Copyright © 2011 x83.net. All rights reserved.
Welcome
Category: Juniper
- Redistribute route Juniper
Lets say you have set some dynamic routing (RIP,OSPF,BGP,IS-IS..) and you want to redistribute routes into them.
redistribute connected
set policy-options policy-statement Connected term connected { from protocol direct; then accept; }redistribute static
set policy-options policy-statement Static term static { from protocol static; then accept; }redistribute local
set policy-options policy-statement Local term local { from protocol local; then accept; }reject anything else
term else { then reject }And all the policy will look like:
policy-statement distribute-routes term connected { from protocol direct; then accept; } term static { from protocol static; then accept; } term local { from protocol local; then accept; } term else { then reject }It looks easy I guess..but what if you want to redistribute ospf routes?
redistribute ospf routes
If you are using OSPF for IGP and BGP as a EGP and you want to export ospf routes to BGP peers then you have to create a policy for that.
Smth like :policy-statement ospf-routes { term 1 { from { protocol ospf; area 0.0.0.0; } then accept; } term 2 { then reject; } }send default route to bgp peer
Lets assume you want to send to send to a BGP peer 0.0.0.0/0 (default route).
First you need to have a route for 0.0.0.0/0 before you can export it to a peer. I guess this is the difference between the Juniper and Cisco configs, Cisco provides you a shortcut with the ‘default-originate’ keyword which does it all in one step. If you don’t have a route for 0.0.0.0/0 defined somewhere that is at least part of the problem.
First we generate the default route (if you dont have one yet) :
routing-options { generate { route 0.0.0.0/0 discard; } }then we create a policy for 0/0 :
policy-options { policy-statement default-originate { from { route-filter 0.0.0.0/0 exact; } then accept; } }A simple BGP neighbour will have smth like:
neighbor aaa.bbb.ccc.ddd { export default-originate; } - OSPF Juniper
Ok..so same topology as for RIP. For interface configurations check : [[ Juniper RIP Howto ]]
Configuration
R1:
set protocols ospf area 0.0.0.0 interface fxp1.0
R2:
set protocols ospf area 0.0.0.0 interface fxp1.0 set protocols ospf area 0.0.0.0 interface fxp2.0
R3:
set protocols ospf area 0.0.0.0 interface fxp2.0 set protocols ospf area 0.0.0.0 interface fxp1.0 set protocols ospf area 0.0.0.0 interface fxp1.2
R4:
set protocols ospf area 0.0.0.0 interface fxp1.0 set protocols ospf area 0.0.0.0 interface fxp1.2
Debug
[root@box ~]# jlogin -c "show route" 10.0.1.1 spawn ssh -c 3des -x -l rancid 10.0.1.1 rancid@10.0.1.1's password: --- JUNOS 8.5R3.4 built 2008-04-24 03:40:14 UTC rancid@br0> rancid@br0> set cli complete-on-space off Disabling complete-on-space rancid@br0> set cli screen-length 0 Screen length set to 0 rancid@br0> show route inet.0: 11 destinations, 11 routes (10 active, 0 holddown, 1 hidden) + = Active Route, - = Last Active, * = Both 0.0.0.0/0 *[Static/5] 00:26:09 > to 10.0.1.254 via fxp0.0 10.0.1.0/24 *[Direct/0] 00:26:10 > via fxp0.0 10.0.1.1/32 *[Local/0] 00:26:10 Local via fxp0.0 172.16.9.1/32 *[Direct/0] 00:26:10 > via lo0.0 192.168.5.0/30 *[Direct/0] 00:26:10 > via fxp1.0 192.168.5.1/32 *[Local/0] 00:26:10 Local via fxp1.0 192.168.6.0/30 *[OSPF/10] 00:12:51, metric 20 // routes from R3 > to 192.168.5.2 via fxp1.0 192.168.7.0/29 *[OSPF/10] 00:12:39, metric 30 // routes from R4 > to 192.168.5.2 via fxp1.0 192.168.8.0/29 *[OSPF/10] 00:12:39, metric 30 // routes from R4 > to 192.168.5.2 via fxp1.0 224.0.0.5/32 *[OSPF/10] 00:26:12, metric 1 MultiRecv rancid@br0> quit Connection to 10.0.1.1 closed.As you can see R1 get the routes from R3 and R4. Also ping should work between this 4 routers.
