Configuring a Junos Space Appliance as a Standalone or Primary FMPM Node
You can configure a Junos Space Appliance as a Junos Space node or as a specialized network monitoring node used for fault monitoring and performance monitoring (FMPM). An FMPM node can be configured as a standalone or primary FMPM node, or as a secondary or backup FMPM node. The first FMPM node that you configure is always the standalone or primary node; this node performs fault and performance monitoring of the devices and nodes, and any events or alarms are stored in a PostgreSQL database on this node. This topic explains how you can configure an appliance as a primary FMPM node.
You must have at least one appliance already configured as a Junos Space node to configure a different appliance as an FMPM node.
To configure a Junos Space Appliance as a standalone or primary FMPM node, you must configure basic network and system settings to make the appliance accessible on the network.
From Junos Space Network Management Platform Release 14.1R2 onward, you can configure Junos Space Ethernet interfaces with only IPv4 addresses, or both IPv4 and IPv6 addresses.
From Junos Space Network Management Platform Release 16.1R1 onward, you can configure access to Junos Space through a Network Address Translation (NAT) gateway.
Before you begin, do the following:
Ensure that the Junos Space Appliance is connected to a management console and that the management device is powered on.
Ensure that the appliance is booted and displays the login prompt at the console.
Ensure that 100 GB free disk space is available before configuring a node as an FMPM node.
Ensure that you have the following information available:
IPv4 address and subnet mask for the eth0 Ethernet interface
(Optional) IPv6 address and prefix for the eth0 Ethernet interface
IPv4 address of the default gateway
(Optional) IPv6 address of the default gateway
IPv4 address of the name server
(Optional) IPv6 address of the name server
Virtual IP (VIP) address of the FMPM nodes in IPv4 and IPv6 formats
The VIP address is used for communications between Junos Space nodes and FMPM nodes. This IP address must be in the same subnet as the IP address assigned to the eth0 Ethernet interface, and the VIP address must be different from the VIP address used to access the Web GUI.
IPv4 address or URI of NTP source to synchronize time
(Optional) IPv4 address for the NAT trap
(Optional) IPv6 address for the NAT trap
(Optional) IPv4 port number for the NAT trap
(Optional) IPv6 port number for the NAT trap
This topic discusses the following tasks:
Configuring a Junos Space Appliance as the Primary FMPM Node
You can configure a Junos Space Appliance as an FMPM node.
To configure the appliance as a standalone or primary FMPM node:
- At the serial console login prompt, type the default username (admin) and press Enter.
- Type the default password (abc123) and press
Enter.
You are prompted to change your password.
- To change the default password, do the following:
- Type the default password and press Enter.
- Type your new password and press Enter.
- Retype your new password and press Enter.
If the password has is changed successfully, the message passwd: all authentication tokens updated successfully is displayed.
Note All passwords are case-sensitive.
You can choose a password that is at least eight characters long, and that contains characters from at least three of the following four character classes: uppercase letters, lowercase letters, numbers (0 through 9), and special characters.
However, if a password satisfies the preceding criteria but contains only a single uppercase letter at the beginning or only a single number at the end, then that password is considered invalid. In order to be counted as a valid character class, a single uppercase letter must not be at the beginning of the password, and a single number must not be at the end. For example, Abcdwip9, Qc9rdiwt, and bRfjvin9 are invalid passwords, but AAbcdwip99, Qc9rdiwtQ, and bRfjvin99 are valid passwords.
Alternatively, instead of using a string of characters, you can choose a passphrase that is between 16 and 40 characters long, and contains at least three dictionary words separated by at least one special character. For example, big#three;fork (14 characters long) and circlefaceglass (no special characters) are invalid passphrases, but @big#three;fork& and circle;face;glass are valid passphrases.
- Type the new password to log in to the appliance and press Enter.
- Type F to proceed with the configuration of the appliance as an FMPM node.
- Configure the IP address of the eth0 Ethernet interface.
This IP address will be used as the IP address of the FMPM node.
Configuring Eth0 : 1> Configure IPv4 2> Configure Both IPv4 and IPv6 R> Redraw Menu Choice [1-2,R]:
To configure the IPv4 address of the eth0 interface:
- Type 1.
- Type the IPv4 address for the eth0 interface in dotted-decimal
notation and press Enter.
Please enter new IPv4 address for interface eth0:
192.0.2.25Note All nodes that you configure in a cluster (fabric) must be in the same subnet.
- Type the new subnet mask for the IPv4 address and press
Enter.
Please enter new IPv4 subnet mask for interface eth0:
255.255.0.0 - Type the IP address of the default gateway for the eth0
Ethernet interface in dotted-decimal notation and press Enter.
