How it Works
Juniper
Loading...
G
H
I
J
Loading...
Loading...
JUNOS 10.2
Upgrade Manual
96 pgs879.28 Kb0

Juniper JUNOS SOFTWARE 10.2 - SOFTWARE INSTALLATION AND UPGRADE GUIDE 4-28-2010, JUNOS 10.2 Upgrade Manual

Download
Page 1
JUNOS® Software
Software Installation and Upgrade Guide
Release 10.2
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, California 94089
USA
408-745-2000
Published: 2010-04-28
Page 2
This product includes the Envoy SNMP Engine, developed by Epilogue Technology, an Integrated Systems Company. Copyright © 1986-1997, Epilogue Technology Corporation. All rights reserved. This program and its documentation were developed at private expense, and no part of them is in the public domain.
This product includes memory allocation software developed by Mark Moraes, copyright © 1988, 1989, 1993, University of Toronto.
This product includes FreeBSD software developed by the University of California, Berkeley, and its contributors. All of the documentation and software included in the 4.4BSD and 4.4BSD-Lite Releases is copyrighted by the Regents of the University of California. Copyright © 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994. The Regents of the University of California. All rights reserved.
GateD software copyright © 1995, the Regents of the University. All rights reserved. Gate Daemon was originated and developed through release 3.0 by Cornell University and its collaborators. Gated is based on Kirtons EGP, UC Berkeleys routing daemon (routed), and DCNs HELLO routing protocol. Development of Gated has been supported in part by the National Science Foundation. Portions of the GateD software copyright © 1988, Regents of the University of California. All rights reserved. Portions of the GateD software copyright © 1991, D. L. S. Associates.
This product includes software developed by Maker Communications, Inc., copyright © 1996, 1997, Maker Communications, Inc.
Juniper Networks, the Juniper Networks logo, JUNOS, NetScreen, ScreenOS, and Steel-Belted Radius are registered trademarks of Juniper Networks, Inc. in the United States and other countries. JUNOSe is a trademark of Juniper Networks, Inc. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.
Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.
JUNOS® Software Software Installation and Upgrade Guide
Release 10.2 Copyright © 2010, Juniper Networks, Inc. All rights reserved. Printed in USA.
Writing: Donice G. Evans-Mitchell, Mark Barnard, Stephen Meiers, Michael Scruggs, Philomena Dolla Editing: Sonia Saruba, Nancy Kurahashi Illustration: Faith Bradford Cover Design: Edmonds Design
Revision History May 2010R1 JUNOS 10.2
The information in this document is current as of the date listed in the revision history.
YEAR 2000 NOTICE
Juniper Networks hardware and software products are Year 2000 compliant. The JUNOS Software has no known time-related limitations through the year
2038. However, the NTP application is known to have some difficulty in the year 2036.
ii
Page 3
END USER LICENSE AGREEMENT
READ THIS END USER LICENSE AGREEMENT (AGREEMENT) BEFORE DOWNLOADING, INSTALLING, OR USING THE SOFTWARE. BY DOWNLOADING, INSTALLING, OR USING THE SOFTWARE OR OTHERWISE EXPRESSING YOUR AGREEMENT TO THE TERMS CONTAINED HEREIN, YOU (AS CUSTOMER OR IF YOU ARE NOT THE CUSTOMER, AS A REPRESENTATIVE/AGENT AUTHORIZED TO BIND THE CUSTOMER) CONSENT TO BE BOUND BY THIS AGREEMENT. IF YOU DO NOT OR CANNOT AGREE TO THE TERMS CONTAINED HEREIN, THEN (A) DO NOT DOWNLOAD, INSTALL, OR USE THE SOFTWARE, AND (B) YOU MAY CONTACT JUNIPER NETWORKS REGARDING LICENSE TERMS.
1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customers principal office is located in the Americas) or Juniper Networks (Cayman) Limited (if the Customers principal office is located outside the Americas) (such applicable entity being referred to herein as Juniper), and (ii) the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable license(s) for use of the Software (Customer) (collectively, the Parties).
2. The Software. In this Agreement, Software means the program modules and features of the Juniper or Juniper-supplied software, for which Customer has paid the applicable license or support fees to Juniper or an authorized Juniper reseller, or which was embedded by Juniper in equipment which Customer purchased from Juniper or an authorized Juniper reseller. Software also includes updates, upgrades and new releases of such software. Embedded Software means Software which Juniper has embedded in or loaded onto the Juniper equipment and any updates, upgrades, additions or replacements which are subsequently embedded in or loaded onto the equipment.
3. License Grant. Subject to payment of the applicable fees and the limitations and restrictions set forth herein, Juniper grants to Customer a non-exclusive and non-transferable license, without right to sublicense, to use the Software, in executable form only, subject to the following use restrictions:
a. Customer shall use Embedded Software solely as embedded in, and for execution on, Juniper equipment originally purchased by Customer from Juniper or an authorized Juniper reseller.
b. Customer shall use the Software on a single hardware chassis having a single processing unit, or as many chassis or processing units for which Customer has paid the applicable license fees; provided, however, with respect to the Steel-Belted Radius or Odyssey Access Client software only, Customer shall use such Software on a single computer containing a single physical random access memory space and containing any number of processors. Use of the Steel-Belted Radius or IMS AAA software on multiple computers or virtual machines (e.g., Solaris zones) requires multiple licenses, regardless of whether such computers or virtualizations are physically contained on a single chassis.
c. Product purchase documents, paper or electronic user documentation, and/or the particular licenses purchased by Customer may specify limits to Customers use of the Software. Such limits may restrict use to a maximum number of seats, registered endpoints, concurrent users, sessions, calls, connections, subscribers, clusters, nodes, realms, devices, links, ports or transactions, or require the purchase of separate licenses to use particular features, functionalities, services, applications, operations, or capabilities, or provide throughput, performance, configuration, bandwidth, interface, processing, temporal, or geographical limits. In addition, such limits may restrict the use of the Software to managing certain kinds of networks or require the Software to be used only in conjunction with other specific Software. Customers use of the Software shall be subject to all such limitations and purchase of all applicable licenses.
d. For any trial copy of the Software, Customers right to use the Software expires 30 days after download, installation or use of the Software. Customer may operate the Software after the 30-day trial period only if Customer pays for a license to do so. Customer may not extend or create an additional trial period by re-installing the Software after the 30-day trial period.
e. The Global Enterprise Edition of the Steel-Belted Radius software may be used by Customer only to manage access to Customers enterprise network. Specifically, service provider customers are expressly prohibited from using the Global Enterprise Edition of the Steel-Belted Radius software to support any commercial network access services.
The foregoing license is not transferable or assignable by Customer. No license is granted herein to any user who did not originally purchase the applicable license(s) for the Software from Juniper or an authorized Juniper reseller.
4. Use Prohibitions. Notwithstanding the foregoing, the license provided herein does not permit the Customer to, and Customer agrees not to and shall not: (a) modify, unbundle, reverse engineer, or create derivative works based on the Software; (b) make unauthorized copies of the Software (except as necessary for backup purposes); (c) rent, sell, transfer, or grant any rights in and to any copy of the Software, in any form, to any third party; (d) remove any proprietary notices, labels, or marks on or in any copy of the Software or any product in which the Software is embedded; (e) distribute any copy of the Software to any third party, including as may be embedded in Juniper equipment sold in the secondhand market; (f) use any locked or key-restricted feature, function, service, application, operation, or capability without first purchasing the applicable license(s) and obtaining a valid key from Juniper, even if such feature, function, service, application, operation, or capability is enabled without a key; (g) distribute any key for the Software provided by Juniper to any third party; (h) use the Software in any manner that extends or is broader than the uses purchased by Customer from Juniper or an authorized Juniper reseller; (i) use Embedded Software on non-Juniper equipment; (j) use Embedded Software (or make it available for use) on Juniper equipment that the Customer did not originally purchase from Juniper or an authorized Juniper reseller; (k) disclose the results of testing or benchmarking of the Software to any third party without the prior written consent of Juniper; or (l) use the Software in any manner other than as expressly provided herein.
5. Audit. Customer shall maintain accurate records as necessary to verify compliance with this Agreement. Upon request by Juniper, Customer shall furnish such records to Juniper and certify its compliance with this Agreement.
iii
Page 4
6. Confidentiality. The Parties agree that aspects of the Software and associated documentation are the confidential property of Juniper. As such, Customer shall exercise all reasonable commercial efforts to maintain the Software and associated documentation in confidence, which at a minimum includes restricting access to the Software to Customer employees and contractors having a need to use the Software for Customers internal business purposes.
7. Ownership. Juniper and Junipers licensors, respectively, retain ownership of all right, title, and interest (including copyright) in and to the Software, associated documentation, and all copies of the Software. Nothing in this Agreement constitutes a transfer or conveyance of any right, title, or interest in the Software or associated documentation, or a sale of the Software, associated documentation, or copies of the Software.
8. Warranty, Limitation of Liability, Disclaimer of Warranty. The warranty applicable to the Software shall be as set forth in the warranty statement that accompanies the Software (the Warranty Statement). Nothing in this Agreement shall give rise to any obligation to support the Software. Support services may be purchased separately. Any such support shall be governed by a separate, written support services agreement. TO THE MAXIMUM EXTENT PERMITTED BY LAW, JUNIPER SHALL NOT BE LIABLE FOR ANY LOST PROFITS, LOSS OF DATA, OR COSTS OR PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES, OR FOR ANY SPECIAL, INDIRECT, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THIS AGREEMENT, THE SOFTWARE, OR ANY JUNIPER OR JUNIPER-SUPPLIED SOFTWARE. IN NO EVENT SHALL JUNIPER BE LIABLE FOR DAMAGES ARISING FROM UNAUTHORIZED OR IMPROPER USE OF ANY JUNIPER OR JUNIPER-SUPPLIED SOFTWARE. EXCEPT AS EXPRESSLY PROVIDED IN THE WARRANTY STATEMENT TO THE EXTENT PERMITTED BY LAW, JUNIPER DISCLAIMS ANY AND ALL WARRANTIES IN AND TO THE SOFTWARE (WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE), INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. IN NO EVENT DOES JUNIPER WARRANT THAT THE SOFTWARE, OR ANY EQUIPMENT OR NETWORK RUNNING THE SOFTWARE, WILL OPERATE WITHOUT ERROR OR INTERRUPTION, OR WILL BE FREE OF VULNERABILITY TO INTRUSION OR ATTACK. In no event shall Junipers or its suppliers or licensors liability to Customer, whether in contract, tort (including negligence), breach of warranty, or otherwise, exceed the price paid by Customer for the Software that gave rise to the claim, or if the Software is embedded in another Juniper product, the price paid by Customer for such other product. Customer acknowledges and agrees that Juniper has set its prices and entered into this Agreement in reliance upon the disclaimers of warranty and the limitations of liability set forth herein, that the same reflect an allocation of risk between the Parties (including the risk that a contract remedy may fail of its essential purpose and cause consequential loss), and that the same form an essential basis of the bargain between the Parties.
9. Termination. Any breach of this Agreement or failure by Customer to pay any applicable fees due shall result in automatic termination of the license granted herein. Upon such termination, Customer shall destroy or return to Juniper all copies of the Software and related documentation in Customers possession or control.
10. Taxes. All license fees payable under this agreement are exclusive of tax. Customer shall be responsible for paying Taxes arising from the purchase of the license, or importation or use of the Software. If applicable, valid exemption documentation for each taxing jurisdiction shall be provided to Juniper prior to invoicing, and Customer shall promptly notify Juniper if their exemption is revoked or modified. All payments made by Customer shall be net of any applicable withholding tax. Customer will provide reasonable assistance to Juniper in connection with such withholding taxes by promptly: providing Juniper with valid tax receipts and other required documentation showing Customers payment of any withholding taxes; completing appropriate applications that would reduce the amount of withholding tax to be paid; and notifying and assisting Juniper in any audit or tax proceeding related to transactions hereunder. Customer shall comply with all applicable tax laws and regulations, and Customer will promptly pay or reimburse Juniper for all costs and damages related to any liability incurred by Juniper as a result of Customers non-compliance or delay with its responsibilities herein. Customers obligations under this Section shall survive termination or expiration of this Agreement.
11. Export. Customer agrees to comply with all applicable export laws and restrictions and regulations of any United States and any applicable foreign agency or authority, and not to export or re-export the Software or any direct product thereof in violation of any such restrictions, laws or regulations, or without all necessary approvals. Customer shall be liable for any such violations. The version of the Software supplied to Customer may contain encryption or other capabilities restricting Customers ability to export the Software without an export license.
12. Commercial Computer Software. The Software is commercial computer software and is provided with restricted rights. Use, duplication, or disclosure by the United States government is subject to restrictions set forth in this Agreement and as provided in DFARS 227.7201 through 227.7202-4, FAR 12.212, FAR 27.405(b)(2), FAR 52.227-19, or FAR 52.227-14(ALT III) as applicable.
13. Interface Information. To the extent required by applicable law, and at Customer's written request, Juniper shall provide Customer with the interface information needed to achieve interoperability between the Software and another independently created program, on payment of applicable fee, if any. Customer shall observe strict obligations of confidentiality with respect to such information and shall use such information in compliance with any applicable terms and conditions upon which Juniper makes such information available.
14. Third Party Software. Any licensor of Juniper whose software is embedded in the Software and any supplier of Juniper whose products or technology are embedded in (or services are accessed by) the Software shall be a third party beneficiary with respect to this Agreement, and such licensor or vendor shall have the right to enforce this Agreement in its own name as if it were Juniper. In addition, certain third party software may be provided with the Software and is subject to the accompanying license(s), if any, of its respective owner(s). To the extent portions of the Software are distributed under and subject to open source licenses obligating Juniper to make the source code for such portions publicly available (such as the GNU General Public License (GPL) or the GNU Library General Public License (LGPL)), Juniper will make such source code portions (including Juniper modifications, as appropriate) available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194
N. Mathilda Ave., Sunnyvale, CA 94089, ATTN: General Counsel. You may obtain a copy of the GPL at http://www.gnu.org/licenses/gpl.html, and a copy of the LGPL at http://www.gnu.org/licenses/lgpl.html.