[root@box ~]# jlogin -c "ping rapid 192.168.7.2" 10.0.1.1 spawn ssh -c 3des -x -l rancid 10.0.1.1 rancid@10.0.1.1's password: --- JUNOS 8.5R3.4 built 2008-04-24 03:40:14 UTC rancid@br0> rancid@br0> set cli complete-on-space off Disabling complete-on-space rancid@br0> set cli screen-length 0 Screen length set to 0 rancid@br0> ping rapid 192.168.7.2 PING 192.168.7.2 (192.168.7.2): 56 data bytes !!!!! --- 192.168.7.2 ping statistics --- 5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max/stddev = 8.507/13.222/21.780/5.199 ms rancid@br0> quit Connection to 10.0.1.1 closed.
View ospf database:
rancid@br0> show ospf database OSPF link state database, Area 0.0.0.0 Type ID Adv Rtr Seq Age Opt Cksum Len Router *172.16.9.1 172.16.9.1 0x80000004 982 0x22 0xfa8 36 Router 172.16.9.2 172.16.9.2 0x80000008 971 0x22 0x783f 48 Router 172.16.9.3 172.16.9.3 0x80000009 972 0x22 0x872c 60 Router 172.16.9.4 172.16.9.4 0x80000004 976 0x22 0xe2cd 48 Network 192.168.5.2 172.16.9.2 0x80000001 983 0x22 0x175 32 Network 192.168.6.2 172.16.9.3 0x80000001 972 0x22 0x86a 32 Network 192.168.7.1 172.16.9.3 0x80000002 137 0x22 0x96a 32 Network 192.168.8.1 172.16.9.3 0x80000002 437 0x22 0xfd74 32redistribute routes
Lets say we set on R1 a default route:
set routing-options static route 0.0.0.0/0 next-hop 10.0.1.254
And now you want to send a default route to the rest of the routers. First we need to create a policy statement
from protocol static. Of course you can match specific routes. Check [[ Redistribute routes ]] for details.set policy-options policy-statement default-route term 1 from protocol static
set policy-options policy-statement default-route term 1 then acceptand then we export that statement into OSPF:
set protocols ospf export default-route
Routing table on R2 will look like:
rancid@R2> show route 0.0.0.0/0 *[OSPF/150] 00:25:16, metric 0, tag 0 > to 192.168.5.1 via fxp1.0As you can see it recieves 0.0.0.0/0 via OSPF.
- OSPF intro
As you probably know OSPF (Open Shortest Path First) is a link-state protocol. When a router begins operating on a network link, information associated with that logical network is added to its local link-state database .
The local router then sends Hello messages on its operational links to determine whether other link-state routers are operating on the interfaces as well. When a remote router is located, the local router attempts to form an adjacency.
This adjacency enables the two routers to advertise summary link-state database information to each other.This exchange is not the actual detailed database information, but is truly a summary of the data. Each router evaluates the summary data against its local link-state database to verify that it has the most up-to-date information. Should one side of the adjacency realize that it requires an update, that router requests the new information from the adjacent router.
The update includes the actual data contained in the link-state database. This exchange process continues until both routers have identical link-state databases.Each router uses the Dijkstra Algorithm to process the database information into a path to each destination in the network. Every link-state router uses the same algorithm to process its database, requiring each router to maintain consistent information to get the same results.
Common Packet Header
All OSPF packets share a common 24-octet header. This header allows the receiving router to determine whether the packet is valid and should be processed. The OSPF header fields includes the following:Version (1 octet) This field details the current version of OSPF used by the local router. It is set to a value of 2, the default value. Type (1 octet) This field specifies the type of OSPF packet. Possible values include:
*1—Hello packet
*2—Database descriptor
*3—Link-state request
*4—Link-state update
*5—Link-state acknowledgmentPacket Length (2 octets)
This field displays the total length, in octets, of the OSPF packet.
Router ID (4 octets)
The router ID of the advertising router appears in this field.
Area ID (4 octets)
This field contains the 32-bit area ID assigned to the interface used to send
the OSPF packet.
Checksum (2 octets)
This field displays a standard IP checksum for the entire OSPF packet,
excluding the 64-bit authentication field.