Enter the default IPv4 gateway as a dotted-decimal IP address:
192.0.2.155
To configure both IPv4 and IPv6 addresses:
- Type 2.
- Type the IPv4 address for the eth0 interface in dotted-decimal
notation and press Enter.
Please enter new IPv4 address for interface eth0
192.0.2.25 - Type a subnet mask for the eth0 interface in dotted-decimal
notation and press Enter.
Please enter new IPv4 subnet mask for interface eth0:
255.255.0.0 - Type the IPv4 address of the default gateway for the eth0
interface in dotted-decimal notation and press Enter.
Enter the default IPv4 gateway as a dotted-decimal IP address:
192.0.2.155 - Type the IPv6 address and prefix for the eth0 interface
and press Enter.
Please enter new IPv6 address with prefix (IPv6 Address/prefix) for interface eth0: 2001:db8:10:1:192:10:2:50/64
- Type the IPv6 address of the default gateway for the eth0
interface and press Enter.
Enter the IPv6 gateway: 2001:db8:0:1:192:0:2:155
- Type the IPv4 address of the name server and press Enter.
Please type the IPv4 nameserver address in dotted decimal notation: 192.0.2.15
- Type the IPv6 address of the name server and press Enter.
Please type the IPv6 nameserver address: 2001:db8:0:1:192:10:2:10
- Type P when prompted Choose
the role for this FMPM specialized node [P/B].
The FMPM node can be configured as follows:
(P)rimary - Standalone or first FMPM node in an FMPM high availability pair
(B)ackup - Backup FMPM node in an FMPM high availability pair
Choosing P installs the node as a standalone FMPM node or the primary node in an FMPM HA setup. This node performs fault and performance monitoring of the devices and nodes, and any events or alarms is stored in a PostgreSQL database on this node.
- Configure the IP address for the FMPM service.
This IP address is the VIP address of the FMPM nodes and is used for communication between the Junos Space nodes and the FMPM nodes.
Note The FMPM service IP address and the FMPM node IP address should be in the same subnet.
Configuring IP address for FMPM service: 1> Configure Both IPv4 and IPv6 R> Redraw Menu Choice [1,R]:
Note If you configure only an IPv4 address for the eth0 interface, you are provided with an option to configure only the IPv4 address for the FMPM service.
- Type 1 to configure the IPv4 and IPv6 addresses for the FMPM service.
- Type the IPv4 address for the FMPM service and press Enter.
Please enter IPv4 address for FMPM service: 192.0.2.75
- Type the IPv6 address for the FMPM service and press Enter.
Please enter new IPv6 address for FMPM service 2001:db8:0:1:192:10:3:50
You are prompted to specify whether you want to configure NAT.
- Specify whether you want to configure access to Junos
Space using NAT.
Do you want to enable NAT service ? [Y/N]
To configure NAT, type Y.
Note If you choose to configure NAT, the options that are displayed depend on the IP address or addresses that you have configured for the eth0 interface. If the eth0 interface is assigned an IPv4 address, you are prompted to enter the IPv4 address for the NAT trap interface. If the eth0 interface is assigned an IPv4 address and an IPv6 address, you are prompted to configure either an IPv4 address, an IPv6 address, or both IPv4 and IPv6 addresses for the NAT trap interface.
You are prompted to configure NAT IP addresses.
1> Configure IPv4 2> Configure IPv6 3> Configure IPv4 and IPv6 R> Redraw Menu Choice [1-2, R]:
To configure the IPv4 address:
- Type 1 and press Enter.
- Type the IPv4 address of the NAT trap interface and press
Enter.
The IP address must be in the range 1.0.0.1 - 223.255.255.254 excluding 127.x.x.x.
Configuring IPV4 Trap for NAT: Please enter the NAT Trap IP Address 192.168.27.1
- Type the port number of the NAT trap interface and press
Enter.
The port number must be in the range 0-65535.
Please enter the NAT Trap Port Number 4584
To configure the IPv6 address:
- Type 2 and press Enter.
- Type the IPv6 address of the NAT trap interface and press
Enter.
Configuring IPV6 Trap for NAT: Please enter the NAT Trap IP Address 2001:db8:85a3::8a2e:130:0:5
- Type the port number of the NAT trap interface and press
Enter.
The port number must be in the range 0-65535.
Please enter the NAT Trap Port Number 5055
To configure IPv4 and IPv6:
- Type 3 and press Enter.
- Type the IPv4 address of the NAT trap interface and press
Enter.
The IP address must be in the range 1.0.0.1 - 223.255.255.254 excluding 127.x.x.x.
Configuring IPV4 Trap for NAT: Please enter the NAT Trap IP Address 192.168.27.1
- Type the port number of the NAT trap interface and press
Enter.
The port number must be in the range 0-65535.
