Juniper EX8200 Series Switch Configuration common commands

Source: Internet
Author: User
Tags ftp commands ftp connection ftp client

Enable disabling of a port

[Email protected]# set Interfaces GE-0/0/4 disable #1. Close port
[Email protected]# Delete interfaces GE-0/0/4 disable #2. Recovery port


Configure MGT Port IP
[Email protected]# set interfaces ME0 Unit 0 family inet address 192.168.1.1/24

Setting interface Parameters

[Email protected]# Edit Interfaces GE-0/0/1
[Email protected]# set description "Connect to Juniper 6350" # "Set Port description"
[Email protected]# set mac 00:1f:12:38:02:12 # "set MAC Address"
[Email protected]# Delete Mac # "delete the configured MAC address"
[Email protected]# set MTU 1526 # "Setting the MTU value range is (256..9216)"
[Email protected] #delete MTU # "Delete Set MTU value"
[Email protected]# set Disable # "Close port, similar to Cisco shutdown"
[Email protected] #delete Disable # "recovery port, similar to Cisco no Shutdown"

Modify port to L2/l3 mode
If the switch port is set to two layer mode, you can configure the switch as VLAN port or trunk port, and set it to three layer mode, it can be used as router three layer port, can configure IP address. The port is typically set to three-tier mode when a point-to-point connection is made to the router.

[Email protected]# Edit Interfaces GE-0/0/1
[Edit Interfaces GE-0/0/1]
[Email protected]# Delete Unit 0 Family inet # "Remove Port three layer information"
[Email protected]# set Unit 0 Family ethernet-switching # "set to two-tier port"

[Email protected]# Delete Unit 0 Family ethernet-switching # "Delete two layers of information"
[Email protected]# set Unit 0 family inet #设置为三层端口
[Email protected]# set Unit 0 Family inet Address 192.168.1.1/30 # "Set layer three IP address"

[Email protected]# Delete Unit 0 # "Delete port layer, layer three information"




VLAN configuration

Ex switches have a three-layer VLAN routing capability in addition to the two-tier VLAN functionality. The ex switch will have a three-layer logical port named VLAN, the three-layer logical port can be divided into multiple logical unit units, the unit number range is (0..16385), and each logical unit can be configured with an IP address and then bound to a VLAN, actually unit There is no correspondence between the unit number and the VLAN number, but for ease of maintenance, we recommend that the Unit unit number and the VLAN number are configured identically in the actual application (as in the following vlan.10 10 is the unit number, it can actually be bound to VLAN 20, but in practice it is best to have it and the VLAN 10 bindings) so that the gateway addresses of different VLANs can be configured on ex. For example, the switch below divides 3 VLANs, each with a corresponding gateway IP configured on vlan.10, vlan.20, and vlan.30 ports respectively.

Creating VLANs

[Email protected]# edit VLANs Zte_vlan # "All of the following are done for Zte_vlan, and if they do not exist, create a new
[Email protected]# set Vlan-id 10 # "set Zte_vlan VLAN ID"
[Email protected]# set description "Server VLAN" # "Set VLAN description"
[Email protected]# set mac-table-aging-time 600 # "set Mac time to live (seconds), range is (60-1000000)"
[Email protected]# set L3-interface vlan.10 # "will bind three-tier logical sub-ports"
[Email protected]# set Interface ge-0/0/1.0 # "Add Port to VLAN"
[Email protected]# set Interface ge-0/0/2.0 # "Add Port to VLAN"

Creating a three-tier logical sub-port

[Email protected]# top # "Back to the outermost menu"
[Email protected]# set Interfaces VLAN unit family inet address 192.168.1.1/24

Modify the switch port to access mode and join to the newly created VLAN

[Email protected]# set interfaces GE-0/0/1 Unit 0 family ethernet-switching Port-mode access
[Email protected]# set interfaces GE-0/0/1 Unit 0 family ethernet-switching VLAN members 10
[Email protected]# set interfaces GE-0/0/2 Unit 0 family ethernet-switching Port-mode access
[Email protected]# set interfaces GE-0/0/2 Unit 0 family ethernet-switching VLAN members 10


Delete VLAN

1. Remove Port VLAN
[Email protected]# Top
[Email protected]# Delete interfaces GE-0/0/1 Unit 0 family ethernet-switching Port-mode access
[Email protected]# Delete interfaces GE-0/0/1 Unit 0 family ethernet-switching VLAN members 10
[Email protected]# Delete interfaces GE-0/0/2 Unit 0 family ethernet-switching Port-mode access
[Email protected]# Delete interfaces GE-0/0/2 Unit 0 family ethernet-switching VLAN members 10