Authentication Type (2 octets)
The specific type of authentication used by OSPF is encoded in this field. Possible values are:
*0—Null authentication
*1—Simple password
*2—MD5 cryptographic authenticationAuthentication (8 octets)
This field displays the authentication data to verify the packet’s integrity. - Juniper RIP howto
Background
I`m running 4 olive instances, each one having 3 interfaces (fxp0,fxp1,fxp2). I interconnect them using ”’tap”’ interfaces and put each interface in separate vlans:
So : fxp0 from each olive in BR0
fxp1 from R1 and R2 in BR1
fxp2 from R2 and R3 in BR2
fxp1 from R3 and R4 in BR3Set interfaces
For R1:
[rancid@box ~]$ jlogin -c "show configuration interfaces|display set" 10.0.1.1 rancid@R1> rancid@R1> show configuration interfaces|display set set interfaces fxp0 unit 0 family inet address 10.0.1.1/24 set interfaces fxp1 vlan-tagging set interfaces fxp1 unit 0 vlan-id 2 set interfaces fxp1 unit 0 family inet address 192.168.5.1/24
For R2:
[rancid@box ~]$ jlogin -c "show configuration interfaces|display set" 10.0.1.2 rancid@R2> show configuration interfaces|display set set interfaces fxp0 unit 0 family inet address 10.0.1.2/24 set interfaces fxp1 vlan-tagging set interfaces fxp1 unit 0 vlan-id 2 set interfaces fxp1 unit 0 family inet address 192.168.5.2/24 set interfaces fxp2 vlan-tagging set interfaces fxp2 unit 0 vlan-id 3 set interfaces fxp2 unit 0 family inet address 192.168.6.1/24
For R3:
[rancid@box ~]$ jlogin -c "show configuration interfaces|display set" 10.0.1.3 rancid@R3> show configuration interfaces|display set set interfaces fxp0 unit 0 family inet address 10.0.1.3/24 set interfaces fxp1 vlan-tagging set interfaces fxp1 unit 0 vlan-id 4 set interfaces fxp1 unit 0 family inet address 192.168.7.1/24 set interfaces fxp2 vlan-tagging set interfaces fxp2 unit 0 vlan-id 3 set interfaces fxp2 unit 0 family inet address 192.168.6.2/24
For R4:
[rancid@box ~]$ jlogin -c "show configuration interfaces|display set" 10.0.1.4 rancid@R4> show configuration interfaces|display set set interfaces fxp0 unit 0 family inet address 10.0.1.4/24 set interfaces fxp1 vlan-tagging set interfaces fxp1 unit 0 vlan-id 4 set interfaces fxp1 unit 0 family inet address 192.168.7.2/24
After all this there is no conectivity between R1 and R4.
Configure rip
To configure RIP you must first set a group that contains the interfaces interfaces on which RIP will be enabled.
R1:
set protocols rip group BR neighbor fxp1.0R2:
set protocols rip group BR neighbor fxp1.0
set protocols rip group BR neighbor fxp2.0R3:
set protocols rip group BR neighbor fxp1.0
set protocols rip group BR neighbor fxp2.0
R4:set protocols rip group BR neighbor fxp1.0
When you simply enable RIP, the default JUNOS behavior is to only receive RIP traffic but not learn any of the routes or send any RIP routes. To have RIP send routing information to its neighbors, you need to configure a routing policy that has RIP export routes to its neighbors.