Please enter the NAT Trap Port Number 4584
- Type the IPv6 address of the NAT trap interface and press
Enter.
Configuring IPV6 Trap for NAT: Please enter the NAT Trap IP Address 2001:db8:85a3::8a2e:130:0:5
- Type the port number of the NAT trap interface and press
Enter.
The port number must be in the range 0-65535.
Please enter the NAT Trap Port Number 5055
If you do not want to configure NAT, type N and press Enter.
You are prompted to specify whether you want to add an NTP server.
- You must add an NTP server or specify the current time
for the node. Do one of the following:
To add an NTP server, type y, enter the hostname of the NTP server when prompted, and press Enter.
To specify the current time (UTC), type n, enter the time, and press Enter.
The settings summary is displayed, as shown in the following example:
Settings Summary: > IPv4 Change: eth0 is 192.168.26.151 / 255.255.254.0 > Default IPv4 Gateway = 192.168.27.10 on eth0 > IPV6 Change: eth0 is 2001:db8:85a3:0:0:8a2e:c0a9:1b37 / 64 > Default IPv6 Gateway = 2001:db8:85a3:0:0:8a2e:c0a9:1bbd on eth0 > IPv4 DNS add: 192.168.27.2 > DNS add: 2001:db8:85a3:0:0:8a2e:c0a9:1bbd > Create as first node or standalone > FMPM service IPv4 address is 192.68.26.153 > Web IPv6 address is 2001:db8:85a3:0:0:8a2e:c0a9:1b38/64 > NTP add: device1.example.com > NAT IPv4 Trap IP: 192.168.26.213 > NAT IPv4 Trap Port: 5056 > NAT IPv6 Trap IP: 2001:db8:85a3::8a2e:130:0:5 > NAT IPv6 Trap Port: 5058 > Node display name will be set when it is added. > This node will be the primary FMPM specialized node. A> Apply settings C> Change settings Q> Quit and set up later R> Redraw Menu Choice [ACQR]:
- Review the settings that you configured.
- You can change the settings, quit without applying the
settings, or apply the settings. Do one of the following:
To apply the settings, type A. The settings that you configured are applied and a series of messages is displayed on the console, and then the Junos Space Settings Menu is displayed, as follows:
Junos Space Settings Menu 1> Change Password 2> Change Network Settings 3> Change Time Options 4> Retrieve Logs 5> Security 6> (Debug) run shell Q> Quit R> Redraw Menu Choice [1-6,QR]:
To change the settings, type C, and follow the prompts on the CLI.
To quit the configuration without applying the settings, type Q.
Caution If you quit the configuration without applying the settings, then all the settings are discarded.
- (Optional) If you have applied the settings, then type Q to quit.
You are taken to the console login prompt.
The configuration of the appliance as a standalone or primary FMPM node is now complete.
After you configure an FMPM node, you must add it to the Junos Space fabric using the Junos Space Network Management Platform. For more information, see the Adding a Node to an Existing Junos Space Fabric topic in the Junos Space Network Management Platform Workspaces Feature Guide (available at http://www.juniper.net/techpubs/en_US/release-independent/junos-space/index.html).
You can specify the name of the FMPM node when you add the node to the Junos Space fabric.
Configuring the eth1 Interface
From Junos Space Network Management Platform Release 14.1R1 onward, you can configure the eth1 Ethernet interface as an administrative interface. For the FMPM node, configure the eth1 interface when the node reboots after the basic configuration is complete.
The eth1 interface must be configured separately for each node in a multinode fabric.
If you configure the eth1 interface, SSH is disabled on the eth0 interface. You can then access the CLI of the Junos Space appliance only through the eth1 interface.
To configure the eth1 interface:
- On the Junos Space Settings Menu, type 6 to access the shell.
You are prompted to enter your password.
- Type your password and press Enter.
The shell prompt appears.
- At the shell prompt, type jmp_config and press
Enter.
You are prompted to enter the IP address of the eth1 interface.
- Type the IP address of the eth1 interface in dotted decimal
notation and press Enter.
The IP address can be in the same subnet as the virtual IP (VIP) address or in a different subnet. If the IP address is not in the same subnet as the VIP address, you are prompted to enter the subnet mask and then the default gateway for the eth1 interface.
- (Optional) Type the subnet mask for the eth1 interface in dotted decimal notation and press Enter.
- (Optional) Type the default gateway in dotted decimal
notation and press Enter.
The eth1 interface is configured.
- To verify that the eth1 address is configured, run the ifconfig eth1 command and check that the IP address displayed
for eth1 is the same as the one that you configured.
You can now access the FMPM node through the eth1 interface to perform administrative tasks.
To troubleshoot issues in configuring the eth1 interface, refer
to the /var/log/changeEth1.log file.