15. Miscellaneous. This Agreement shall be governed by the laws of the State of California without reference to its conflicts of laws principles. The provisions of the U.N. Convention for the International Sale of Goods shall not apply to this Agreement. For any disputes arising under this Agreement, the Parties hereby consent to the personal and exclusive jurisdiction of, and venue in, the state and federal courts within Santa Clara County, California. This Agreement constitutes the entire and sole agreement between Juniper and the Customer with respect to the Software, and supersedes all prior and contemporaneous
iv
Page 5
agreements relating to the Software, whether oral or written (including any inconsistent terms contained in a purchase order), except that the terms of a separate written agreement executed by an authorized Juniper representative and Customer shall govern to the extent such terms are inconsistent or conflict with terms contained herein. No modification to this Agreement nor any waiver of any rights hereunder shall be effective unless expressly assented to in writing by the party to be charged. If any portion of this Agreement is held invalid, the Parties agree that such invalidity shall not affect the validity of the remainder of this Agreement. This Agreement and associated documentation has been written in the English language, and the Parties agree that the English version will govern. (For Canada: Les parties aux présentés confirment leur volonté que cette convention de même que tous les documents y compris tout avis qui s'y rattaché, soient redigés en langue anglaise. (Translation: The parties confirm that this Agreement and all related documentation is and will be in the English language)).
v
Page 6
vi
Page 7
Abbreviated Table of Contents
About This Guide xvii
Part 1 Introduction
Chapter 1 Introduction to JUNOS Software 3
Chapter 2 Hardware Architecture 13
Part 2 JUNOS Software Installation
Chapter 3 Installation Overview 25
Chapter 4 Completing a Standard or Change Category Installation 29
Chapter 5 Completing a Recovery Installation 43
Part 3 JUNOS Software Licenses
Chapter 6 JUNOS Software Licenses Overview 61
Chapter 7 Managing JUNOS Software Licenses 65
Part 4 Index
Index 71
Abbreviated Table of Contents vii
Page 8
JUNOS Release 10.2 Software Installation and Upgrade Guide
viii
Page 9
Table of Contents
About This Guide xvii
JUNOS Documentation and Release Notes ...................................................xvii
Objectives ....................................................................................................xvii
Audience .....................................................................................................xviii
Supported Routing Platforms ......................................................................xviii
Documentation Conventions ........................................................................xix
Documentation Feedback ..............................................................................xx
Requesting Technical Support ......................................................................xxi
Self-Help Online Tools and Resources ....................................................xxi
Opening a Case with JTAC .....................................................................xxi
Part 1 Introduction
Chapter 1 Introduction to JUNOS Software 3
JUNOS Software Overview ..............................................................................3
One Operating System ..............................................................................3
One Software Release ...............................................................................4
One Modular Software Architecture ..........................................................4
Software Naming Convention ..........................................................................4
JUNOS Software Editions .................................................................................5
FIPS 140-2 Security Compliance ......................................................................5
JUNOS Installation Packages ............................................................................6
Installation Media ............................................................................................6
Installation Bundles .........................................................................................7
Installation Modules ........................................................................................7
JUNOS Software Release Numbers ..................................................................8
JUNOS Feature Licenses ..................................................................................9
Software Package Information Security ...........................................................9
Configuration Files ..........................................................................................9
Configuration File Selection Sequence ......................................................9
Remote Storage of Configuration Files ....................................................10
Automatic Installation of Configuration Files (J Series Routers) ......................11
Table of Contents ix
Page 10
JUNOS Release 10.2 Software Installation and Upgrade Guide
Chapter 2 Hardware Architecture 13
Hardware Architecture Overview ..................................................................13
M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers ...........14
Hardware Overview (M Series, MX Series, T Series, and TX Matrix
Routers) ............................................................................................14
System Memory ...............................................................................15
Storage Media ..................................................................................16
Routing Engines and Storage Media Names (M Series, MX Series, T Series,
TX Matrix, and TX Matrix Plus Routers) ............................................16
Boot Sequence (M Series, MX Series, T Series, TX Matrix, and TX Matrix
Plus Routers) ....................................................................................18
J Series Routers .............................................................................................19
Hardware Overview (J Series Routers) ....................................................20
System Memory ...............................................................................20
Storage Media ..................................................................................21
Routing Engines and Storage Media Names (J Series Routers) .................21
Boot Sequence (J Series Routers) .............................................................21
Part 2 JUNOS Software Installation
Chapter 3 Installation Overview 25
Installation Type Overview ............................................................................25
Standard Installation ...............................................................................25
Category Change Installation ..................................................................26
Recovery Installation ..............................................................................26
Installation Categories on the M Series, MX Series, T Series, TX Matrix, and
TX Matrix Plus Routers ...........................................................................26
Installation Categories on the J Series Routers ...............................................27
Verifying PIC Combinations ..........................................................................27
Chapter 4 Completing a Standard or Change Category Installation 29
Checking the Current Configuration and Candidate Software
Compatibility ..........................................................................................30
Determining the JUNOS Software Version .....................................................30
Downloading Software ..................................................................................30
Downloading Software with a Browser ...................................................30
Downloading Software Using the Command-Line Interface ....................31
Connecting to the Console Port .....................................................................32
Backing Up the Current Installation (M Series, MX Series, T Series, TX Matrix,
and TX Matrix Plus Routers) ...................................................................32
x Table of Contents
Page 11
Table of Contents
Backing Up the Current Installation (J Series Routers) ....................................33
Installing the Software Package on a Router with a Single Routing
Engine ....................................................................................................33
Installing the Software Package on a Router with Redundant Routing
Engines ...................................................................................................34
Preparing the Router for the Installation .................................................35
Installing Software on the Backup Routing Engine ..................................36
Installing Software on the Primary Routing Engine .................................37
Finalizing the Installation ........................................................................38
Upgrading Individual Software Packages .......................................................39
Upgrading Routers Using ISSU .......................................................................41
Chapter 5 Completing a Recovery Installation 43
Creating an Emergency Boot Disk .................................................................43
Saving a Rescue Configuration File ................................................................44
Performing a Recovery Installation ...............................................................45
Creating a New Configuration on a Single Routing Engine .............................46
Log In to the Router Console ...................................................................46
Configure Administration User Accounts ................................................47
Add the Management Console to the Network ........................................47
Commit Changes ....................................................................................49
Creating a New Configuration with Redundant Routing Engines ...................51
Configure Administration User Accounts ................................................51
Set Up Routing Engine Configuration Groups ..........................................52
Complete the Management Console Configuration .................................54
Commit and Synchronize Changes .........................................................54
Restoring a Saved Configuration ...................................................................56
Copy Saved Files to the Router ...............................................................57
Load and Commit the Configuration File ................................................57
Part 3 JUNOS Software Licenses
Chapter 6 JUNOS Software Licenses Overview 61
JUNOS Feature Licenses ................................................................................61
License Enforcement .....................................................................................61
Software Feature Licenses .............................................................................62
License Key Components ..............................................................................63
Chapter 7 Managing JUNOS Software Licenses 65
Adding New Licenses ....................................................................................65
Deleting a License .........................................................................................66
Table of Contents xi
Page 12
JUNOS Release 10.2 Software Installation and Upgrade Guide
Saving License Keys ......................................................................................66
Verifying JUNOS Licenses ..............................................................................66
Displaying Installed Licenses ..................................................................66
Displaying License Usage ........................................................................67
Displaying Installed License Keys ...........................................................68
Part 4 Index
Index .............................................................................................................71
xii Table of Contents
Page 13
List of Figures
Part 1 Introduction
Chapter 1 Introduction to JUNOS Software 3
Figure 1: Configuration Selection Sequence ...................................................10
Chapter 2 Hardware Architecture 13
Figure 2: Routing Engines .............................................................................15
Figure 3: J Series Routers (J4300 Shown) .......................................................20
List of Figures xiii
Page 14
JUNOS Release 10.2 Software Installation and Upgrade Guide
xiv List of Figures
Page 15
List of Tables
About This Guide xvii
Table 1: Notice Icons ....................................................................................xix
Table 2: Text and Syntax Conventions .........................................................xix
Part 1 Introduction
Chapter 2 Hardware Architecture 13
Table 3: Routing Engines and Storage Media Names (M Series, MX Series, T
Series, TX Matrix, and TX Matrix Plus Routers) .......................................17
Table 4: Routing Engines and Storage Media Names (J Series Routers) ..........21
Part 3 JUNOS Software Licenses
Chapter 6 JUNOS Software Licenses Overview 61
Table 5: JUNOS Software Feature Licenses ....................................................62
List of Tables xv
Page 16
JUNOS Release 10.2 Software Installation and Upgrade Guide
xvi List of Tables
Page 17
About This Guide
This preface provides the following guidelines for using the JUNOS® Software Software Installation and Upgrade Guide:
JUNOS Documentation and Release Notes on page xvii
Objectives on page xvii
Audience on page xviii
Supported Routing Platforms on page xviii
Documentation Conventions on page xix
Documentation Feedback on page xx
Requesting Technical Support on page xxi
JUNOS Documentation and Release Notes
For a list of related JUNOS documentation, see
http://www.juniper.net/techpubs/software/junos/ .
If the information in the latest release notes differs from the information in the documentation, follow the JUNOS Release Notes.
Objectives
To obtain the most current version of all Juniper Networks® technical documentation, see the product documentation page on the Juniper Networks website at
http://www.juniper.net/techpubs/.
Juniper Networks supports a technical book program to publish books by Juniper Networks engineers and subject matter experts with book publishers around the world. These books go beyond the technical documentation to explore the nuances of network architecture, deployment, and administration using JUNOS Software and Juniper Networks devices. In addition, the Juniper Networks Technical Library, published in conjunction with O'Reilly Media, explores improving network security, reliability, and availability using JUNOS configuration techniques. All the books are for sale at technical bookstores and book outlets around the world. The current list can be viewed at http://www.juniper.net/books .
This guide provides a description of the JUNOS Software packages and includes detailed information about how to initially configure, reinstall, and upgrade the JUNOS system software.
JUNOS Documentation and Release Notes xvii
Page 18
JUNOS Release 10.2 Software Installation and Upgrade Guide
NOTE: For additional information about JUNOS Softwareeither corrections to or information that might have been omitted from this guidesee the software release notes at http://www.juniper.net/.
Audience
This guide is designed for network administrators who are configuring and monitoring a Juniper Networks M Series, MX Series, T Series, EX Series, or J Series router or switch.
To use this guide, you need a broad understanding of networks in general, the Internet in particular, networking principles, and network configuration. You must also be familiar with one or more of the following Internet routing protocols:
Border Gateway Protocol (BGP)
Distance Vector Multicast Routing Protocol (DVMRP)
Intermediate System-to-Intermediate System (IS-IS)
Internet Control Message Protocol (ICMP) router discovery
Internet Group Management Protocol (IGMP)
Multiprotocol Label Switching (MPLS)
Open Shortest Path First (OSPF)
Protocol-Independent Multicast (PIM)
Resource Reservation Protocol (RSVP)
Routing Information Protocol (RIP)
Simple Network Management Protocol (SNMP)
Personnel operating the equipment must be trained and competent; must not conduct themselves in a careless, willfully negligent, or hostile manner; and must abide by the instructions provided by the documentation.
Supported Routing Platforms
For the features described in this manual, the JUNOS Software currently supports the following routers:
J Series
M Series
MX Series
T Series
EX Series
xviii Audience
Page 19
Documentation Conventions
Table 1 on page xix defines notice icons used in this guide.
Table 1: Notice Icons
About This Guide
DescriptionMeaningIcon
Indicates important features or instructions.Informational note
Indicates a situation that might result in loss of data or hardware damage.Caution
Alerts you to the risk of personal injury or death.Warning
Table 2 on page xix defines the text and syntax conventions used in this guide.
Table 2: Text and Syntax Conventions
Bold text like this
Fixed-width text like this
Italic text like this
Alerts you to the risk of personal injury from a laser.Laser warning
Represents text that you type.
Represents output that appears on the terminal screen.
Introduces important new terms.
Identifies book names.
Identifies RFC and Internet draft
titles.
ExamplesDescriptionConvention
To enter configuration mode, type the
configure command:
user@host> configure
user@host> show chassis alarms No alarms currently active
A policy term is a named structure
that defines match conditions and actions.
JUNOS System Basics Configuration
Guide RFC 1997, BGP Communities
Attribute
Italic text like this
Represents variables (options for which you substitute a value) in commands or configuration statements.
Configure the machines domain name:
[edit] root@# set system domain-name
domain-name
Documentation Conventions xix
Page 20
JUNOS Release 10.2 Software Installation and Upgrade Guide
Table 2: Text and Syntax Conventions (continued)
ExamplesDescriptionConvention
Plain text like this
| (pipe symbol)
# (pound sign)
[ ] (square brackets)
Indention and braces ( { } )
; (semicolon)
Represents names of configuration statements, commands, files, and directories; IP addresses; configuration hierarchy levels; or labels on routing platform components.
Enclose optional keywords or variables.< > (angle brackets)
Indicates a choice between the mutually exclusive keywords or variables on either side of the symbol. The set of choices is often enclosed in parentheses for clarity.
Indicates a comment specified on the same line as the configuration statement to which it applies.
Enclose a variable for which you can substitute one or more values.
Identify a level in the configuration hierarchy.
Identifies a leaf statement at a configuration hierarchy level.
To configure a stub area, include
the stub statement at the [edit
protocols ospf area area-id]
hierarchy level. The console port is labeled
CONSOLE.
stub <default-metric metric>;
broadcast | multicast
(string1 | string2 | string3)
rsvp { # Required for dynamic MPLS only
community name members [ community-ids ]
[edit] routing-options {
static {
route default {
nexthop address; retain;
}
}
}
J-Web GUI Conventions
Bold text like this
> (bold right angle bracket)
Documentation Feedback
We encourage you to provide feedback, comments, and suggestions so that we can improve the documentation. You can send your comments to
techpubs-comments@juniper.net, or fill out the documentation feedback form at
https://www.juniper.net/cgi-bin/docbugreport/. If you are using e-mail, be sure to include
the following information with your comments:
Document or topic name
URL or page number
xx Documentation Feedback
Represents J-Web graphical user interface (GUI) items you click or select.
Separates levels in a hierarchy of J-Web selections.
In the Logical Interfaces box, select
All Interfaces. To cancel the configuration, click
Cancel.
In the configuration editor hierarchy, select Protocols>Ospf.
Page 21
Software release version (if applicable)
Requesting Technical Support
Technical product support is available through the Juniper Networks Technical Assistance Center (JTAC). If you are a customer with an active J-Care or JNASC support contract, or are covered under warranty, and need postsales technical support, you can access our tools and resources online or open a case with JTAC.
JTAC policiesFor a complete understanding of our JTAC procedures and policies,
review the JTAC User Guide located at
http://www.juniper.net/us/en/local/pdf/resource-guides/7100059-en.pdf .
Product warrantiesFor product warranty information, visit
http://www.juniper.net/support/warranty/ .
JTAC Hours of Operation The JTAC centers have resources available 24 hours
a day, 7 days a week, 365 days a year.
About This Guide
Self-Help Online Tools and Resources
For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features:
Find CSC offerings: http://www.juniper.net/customers/support/
Search for known bugs: http://www2.juniper.net/kb/
Find product documentation: http://www.juniper.net/techpubs/
Find solutions and answer questions using our Knowledge Base:
http://kb.juniper.net/
Download the latest versions of software and review release notes:
http://www.juniper.net/customers/csc/software/
Search technical bulletins for relevant hardware and software notifications:
https://www.juniper.net/alerts/
Join and participate in the Juniper Networks Community Forum:
http://www.juniper.net/company/communities/
Open a case online in the CSC Case Management tool: http://www.juniper.net/cm/
To verify service entitlement by product serial number, use our Serial Number Entitlement (SNE) Tool: https://tools.juniper.net/SerialNumberEntitlementSearch/
Opening a Case with JTAC
You can open a case with JTAC on the Web or by telephone.
Use the Case Management tool in the CSC at http://www.juniper.net/cm/ .
Call 1-888-314-JTAC (1-888-314-5822 toll-free in the USA, Canada, and Mexico).