Add this to all 4 olives:
rip_routes
set protocols rip group BR export advertise-routes-via-rip
set policy-options policy-statement advertise-routes-via-rip term 1 from protocol direct
set policy-options policy-statement advertise-routes-via-rip term 1 from protocol rip
set policy-options policy-statement advertise-routes-via-rip term 1 then acceptTo do it faster I use jlogin from the rancid suite smth like:
jlogin -x rip_routes 10.0.1.1
Debug
rancid@R4> show route protocol rip 10.0.1.0/24 [RIP/100] 06:09:41, metric 2, tag 0 > to 192.168.7.1 via fxp1.0 '''192.168.5.0/24 *[RIP/100] 06:09:41, metric 3, tag 0 > to 192.168.7.1 via fxp1.0 192.168.6.0/24 *[RIP/100] 06:09:41, metric 2, tag 0 > to 192.168.7.1 via fxp1.0''' 224.0.0.9/32 *[RIP/100] 05:12:52, metric 1rancid@R4> show rip statistics RIPv2 info: port 520; holddown 120s. rts learned rts held down rqsts dropped resps dropped 3 0 0 0 fxp1.0: 3 routes learned; 1 routes advertised; timeout 180s; update interval 30s Counter Total Last 5 min Last minute ------- ----------- ----------- ----------- Updates Sent 780 10 2 Triggered Updates Sent 1 0 0 Responses Sent 0 0 0 Bad Messages 0 0 0 RIPv1 Updates Received 0 0 0 RIPv1 Bad Route Entries 0 0 0 RIPv1 Updates Ignored 0 0 0 RIPv2 Updates Received 773 10 2 RIPv2 Bad Route Entries 0 0 0 RIPv2 Updates Ignored 0 0 0 Authentication Failures 0 0 0 RIP Requests Received 0 0 0 RIP Requests Ignored 0 0 0Tracing RIP traffic:
set protocols rip traceoptions file rip set protocols rip traceoptions flag update
and to view the file:
rancid@R1> show log rip Jan 29 13:24:44 trace_on: Tracing to "/var/log/rip" started Jan 29 13:25:04.547811 received response: sender 192.168.5.2, command 2, version 2, mbz: 0; 3 routes. Jan 29 13:25:05.504315 Preparing to send RIPv2 updates on nbr fxp1.0, group: BR. Jan 29 13:25:05.508892 Update job: sending 20 msgs; nbr: fxp1.0; group: BR; msgp: 0x8995a00. Jan 29 13:25:05.509008 nbr fxp1.0; msgp 0x8995a00. Jan 29 13:25:05.509089 sending msg 0x8995a04, 1 rtes Jan 29 13:25:05.524983 Update job done for nbr fxp1.0 group: BR Jan 29 13:25:34.416932 received response: sender 192.168.5.2, command 2, version 2, mbz: 0; 3 routes.
To clear the file :
rancid@R1> clear log ripTo deactivate:
deactivate protocols rip traceoptions
- Install upgrade a different Juniper release
file copy http://10.1.1.254/jinstalls/jinstall-8.3R2.8-domestic-signed.tgz /var/tmp/
request system software add validate unlink /var/tmp/jinstall-8.3R2.8-domestic-signed.tgzroot@R1> request system software add validate unlink /var/tmp/jinstall-8.3R2.8-domestic-signed.tgz Checking compatibility with configuration Initializing... Using jbase-8.2R4.5 Verified manifest signed by PackageProduction_8_2_0 Using /var/tmp/jinstall-8.3R2.8-domestic-signed.tgz Verified jinstall-8.3R2.8-domestic.tgz signed by PackageProduction_8_3_0 Using /mfs/validate/tmp/jinstall-signed/jinstall-8.3R2.8-domestic.tgz Using /mfs/validate/tmp/jinstall/jbundle-8.3R2.8-domestic.tgz Checking jbundle requirements on / Using /mfs/validate/tmp/jbundle/jbase-8.3R2.8.tgz Verified manifest signed by PackageProduction_8_3_0 Using /mfs/validate/tmp/jbundle/jkernel-8.3R2.8.tgz Verified manifest signed by PackageProduction_8_3_0 Using /mfs/validate/tmp/jbundle/jcrypto-8.3R2.8.tgz Verified manifest signed by PackageProduction_8_3_0 Using /mfs/validate/tmp/jbundle/jpfe-8.3R2.8.tgz Verified SHA1 checksum of jpfe-M10-8.3R2.8.tgz Verified SHA1 checksum of jpfe-M120-8.3R2.8.tgz Verified SHA1 checksum of jpfe-M160-8.3R2.8.tgz Verified SHA1 checksum of jpfe-M320-8.3R2.8.tgz Verified SHA1 checksum of jpfe-M40-8.3R2.8.tgz Verified SHA1 checksum of jpfe-M7i-8.3R2.8.tgz Verified SHA1 checksum of jpfe-T-8.3R2.8.tgz Verified SHA1 checksum of jpfe-X960-8.3R2.8.tgz Verified SHA1 checksum of