type in your new password and then retype it at the second prompt.

    New Password: passwordRetype new password: password
  3. Set the management console administration user account class to superuser by typing set system login user user-name class super-user.
    [edit]root# set system login user user-name class super-user

    The superuser class allows this user account to have full access privileges for the CLI commands and configuration statements.

    Note: The Junos OS contains four predefined login classes, including the superuser class. Depending on your needs, you can create administration user accounts with different login classes. You can even create your own login classes.

    For more information about login classes, see Junos OS Login Classes Overview.

    Repeat this procedure to add more than one management console user account.

    You are now ready to add the out-of-band Ethernet management console port to the network. See the following section, “Adding the Ethernet Management Console to the Network for Routing Devices with a Single Routing Engine.”

Adding the Ethernet Management Console to the Network for Routing Devices with a Single Routing Engine

Step-by-Step Procedure

To add the management console to the network:

  1. Specify the hostname for your routing device by typing set system host-name host-name, where host-name is the hostname you are creating.
    [edit]root# set system host-name host-name

    Note: The hostname for your routing device is used to display the name of the Routing Engine in the CLI. It is not used by the DNS server to resolve to the correct IP address. For example, the hostname is displayed in the command-line prompt when the user is logged in to the CLI:

    user-name@host-name>
  2. Configure the IP address of the DNS server by typing set system name-server address.
    [edit]root# set system name-server address
  3. Configure the router domain name by typing set system domain-name domain-name.
    [edit]root# set system domain-name domain-name
  4. Specify the management Ethernet interface IP address and prefix length by typing set interfaces fxp0 unit 0 family inet address address/prefix-length.
    [edit]root# set interfaces fxp0 unit 0 family inet address address/prefix-length
  5. The backup router is used only while the routing protocol process is not running. Choose a router that is directly connected to the local router by way of the management interface. The router uses this backup router only when it is booting and only or when the Junos OS routing software (the routing protocol process, rpd) is not running.

    Configure the IP address of a backup router by typing set system backup-router address.

    [edit]root# set system backup-router address
  6. (Optional) If your management Ethernet port is not configured with a dynamic routing protocol, you need to set up a static route to reach a remote system. You need to know the remote subnet address in order to complete the setup.

    Configure a static route by typing set routing-options static route remote-subnet next-hop IP-address retain no-readvertise.

    [edit]root# set routing-options static route remote-subnet next-hop IP-address retain no-readvertise

    For more information about static routes, see Configuring Static Routes.

  7. Enable the telnet service by typing set system services telnet.
    [edit]root# set system services telnet

    Telnet is now enabled on your routing device.

    After adding the management console to the network, commit the configuration changes. See the following section, “Committing Changes for Routing Devices with a Single Routing Engine.”

Committing Changes for Routing Devices with a Single Routing Engine

Step-by-Step Procedure

To commit the changes made to the configuration file:

  1. Review the changes made to the configuration file by typing show.
    root# show

    The configuration is displayed. The following configuration is an example and may not be the same as the configuration on your screen.

    root# show## Last changed: 2008-08-27 22:30:42 UTCversion 9.3B1.5;system {host-name tp8;domain-name subnet.juniper.net;backup-router 192.168.71.254;root-authentication {encrypted-password "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx."; ## SECRET-DATA}name-server {192.168.5.68;172.17.28.101;}login {user admin {class super-user;authentication {encrypted-password "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; ## SECRET-DATA}}}services {telnet;}syslog {user * {any emergency;}file messages {any notice;authorization info;}file interactive-commands {interactive-commands any;}}}interfaces {fxp0 {unit 0 {family inet {address 192.128.69.205/21;}}}}routing-options {static {route 10.10.0.0/12 {next-hop 192.168.71.254;retain;no-readvertise;}route 192.168.0.0/16 {next-hop 192.168.71.254;retain;no-readvertise;}}}
  2. After you have reviewed your configuration and are satisfied with it, commit the changes by typing commit. If your changes were committed successfully, commit complete appears.
    [edit]root# commitcommit complete

    Note: If you receive an error message after committing your changes, repeat Step 1 in this procedure to review your configuration and find the errors. You can delete incorrect entries by using the delete command.

    For example, to delete a hostname from the configuration, type delete system host-name host-name.

    [edit]root# delete system host-name host-name

    You can re-enter the correct information using any of the previous procedures for your routing device with a single Routing Engine.

  3. After completing the initial configuration and committing your changes, exit the configuration mode by typing exit.
    [edit]root# exitExiting configuration moderoot>

    When the # symbol is replaced by the > symbol, you have successfully exited configuration mode and have returned to operational mode.

  4. To exit operational mode and to end your session, type exit.
    root> exit

    You are now logged out of the routing device.