Requesting Technical Support xxi
Page 22
JUNOS Release 10.2 Software Installation and Upgrade Guide
For international or direct-dial options in countries without toll-free numbers, visit us at http://www.juniper.net/support/requesting-support.html
xxii Requesting Technical Support
Page 23
Part 1
Introduction
Introduction to JUNOS Software on page 3
Hardware Architecture on page 13
Introduction 1
Page 24
JUNOS Release 10.2 Software Installation and Upgrade Guide
2 Introduction
Page 25
Chapter 1
Introduction to JUNOS Software
This chapter includes the following sections:
JUNOS Software Overview on page 3
Software Naming Convention on page 4
JUNOS Software Editions on page 5
FIPS 140-2 Security Compliance on page 5
JUNOS Installation Packages on page 6
Installation Media on page 6
Installation Bundles on page 7
Installation Modules on page 7
JUNOS Software Release Numbers on page 8
JUNOS Feature Licenses on page 9
Software Package Information Security on page 9
Configuration Files on page 9
Automatic Installation of Configuration Files (J Series Routers) on page 11
JUNOS Software Overview
Juniper Networks provides high-performance network devices that create a responsive and trusted environment for accelerating the deployment of services and applications over a single network. JUNOS Software is the foundation of these high-performance networks. Unlike other complex, monolithic software architectures, JUNOS Software incorporates key design and developmental differences to deliver increased network availability, operational efficiency, and flexibility. The key advantages to this approach are:
One Operating System on page 3
One Software Release on page 4
One Modular Software Architecture on page 4
One Operating System
Unlike other network operating systems that share a common name but splinter into many different programs, JUNOS Software is a single, cohesive operating system that is shared across all routers and product lines. This allows Juniper Networks
JUNOS Software Overview 3
Page 26
JUNOS Release 10.2 Software Installation and Upgrade Guide
engineers to develop software features once and share these features across all product lines simultaneously. Because features are common to a single source, they generally are implemented the same way for all product lines, thus reducing the training required to learn different tools and methods for each product. Because all Juniper Networks products use the same code base, interoperability between products is not an issue.
One Software Release
Each new version of JUNOS Software is released concurrently for all product lines following a preset quarterly schedule. Furthermore, each new version of software must include all working features released in previous releases of the software, and must have no critical regression errors. This discipline ensures reliable operations for the entire release.
One Modular Software Architecture
Although individual modules of the JUNOS Software communicate through well-defined interfaces, each module runs in its own protected memory space, preventing one module from disrupting another. This separation enables the independent restart of each module as necessary. This is in contrast to monolithic operating systems where a malfunction in one module can ripple to other modules and cause a full system crash or restart. This modular architecture then provides for high performance, high availability, security, and device scalability not found in other operating systems.
The JUNOS Software is preinstalled on your Juniper Networks router when you receive it from the factory. Thus, when you first power on the router, all software starts automatically. You simply need to configure the software so that the router can participate in the network.
You can upgrade the router software as new features are added or software problems are fixed. You normally obtain new software by downloading the software installation packages from the Juniper Networks Support Web page onto your router or onto another system on your local network. You then install the software upgrade onto the router.
Juniper Networks routing platforms run only binaries supplied by Juniper Networks. Each JUNOS Software image includes a digitally signed manifest of executables that are registered with the system only if the signature can be validated. JUNOS Software will not execute any binary without a registered signature. This feature protects the system against unauthorized software and activity that might compromise the integrity of your router.
Related Topics Impacts of the Operating System on the Performance of Enterprise Networks white paper:
http://www.juniper.net/solutions/literature/white_papers/200239.pdf
Software Naming Convention
All JUNOS Software conforms to the following naming convention:
4 Software Naming Convention
Page 27
package-release-edition-cfxxx-signed.comp
For example:
jinstall-9.2R1.8–domestic-signed.tgz
where:
package is the name of the JUNOS package.
cfxxx designates the CompactFlash card size to use with the software. This value
is optional.
signed means that the software includes a digital signature for verification
purposes. This value is not used with all software packages.
JUNOS Software Editions
JUNOS Software is released in the following editions:
Chapter 1: Introduction to JUNOS Software
DomesticJUNOS Software for customers in the United States and Canada. This
edition includes high-encryption capabilities for data leaving the router.
ExportJUNOS Software for all other customers. This edition does not include
any high-encryption capabilities for data leaving the router.
JUNOS-FIPSJUNOS Software that provides advanced network security for
customers who need software tools to configure a network of Juniper Networks routers in a Federal Information Processing Standards (FIPS) 140-2 environment. For more information about JUNOS-FIPS, see FIPS 140-2 Security Compliance on page 5.
FIPS 140-2 Security Compliance
For advanced network security, a special version of JUNOS, called JUNOS-FIPS 140-2, is available. JUNOS-FIPS 140-2 provides customers with software tools to configure a network of Juniper Networks routers in a FIPS environment. FIPS support includes:
Upgrade package to convert JUNOS to JUNOS-FIPS 140-2
Revised installation and configuration procedures
Enforced security for remote access
FIPS user roles (Crypto Officer, User, and Maintenance)
FIPS-specific system logging and error messages
IPsec configuration for Routing Engine–to–Routing Engine communication
Enhanced password creation and encryption
JUNOS-FIPS has special installation and configuration requirements. Installation procedures include downloading the FIPS software package from www.juniper.net. For detailed guidelines on how installation and configuration procedures differ between JUNOS and JUNOS-FIPS 140-2, see the Secure Configuration Guide for Common Criteria and JUNOS-FIPS.
JUNOS Software Editions 5
Page 28
JUNOS Release 10.2 Software Installation and Upgrade Guide
NOTE: JUNOS-FIPS has special password requirements. FIPS passwords must be between 10 and 20 characters in length. Passwords must use at least three of the five defined character sets (uppercase letters, lowercase letters, digits, punctuation marks, and other special characters). If JUNOS-FIPS is installed on the router, you cannot configure passwords unless they meet this standard.
JUNOS Installation Packages
The installation package is used to upgrade and downgrade from one release to another. When installed, the installation package completely reinstalls the software, rebuilds the JUNOS file system, and may erase system logs and other auxiliary information from the previous installation. The installation package does, however, retain the configuration files from the previous installation.
The following installation packages are available for download:
Installation Media
DescriptionInstallation Package
jinstall*
jinstall-ex*
junos-jsr*
junos-juniper*
JUNOS Software for the M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus routers.
JUNOS Software for the EX Series Ethernet switch portfolio.
JUNOS Software for the J Series routers.
JUNOS-FIPS for the M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus routers.
Once the package is installed on a device, you cannot revert back to the standard JUNOS Software installation without performing a software recovery procedure.
The installation media is used to recover a router from a software failure. The installation media repartitions the media and completely reinstalls the JUNOS Software. No information from previous installations is retained during this installation. Thus, an initial configuration is required before the router can be put back into service. For more information on creating an initial configuration, see the Getting Started Guide for your router.
NOTE: Once you have rebuilt a router using the installation media, access to the router is restricted to the console port until the management port is configured during the initial configuration.
6 JUNOS Installation Packages
Page 29
Chapter 1: Introduction to JUNOS Software
The following installation media files are available for download:
DescriptionInstallation Media
floppy1–<release>*
floppy2–<release>*
JUNOS Software for the M40 router when you use the LS-120 external drive.
Installation Bundles
install-media*
junos-jsr-<release>-export-cf<size>.gz
JUNOS Software for the M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus routers.
JUNOS Software for the J Series routers. You must select the correct installation media file that corresponds to the correct CompactFlash card you are using.
The installation bundle can be used to downgrade or upgrade the JUNOS Software between minor revisions (from Release 9.1 to Release 9.2, for example). When used, the installation bundle modifies only the files required for the upgrade or downgrade between versions.
NOTE: You should only use the installation bundle under direction of a Juniper Networks support representative.
The following installation bundle files are available for download:
DescriptionInstallation Bundle
jbundle*
JUNOS Software for the M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus routers.
Installation Modules
Installation modules are used to upgrade individual software modules within the software. For example, you can upgrade only the Routing Engine software by installing the jroute* installation module.
NOTE: You should only use installation module files under the direction of a Juniper Networks support representative.
The following installation module files are available for download:
DescriptionInstallation Module
Installation Bundles 7
Page 30
JUNOS Release 10.2 Software Installation and Upgrade Guide
jkernel*
jbase*
jroute*
jpfe*
jdocs*
jcrypto*
jweb*
JUNOS Software Release Numbers
The kernel and network tools package. This package contains the basic operating system files.
The base package for the JUNOS Software. This package contains additions to the operating system.
The Routing Engine package. This package contains the Routing Engine software.
The Packet Forwarding Engine package. This package contains the PFE software.
The documentation package. This package contains the documentation set for the software.
The encryption package. This package contains the domestic version of the security software.
The J-Web package. This package contains the graphical user interface software for M Series, MX Series, T Series, TX Matrix, TX Matrix Plus, and J Series routers.
The JUNOS Software release number represents a particular revision of the software that runs on a Juniper Networks routing platform, for example, JUNOS Release 8.5,
9.1, or 9.2. Each JUNOS Software release has certain new features that complement the software processes that support Internet routing protocols, control the routers interfaces and the router chassis itself, and allow router system management. On the Juniper Networks Support Web page, you download JUNOS Software for a particular JUNOS Software release number.
The following example shows how the software release number is formatted:
m.nZb.s
For example:
9.2R1.8
Where:
m is the major release number of the product
n is the minor release number of the product
Z is the type of software release. The following release types are used:
RReleased software
BBeta release software
IInternal release software
8 JUNOS Software Release Numbers
Page 31
b is the build number of the product
s is the spin number of the product
JUNOS Feature Licenses
To enable some JUNOS Software features or router scaling levels, you may need to purchase, install, and manage separate software license packs. The presence, on the router, of the appropriate software license keys (passwords) determines whether you can configure and use certain features or configure a feature to a predetermined scale.
For information about how to purchase JUNOS Software licenses, contact your Juniper Networks sales representative.
As an honor-based licensing structure, JUNOS feature and scaling licenses are universal, and the same feature or scaling key can be installed and configured on multiple routers. However, to conform to JUNOS feature or scale licensing requirements, you must purchase one license per router.
Chapter 1: Introduction to JUNOS Software
Software Package Information Security
All JUNOS Software is delivered in signed packages that contain digital signatures, Secure Hash Algorithm (SHA-1), and Message Digest 5 (MD5) checksums. A package is installed only if the checksum within it matches the hash recorded in its corresponding file. Which checksum is used depends on the software version:
Digital signatures are used when you upgrade or downgrade between
JUNOS Release 7.0 and a later version.
The SHA-1 checksum is used when you upgrade or downgrade between
JUNOS Release 6.4 and a later version.
The MD5 checksum is used when you upgrade or downgrade between
JUNOS Release 6.3 or earlier and a later version.
Configuration Files
All configuration settings for the router are handled in the configuration files on the router. These files are saved in the /config directory on the router.
Configuration File Selection Sequence
During the boot process, the router is configured based on a predefined configuration file. The router selects the configuration file based on the sequence shown in Figure 1 on page 10.
JUNOS Feature Licenses 9
Page 32
JUNOS Release 10.2 Software Installation and Upgrade Guide
Figure 1: Configuration Selection Sequence
1.
/config/juniper.conf—Active configuration file.
2.
/config/rescue.conf—Rescue configuration file. This file is created by the router
administrator.
3.
/config/juniper.conf.1—First rollback configuration.
4.
/etc/config/factory.conf—Default factory configuration file.
The factory.conf file is the initial router configuration file shipped with the system. All configuration settings are returned to the factory default, and access to the router is restricted to the console. For more information on setting up your router from the factory default configuration, see the specific hardware guide for your router.
Remote Storage of Configuration Files
Configuration files can be stored off the router. This can be helpful if the router encounters a software failure or other problem that forces you to restore the routers software. Once the software is restored, you can then reload the saved configuration file. For more information on restoring the JUNOS Software, see Load and Commit the Configuration File on page 57.
When the configuration file is stored off the router, you can encrypt the configuration files using the Data Encryption Standard (DES) encryption algorithm.
10 Configuration Files
Page 33
Chapter 1: Introduction to JUNOS Software
Automatic Installation of Configuration Files (J Series Routers)
On J Series routers, you can specify a remote server where configuration files are located. If a configuration file cannot be found on the routers CompactFlash card, the router automatically retrieves the configuration file from this remote server. For security purposes, you can encrypt these remote files using the DES cipher, and once they have been retrieved, the router decrypts them for use on the server.
To encrypt the files, we recommend the openSSL tool. You can get the openSSL tool at: http://www.openssl.org/. To encrypt the file, use the following syntax:
% openssl enc -des -k passphrase -in original-file -out encrypted-file
passphrase—Passphrase used to encrypt the configuration file. The passphrase
should be the name of the file without the path information or file extension.
original-fileUnencrypted configuration file.
encrypted-file—Name of the encrypted configuration file.
For example, if you are encrypting the active configuration file juniper.conf.gz, the passphrase is juniper.conf. The openSSL syntax used to encrypt the file is:
% openssl enc -des -k juniper.conf -in juniper.conf.gz -out juniper.conf.gz.enc
For more information about the automatic installation feature, see the J Series Services Router Administration Guide.
Automatic Installation of Configuration Files (J Series Routers) 11
Page 34
JUNOS Release 10.2 Software Installation and Upgrade Guide
12 Automatic Installation of Configuration Files (J Series Routers)
Page 35
Chapter 2
Hardware Architecture
Hardware Architecture Overview on page 13
M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers on page 14
J Series Routers on page 19
Hardware Architecture Overview
Juniper Network routing platforms are made up of two basic routing components:
Routing EngineThe Routing Engine controls the routing updates and system
management.
Packet Forwarding Engine (PFE)The Packet Forwarding Engine performs
Layer 2 and Layer 3 packet switching, route lookups, and packet forwarding.
From a system administration perspective, you install the software onto the Routing Engine and during the installation, the appropriate software is forwarded to other components as necessary. Each Routing Engine includes a CompactFlash card that stores the JUNOS Software. On the M Series, MX Series, T Series, and TX Matrix routers, the system also includes a hard drive that acts as a backup boot drive. The TX Matrix Plus router includes either a hard drive or a solid state drive as a backup boot drive.
NOTE: The MX80 router is a single-board router with a built-in Routing Engine and single Packet Forwarding Engine. On an MX80 router, the JUNOS Software is stored on dual, internal NAND flash devices. These devices provide the same functionality as a CompactFlash card and hard drive.
On routing platforms with dual Routing Engines, each Routing Engine is independent with regard to upgrading the software. To install new software on both Routing Engines, you need to install the new software on each Routing Engine. On platforms with dual Routing Engines configured for high availability, you can use the unified in-service software upgrade procedure to upgrade the software. For more information on this procedure, see the JUNOS High Availability Configuration Guide.
Hardware Architecture Overview 13
Page 36
JUNOS Release 10.2 Software Installation and Upgrade Guide
M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers
The following topics give a brief overview of the M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus routers.