2. Delete VLAN-corresponding L3 port
[Email protected]# Top
[Email protected]# Delete Interfaces VLAN Unit 10

3. Then delete the VLAN configuration
[Email protected]# Top
[Email protected]# Delete VLANs Zte_vlan


Trunk Configuration

[Email protected]# top #回到最外层菜单
[Email protected]# Delete interfaces GE-0/0/1 Unit 0 # "Delete Port information"
[Email protected]# edit Interfaces ge-0/0/1 Unit 0 family Ethernet-switching
[Email protected]# set Port-mode Trunk # "set Port to Trunk mode"
[Email protected]# set VLAN Members 10 # "Allow VLAN 10 through"
[Email protected]# set VLAN Members 20 # "Allow VLAN 20 through"

[Email protected]# set VLAN members all # "Allow all VLANs to pass"


Trunk Removal

1. Prohibit individual VLANs by:
[Email protected]# top # "Back to the outermost menu"
[Email protected]# edit Interfaces ge-0/0/1 Unit 0 family Ethernet-switching
[Email protected]# Delete VLAN Members 10 # "Disable VLAN 10 through"

2. Remove Port Trunk
[Email protected]# top # "Back to the outermost menu"
[Email protected]# edit Interfaces ge-0/0/1 Unit 0 family Ethernet-switching
[Email protected]# delete port-mode Trunk # "Remove trunk"
[Email protected]# Delete VLAN Members # "Remove all VLANs under Port"


Port Aggregation

The ex switch supports up to 64 aggregation ports, each of which can bundle 8 physical links, using the Set chassis aggregated-devices Ethernet device-count n Command, The system generates n an aggregation port named Ae0 to Aen. Once the AE aggregation port is generated, multiple physical ports can be bound to the specified AE port using the 802.3AD protocol

[Email protected]# set Chassis aggregated-devices Ethernet Device-count 2



Static routes

Set the 172.16.1.0/24 network segment to point to the next-hop address 192.168.1.253
[Email protected]# Top
[Email protected] #set routing-options static route 172.16.1.0/24 Next-hop 192.168.1.253
[e-mail protected]# set routing-options static route 172.16.1.0/24 next-hop 10.1.1.1 preference 100 Specify priority

[Email protected]# Delete routing-options static route 172.16.1.0/24


Set up a backup static route


#设置主用路由优先值为100
[Email protected]# set routing-options static route 172.16.1.0/24 next-hop 10.1.1.1 Preference 100

#设置备份路由优先值为200, note that you can specify the next-hop address only with Qualified-next-hop
[Email protected] #set routing-options static route 0.0.0.0/0 qualified-next-hop 20.1.1.1 Preference 200

Specify a static route for the next hop port

[Email protected]# set routing-options static route 0.0.0.0/0 Qualified-next-hop 20.1.1.1 Interface ge-0/0/1.0




Switch configuration mode:

root% CLI boot, input Ezsetup

User mode:
In user mode, the configuration of the switch, port status, routing information, and so on can be displayed. Log on to the switch as a user mode that goes into the switch:
[Email protected]> #用户模式

Configuration mode:
[Email protected]> edit #用户模式进入配置模式 (edit or configure)
[Email protected]#


Switch configuration structure

1. Single command
[Email protected]# set protocols OSPF area 0 interface ge-0/0/1.0 Hello-interval 10

2. Layered Configuration
[Edit Protocols]
[Email protected]# edit OSPF

[Edit protocols OSPF]
[Email protected]# edit Area 0

[Edit protocols OSPF area 0.0.0.0]
[Email protected]# Edit Interface ge-0/0/1.0

[Edit protocols OSPF area 0.0.0.0 interface ge-0/0/1.0]
[Email protected]# Set Hello-interval 10

[Edit protocols OSPF area 0.0.0.0 interface ge-0/0/1.0]

3. Configure multiple commands at once (e.g. to configure OSPF Hello-time and dead-time at once)
[Email protected]# set protocols OSPF area 0 interface ge-0/0/1.0 Hello-interval dead-interval 10


In this way, exit can go back to the previous layer with edit and directly enter top to return to the top:


The difference between user mode and configuration mode show

The show command in user mode is to view the system parameters, while under Configuration The show command shows the relevant configuration, and if you want to run the user mode command in configuration mode, you need to add a run to the command

[Email protected]# Run show interfaces
[Email protected]# Run Ping 172.27.69.8


How to convert a configuration into a set command

After show, use the pipe symbol plus display set to convert it to the set format command, and then paste it directly onto the other switches.