jpfe-common-8.3R2.8.tgz WARNING: hw.product.model='unknown' using jpfe-M40 Using /mfs/validate/tmp/jbundle/jdocs-8.3R2.8.tgz Verified manifest signed by PackageProduction_8_3_0 Using /mfs/validate/tmp/jbundle/jroute-8.3R2.8.tgz Verified manifest signed by PackageProduction_8_3_0 Hardware Database regeneration succeeded Validating against /config/juniper.conf.gz mgd: commit complete Validation succeeded Installing package '/var/tmp/jinstall-8.3R2.8-domestic-signed.tgz' ... Verified jinstall-8.3R2.8-domestic.tgz signed by PackageProduction_8_3_0 Adding jinstall... Verified manifest signed by PackageProduction_8_3_0 WARNING: This package will load JUNOS 8.3R2.8 software. WARNING: It will save JUNOS configuration files, and SSH keys WARNING: (if configured), but erase all other files and information WARNING: stored on this machine. It will attempt to preserve dumps WARNING: and log files, but this can not be guaranteed. This is the WARNING: pre-installation stage and all the software is loaded when WARNING: you reboot the system. Saving the config files ... NOTICE: uncommitted changes have been saved in /var/db/config/juniper.conf.pre-install Installing the bootstrap installer ... WARNING: A REBOOT IS REQUIRED TO LOAD THIS SOFTWARE CORRECTLY. Use the WARNING: 'request system reboot' command when software installation is WARNING: complete. To abort the installation, do not reboot your system, WARNING: instead use the 'request system software delete jinstall' WARNING: command as soon as this operation completes. Saving package file in /var/sw/pkg/jinstall-8.3R2.8-domestic-signed.tgz ... Saving state for rollback ... Removing /var/tmp/jinstall-8.3R2.8-domestic-signed.tgz
The ”’validate”’ option checks that the new software is compatible with your current router configuration file. When you are updating to a different release of the JUNOS software, the validation check is performed automatically. The ”’unlink”’ option removes the software package from the router as soon as possible to make more room on the hard disk for the installation to complete.
One error that came up was :
Setting isupgrade=jboot-8.3R2.8.tgz All together now...Somebody please give me some more memory! List of Memory hogs .... cp size 49 newfs size 20407Junos requires a minimum of 198MB RAM to run…after an upgrade. After that 48-64 Ram is enough.
- Install JWEB on Juniper
Download to your server jweb* package :
root@oliver% cd /var/tmp root@oliver% ls install preinstall_boot_loader.conf jbundle-8.4R3.3-domestic.tgz sampled.pkts jinstall-8.4R3.3-olive.tgz vi.recover root@oliver% ls -al total 442492 drwsrwxrwx 4 root wheel 512 Dec 23 14:34 . drwxr-xr-x 27 root wheel 512 Dec 23 14:32 .. drwxrwxrwx 2 root wheel 512 Oct 8 19:57 install -rw-r--r-- 1 root wheel 111641482 Oct 8 19:49 jbundle-8.4R3.3-domestic.tgz -rw-r--r-- 1 root wheel 114782972 Oct 8 19:39 jinstall-8.4R3.3-olive.tgz -rw-r--r-- 1 root wheel 67 Oct 8 19:41 preinstall_boot_loader.conf -rw-r----- 1 root wheel 2314 Dec 23 14:34 sampled.pkts drwxrwxrwt 2 root wheel 512 May 26 2004 vi.recover root@oliver% fetch http://192.168.0.1/jweb-8.4R4.2-signed.tgz jweb-8.4R4.2-signed.tgz 100% of 3870 kB 19 kBps 00m00s
Then go to CLI and :
root@oliver> request system software add jweb-8.4R4.2-signed.tgz Installing package '/var/tmp/jweb-8.4R4.2-signed.tgz' ... Verified jweb-8.4R4.2.tgz signed by PackageProduction_8_4_0 Adding jweb... Available space: 412224 require: 6066 Mounted jweb package on /dev/vn7... Verified manifest signed by PackageProduction_8_4_0 Executing /packages/mnt/jweb-8.4R4.2/mount.post.. Reloading /config/juniper.conf.gz ... Activating /config/juniper.conf.gz ... mgd: commit complete Restarting mgd ... Saving package file in /var/sw/pkg/jweb-8.4R4.2-signed.tgz ... Saving state for rollback ... WARNING: cli has been replaced by an updated version: CLI release 8.4R3.3 built by builder on 2008-01-18 07:39:53 UTC Restart cli using the new version ? [yes,no] (yes) Restarting cli ... root@oliver>