Hardware Overview (M Series, MX Series, T Series, and TX Matrix
Routers) on page 14
Routing Engines and Storage Media Names (M Series, MX Series, T Series, TX
Matrix, and TX Matrix Plus Routers) on page 16
Boot Sequence (M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus
Routers) on page 18
Hardware Overview (M Series, MX Series, T Series, and TX Matrix Routers)
Except for MX80 routers, the JUNOS Software is installed on both the CompactFlash card and the hard drive. When installed, the internal CompactFlash card is the primary boot device and the hard drive is the secondary boot device. When the internal CompactFlash card is not installed, the hard drive is the primary boot device. Figure 2 on page 15 shows the standard layout of a typical Routing Engine. On MX80 routers, the internal NAND flash devices (first da0, then da1) act as the primary and secondary boot devices.
14 M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers
Page 37
Figure 2: Routing Engines
Chapter 2: Hardware Architecture
The M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus routers include the following:
System Memory on page 15
Storage Media on page 16
System Memory
Starting with JUNOS Release 9.0, all routing platforms require a minimum of 512 MB of system memory on each Routing Engine. All M7i and M10i routers delivered before December 7, 2007, had 256 MB of memory. These routers require a system memory upgrade before you install JUNOS Release 9.0. To determine the amount of memory currently installed on your system, use the show chassis routing-engine command in the command-line interface (CLI).
Hardware Overview (M Series, MX Series, T Series, and TX Matrix Routers) 15
Page 38
JUNOS Release 10.2 Software Installation and Upgrade Guide
For more information about upgrading your M7i or M10i router, see the Customer Support Center JTAC Technical Bulletin PSN-2007-10-001:
https://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2007-10-001&actionBtn=Search.
Storage Media
Except for MX80 routers, the M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus routers use the following media storage devices:
CompactFlash cardThe CompactFlash card is typically the primary storage
device. M7i and M10i routers are not usually delivered from the factory with the CompactFlash card installed. In this case, the hard drive is the primary and only boot device. The M7i and M10i routers can be upgraded to include the CompactFlash card.
Hard drive or solid state driveThe hard drive is normally the secondary boot
device for M Series, MX Series, T Series, and TX Matrix routers. The TX Matrix Plus router includes either a hard drive or a solid state drive as the secondary boot device. When the CompactFlash card is not installed on the router, the hard drive or the solid state drive becomes the primary boot drive. It is also used to store system log files and diagnostic dump files.
External media storage deviceDepending on the system, the external device
can be a CompactFlash card, a USB storage device, or an LS-120 floppy disk.
On MX80 routers, the internal NAND flash devices (first da0, then da1) act as the primary and secondary boot devices.
The external devices are emergency boot devices and can be used to revive a routing platform with damaged JUNOS Software. When these external devices are attached to the system, the router attempts to boot from these devices before it boots from the internal CompactFlash drive, the hard drive, or internal flash device.
When booting from the external emergency boot disk, the router requests a boot acknowledgment from you on the console interface. If you enter yes, the external media repartitions the internal primary drive and reloads the JUNOS Software onto that drive. When the loading is complete, the routing platform requests that you remove the external media and reboot the system. Once the reboot is complete, you must perform an initial configuration of the router before it can be used on your network.
Routing Engines and Storage Media Names (M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers)
Table 3 on page 17 specifies the storage media names by Routing Engine. The storage media device names are displayed when the router boots.
16 Routing Engines and Storage Media Names (M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers)
Page 39
Chapter 2: Hardware Architecture
Table 3: Routing Engines and Storage Media Names (M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers)
Supported platforms: M7i and M10i
Supported platforms: M20 and M40e
Supported platforms: M7i and M10i
Supported platforms: M120
Supported platforms: MX240, MX480, and MX960
CompactFlash CardRouting Engine
Hard Disk
Removable Media
ad3ad1ad0RE-400-768 (RE5)
ad3ad1ad0RE-600-2048 (RE3)
ad3ad1ad0RE-850-1536 (RE-850)
da0ad2ad0RE-A-1000-2048 (RE-A-1000)
da0ad2ad0RE-S-1300-2048 (RE-S-1300)
Supported platforms: M320, T320, T640, T1600, and the TX Matrix
Supported platforms: M120, M320, MX240, MX480, MX960, T320, T640, T1600, and the TX Matrix
Supported platforms: T1600, and the TX Matrix Plus
Supported platforms: T1600, and the TX Matrix Plus
ad3 and ad4ad1ad0RE-1600-2048 (RE4)
da0ad2ad0RE-A-2000-4096 (RE-A-2000)
da0ad1ad0RE-DUO-C2600-16G–S (SFC-RE)
da0ad1ad0RE-DUO-C1800-8G–S (LCC-RE)
Routing Engines and Storage Media Names (M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers) 17
Page 40
JUNOS Release 10.2 Software Installation and Upgrade Guide
NOTE: On MX80 routers, the Routing Engine is a built-in device and has no model number. The dual internal NAND flash devices are da0 and da1. The USB storage device is da2.
To view the storage media currently available on your system, use the CLI show
system storage command. For more information about this command, see the JUNOS
CLI User's Guide.
Boot Sequence (M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers)
tThe M Series, MX Series (except for the MX80 routers), T Series, and TX Matrix routers attempt to boot from the storage media in the following order:
1. Removable media
2. CompactFlash card (if available)
3. Hard disk
MX80 routers attempt to boot from the storage media in the following order:
1. USB media
2.
Dual, internal NAND flash device (first da0, then da1)
The TX Matrix Plus router attempts to boot from the storage media in the following order:
1. USB media
2. CompactFlash card (if available)
3. Disk 1
4. Storage media available on the LAN
NOTE: Do not insert the removable media during normal operations. The router does not operate normally when it is booted from the removable media.
If the router boots from an alternate boot device, the JUNOS Software displays a message indicating this when you log in to the router. For example, the following message shows that the software booted from the hard disk (/dev/ad2s1a):
login: username Password: password Last login: date on terminal
--- JUNOS 8.0 R1 built date
---
--- NOTICE: System is running on alternate media device (/dev/ad2s1a).
18 Boot Sequence (M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers)
Page 41
Chapter 2: Hardware Architecture
Related Topics Router Architecture for M Series Routers and T Series Routers:
J Series Routers
http://www.juniper.net/techpubs/software/nog/nog-baseline/html/juniper-routers3.html
Hardware Components of the M Series and T Series Routers:
http://www.juniper.net/techpubs/software/nog/nog-baseline/html/juniper-routers7.html
The following topics give a brief overview of the J Series routers.
Hardware Overview (J Series Routers) on page 20
Routing Engines and Storage Media Names (J Series Routers) on page 21
Boot Sequence (J Series Routers) on page 21
J Series Routers 19
Page 42
JUNOS Release 10.2 Software Installation and Upgrade Guide
Hardware Overview (J Series Routers)
The JUNOS Software is installed on the internal CompactFlash card. This internal CompactFlash card is the primary and only boot drive on the J Series routers when they are delivered from the factory. All J Series routers have one or more USB ports. The 4300 and 6300 J Series routers also include an external CompactFlash card slot. You can install external storage devices through the USB ports and CompactFlash card slots. When external storage devices are installed, these external devices can be used as backup boot drives. You can also create a backup internal boot drive on any externally attached CompactFlash card. This CompactFlash card can then be used to replace the internal CompactFlash card on the J Series router in the event that the internal card is damaged or otherwise made unusable by the router. Figure 3 on page 20 shows the location of the memory and ports on a J Series router.
Figure 3: J Series Routers (J4300 Shown)
The J Series routers include the following:
System Memory on page 20
Storage Media on page 21
System Memory
Starting with JUNOS Release 9.1, all J Series routers require a minimum of 512 MB of router memory on each Routing Engine. Any router without this minimum requires a system memory upgrade before you install JUNOS Release 9.1. To determine the amount of memory currently installed on your router, use the CLI show chassis
routing-engine command.
For more information about memory requirements for the J Series routers, see the Customer Support Center JTAC Technical Bulletin PSN-2008-04-021:
http://www.juniper.net/alerts/viewalert.jsp?txtAlertNumber=PSN-2008-04-021&actionBtn=Search.
20 Hardware Overview (J Series Routers)
Page 43
Storage Media
The J Series routers use the following media storage devices:
Internal CompactFlash cardThe CompactFlash card is the primary boot device.
External media deviceDepending on the system, this external device can be
a CompactFlash card or a USB storage device. Juniper Networks recommends that you attach an external device to the system and use this external device as the backup boot device for the system.
Routing Engines and Storage Media Names (J Series Routers)
Table 4 on page 21 specifies the storage media names used by the J Series routers. The storage media device names are displayed as the router boots.
Table 4: Routing Engines and Storage Media Names (J Series Routers)
Chapter 2: Hardware Architecture
To view the storage media currently available on your system, use the CLI show
system storage command. For more information about this command, see the JUNOS
CLI User's Guide.
Boot Sequence (J Series Routers)
The router attempts to boot from the storage media in the following order:
1. Internal CompactFlash card
2. External CompactFlash card (J4300 and J6300 routers only)
3. USB storage media device
Internal CompactFlash CardRouting Engine
External CompactFlash Card J4300 and J6300 Routers Only
USB Storage Media Devices
da0ad2ad0J Series Routers
Routing Engines and Storage Media Names (J Series Routers) 21
Page 44
JUNOS Release 10.2 Software Installation and Upgrade Guide
22 Boot Sequence (J Series Routers)
Page 45
Part 2
JUNOS Software Installation
Installation Overview on page 25
Completing a Standard or Change Category Installation on page 29
Completing a Recovery Installation on page 43
JUNOS Software Installation 23
Page 46
JUNOS Release 10.2 Software Installation and Upgrade Guide
24 JUNOS Software Installation
Page 47
Chapter 3
Installation Overview
This section describes how to install a different JUNOS Software version on a routing platform, for example, upgrading from JUNOS Release 8.4 to JUNOS Release 9.2. This chapter covers the different methods used to upgrade and downgrade the software and why each method is employed. It also covers the options available to you during the installation process as well as issues that you need to understand before you start an installation process.
This chapter includes the following topics:
Installation Type Overview on page 25
Installation Categories on the M Series, MX Series, T Series, TX Matrix, and TX
Matrix Plus Routers on page 26
Installation Categories on the J Series Routers on page 27
Verifying PIC Combinations on page 27
Installation Type Overview
The three types of installations used to upgrade or downgrade your routing platform are standard installation, category change, and recovery. The standard installation is the standard method of upgrading and downgrading the software. Use a category change installation when you are moving from one software category to another; for example, if you are changing the router from using the standard JUNOS Software to the JUNOS-FIPS category. Perform a recovery installation when the software on the router is damaged or otherwise unable to accommodate a software upgrade or downgrade.
Standard Installation
A standard installation is the typical method used to upgrade or downgrade software on the server. This method uses the installation package that matches the installation package already installed on the system. For example, you might upgrade an M120 router running the JUNOS Software installed using the jinstall* installation package. If you upgrade the router from the 9.0R2.10 release to the 9.1R1.8 release, you use the jinstall-9.1R1.8–domestic-signed.tgz installation package. For information on the different installation packages available, see JUNOS Installation Packages on page 6.
Installation Type Overview 25
Page 48
JUNOS Release 10.2 Software Installation and Upgrade Guide
Category Change Installation
The category change installation process is used to move from one category of the JUNOS Software to another on the same router; for example, moving from a JUNOS standard installation on an M Series, MX Series, or T Series router to a JUNOS FIPS installation. When moving from one installation category to another, you need to be aware of the restrictions regarding this change.
NOTE: Juniper Networks does not support using the request system software rollback command to restore a different installation category on the router. When installing a different JUNOS Software category on a router, once the installation is complete, you should execute a request system snapshot command to delete the backup installation from the system.
Recovery Installation
A recovery installation is performed to repair a router with damaged software or a condition that prevents the upgrade, downgrade, or change in installation category of the software.
For example, you may need to perform a recovery installation to change a routers software category from JUNOS-FIPS to standard JUNOS.
Installation Categories on the M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers
The following installation categories are available with the M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus routers:
Standard JUNOS Software, domesticjinstall-<release>-domestic-signed.tgz
This software includes high-encryption capabilities for data leaving the router. Because of U.S. government export restrictions, this software can only be installed on systems within the United States and Canada. Furthermore, no router can be shipped out of the United States. or Canada without the domestic edition first being overwritten by the export edition. There are no current system-enforced restrictions when you install this software category.
Standard JUNOS Software, exportjinstall-<release>-export-signed.tgz
This software does not include high-encryption capabilities. It can be installed on any system worldwide. There are no current system-enforced restrictions when you install this software category.
JUNOS-FIPSjunos-juniper-<release>-domestic-signed.tgz and
junos-juniper-<release>-fips-signed.tgz
The JUNOS-FIPS Software base provides customers with the software tools to configure the router for use within a Federal Information Processing Standards (FIPS) environment. Once you have installed this software category onto a router, you cannot install a different software category on the router using the request
26 Installation Categories on the M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers
Page 49
Chapter 3: Installation Overview
system software add command. When attempting to install a different JUNOS
Software category package on the router, you receive the following warning message:
WARNING: Package jinstall-<release>-<edition>-signed is not compatible with this system. WARNING: Please install a supported package (junos-juniper-*.tgz).
To return to a standard JUNOS Software category installation, you must perform a system recovery installation of the software. All configuration files, logs, and other data files on the server are overwritten during a recovery installation.
For more information about the JUNOS-FIPS Software base, see FIPS 140-2 Security Compliance on page 5.
NOTE: When you install a JUNOS Software installation package, the previous installation is maintained as a backup installation. You should issue a request system
software snapshot command to overwrite the backup files any time you change
software categories on a router. This is mandatory if the router is to be shipped outside of the United States or Canada after the Export edition of the JUNOS Software has been installed. There are no current system-enforced restrictions when you install this software category,
Installation Categories on the J Series Routers
The following installation categories are available with the J Series routers:
JUNOS Software, domesticjunos-jsr-<release>-domestic.tgz
This software includes high-encryption capabilities for data leaving the router. Because of U.S. Government export restrictions, this software can only be installed on systems within the United States and Canada. Furthermore, no router can be shipped out of the U.S. or Canada without first overwriting the domestic edition with the worldwide edition. There are no current system-enforced restrictions when you install this software category.
JUNOS, exportjunos-jsr-<release>-export.tgz
This software does not include high-encryption capabilities. It can be installed on any system worldwide. There are no current system-enforced restrictions when you install this software category.
Verifying PIC Combinations
On Juniper Networks routing platforms, you can typically install any combination of Physical Interface Cards (PICs) on a single Enhanced Flexible PIC Concentrator (FPC) or in two PIC slots served by a single Layer 2/Layer 3 Packet Processing application-specific integrated circuit (ASIC).
Installation Categories on the J Series Routers 27
Page 50
JUNOS Release 10.2 Software Installation and Upgrade Guide
Newer JUNOS services for some PICs can require significant Internet Processor ASIC memory, and some configuration rules limit certain combinations of PICs if they are installed on some platforms.