Configuring New Routing Devices with Dual Routing Engines

This section describes the procedures for configuring a new routing device with dual Routing Engines. The section is organized into the following tasks:

Logging in to the Management Console Interface

Step-by-Step Procedure

To log in to the routing device’s console interface and start the CLI in configuration mode:

  1. Verify that your routing device is powered on. Refer to the specific getting started guide for your routing device for additional information.
  2. Open your SSH, Telnet, and Rlogin application (such as HyperTerminal), and navigate to the console port. If you need help, contact the supplier of your application.
  3. When you first access the console port, the routing device is in the amnesiac state, meaning that it is in the factory install state and ready to be configured.
    Amnesiac <ttyd0>
  4. Log in through the management console port with the username root. You are now logged in as the root administration account, denoted by the @% symbols.
    login: rootroot@%

    Note: When the routing device is in the factory install state, the root administration user account is not associated with a password. You must add a password to the root administration account before you can successfully commit a configuration. For more information about configuring administration user accounts, see the following section, “Configuring Administration User Accounts.”

  5. Start the CLI by typing cli. The CLI initially opens in operational mode, denoted by the > symbol after the root username.
    root@% cliroot>
  6. Enter configuration mode by typing configure. The > symbol is replaced by the # symbol, verifying that you are in configuration mode.
    root> configure[edit]root#

    You are now logged in to the router console and ready to configure the administration user accounts.

Configuring Administration User Accounts

Step-by-Step Procedure

Administration user accounts are used to log in to the routing device through the management console. To configure administration user accounts:

  1. Add a password to the root administration user account by typing set system root-authentication plain-text-password.
    [edit]root# set system root-authentication plain-text-password

    The New password prompt appears. Type in your new password and then retype it at the second prompt.

    New password: passwordRetype new password: password
  2. Create a management console administration user account by typing set system login user user-name authentication plain-text password, where user-name is the username you are creating.
    [edit]root# set system login user user-name authentication plain-text-password

    The New password prompt appears. Type in your new password then retype it at the second prompt.

    New Password: passwordRetype new password: password
  3. Set the management console administration user account class to superuser by typing set system login user user-name class super-user.
    [edit]root# set system login user user-name class super-user

    The superuser class allows this user account to have full access privileges for the CLI commands and configuration statements.

    Note: The Junos OS contains four predefined login classes, including the superuser class. Depending on your needs, you can create administration user accounts with different login classes. You can even create your own login classes.

    For more information about login classes, see Junos OS Login Classes Overview.

    Repeat this procedure to add more than one management console user account.

    You are now ready to set up your Routing Engine configuration groups. See the following section, “Setting Up Routing Engine Configuration Groups for New Routing Devices with Dual Routing Engines.”

Setting Up Routing Engine Configuration Groups for New Routing Devices with Dual Routing Engines

Step-by-Step Procedure

In a routing device with two Routing Engines, one configuration should be shared between both Routing Engines. This ensures that both Routing Engine configurations are identical. Within this configuration, you need to create two Routing Engine groups, one for each Routing Engine that includes parameters specific to each Routing Engine.

For more information about creating configuration groups, see Creating a Junos Configuration Group.

For more information about the initial configuration for redundant routing engine systems, see Initial Routing Engine Configuration Example.

To set up the Routing Engine configuration groups:

  1. Create the configuration group re0 by typing set groups re0. The re0 group is a special group designator that is only used by the Routing Engine in slot 0 in a redundant routing platform.
    [edit]root# set groups re0
  2. Navigate to the groups re0 level of the configuration hierarchy by typing edit groups re0.
    [edit]root# edit groups re0

    Notice that the hierarchy level changes to [edit groups re0].

    [edit groups re0]root#
  3. Specify the hostname for your routing device by typing set system host-name host-name, where host-name is the hostname you are creating.
    [edit groups re0]root# set system host-name host-name

    You need to create different hostnames for each configuration group of your routing device. Typically, the hostnames are similar, as shown in the following example:

    re0 {system {host-name router1-re0;}}
    re1 {system {host-name router1-re1;}}

    Notice that the only difference between the hostnames is the specification of the configuration group.

    Note: The hostname for your routing device is used to display the name of the Routing Engine in the CLI. It is not used by the DNS server to resolve to the correct IP address. For example, the hostname is displayed in the command-line prompt when the user is logged in to the CLI:

    user-name@host-name>
  4. Specify the management Ethernet port IP address and prefix length by typing set interfaces fxp0 unit 0 family inet address address/prefix-length. For more information about management Ethernet interfaces, see Management Ethernet Interface Overview.
    [edit groups re0]root# set interfaces fxp0 unit 0 family inet address address/prefix-length

    Type top to return to the top level of the hierarchy. Notice that the hierarchy level changes to [edit], verifying that you are at the top of the hierarchy.

    [edit groups re0]root# top[edit]root#
  5. Create the configuration group re1 by typing set groups re1.
    [edit]root# set groups re1
  6. Navigate to the groups re1 level of the hierarchy by typing edit groups re1.
    [edit]root# edit groups re1
  7. Specify the hostname for your routing device by typing set system host-name host-name, where host-name is the hostname you are creating.
    [edit groups re1]root# set system host-name host-name
  8. Specify the management Ethernet interface IP address and prefix length by typing set interfaces fxp0 unit 0 family inet address address/prefix-length.
    [edit groups re1]root# set interfaces fxp0 unit 0 family inet address address/prefix-length

    Type top to return to the top level of the hierarchy.