[Email protected]# show Protocols OSPF | Display Set
Set protocols OSPF export TEST_POLICY_1
Set protocols OSPF area 0.0.0.0 interface ge-0/0/1.0 Hello-interval 10


Commit and rollback

[Email protected]# commit #使设置生效

[Email protected]# rollback 1 #回退到先前的配置, rollback 2 is the previous configuration for rollback on 2 commits:


Turn off Poe functionality

If the POE function is not used in the project, it must be disabled by the set Poe interface all disable
Set Poe interface all disable


Login Management
In default configuration, the ex switch only opens the HTTP remote login mode, so if you want to log on to the switch via Telnet, you must turn on the Telnet service in the system.

1. Turn on Telnet login

[Email protected]# Edit system service
[Email protected]# set Telnet
[Email protected]# set telnet connection-limit #同时telnet的最大连接数 range 1-250
[Email protected]# set telnet rate-limit #每分钟同时最大连接数 range 1-250
[Email protected]# Delete Telnet

2. Open SSH Login
The ex switch does not have the SSH service turned on by default, and when you open the SSH service without an SSH version, the system automatically supports the V1 and V2 versions. If you specify an SSH version, the system only allows you to specify the version of SSH login

[Email protected]# Edit system service

[Email protected]# set ssh protocol-version v1 # "Set SSH support V1 version"
[Email protected]# set SSH protocol-version v2 # "set SSH support V2 version"
[Email protected]# set SSH connection-limit 10
[Email protected]# set SSH rate-limit 10
[Email protected]# Delete ssh


3. Open Remote Web Login service
In the default default configuration, the ex switch has opened the Web Management land mode, you can configure it to support HTTP and HTTPS two management methods. If you want to adjust the Web login parameters, such as modifying the TCP port of the web to enhance security and which ports are allowed to log in, you need to modify the parameters:

[Email protected]# Edit system service
[Email protected]# set web-management session Idle-timeout 10
[Email protected]# set web-management session Session-limit 10
[email protected]# set web-management http # "Open Web Management feature"
[email protected]# set web-management http port 8888 # "Specifies the Web login ports, range 1-65535"
[email protected]# set Web-management http interface ge-0/0/1.0 # "Specify ports that can be logged in"
[email protected]# set Web-management http interface ge-0/0/2.0 # "Specify ports that can be logged in"
[email protected]# Delete web-management http

4. Open the FTP service
The ex switch can be configured as an FTP server for uploading or downloading. In addition, by default the ex switch itself is the FTP client, with FTP commands (as with the FTP command under Windows), you can use the FTP command in CLI mode to connect to your own set of FTP servers.

[Email protected]# Edit system service

[Email protected]# Set FTP
[Email protected]# set FTP Connection-limit 5
[Email protected]# set FTP Rate-limit 5
[Email protected]# Delete FTP


System parameter Configuration

The configuration method is to use the edit system to enter the system menu and then configure each parameter.
[Email protected]# Edit System

1. Set the root password

[Email protected]# Edit System
[Email protected]# set Root-authentication plain-text-password plaintext mode

[Email protected] #set root-authentication Encrypted-password "$1$wyuycnlw$suaq36pjmnevhaygc1vyq0" encryption method

2. Set host name

[Email protected]# set Host-name EX4200
[Email protected]# Delete Host-name EX4200

3. Set up DNS

[Email protected]# set Name-server 192.168.1.1
[Email protected]# Delete Name-server 192.168.1.1

The [Edit system] display is configured under the System menu and all set parameters are valid for the #system menu


4. Set the date

[Email protected]# set Time-zone Asia/shanghai
[Email protected]> Set Date 200811071441.00 time format YYYYMMDDHHMM.SS

5. Set up NTP

[Email protected]# set NTP server 192.168.1.1
[Email protected]# set NTP Authentication-key 1 type MD5
[Email protected]# set NTP authentication-key 1 value "Password"

[Email protected]# Delete NTP


2.3.10 Add/Remove User-----27th page
2.3.11 User Rights settings------第28-29 page

2.2 Before configuring the switch, you should know
1. The switch layer Two and layer three information is the logical port configured under the port, and the juniper Switch's logical port is implemented through the Unit Logical unit, Unit 0 is the default logical port, all references to the two layer/three layer port are reference unit 0, for example, physical port ge-0/0/ 0, the second layer and the three layer protocol to use the logical port is GE-0/0/0.0,IP address information, VLAN information, etc. are configured under ge-0/0/0.0
2. This manual configuration command format is to use Edit to enter the menu hierarchy to be configured by edit, and then use the SET command to set the relevant parameters, so look at the configuration command manual prompt can know which level of configuration parameters, such as the following [Edit system Services] is to display the services parameters under configuration system, all set commands are in effect for services:

[Edit System Services]
[Email protected]# set Telnet


Juniper EX8200 Series Switch Configuration common commands

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.