During software installation, the configuration checker in the installation program checks the routers PICs. If any configuration rules affect your PIC combinations, the installation process stops and displays a message similar to the following:
The combination of PICS in FPC slot 3 is not supported with this release PIC slot 0 ­ PIC slot 1 - 1x OC-12 ATM-II IQ PIC slot 2 - 1x G/E IQ, 1000 BASE PIC slot 3 - 1x Link Service (4) If you continue the installation, one or more PICs on FPC slot 3 might appear to be online but cannot be enabled and cannot pass traffic with this release of JUNOS. See the Release Notes for more information. WARNING: This installation attempt will be aborted. If you WARNING: wish to force the installation despite these warnings WARNING: you may use the 'force' option on the command line. pkg_add: package /var/tmp/jbundle-7.6R1.x-domestic-signed.tgz fails requirements
- not installed
The configuration checker has the following limitations:
If a PIC is offline when you upgrade the router with new software, the
configuration checker cannot detect PIC combinations affected by configuration rules and cannot warn about them.
If you specify the force option when you upgrade the JUNOS Software, the configuration checker warns about the affected PIC combination and the software installation continues. However, after rebooting, one or more PICs might fail to initialize.
The configuration checker looks for combinations of three affected PICs. If an
Enhanced FPC contains four affected PICs, the script generates multiple warnings.
If you install a PIC into a router already running JUNOS Software, you can identify the presence of affected PIC combinations from messages in the system logging (syslog) file:
Feb 6 17:57:40 CE1 feb BCHIP 0: uCode overflow - needs 129 inst space to load b3_atm2_LSI_decode for stream 12 Feb 6 17:57:41 CE1 chassisd[2314]: CHASSISD_IFDEV_DETACH_PIC: ifdev_detach_pic(0/3) Feb 6 17:57:41 CE1 feb BCHIP 0: binding b3_atm2_LSI_decode to stream 12 failed Feb 6 17:57:41 CE1 feb PFE: can not bind B3 ucode prog b3_atm2_LSI_decode to FPC 0: stream 12
For more information about checking for unsupported PIC combinations, see the corresponding PIC guide for your router, the JUNOS Release Notes, and Technical Support Bulletin PSN-2004-12-002, PIC Combination Notes Summary on the Juniper Networks Support Web site at http://www.juniper.net/support/.
28 Verifying PIC Combinations
Page 51
Chapter 4
Completing a Standard or Change Category Installation
This chapter describes how to perform a standard or change category installation of the JUNOS Software.
For information about JUNOS Software media and packages, see Introduction to JUNOS Software on page 3. For information on the installation process, see Installation Overview on page 25
NOTE: When you upgrade from a previous installation of the JUNOS Software to Release 8.4R1 or later on an MX Series router, the MAC addresses on the Dense Port Concentrator (DPC) Ethernet ports change.
The change category installation process is used to move from one category of the JUNOS Software to another. For example, you can move from standard JUNOS on an M Series router to the export version of JUNOS Software. When performing a software category change, you need to take special precautions during the installation. These precautions delete the previous installation and prevent users from rolling back the server to these older installations.
This chapter discusses the following topics:
Checking the Current Configuration and Candidate Software
Compatibility on page 30
Determining the JUNOS Software Version on page 30
Downloading Software on page 30
Connecting to the Console Port on page 32
Backing Up the Current Installation (M Series, MX Series, T Series, TX Matrix,
and TX Matrix Plus Routers) on page 32
Backing Up the Current Installation (J Series Routers) on page 33
Installing the Software Package on a Router with a Single Routing
Engine on page 33
Installing the Software Package on a Router with Redundant Routing
Engines on page 34
Upgrading Individual Software Packages on page 39
Upgrading Routers Using ISSU on page 41
29
Page 52
JUNOS Release 10.2 Software Installation and Upgrade Guide
Checking the Current Configuration and Candidate Software Compatibility
When you upgrade or downgrade JUNOS Software, we recommend that you include the validate option with the request system software add command to check that the candidate software is compatible with the current configuration. By default, when you add a package with a different release number, the validation check is done automatically. For more information about the request system software add command, see the JUNOS System Basics and Services Command Reference.
Determining the JUNOS Software Version
To determine which software packages are running on the router and to get information about these packages, use the show version operational mode command at the top level of the command-line interface (CLI).
NOTE: The show version command does not show the software category installed, only the release number of the software.
Downloading Software
You can download the software in one of two ways: downloading the file in a browser or using FTP on the command line:
Downloading Software with a Browser on page 30
Downloading Software Using the Command-Line Interface on page 31
Downloading Software with a Browser
You download the software package you need from the Juniper Networks Support Web site at http://www.juniper.net/support/.
NOTE: To access the download section, you must have a service contract and an access account. If you need help obtaining an account, complete the registration form at the Juniper Networks Web site: https://www.juniper.net/registration/Register.jsp.
To download the software:
1.
In a browser, go to http://www.juniper.net/support/.
The Support page opens.
2. In the Download Software section, select the software version to download.
Depending on your location, select JUNOS Canada and US, or JUNOS Worldwide.
3. Select the current release to download.
4. Click the Software tab and select the JUNOS Installation Package to download.
30 Checking the Current Configuration and Candidate Software Compatibility
Page 53
Chapter 4: Completing a Standard or Change Category Installation
A dialog box opens.
5. Save the file to your system. If you are placing the file on a remote system, you
must make sure that the file can be accessible by the router using HTTP, FTP, or scp.
Downloading Software Using the Command-Line Interface
You download the software package you need from the Juniper Networks Support Web site at http://www.juniper.net/support/.
NOTE: To access the download section, you must have a service contract and an access account. If you need help obtaining an account, complete the registration form at the Juniper Networks Web site: https://www.juniper.net/registration/Register.jsp.
To download the software:
1.
On the command line, initiate an FTP session with the server ftp.juniper.net:
ftp ftp.juniper.net
2. Log in with your customer support–supplied username and password:
User <black.juniper.net:<none>>: username 331 Password required for username. Password: password
Once validated, the FTP session opens.
3. Navigate to the correct software directory.
The FTP server software download directory structure is as follows:
/volume/download/docroot/software/<version>/<release>
Available directories include:
versionThe software version.
junos
junos-export
junos-fips
release—The software release. For more information on release numbers,
see JUNOS Software Release Numbers on page 8.
4. Set the file transfer mode to binary:
5. Specify the directory in which you wish to place the file.
bin
Type set to 1.
Downloading Software Using the Command-Line Interface 31
Page 54
JUNOS Release 10.2 Software Installation and Upgrade Guide
On Juniper Networks servers running the JUNOS operating system, installation files are typically placed in the /var/tmp directory. If you are placing the file on a remote system, you must make sure that the file can be accessed by the router using HTTP, FTP, or scp.
lcd /var/tmp
Local directory now /var/tmp.
6. Download the installation file:
get <filename>
7. Close the FTP session:
bye
Goodbye.
Connecting to the Console Port
The console port is a data terminal equipment (DTE) interface, providing a direct and continuous interface with the router. It is important to connect to the console during installation procedures so you can respond to any required user input and detect any errors that may occur.
For more information about connecting to the console port, see the administration guide for your particular router.
Backing Up the Current Installation (M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers)
You should back up the current installation so that you can return to the current software installation. In a dual Routing Engine system, you need to back up both Routing Engines. This section covers the following:
The installation process using the installation package (jinstall*, for example) removes all stored files on the router except the juniper.conf and SSH files. Therefore, you should back up your current configuration in case you need to return to the current software installation after running the installation program.
To back up the JUNOS Software on the M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus routers, issue the request system snapshot CLI operational command. This command saves the current software installation on the hard drive.
NOTE: On M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus routers with dual Routing Engines, complete this operation on both Routing Engines. On routers without a CompactFlash card, where the hard drive is the primary boot device, you cannot back up your software installation.
32 Connecting to the Console Port
Page 55
Chapter 4: Completing a Standard or Change Category Installation
When the request system snapshot command is issued, the /root file system is backed up to /altroot, and /config is backed up to /altconfig. The /root and /config file systems are on the routers CompactFlash card, and the /altroot and /altconfig file systems are on the routers hard disk. When the backup is completed, the current and backup software installations are identical.
To copy the files to the routers hard disk, use the following command:
user@host> request system snapshot
Backing Up the Current Installation (J Series Routers)
You should back up the current installation so that you can return to the current software installation. In a dual Routing Engine system, you need to back up both Routing Engines. This section covers the following:
The installation process using the installation package (junos-jsr*) removes all stored files on the router except the juniper.conf and SSH files. Therefore, you should back up your current configuration in case you need to return to the current software installation after running the installation program.
These instructions offer the minimum steps required to create a backup during the installation process. For a complete description of the backup process on the J Series routers, see the J Series Services Router Administration Guide and the JUNOS Software Systems Basics Configuration Guide.
To back up the JUNOS Software on the J Series routers:
1. Attach an external memory device to the router.
NOTE: Even when attached to a J Series router, the USB memory device is not listed as a storage device in the show system storage CLI command output. You can view the installed USB memory device on the J-Web interfaces system monitor screen.
2.
Issue the request system snapshot media usb command.
The current software installation and configuration are saved on the external USB storage device.
Installing the Software Package on a Router with a Single Routing Engine
To upgrade the router software, follow these steps:
1.
Install the new software package using the request system software add command:
installation-package is the name of the installation package; for example
jinstall-9.2R1.8–domestic-signed.tgz
For more information about the request system software add command, see the JUNOS System Basics and Services Command Reference.
user@host> request system software add /var/tmp/installation-package
Backing Up the Current Installation (J Series Routers) 33
Page 56
JUNOS Release 10.2 Software Installation and Upgrade Guide
2.
Reboot the router to start the new software using the request system reboot command:
user@host> request system reboot Reboot the system? [yes, no] (no) yes
NOTE: You must reboot the device to load the new installation of the JUNOS Software on the device.
To abort the installation, do not reboot the device; instead, finish the installation and then issue the request system software delete jinstall command. This is your last chance to stop the installation.
The software is loaded when you reboot the system. Installation can take between 5 and 10 minutes. The router then reboots from the boot device on which the software was just installed. When the reboot is complete, the router displays the login prompt.
While the software is being upgraded, the Routing Engine on which you are performing the installation does not route traffic.
3.
Log in and issue the show version command to verify the version of the software installed.
4.
(Optional) Add the jweb package using the request system software add command. Before you can add this package, you must first download the software as you did the installation package. For more information on downloading the jweb package, see Downloading Software on page 30.
The jweb installation module adds a router management graphical user interface that you can use to view and configure your router. For more information about the jweb package, see Installation Modules on page 7.
5. After you have upgraded or downgraded the software and are satisfied that the
new software is successfully running, issue the request system snapshot command to back up the new software.
Installing the Software Package on a Router with Redundant Routing Engines
If the router has two Routing Engines, perform a JUNOS Software installation on each Routing Engine separately to avoid disrupting network operation. Install the new JUNOS Software release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the newly installed Routing Engine to activate the new software. Finally, install the new software on the new backup Routing Engine.
WARNING: If graceful Routing Engine switchover (GRES) is enabled when you initiate a software installation, the software does not install properly. Make sure you issue
34 Installing the Software Package on a Router with Redundant Routing Engines
Page 57
the CLI delete chassis redundancy command when prompted. If GRES is enabled, it will be removed with the redundancy command.
To upgrade the router software, perform the following tasks:
Preparing the Router for the Installation on page 35
Installing Software on the Backup Routing Engine on page 36
Installing Software on the Primary Routing Engine on page 37
Finalizing the Installation on page 38
Preparing the Router for the Installation
Perform the following steps before installing the software:
1. Log in to the master Routing Engines console.
Chapter 4: Completing a Standard or Change Category Installation
For more information on logging in to the Routing Engine through the console port, see the administration manual for your particular router.
2. Enter the JUNOS Software CLI configuration mode:
Start the CLI from the shell prompt:
a.
# cli user@host>
Enter configuration mode:
b.
user@host#> configure Entering configuration mode
[edit] user@host#
3. Disable Routing Engine redundancy:
[edit] user@host# delete chassis redundancy
4. Save the configuration change on both Routing Engines:
[edit] user@host# commit synchronize
Exit out of the CLI configuration mode:
5.
[edit] user@host# exit
Preparing the Router for the Installation 35
Page 58
JUNOS Release 10.2 Software Installation and Upgrade Guide
Installing Software on the Backup Routing Engine
Once the router is ready, you first install the software on the backup Routing Engine. This enables the primary Routing Engine to continue operations, minimizing the disruption to your network.
1. Log in to the backup Routing Engines console:
For more information on logging in to the Routing Engine through the console port, see the administration manual for your particular router.
2.
Install the new software package using the request system software add command:
user@host> request system software add validate /var/tmp/jinstall-9.2R1.8–domestic-signed.tgz
For more information on the request system software add command, see the JUNOS System Basics and Services Command Reference.
3.
Reboot the router to start the new software using the request system reboot command:
user@host> request system reboot Reboot the system? [yes, no] (no) yes
NOTE: You must reboot the device to load the new installation of the JUNOS Software on the router.
To abort the installation, do not reboot your device, instead, finish the installation and then issue the request system software delete jinstall command. This is your last chance to stop the installation.
All the software is loaded when you reboot the device. Installation can take between 5 and 10 minutes. The router then reboots from the boot device on which the software was just installed. When the reboot is complete, the router displays the login prompt.
While the software is being upgraded, the Routing Engine on which you are performing the installation is not routing traffic.
4.
Log in and issue the show version command to verify the version of the software installed.
5.
(Optional) Add the jweb package using the request system software add command. Before you can add this package, you must first download the software as you did the installation package. For more information on downloading the jweb package, see Downloading Software on page 30.
The jweb installation module adds a router management graphical user interface that you can use to view and configure your router. For more information about the jweb package, see Installation Modules on page 7.
36 Installing Software on the Backup Routing Engine
Page 59
Chapter 4: Completing a Standard or Change Category Installation
Installing Software on the Primary Routing Engine
Once the software is installed on the backup Routing Engine, you are ready to switch routing control to the backup Routing Engine and then upgrade or downgrade the primary Routing Engine software:
1. Log in to the primary Routing Engine console port.
For more information on logging in to the Routing Engine through the console port, see the administration guide for your particular router.
Transfer routing control to the backup Routing Engine:
2.
user@host> request chassis routing-engine master switch
For more information about the request chassis routing-engine master command, see the JUNOS System Basics and Services Command Reference.
3. Verify that the backup Routing Engine (slot 1) is the master Routing Engine:
user@host> show chassis routing-engine Routing Engine status: Slot 0: Current state Backup Election priority Master (default) Routing Engine status: Slot 1: Current state Master Election priority Backup (default)
4.
Install the new software package using the request system software add command:
user@host> request system software add validate /var/tmp/jinstall-9.2R1.8–domestic-signed.tgz
For more information about the request system software add command, see the JUNOS System Basics and Services Command Reference.
5.
Reboot the Routing Engine using the request system reboot command:
user@host> request system reboot Reboot the system? [yes, no] (no) yes
NOTE: You must reboot to load the new installation of the JUNOS Software on the router.
To abort the installation, do not reboot your system; instead, finish the installation and then issue the request system software delete jinstall command. This is your last chance to stop the installation.