root@oliver> configure Entering configuration mode [edit] root@oliver# commit ? Possible completions: <[Enter]> Execute this command and-quit Quit configuration mode if commit succeeds at Time at which to activate configuration changes check Check correctness of syntax; do not apply changes comment Message to write to commit log confirmed Automatically rollback if not confirmed | Pipe through a command [edit] root@oliver# commit and-quit
- Juniper Olive
Setting a Juniper Olive
Fedora 8 / Fedora 9 Qemu FreeBSD 4.10
Installing Fedora 8
After a clean install of Fedora 8 [http://www.howtoforge.com/installation-guide-fedora8-desktop] I used preupgrade to upgrade to Fedora 9.Upgrade to Fedora 9
Preupgrade seems to be a little buggy but in the end I managed to upgrade. It seems its missing a slash. Check [http://linux.derkeiler.com/Mailing-Lists/Fedora/2008-05/msg01575.html] for details.Install Qemu
yum install qemu-img qemu
Also qemu needs kmod-kqemu to be loaded in the kernel. This packages are needed:
[root@box Olive]# rpm -qa | grep kqemu
kmod-kqemu-2.6.25-14.fc9.i686-1.3.0-0.31.lvn9.i686
kqemu-1.3.0-0.6.pre11.lvn8.noarchLoading kqemu into the kernel:
[root@box Olive]# modprobe -v kqemu
insmod /lib/modules/2.6.25-14.fc9.i686/extra/kqemu/kqemu.koInstall FreeBSD 4.10
mkdir /root/Olive
cd /root/Olive
qemu-img create olive.img -f qcow2 4G //this will create a slice of 4gbDownload 4.10-RELEASE-i386-miniinst.iso from [http://mirror.tomato.it/ftp/pub/FreeBSD/releases/i386/ISO-IMAGES/4.10/4.10-RELEASE-i386-miniinst.iso] and then start qemu:
qemu -L . -m 256 -hda olive.img -cdrom 4.10-RELEASE-i386-miniinst.iso -boot d -localtime -net nic,macaddr=00:aa:00:00:01:01,model=i82559er -net user
Install Junos
For the rest of the installing process read:http://www.internetworkpro.org/wiki/Using_QEMU_with_Olive_to_emulate_Juniper_Routers
or follow this commands :
qemu-img create olive.img -f qcow2 5G //this will create a slice of 4gb
qemu -m 256 -hda olive.img -cdrom 4.10-RELEASE-i386-miniinst.iso -boot d -localtime -net nic,macaddr=00:aa:00:00:01:01,model=i82559er -net user
qemu -m 384 -hda olive.img -boot c -localtime -net nic,macaddr=00:aa:00:00:01:01,model=i82559er -net user // boot FreeBSD
qemu -m 384 -hda olive.img -boot c -localtime -nographic -serial stdio –no-kqemu // boot Junos
If all went good you should see smth like this :
[root@box Junos]# cd /media/dosd/Junos/; qemu -m 384 -hda olive.img -boot c -localtime -nographic -serial stdio –no-kqemu
Console: serial port
BIOS drive C: is disk0
BIOS 639kB/392128kB available memoryFreeBSD/i386 bootstrap loader, Revision 0.8
(builder@ddraig.juniper.net, Fri Jan 18 07:26:04 UTC 2008)
Loading /boot/defaults/loader.conf
/boot/installer text=0x30d28f data=0x2c398+0x2eb46 syms=[0x4+0x429f0+0x4+0x48fee]
-
Hit [Enter] to boot immediately, or space bar for command prompt.
Booting [installer]…
Olive CPU
Copyright (c) 1996-2008, Juniper Networks, Inc.
All rights reserved.
Copyright (c) 1992-2004 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
JUNOS 8.4R3.3 #0: 2008-01-18 07:32:48 UTC
builder@ddraig.juniper.net:/volume/build/junos/8.4/release/8.4R3.3/obj-i386/sys/compile/MFS
Timecounter “i8254″ frequency 1193182 Hz
Timecounter “TSC” frequency 1188838102 Hz
CPU: Pentium II/Pentium II Xeon/Celeron (1188.84-MHz 686-class CPU)
Origin = “GenuineIntel” Id = 0×633 Stepping = 3
Features=0x781abfd
real memory = 402587648 (393152K bytes)
sio0: gdb debugging port
avail memory = 382554112 (373588K bytes)
Preloaded elf kernel “installer” at 0xc08b8000.
Preloaded md_image “/boot/mdimg” at 0xc08b80a0.