    [edit groups re1]root# top[edit]root#
  9. Specify the group application order by typing set apply-groups [ re0 re1 ]. This ensures that both Routing Engines have their own IP addresses to maintain a single configuration file. For more information about maintaining a single configuration file, see Maintain a Single Configuration File for Both Routing Engines.
    [edit]root# set apply-groups [ re0 re1 ]

    Now that the Routing Engine configuration groups are set, see the following section, “Completing the Ethernet Management Console Configuration for New Routing Devices with Dual Routing Engines” to complete the configuration.

Completing the Ethernet Management Console Configuration for New Routing Devices with Dual Routing Engines

Step-by-Step Procedure

To configure the global management console parameters:

  1. Configure the IP address of the DNS server by typing set system name-server address.
    [edit]root# set system name-server address
  2. Configure the router domain name by typing set system domain-name domain-name.
    [edit]root# set system domain-name domain-name
  3. The backup router is used only while the routing protocol process is not running. Choose a router that is directly connected to the local router by way of the management interface. The router uses this backup router only when it is booting and only or when the Junos OS routing software (the routing protocol process, rpd) is not running.

    For routers with two Routing Engines, the backup Routing Engine, RE1, uses the backup router as a default gateway after the router boots. This enables you to access the backup Routing Engine. (RE0 is the default master Routing Engine.)

    Configure the IP address of a backup router by typing set system backup-router address.

    [edit]root# set system backup-router address
  4. (Optional) If your management Ethernet port is not configured with a dynamic routing protocol, you need to set up a static route to reach a remote system. You need to know the remote subnet address in order to complete the setup.

    Configure a static route by typing set routing-options static route remote-subnet next-hop IP-address retain no-readvertise.

    [edit]root# set routing-options static route remote-subnet next-hop IP-address retain no-readvertise

    For more information about static routes, see Configuring Static Routes.

  5. Enable the telnet service by typing set system services telnet.
    [edit]root# set system services telnet

    Telnet is now enabled on your routing device.

    You can now synchronize and commit your changes. See the following section, “Committing and Synchronizing Changes for New Routing Devices with Dual Routing Engines.”

Committing and Synchronizing Changes for New Routing Devices with Dual Routing Engines

Step-by-Step Procedure

After completing all your configuration changes, you need to commit the changes to implement them. Before committing the changes, review your configuration choices, and then synchronize the configuration that is shared between both Routing Engines.

To commit and synchronize your changes:

  1. Review the changes made to the configuration file by typing show.
    root# show

    The configuration is displayed. The following configuration is an example and may not be the same as the configuration on your screen.

    root# show## Last changed: 2008-10-17 18:32:25 UTCversion 9.1R1.8;groups {re0 {system {host-name spice-re0;}interfaces {fxp0 {unit 0 {family inet {address 192.168.69.155/21;}}}}}re1 {system {host-name spice-re1;}interfaces {fxp0 {unit 0 {family inet {address 192.168.70.72/21;}}}}}global;}apply-groups [ re0 re1 ];system {domain-name englab.juniper.net;backup-router 192.168.71.254;root-authentication {encrypted-password "xxxxxxxxxxxxxxxxxxxxxxxxxxxx"; ## SECRET-DATA}name-server {192.168.1.1;}login {user admin {uid 2001;class super-user;authentication {encrypted-password "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; ## SECRET-DATA}}}services {telnet;}syslog {user * {any emergency;}file messages {any notice;authorization info;}file interactive-commands {interactive-commands any;}}}routing-options {static {/* corporate office */route 10.10.0.0/12 {next-hop 192.168.71.254;retain;no-readvertise;}}}
  2. After you have reviewed your configuration and are satisfied with it, commit and synchronize the configuration by typing commit synchronize. The commit synchronize command commits the new configuration on both Routing Engines simultaneously.
    [edit]root# commit synchronizere0:configuration check succeedsre1:commit completere0:commit complete

    Note: If you receive an error message after committing your changes, repeat Step 1 in this procedure to review your configuration and find the errors. You can delete incorrect entries by using the delete command.

    For example, to delete a hostname from the configuration, type delete system host-name host-name.

    [edit]root# delete system host-name host-name

    You can re-enter the correct information using any of the previous procedures for your routing device with dual Routing Engines.

  3. After completing the initial configuration and committing your changes, exit the configuration mode by typing exit.
    [edit]root# exitExiting configuration moderoot>

    When the # symbol is replaced by the > symbol, you have successfully exited configuration mode and have returned to operational mode.

  4. To exit operational mode and to end your session, type exit.
    root> exit

    You are now logged out of the routing device.

Related Topics

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.