The software is loaded when you reboot the system. Installation can take between 5 and 10 minutes. The router then reboots from the boot device on which the software was just installed. When the reboot is complete, the router displays the login prompt.
Installing Software on the Primary Routing Engine 37
Page 60
JUNOS Release 10.2 Software Installation and Upgrade Guide
While the software is being upgraded, the Routing Engine on which you are performing the installation does not route traffic.
6.
Log in and issue the show version command to verify the version of the software installed.
7.
(Optional) Add the jweb package using the request system software add command. Before you can add this package, you must first download the software as you did the installation package. For more information on downloading the jweb package, see Downloading Software on page 30.
The jweb installation module adds a router management graphical user interface that you can use to view and configure your router. For more information about the jweb package, see Installation Modules on page 7.
Transfer routing control back to the master Routing Engine:
8.
user@host> request chassis routing-engine master switch
For more information about the request chassis routing-engine master command, see the JUNOS System Basics and Services Command Reference.
9. Verify the master Routing Engine (slot 0) is indeed the master Routing Engine:
Finalizing the Installation
Once the software is installed on both Routing Engines, you return the router back to its original configuration and back up the new installation.
1. Restore the configuration that existed before you deleted it at the start of this
2. Save the configuration change on both Routing Engines:
user@host> show chassis routing-engine Routing Engine status: Slot 0: Current state Master Election priority Master (default) outing Engine status: Slot 1: Current state Backup Election priority Backup (default)
procedure:
{backup}
user@host-re0> configure [edit]
user@host-re0# rollback 1
3. After you have installed the new software and are satisfied that it is successfully
running, issue the request system snapshot command to back up the new software on both master and backup Routing Engines:
38 Finalizing the Installation
[edit] user@host-re0> commit synchronize and-quit
{master}
Page 61
Chapter 4: Completing a Standard or Change Category Installation
user@host-re0> request system snapshot {master} user@host-re0> request routing-engine login other routing-engine {backup} user@host-re1> request system snapshot
{backup}
The root file system is backed up to /altroot, and /config is backed up to /altconfig. The root and /config file systems are on the routers CompactFlash card, and the
/altroot and /altconfig file systems are on the routers hard disk.
For more information on the request routing-engine login command, see the JUNOS System Basics and Services Command Reference.
NOTE: After you issue the request system snapshot command, you cannot return to the previous version of the software because the running copy and backup copy of the software are identical.
Upgrading Individual Software Packages
NOTE: When you install individual software packages, the following notes apply:
When upgrading from JUNOS Release 8.2 or earlier to JUNOS Release 8.5, use
the system software add <image> no-validate command option.
Only use the jinstall JUNOS Software image when upgrading or downgrading to or from JUNOS Release 8.5. Do not use the jbundle image.
Before upgrading to JUNOS Release 8.5, ensure that the routing platforms
CompactFlash card is 256 MB or larger to avoid disk size restrictions. (M7i routers without a CompactFlash card are excluded.)
Upgrading Individual Software Packages 39
Page 62
JUNOS Release 10.2 Software Installation and Upgrade Guide
To upgrade an individual JUNOS Software package, follow these steps:
1. Download the software packages you need from the Juniper Networks Support
Web site at http://www.juniper.net/support/. Choose either the Canada and U.S. Version or the Worldwide Version.
To download the software packages, you must have a service contract and an access account. If you need help obtaining an account, complete the registration form at the Juniper Networks Web site:
https://www.juniper.net/registration/Register.jsp.
NOTE: We recommend that you upgrade all individual software packages using an out-of-band connection from the console or fxp0 interface, because in-band connections can be lost during the upgrade process. On a TX Matrix Plus router and the T1600 routers in a routing matrix, the management Ethernet interface is em0.
2. Back up the currently running and active file system so that you can recover to
a known, stable environment in case something goes wrong with the upgrade:
user@host> request system snapshot
The root file system is backed up to /altroot, and /config is backed up to /altconfig. The root and /config file systems are on the routers CompactFlash card, and the
/altroot and /altconfig file systems are on the routers hard disk.
NOTE: After you issue the request system snapshot command, you cannot return to the previous version of the software, because the running copy and the backup copy of the software are identical.
3. If you are copying multiple software packages to the router, copy them to the
/var/tmp directory on the hard disk:
user@host> file copy ftp://username :prompt@ftp.hostname
.net/filename/var/tmp/filename
4. Add the new software package:
user@host> request system software add/var/tmp/ installation package validate
installation-package is the full URL to the file.
The system might display the following message:
pkg_delete: couldnt entirely delete package
This message indicates that someone manually deleted or changed an item that was in a package. You do not need to take any action; the package is still properly deleted.
If you are upgrading more than one package at the same time, add jbase first. If you are using this procedure to upgrade all packages at once, add them in the following order:
40 Upgrading Individual Software Packages
Page 63
Chapter 4: Completing a Standard or Change Category Installation
user@host> request system software add /var/tmp/jbase-release-signed.tgz
user@host> request system software add /var/tmp/jkernel-release-signed.tgz
user@host> request system software add /var/tmp/jpfe-release-signed.tgz
user@host> request system software add /var/tmp/jdocs-release- signed.tgz
user@host> request system software add /var/tmp/jweb-release- signed.tgz
user@host> request system software add /var/tmp/jroute-release-signed.tgz
user@host> request system software add /var/tmp/jcrypto-release-signed.tgz
For more information about the request system software add command, see the JUNOS System Basics and Services Command Reference.
5. Reboot the router to start the new software:
user@host> request system reboot
6. After you have upgraded or downgraded the software and are satisfied that the
new software is successfully running, issue the request system snapshot command to back up the new software:
user@host> request system snapshot
The root file system is backed up to /altroot, and /config is backed up to /altconfig. The root and /config file systems are on the routers CompactFlash card, and the
/altroot and /altconfig file systems are on the routers hard disk.
NOTE: After you issue the request system snapshot command, you cannot return to the previous version of the software, because the running copy and backup copy of the software are identical.
Upgrading Routers Using ISSU
Unified in-service software upgrade (ISSU) enables you to upgrade between two different JUNOS Software releases with no disruption on the control plane and with minimal disruption of traffic. ISSU is only supported by dual Routing Engine platforms. In addition, graceful Routing Engine switchover (GRES) and nonstop active routing (NSR) must be enabled.
For additional information about using ISSU, see the JUNOS High Availability Guide.
Upgrading Routers Using ISSU 41
Page 64
JUNOS Release 10.2 Software Installation and Upgrade Guide
42 Upgrading Routers Using ISSU
Page 65
Chapter 5
Completing a Recovery Installation
If the router's software is corrupted or otherwise damaged, you may need to perform a recovery installation, using the emergency boot disk to restore the default factory installation. Once you have recovered the software in this fashion, you must configure the router as you would for a new router.
This chapter discusses the following topics:
Creating an Emergency Boot Disk on page 43
Saving a Rescue Configuration File on page 44
Performing a Recovery Installation on page 45
Creating a New Configuration on a Single Routing Engine on page 46
Creating a New Configuration with Redundant Routing Engines on page 51
Restoring a Saved Configuration on page 56
Creating an Emergency Boot Disk
If the routers JUNOS Software is damaged in some way that prevents the JUNOS Software from loading completely, you can use the emergency boot disk to revive the router. The emergency boot disk repartitions the primary disk and reloads a fresh installation of the JUNOS Software.
The procedures outlined in this section discuss how to create an emergency boot disk for any M Series, MX Series, T Series, TX Matrix, or TX Matrix Plus router.
To create an emergency boot disk:
1.
Use FTP to copy the installation media into the routers /var/tmp directory.
2. Insert the PC Card into the external PC Card slot.
3.
In the UNIX shell, navigate to the /var/tmp directory:
start shell cd /var/tmp
4.
Log in as su:
su [enter] password: [enter SU password]
Creating an Emergency Boot Disk 43
Page 66
JUNOS Release 10.2 Software Installation and Upgrade Guide
5. issue the following commands:
dd if=/dev/zero of=/dev/externalDrive count=20 dd if=installMedia of=/dev/externalDrive bs=64k
where:
externalDrive—Refers to the removable media name. For example, the
removable media name on the M120 is da0 for both Routing Engines. For the names of the storage media, see Routing Engines and Storage Media Names (M Series, MX Series, T Series, TX Matrix, and TX Matrix Plus Routers) on page 16.
installMedia—Refers to the installation media downloaded into the /var/tmp
directory. For example, install-media-9.0R2.10–domestic.tgz.
The following code example can be used to create an emergency boot disk using a PC Card on an M20 router:
dd if=/dev/zero of=/dev/ad3 count=20 dd if=install-media-9.0R2.10–domestic.tgz of=/dev/ad3 bs=64k
The following code example can be used to create an emergency boot disk using a USB storage device on an M120 router or a TX Matrix Plus router:
dd if=/dev/zero of=/dev/da0 count=20 dd if=install-media-9.0R2.10–domestic.tgz of=/dev/da0 bs=64k
6.
Log out as su:
exit
Saving a Rescue Configuration File
A rescue configuration file is helpful in the event that your routers configuration file has been misconfigured. You can restore the router to this rescue configuration to bring the router back online. If you save this file off the router, the rescue configuration can also be used to restore your router in the event of a software failure.
To save a current router configuration as a rescue configuration file:
1. Edit the configuration file on the router to reflect the base configuration you wish
to use.
For more information about editing the configuration, see the JUNOS System Basics Guide.
2. In the CLI operational mode, save this edited base configuration as the rescue
configuration file:
3. Copy the rescue configuration to a remote server:
44 Saving a Rescue Configuration File
user@host> request system configuration rescue save
Page 67
user@host> ftp host Name: username Password: password 230 User user logged in. ftp> cd /filepath ftp> lcd /config ftp>bin Type set to I. ftp> put rescue.conf.gz Transfer complete. ftp> bye Goodbye.
Performing a Recovery Installation
If the router's software is corrupted or otherwise damaged, you may need to perform a recovery installation, using the emergency boot disk to restore the default factory installation. Once you have recovered the software you will need to restore the routers configuration. You can either create a new configuration as you did when the router was shipped from the factory, or if you saved the router's previous configuration, you can simply restore that file to the system.
Chapter 5: Completing a Recovery Installation
Depending on the situation, you should try to perform the following steps before you perform the recovery installation:
1. Ensure you have an emergency recovery disk to use during the installation. When
the router is first shipped, an emergency recovery disk is provided with it. For instructions on creating an emergency boot disk, see Creating an Emergency Boot Disk on page 43
2.
Copy the existing configuration in the file /config/juniper.conf.gz from the router to a remote system. For extra safety, you can also copy the backup configurations (the files named /config/juniper.conf.n, where n is a number from 0 through 9).
WARNING: The recovery installation process completely overwrites the entire contents of the fixed storage media.
3. Copy any other stored files to a remote system as desired.
To reinstall the JUNOS Software:
1. Insert the removable media into the router.
NOTE: You can store a configuration on installation media such as a PC Card.
2. Reboot the router. Do not power off the router if it is already on. Issue the CLI
request system reboot command.
3. When the software prompts you with the following question, type y:
Performing a Recovery Installation 45
Page 68
JUNOS Release 10.2 Software Installation and Upgrade Guide
WARNING: The installation will erase the contents of your disk. Do you wish to continue (y/n)? y
4. The router copies the software from the removable media onto your system,
occasionally displaying status messages. Copying the software can take up to 10 minutes.
5. Remove the removable media when prompted. The router then reboots from
the boot device on which the software was just installed. When the reboot is complete, the router displays the login prompt.
6. Create a new configuration as you did when the router was shipped from the
factory, or restore a previously saved configuration file to the system. For more information, see Creating a New Configuration on a Single Routing Engine on page 46, Creating a New Configuration with Redundant Routing Engines on page 51, and Restoring a Saved Configuration on page 56.
Creating a New Configuration on a Single Routing Engine
To create a new base configuration on a single Routing Engine:
Log In to the Router Console on page 46
Configure Administration User Accounts on page 47
Add the Management Console to the Network on page 47
Commit Changes on page 49
Log In to the Router Console
To log in to the routers console interface and open the CLI in configuration mode:
1. Verify the router is powered on.
2. Log in through the console port as root.
Amnesiac <ttyd0>
login: root
NOTE: From the factory, the root administration user account is not associated with a password. However, you must add a password to the root administration account before you can successfully commit a configuration.
3. Start the CLI, which initially opens in operational mode. Note the command
prompt ends with > in the CLI operational mode.
4.
Enter the CLI configuration mode. Note the command prompt ends with # in the CLI configuration mode.
46 Creating a New Configuration on a Single Routing Engine
root@% cli root>
root> configure
Page 69
[edit] root#
Configure Administration User Accounts
Set the root administration user account password. You also need to set up one or more administration user accounts. These administration user accounts are used to log in to the router through the management console. To configure administration user accounts:
1. Add a password to the root (superuser) administration user account.
[edit] root# set system root-authentication plain-text-password New password: password Retype new password: password
2. Create a management console user account.
Chapter 5: Completing a Recovery Installation
[edit] root# set system login user user-name authentication plain-text-password New Password: password Retype new password: password
3.
Set the user account class to super-user.
[edit] root# set system login user user-name class super-user
Add the Management Console to the Network
To add the management console to the network:
1. Specify the router hostname.
NOTE: The hostname specified in the router configuration is not used by the DNS server to resolve to the correct IP address. This hostname is used to display the name of the Routing Engine in the CLI. For example, this hostname appears on the command line prompt when the user is logged in to the CLI:
user-name@host-name>
2. Configure the IP address of the DNS server.
3. Configure the router domain name.
[edit] root# set system host-name host-name
[edit] root# set system name-server address
Configure Administration User Accounts 47
Page 70
JUNOS Release 10.2 Software Installation and Upgrade Guide
[edit] root# set system domain-name domain-name
4. Configure the IP address and prefix length for the router Ethernet interface.
For all routers except the TX Matrix Plus router and T1600 routers in a routing
matrix:
[edit] root@# set interfaces fxp0 unit 0 family inet address address/prefix-length
For TX Matrix Plus and T1600 routers in a routing matrix only:
[edit] root@# set interfaces em0 unit 0 family inet address address/prefix-length
To use em0 as an out-of-band management Ethernet interface, you must configure its logical port, em0.0, with a valid IP address.
For a T1600 standalone router (not connected to a TX Matrix Plus router
and not in a routing matrix):
[edit] root@# set interfaces fxp0 unit 0 family inet address address/prefix-length
5. Configure the IP address of a backup router. The backup router is used while the
local router is booting and if the routing process fails to start. Once the routing process starts, the backup router address is removed from the local routing and forwarding tables. For more information on the backup router, see the JUNOS System Basics Configuration Guide.
[edit] root# set system backup-router address
6. (Optional) Configure the static routes to remote subnets with access to the
management port. Access to the management port is limited to the local subnet. To access the management port from a remote subnet, you need to add a static route to that subnet within the routing table. For more information on static routes, see the JUNOS System Basics Configuration Guide.
[edit] root# set routing-options static route remote-subnet next-hop destination-IP
retain no-readvertise
7.
Configure telnet service at the [edit system services] hierarchy level.