DEVFS: ready for devices
md0: Preloaded image 3940352 bytes at 0xc04f4b68
md1: Malloc disk
Using $PIR table, 6 entries at 0xc00fa3c0
npx0:
on motherboard
npx0: INT 16 interface
pcib0: on motherboard
pci0:
on pcib0
Correcting Natoma config for non-SMP
isab0: at device 1.0 on pci0
isa0: on isab0
atapci0: port 0xc000-0xc00f at device 1.1 on pci0
atapci0: Busmastering DMA not supported
ata0: at 0x1f0 irq 14 on atapci0
ata1: at 0×170 irq 15 on atapci0
smb0: irq 11 at device 1.3 on pci0
pci0: at 2.0
pci0: (vendor=0x10ec, dev=0×8139) at 3.0 irq 11
fdc0: at port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on isa0
atkbdc0: at port 0×60,0×64 on isa0
atkbd0: flags 0×1 irq 1 on atkbdc0
psm0:
irq 12 on atkbdc0
psm0: model IntelliMouse Explorer, device ID 4
vga0: at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
sc0: at flags 0×100 on isa0
sc0: VGA <16 virtual consoles, flags=0×100>
sio0 at port 0x3f8-0x3ff irq 4 flags 0×90 on isa0
sio0: type 16450, console
sio1: configured irq 3 not in bitmap of probed irqs 0
stray irq 7
DEVFS: ready to run
ad0: 5119MB [10402/16/63] at ata0-master BIOSPIO
ata1-master: CDROM device – NO DRIVER!
Mounting root from cd9660:/dev/md0c
Disabling watchdog
=================== Bootstrap installer starting ===================
Initialized the environment
Routing engine model is Olive
Discovered that flash disk = , hard disk = ad0
Disk to install is ad0
Using 191Mb for /tmp
Warning: Block size restricts cylinders per group to 95.
Setting ospackage=jboot-8.4R3.3.tgz, configpackage=configs-8.4R3.3.tgz
Setting packlist=jbundle-8.4R3.3-domestic.tgz
Packages and configurations copied to /tmp
Cleaning up ad0…
Running newfs on ad0s1a…
Warning: Block size and bytes per inode restrict cylinders per group to 89.
/dev/ad0s1a: 1048576 sectors in 256 cylinders of 1 tracks, 4096 sectors
512.0MB in 3 cyl groups (89 c/g, 178.00MB/g, 21632 i/g)
super-block backups (for fsck -b #) at:
32, 364576, 729120
Running newfs on ad0s1e…
Warning: Block size and bytes per inode restrict cylinders per group to 89.
/dev/ad0s1e: 1048576 sectors in 256 cylinders of 1 tracks, 4096 sectors
512.0MB in 3 cyl groups (89 c/g, 178.00MB/g, 21632 i/g)
super-block backups (for fsck -b #) at:
32, 364576, 729120
Installing disk label on ad0
Installing JUNOS on ad0…
Adding jbase…
Mounted jbase on /mnt/packages/mnt/jbase (/dev/vn0)
Adding jbundle-8.4R3.3-domestic.tgz…
Checking package integrity…
Verified SHA1 checksum of jbase-8.4R3.3.tgz
Verified SHA1 checksum of jboot-8.4R3.3.tgz
Verified SHA1 checksum of jcrypto-8.4R3.3.tgz
Verified SHA1 checksum of jdocs-8.4R3.3.tgz
Verified SHA1 checksum of jkernel-8.4R3.3.tgz
Verified SHA1 checksum of jpfe-8.4R3.3.tgz
Verified SHA1 checksum of jroute-8.4R3.3.tgz
Verified SHA1 checksum of pkgtools.tgz
Running requirements check first for jbundle-8.4R3.3-domestic…
Running pre-install for jbundle-8.4R3.3-domestic…
Installing jbundle-8.4R3.3-domestic in /var/tmp/pa1590.28/jbundle-8.4R3.3-domestic.x1590…
Running post-install for jbundle-8.4R3.3-domestic…
Verified SHA1 checksum of jbase-8.4R3.3.tgz
Verified SHA1 checksum of jboot-8.4R3.3.tgz
Verified SHA1 checksum of jcrypto-8.4R3.3.tgz
Verified SHA1 checksum of jdocs-8.4R3.3.tgz
Verified SHA1 checksum of jkernel-8.4R3.3.tgz
Verified SHA1 checksum of jpfe-8.4R3.3.tgz
Verified SHA1 checksum of jroute-8.4R3.3.tgz
Verified SHA1 checksum of pkgtools.tgz
Adding jkernel…
Adding jcrypto…
Adding jpfe…
WARNING: hw.product.model=’unknown’ using jpfe-M40
Adding jdocs…
Adding jroute…
Restoring backed up configurations…
Unmounted /mnt/packages/mnt/jbase
machdep.bootsuccess: 0 -> 0
->
Waiting (max 60 seconds) for system process `vnlru’ to stop…stopped
Waiting (max 60 seconds) for system process `bufdaemon’ to stop…stopped
Waiting (max 60 seconds) for system process `syncer’ to stop…stoppedsyncing disks…
done
Uptime: 13m44s
ata0: Spinning down devices. Please wait…
ata1: Spinning down devices. Please wait…
Rebooting…
Console: serial port
BIOS drive C: is disk0
BIOS 639kB/392128kB available memoryFreeBSD/i386 bootstrap loader, Revision 0.8
(builder@ddraig.juniper.net, Fri Jan 18 07:26:04 UTC 2008)
Loading /boot/defaults/loader.conf
/kernel text=0x7345af data=0x3f864+0x5991a syms=[0x4+0x77220+0x4+0x72951]Hit [Enter] to boot immediately, or space bar for command prompt.