[edit] root# set system services telnet
48 Add the Management Console to the Network
Page 71
Commit Changes
Chapter 5: Completing a Recovery Installation
Now that you have completed your changes to the configuration file, commit the configuration changes.
1. Before committing the configuration, you can review your changes to the
configuration with the show command.
root# show ## Last changed: 2008-08-27 22:30:42 UTC version 9.3B1.5; system { host-name tp8; domain-name subnet.juniper.net; backup-router 192.168.71.254; root-authentication { encrypted-password "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx."; ## SECRET-DATA } name-server {
192.168.5.68;
172.17.28.101; } login { user regress { class super-user; authentication { encrypted-password "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; ## SECRET-DATA } } } services { telnet; } syslog { user * { any emergency; } file messages { any notice; authorization info; } file interactive-commands { interactive-commands any; } } } interfaces { fxp0 { unit 0 { family inet { address 192.128.69.205/21; } }
Commit Changes 49
Page 72
JUNOS Release 10.2 Software Installation and Upgrade Guide
} } routing-options { static { route 172.16.0.0/12 { next-hop 192.168.71.254; retain; no-readvertise; } route 192.168.0.0/16 { next-hop 192.168.71.254; retain; no-readvertise; } } }
On a TX Matrix Plus router, the management Ethernet interface is em0 and not
fxp0. Therefore, when you issue the show command in the configuration mode,
the configuration statements would be:
[edit] root@ show system {
host-name hostname; domain-name domain.name; backup-router address ; root-authentication {
(encrypted-password "password" | public-key); ssh-rsa "public-key";
ssh-dsa "public-key"; } name-server {
address; } interfaces {
em0 {
unit 0 {
family inet {
address address ;
}
}
} }
}
2. Commit the configuration.
50 Commit Changes
[edit] root# commit commit complete
Page 73
Chapter 5: Completing a Recovery Installation
NOTE: If you receive an error message after you issue the commit statement, you can review the configuration using the show command to find the errors in your configuration. You can delete incorrect entries using the delete command. For example, to delete a hostname from the configuration, issue the following statement:
[edit] root# delete system host-name host-name
3. Exit configuration mode.
[edit] root# exit Exiting configuration mode
root>
Creating a New Configuration with Redundant Routing Engines
To create a new base configuration on a router with redundant Routing Engines:
Configure Administration User Accounts on page 51
Set Up Routing Engine Configuration Groups on page 52
Complete the Management Console Configuration on page 54
Commit and Synchronize Changes on page 54
Configure Administration User Accounts
Set the root administration user account password. You also need to set up one or more administration user accounts. These administration user accounts are used to log in to the router through the management console. To configure administration user accounts:
1. Add a password to the root (superuser) administration user account.
[edit] root# set system root-authentication plain-text-password New password: password Retype new password: password
2. Create a management console user account.
3.
Set the user account class to super-user.
[edit] root# set system login user user-name authentication plain-text-password New Password: password Retype new password: password
[edit]
Creating a New Configuration with Redundant Routing Engines 51
Page 74
JUNOS Release 10.2 Software Installation and Upgrade Guide
root# set system login user user-name class super-user
Set Up Routing Engine Configuration Groups
In a router with two Routing Engines, one configuration should be shared between both Routing Engines. This ensures that both Routing Engine configurations are identical. Within this configuration, create two Routing Engine groups, one for each Routing Engine. Within these groups, you specify the Routing Engine–specific parameters.
For more information about creating configuration groups, see JUNOS® Software CLI User Guide.
For more information about the initial configuration for redundant Routing Engine systems and the re0 group, see JUNOS® Software High Availability Configuration Guide.
1.
Create the configuration group re0. The re0 group is a special group designator that is only used by RE0 in a redundant routing platform.
[edit] root# set groups re0
2.
Navigate to the groups re0 level of the configuration hierarchy.
[edit] root# edit groups re0
3. Specify the router hostname.
[edit groups re0] root# set system host-name host-name
NOTE: The hostname specified in the router configuration is not used by the DNS server to resolve to the correct IP address. This hostname is used to display the name of the Routing Engine in the CLI. For example, the hostname appears at the command-line prompt when the user is logged in to the CLI:
user-name@host-name>
4. Configure the IP address and prefix length for the router Ethernet interface.
For all routers except the TX Matrix Plus router and T1600 routers in a routing
matrix:
For TX Matrix Plus and T1600 routers in a routing matrix only:
52 Set Up Routing Engine Configuration Groups
[edit] root@# set interfaces fxp0 unit 0 family inet address address/prefix-length
[edit] root@# set interfaces em0 unit 0 family inet address address/prefix-length
Page 75
Chapter 5: Completing a Recovery Installation
To use em0 as an out-of-band management Ethernet interface, you must configure its logical port, em0.0, with a valid IP address.
For a T1600 standalone router (not connected to a TX Matrix Plus router
and not in a routing matrix):
[edit] root@# set interfaces fxp0 unit 0 family inet address address/prefix-length
Return to the top level of the hierarchy.
5.
[edit groups re0] root# top
6.
Create the configuration group re1.
[edit] root# set groups re1
7.
Navigate to the groups re1 level of the configuration hierarchy.
[edit] root# edit groups re1
8. Specify the router hostname.
[edit groups re1] root# set system host-name host-name
9. Configure the IP address and prefix length for the router Ethernet interface.
For all routers except the TX Matrix Plus router and T1600 routers in a routing
matrix:
[edit] root@# set interfaces fxp0 unit 0 family inet address address/prefix-length
For TX Matrix Plus and T1600 routers in a routing matrix only:
[edit] root@# set interfaces em0 unit 0 family inet address address/prefix-length
To use em0 as an out-of-band management Ethernet interface, you must configure its logical port, em0.0, with a valid IP address.
For a T1600 standalone router (not connected to a TX Matrix Plus router
and not in a routing matrix):
[edit] root@# set interfaces fxp0 unit 0 family inet address address/prefix-length
Return to the top level of the hierarchy.
10.
Specify the group application order.
11.
[edit groups re0] root# top
[edit]
Set Up Routing Engine Configuration Groups 53
Page 76
JUNOS Release 10.2 Software Installation and Upgrade Guide
root# set apply-groups [ re0 re1 ]
Complete the Management Console Configuration
To configure the global management console parameters.
1. Configure the IP address of the DNS server.
[edit] root# set system name-server address
2. Configure the router domain name.
[edit] root# set system domain-name domain-name
3. Configure the IP address of a backup router. The backup router is used while the
local router is booting and if the routing process fails to start. Once the routing process starts, the backup router address is removed from the local routing and forwarding tables. For more information about the backup router, see the JUNOS System Basics Configuration Guide.
[edit] root# set system backup-router address
4. (Optional) Configure the static routes to remote subnets with access to the
management port. Access to the management port is limited to the local subnet. To access the management port from a remote subnet, you need to add a static route to that subnet within the routing table. For more information about static routes, see the JUNOS System Basics Configuration Guide.
[edit] root# set routing-options static route remote-subnet next-hop destination-IP
retain no-readvertise
5.
Configure telnet service at the [edit system services] hierarchy level.
[edit] root# set system services telnet
Commit and Synchronize Changes
Commit the configuration changes. When you issue the synchronize command, the configuration is shared between both Routing Engines and committed on both Routing Engines simultaneously.
1. Before committing the configuration, you can review the configuration entries
using the show command.
54 Complete the Management Console Configuration
root# show ## Last changed: 2008-10-17 18:32:25 UTC version 9.1R1.8; groups { re0 {
Page 77
Chapter 5: Completing a Recovery Installation
system { host-name spice-re0; } interfaces { fxp0 { unit 0 { family inet { address 192.168.69.155/21; } } } } } re1 { system { host-name spice-re1; } interfaces { fxp0 { unit 0 { family inet { address 192.168.70.72/21; } } } } } global; } apply-groups [ re0 re1 ]; system { domain-name englab.juniper.net; backup-router 192.168.71.254; root-authentication { encrypted-password "xxxxxxxxxxx"; ## SECRET-DATA } name-server {
192.168.1.1; } login { user regress { uid 2001; class super-user; authentication { encrypted-password "xxxxxxxxxxx"; ## SECRET-DATA } } } services { telnet; } syslog { user * { any emergency; } file messages {
Commit and Synchronize Changes 55
Page 78
JUNOS Release 10.2 Software Installation and Upgrade Guide
any notice; authorization info; } file interactive-commands { interactive-commands any; } } } routing-options { static { /* corporate office */ route 172.16.0.0/12 { next-hop 192.168.71.254; retain; no-readvertise; } } }
2.
Commit and synchronize the configuration. The commit synchronize command commits this new configuration on both Routing Engines simultaneously.
[edit] root# commit synchronize re0: configuration check succeeds re1: commit complete re0: commit complete
If you receive an error message after you issue the commit statement, you can review the configuration using the show command to find the errors in your configuration. You can delete incorrect entries using the delete command. For example, to delete a hostname from the configuration, issue the following command:
[edit] root# delete system host-name host-name
3. Exit configuration mode.
[edit] root# exit Exiting configuration mode
Restoring a Saved Configuration
To restore a saved configuration, perform the following tasks:
1. Copy Saved Files to the Router on page 57
2. Load and Commit the Configuration File on page 57
56 Restoring a Saved Configuration
root>
Page 79
Copy Saved Files to the Router
To copy the saved configuration to the router:
1.
Log in to the console as root. There is no password.
Escape character is '^]'.
[Enter]
router (ttyd0)
login: root Password: [Enter]
Initially, access to the router is limited to the console port after a recovery installation. Access through the management ports and interfaces is set in the configuration. For information about accessing the router through the console port, see the administration guide for your particular router.
Chapter 5: Completing a Recovery Installation
2. Start the CLI:
# cli
3.
Copy the configuration file on the remote server to the routers /var/tmp directory:
root@host> ftp remote-server user: username password: password ftp> bin Type set to I. ftp> get /path/file ftp> bye Goodbye.
Load and Commit the Configuration File
Once the saved configuration file is copied to the router, you load and commit the file:
1. Start the CLI configuration mode.
user@routername> configure Entering configuration mode
[edit] user@host#
2. Load the file into the current configuration. You should override the existing file.
3. Commit the file.
user@host#
load override /var/tmp/filename
load complete
Copy Saved Files to the Router 57
Page 80
JUNOS Release 10.2 Software Installation and Upgrade Guide
user@host# commit commit complete
4. Exit the CLI configuration mode.
user@host# exit user@host>
5. Back up the JUNOS Software.
After you have installed the software on the router, committed the configuration, and are satisfied that the new configuration is successfully running, issue the
request system snapshot command to back up the new software to the /altconfig
file system. If you do not issue the request system snapshot command, the configuration on the alternate boot drive will be out of sync with the configuration on the primary boot drive.
The request system snapshot command causes the root file system to be backed up to /altroot, and /config to be backed up to /altconfig. The root and /config file systems are on the routers CompactFlash card, and the /altroot and /altconfig file systems are on the routers hard disk.
58 Load and Commit the Configuration File
Page 81
Part 3
JUNOS Software Licenses
JUNOS Software Licenses Overview on page 61
Managing JUNOS Software Licenses on page 65
JUNOS Software Licenses 59
Page 82
JUNOS Release 10.2 Software Installation and Upgrade Guide
60 JUNOS Software Licenses
Page 83
Chapter 6
JUNOS Software Licenses Overview
JUNOS Feature Licenses on page 61
License Enforcement on page 61
Software Feature Licenses on page 62
License Key Components on page 63
JUNOS Feature Licenses
To enable some JUNOS Software features or router scaling levels, you may need to purchase, install, and manage separate software license packs. The presence, on the router, of the appropriate software license keys (passwords) determines whether you can configure and use certain features or configure a feature to a predetermined scale.
For information about how to purchase JUNOS Software licenses, contact your Juniper Networks sales representative.
As an honor-based licensing structure, JUNOS feature and scaling licenses are universal, and the same feature or scaling key can be installed and configured on multiple routers. However, to conform to JUNOS feature or scale licensing requirements, you must purchase one license per router.
License Enforcement
For features or scaling levels that require a license, you must install and properly configure the license to meet the requirements for using the licensable feature or scale level. The router enables you to commit a configuration that specifies a licensable feature or scale without a license for a 30-day grace period. The grace period is a short-term grant that enables you to start using features in the pack or scale up to the system limits (regardless of the license key limit) without a license key installed. The grace period begins when the licensable feature or scaling level is actually used by the router (not when it is first committed). In other words, you can commit licensable features or scaling limits to the router configuration, but the grace period does not begin until the router uses the licensable feature or exceeds a licensable scaling level.
JUNOS Feature Licenses 61
Page 84
JUNOS Release 10.2 Software Installation and Upgrade Guide
NOTE: Configurations might include both licensed and nonlicensed features. For these situations, the license is enforced up to the point where the license can be clearly distinguished. For example, an authentication-order configuration is shared by both Authentication, Authorization, and Accounting (AAA), which is licensed, and by Layer 2 Tunneling Protocol (L2TP), which is not licensed. When the configuration is committed, the router does not issue any license warnings, because it is not yet known whether AAA or L2TP is using the configuration. However, at runtime, the router checks for a license when AAA authenticates clients, but does not check when L2TP authenticates clients.
The router reports any license breach as a warning log message whenever a configuration is committed that contains a feature or scale limit usage that requires a license. Following the 30-day grace period, the router periodically reports the breach to the CLI command line until a license is installed and properly configured on the router to resolve the breach.
NOTE: Successful commitment of a licensable feature or scaling configuration does not imply that the required licenses are installed or not required. If a required license is not present, the system issues a warning message after it commits the configuration.
Software Feature Licenses
Each license is tied to one software feature pack or scaling level, and that license is valid for only one router. Table 5 on page 62 lists the software features, their current level of support, and the license name.
Table 5: JUNOS Software Feature Licenses
YesChange-of-Authorization (CoA)
License NameSupported?Licensed Software Feature
JUNOS Subscriber Access Feature PackYesPer-subscriber RADIUS accounting
JUNOS Subscriber Access Feature PackYesPer-subscriber RADIUS authentication
JUNOS Subscriber Access Feature PackYesAddress pool assignment
JUNOS Service Management Feature Pack
JUNOS Subscriber Access Feature PackNoDynamic autosensed VLAN
62 Software Feature Licenses
JUNOS Subscriber Access Feature PackNoDynamic and static IP
Subscriber Secure PolicyYesSubscriber Secure Policy
Dynamic/Static Subscriber BaseYesSubscriber scaling (1000; base license)
JUNOS Subscriber Access Feature PackYesSubscriber scaling (4000)
JUNOS Subscriber Access Feature PackYesSubscriber scaling (8000)
Page 85
Table 5: JUNOS Software Feature Licenses (continued)
Chapter 6: JUNOS Software Licenses Overview
License NameSupported?Licensed Software Feature
JUNOS Subscriber Access Feature PackYesSubscriber scaling (16000)
JUNOS Subscriber Access Feature PackYesSubscriber scaling (32000)
JUNOS Subscriber Access Feature PackYesSubscriber scaling (64000)
JUNOS Subscriber Access Feature PackYesSubscriber scaling (96000)
JUNOS Subscriber Access Feature PackYesSubscriber scaling (128000)
JUNOS Subscriber Access Feature PackYesSubscriber scaling (256000)
L2TP BaseNoL2TP scaling (1000; base license)
Mobile IP BaseNoMobile IP scaling (1000; base license)
License Key Components
To manage JUNOS licenses, you must understand the components of a license key. A license key consists of two parts:
License IDAlphanumeric string that uniquely identifies the license key. When
a license is generated, it is given a license ID.
License dataBlock of binary data that defines and stores all license key objects.
For example, in the following typical license key, the string li29183743 is the license ID, and the trailing block of data is the license data:
li29183743 4ky27y acasck 82fsj6 jzsn4q ix8i8d adj7kr 8uq38t ix8i8d jzsn4q ix8i8d 4ky27y acasck 82fsj6 ii8i7e adj7kr 8uq38t ks2923 a9382e
The license data defines the device ID for which the license is valid and the version of the license.
License Key Components 63
Page 86
JUNOS Release 10.2 Software Installation and Upgrade Guide
64 License Key Components
Page 87
Chapter 7
Managing JUNOS Software Licenses
Adding New Licenses on page 65
Deleting a License on page 66
Saving License Keys on page 66
Verifying JUNOS Licenses on page 66
Adding New Licenses
Before adding new licenses, complete the following tasks:
Purchase the required licenses.
Establish basic network connectivity with the router. For instructions on
establishing basic connectivity, see the Getting Started Guide for your router.
To add a new license key to the router with the CLI:
1. Enter operational mode in the CLI.
2. Enter one of the following CLI commands:
To add a license key from a file or URL, enter the following command,
specifying the filename or the URL where the key is located:
user@host> request system license add filename | url
To add a license key from the terminal, enter the following command:
user@host> request system license add terminal
3. When prompted, enter the license key, separating multiple license keys with a
blank line.
If the license key you enter is invalid, an error appears in the CLI output when you press Ctrl+d to exit license entry mode.
4. Go on to Verifying JUNOS Licenses on page 66.
Adding New Licenses 65
Page 88
JUNOS Release 10.2 Software Installation and Upgrade Guide
Deleting a License
Before deleting a licenses, establish basic network connectivity with the router. For instructions on establishing basic connectivity, see the Getting Started Guide for your router.
To delete a license key from the router with the CLI:
1. Enter operational mode in the CLI.
2. Enter the following command for each license, specifying the license ID. You
can delete only one license at a time.
user@host> request system license delete license-id
3. Go on to Verifying JUNOS Licenses on page 66.
Saving License Keys
Before deleting a licenses, establish basic network connectivity with the router. For instructions on establishing basic connectivity, see the Getting Started Guide for your router.
To save the licenses installed on the router to a file using the CLI:
1. Enter operational mode in the CLI.
2. To save the installed license keys to a file or URL, enter the following command:
user@host> request system license save filename | url
For example, the following command saves the installed license keys to a file named license.config:
user@host> request system license save ftp://user@host/license.config
3. Go on to Verifying JUNOS Licenses on page 66.
Verifying JUNOS Licenses
To verify JUNOS license management, perform the following tasks:
Displaying Installed Licenses on page 66
Displaying License Usage on page 67
Displaying Installed License Keys on page 68
Displaying Installed Licenses
Purpose Verify that the expected licenses are installed and active on the router.
66 Deleting a License
Page 89
Action From the CLI, enter the show system license command.
Sample Output user@router> show system license
License usage: Licenses Licenses Licenses Expiry Feature name used installed needed subscriber-acct 0 1 0 permanent subscriber-auth 0 1 0 permanent subscriber-addr 0 1 0 permanent subscriber-vlan 0 1 0 permanent subscriber-ip 0 1 0 permanent scale-subscriber 0 1000 0 permanent scale-l2tp 0 1000 0 permanent scale-mobile-ip 0 1000 0 permanent
Licenses installed: License identifier: E000185416 License version: 2 Features: subscriber-acct - Per Subscriber Radius Accounting permanent subscriber-auth - Per Subscriber Radius Authentication permanent subscriber-addr - Address Pool Assignment permanent subscriber-vlan - Dynamic Auto-sensed Vlan permanent subscriber-ip - Dynamic and Static IP permanent
Chapter 7: Managing JUNOS Software Licenses
Meaning The output shows a list of the license usage and a list of the licenses installed on the
router. Verify the following information:
Each license is present. Licenses are listed in ascending alphanumeric order by
The state of each license is permanent.
NOTE: A state of invalid indicates that the license key is not a valid license key. Either it was entered incorrectly or it is not valid for the specific device.
The feature for each license is the expected feature. The features enabled are
All configured features have the required licenses installed. The Licenses needed
Displaying License Usage
Purpose Verify that the licenses fully cover the feature configuration on the router.
Action From the CLI, enter the show system license usage command.
license ID.
listed by license. An all-inclusive license has All features listed.
column must show that no licenses are required.
Displaying License Usage 67
Page 90
JUNOS Release 10.2 Software Installation and Upgrade Guide
Sample Output user@router> show system license usage
Licenses Licenses Licenses Expiry Feature name used installed needed subscriber-addr 1 0 1 29 days scale-subscriber 0 1000 0 permanent scale-l2tp 0 1000 0 permanent scale-mobile-ip 0 1000 0 permanent
Meaning The output shows any licenses installed on the router and how they are used. Verify
the following information:
Any configured licenses appear in the output. The output lists features in
ascending alphabetical order by license name. The number of licenses appears in the third column. Verify that you have installed the appropriate number of licenses.
The number of used licenses matches the number of configured features. If a
licensed feature is configured, the feature is considered used. The sample output shows that the subscriber address pooling feature is configured.
A license is installed on the router for each configured feature. For every feature
configured that does not have a license, one license is needed.
For example, the sample output shows that the subscriber address feature is configured but that the license for the feature has not yet been installed. The license must be installed within the remaining grace period to be in compliance.
Displaying Installed License Keys
Purpose Verify the license keys installed on the router.
Action From the CLI, enter the show system license keys command.
Sample Output user@router> show system license keys
G03000002223 aeaqea qkjjhd ambrha 3tkqkc ayareb zicik6 nv6jck btlxao 2trfyq 65cdou r5tbbb xdarpg qq53lu qcx4vm ydakcs t3yyh2 v5mq
G03000002224 aeaqea qkjjhd ambrha 3tkqkc ayargb zicik6 nv6jck btlxao 2trfyq 65cdou r5tbof l4uon5 7rokz7 wgdocl r4q32p 2wu4zf zrxa
G03000002225 aeaqea qkjjhd ambrha 3tkqkc ayarab zicik6 nv6jck btlxao 2trfyq 65cdou r5tbiu jr6ui2 lmqgqj ouzq5a aiokdn 4tr4u2 wmcq
Meaning The output shows a list of the license keys installed on the router. Verify that each
expected license key is present.
68 Displaying Installed License Keys
Page 91
Part 4
Index
Index on page 71
Index 69
Page 92
JUNOS Release 10.2 Software Installation and Upgrade Guide
70 Index
Page 93
Index
Symbols
#, comments in configuration statements....................xx
( ), in syntax descriptions.............................................xx
/config/juniper.conf file................................................10
/config/juniper.conf.1 file.............................................10
/config/rescue.conf file.................................................10
/etc/config/factory.conf file...........................................10
< >, in syntax descriptions........................................xx
[ ], in configuration statements....................................xx
{ }, in configuration statements...................................xx
| (pipe), in syntax descriptions.....................................xx
A
address-assignment pools
license..................................................................62
B
backing up current installation
J Series Routers.....................................................33
M Series, MX Series, T Series, TX Matrix, and TX
Matrix Plus routers............................................32
boot devices
alternative media..................................................18
boot sequence................................................................9
J Series routers......................................................21
M Series, MX Series, T Series, TX Matrix, and TX
Matrix Plus routers............................................18
braces, in configuration statements..............................xx
brackets
angle, in syntax descriptions.................................xx
square, in configuration statements......................xx
browser
downloading software...........................................30
C
category change software installation..........................26
CoA
license..................................................................62
command-line interface
downloading software...........................................31
comments, in configuration statements.......................xx
configuration files
automatic installation............................................11
remote storage......................................................10
sequence of selection..............................................9
conventions
text and syntax....................................................xix
creating a new router configuration.............................46
creating emergency boot disk......................................43
curly braces, in configuration statements.....................xx
customer support........................................................xxi
contacting JTAC....................................................xxi
D
deleting
licenses (CLI).........................................................66
documentation
comments on........................................................xx
documentation conventions........................................xix
downgrading JUNOS Software................................25, 29
downloading JUNOS Software......................................30
E
emergency boot disk
creating.................................................................43
F
feature licenses See licenses
finalizing software installation......................................38
FIPS See JUNOS-FIPS
font conventions.........................................................xix
H
hard disk................................................................16, 21
hardware architecture
M Series, MX Series, T Series, and TX Matrix
routers..............................................................14
hardware architecture overview
J Series routers......................................................20
M Series, MX Series, T Series, TX Matrix, and TX
Matrix Plus routers............................................14
Index 71
Page 94
JUNOS Release 10.2 Software Installation and Upgrade Guide
I
icons, defined..............................................................xix
installation
licenses (CLI).........................................................65
memory requirements
J Series routers...............................................20
M Series, MX Series, T Series, TX Matrix, and
TX Matrix Plus routers................................15
on router with redundant Routing Engines...........34
on router with single Routing Engine....................33
installation bundles........................................................7
installation media..........................................................6
installation modules.......................................................7
installation packages......................................................6
installation types..........................................................25
ISSU See unified in-service software upgrade
J
JUNOS Software
configuration files...................................................9
downloading.........................................................30
editions...................................................................5
Canada and U.S...............................................5
JUNOS-FIPS......................................................5
worldwide........................................................5
information security...............................................9
installation
current configuration, confirming..................30
PIC combinations, verifying...........................27
installation bundles.................................................7
installation media...................................................6
installation modules................................................7
installation packages...............................................6
introduction............................................................3
licenses.....................................................61, 62, 65
naming convention.................................................4
packages
digital signatures..............................................9
MD5 checksum................................................9
naming conventions........................................8
SHA-1 checksum..............................................9
reinstalling............................................................18
using removable media.................................45
release naming conventions...................................8
release numbers.....................................................8
software installation types....................................25
storage media.................................................16, 21
device names...........................................16, 21
version, displaying................................................30
JUNOS Software versions See JUNOS Software editions
JUNOS-FIPS....................................................................5
installation and configuration requirements............5
password requirements..........................................6
L
license infringement
verifying license usage..........................................67
verifying licenses installed....................................66
license keys
components..........................................................63
displaying (CLI).....................................................68
licenses..................................................................63, 65
adding (CLI)..........................................................65
address pool assignment.......................................62
CoA.......................................................................62
deleting (CLI).........................................................66
displaying (CLI).....................................................66
displaying usage...................................................67
JUNOS Software....................................................62
L2TP scaling..........................................................63
managing..............................................................65
overview...........................................................9, 61
saving (CLI)...........................................................66
subscriber scaling.................................................63
1000 subscriber base license.........................62
128000 subscriber license.............................63
16000 subscriber license...............................63
256000 subscriber license.............................63
32000 subscriber license...............................63
4000 subscriber license.................................62
64000 subscriber license...............................63
8000 subscriber license.................................62
96000 subscriber license...............................63
subscriber secure policy........................................62
verifying...............................................................66
M
manuals
comments on........................................................xx
MD5 (Message Digest 5) checksum................................9
memory requirements
J Series routers......................................................20
M Series, MX Series, T Series, TX Matrix, and TX
Matrix Plus routers............................................15
N
naming conventions, software.......................................4
notice icons defined....................................................xix
P
parentheses, in syntax descriptions.............................xx
PIC combinations
verifying during JUNOS Software installation........27
72 Index
Page 95
Index
R
recovery software installation................................26, 43
procedures............................................................45
reinstalling JUNOS Software.........................................45
release names................................................................8
removable media
booting from.........................................................18
reinstalling JUNOS Software, using........................45
request system license add command.........................65
request system license add terminal command...........65
request system license delete command......................66
request system license save command........................66
request system snapshot..............................................26
request system snapshot command.............................33
request system software rollback.................................26
rescue configuration file
saving...................................................................44
restoring a saved router configuration..........................56
router hardware overview
J Series routers......................................................19
M Series, MX Series, T Series, TX Matrix, and TX
Matrix Plus routers............................................14
routers
boot sequence........................................................9
J Series routers...............................................21
M Series, MX Series, T Series, TX Matrix, and
TX Matrix Plus routers................................18
storage media.................................................16, 21
Routing Engines
backup
installing software..........................................36
description............................................................14
illustrations...........................................................15
primary
installing software..........................................37
storage media
J Series routers...............................................21
M Series, MX Series, T Series, TX Matrix, and
TX Matrix Plus routers................................16
S
saving licenses (CLI).....................................................66
saving rescue configuration file....................................44
SHA-1 (Secure Hash Algorithm) checksum.....................9
show chassis routing-engine...................................15, 20
show system license command....................................67
explanation...........................................................67
show system license keys command...........................68
show system license usage command..........................67
explanation...........................................................68
show system storage..............................................18, 20
show version................................................................30
show version command...............................................30
software categories
on M Series, MX Series, T Series, TX Matrix, and
TX Matrix Plus routers.......................................26
software installation
category change installation
description.....................................................26
recovery installation
description.....................................................26
standard installation
description.....................................................25
instructions....................................................29
software installation packages
enhanced JUNOS for J Series routers, domestic
description.....................................................27
enhanced JUNOS for J Series routers, export
description.....................................................27
JUNOS-FIPS
description.....................................................26
standard JUNOS for J Series routers, domestic
description.....................................................27
standard JUNOS, domestic
description.....................................................26
standard JUNOS, export
description.....................................................26
software packages
upgrading individual.............................................39
standard software installation......................................25
storage media........................................................16, 21
device names
J Series routers...............................................21
M Series, MX Series, T Series, TX Matrix, and
TX Matrix Plus routers................................16
J Series routers......................................................21
M Series, MX Series, T Series, TX Series, and TX
Matrix Plus routers............................................16
subscriber scaling
license..................................................................63
1000 subscriber base.....................................62
128000 subscribers.......................................63
16000 subscribers.........................................63
256000 subscribers.......................................63
32000 subscribers.........................................63
4000 subscribers...........................................62
64000 subscribers.........................................63
8000 subscribers...........................................62
96000 subscribers.........................................63
subscriber secure policy
license..................................................................62
support, technical See technical support
syntax conventions.....................................................xix
system memory
J Series routers......................................................20
M Series, MX Series, T Series, TX series, and TX
Matrix Plus routers............................................15
Index 73
Page 96
JUNOS Release 10.2 Software Installation and Upgrade Guide
T
technical support
contacting JTAC....................................................xxi
U
unified in-service software upgrade..............................41
upgrading or downgrading JUNOS
Software.......................................................25, 29, 39
V
validating software compatibility.................................30
verification
active licenses.......................................................66
license usage.........................................................67
licenses ................................................................66
74 Index
Loading...
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use