Booting [kernel]…
Olive CPU
Copyright (c) 1996-2008, Juniper Networks, Inc.
All rights reserved.
Copyright (c) 1992-2004 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
JUNOS 8.4R3.3 #0: 2008-01-18 07:38:33 UTC
builder@ddraig.juniper.net:/volume/build/junos/8.4/release/8.4R3.3/obj-i386/sys/compile/JUNIPER
Timecounter “i8254″ frequency 1193182 Hz
Timecounter “TSC” frequency 1166617511 Hz
CPU: Pentium II/Pentium II Xeon/Celeron (1166.62-MHz 686-class CPU)
Origin = “GenuineIntel” Id = 0×633 Stepping = 3
Features=0x781abfd
real memory = 402587648 (393152K bytes)
sio0: gdb debugging port
avail memory = 381132800 (372200K bytes)
Preloaded elf kernel “kernel” at 0xc09ba000.
DEVFS: ready for devices
md0: Malloc disk
Using $PIR table, 6 entries at 0xc00fa3c0
npx0:
on motherboard
npx0: INT 16 interface
pcib0: on motherboard
pci0:
on pcib0
isab0: at device 1.0 on pci0
isa0: on isab0
atapci0: port 0xc000-0xc00f at device 1.1 on pci0
atapci0: Busmastering DMA not supportedUsing tap driver
tunectl //create a new tap interface
ifconfig tap0 10.1.1.1 netmask 255.255.255.0 upSo tap0 will be the default gateway for the Olive. Back to Junos you can configure fxp0 interface:
set interfaces fxp0 unit 0 family inet address 10.1.1.2/24
and then add the default route:
set routing-options static route 0.0.0.0/0 next-hop 10.1.1.1
Also you have to set the hostname/domain-name/name servers:
set system host-name olive2
set system domain-name domain.org
set system name-server ipConfiguring Quagga
/etc/quagga/zebra.conf
!
! Zebra configuration saved from vty
! 2008/05/20 23:06:35
!
hostname box
password ooo
enable password 000
!
interface eth0
ipv6 nd suppress-ra
!
interface eth1
ipv6 nd suppress-ra
!
interface lo
!
interface ppp0
ipv6 nd suppress-ra
!
interface tap0
ipv6 nd suppress-ra
!
interface tun0
ipv6 nd suppress-ra
!
ip forwarding
!
!
line vty
!/etc/quagga/bgpd.conf
! Zebra configuration saved from vty
! 2008/05/20 23:06:35
!
hostname box
password ooo
enable password 000
log file /var/log/quagga/bgpd.log
log stdout
!
router bgp 40404
bgp router-id 10.100.100.100
neighbor 10.100.100.1 remote-as 40404
neighbor 10.100.100.1 description Cisco Corp
neighbor 10.1.1.2 remote-as 40404
neighbor 10.1.1.2 description Juniper Olive2
neighbor 10.2.2.2 remote-as 40404
neighbor 10.2.2.2 description Juniper Olive1
!
line vty
!
Cisco
Bring up tap0 so you will have conectivity between Cisco and Linux.
ifconfig tap0 10.100.100.100 netmask 255.255.255.0 up
router ospf 132
log-adjacency-changes
redistribute connected
redistribute static
network 10.1.0.0 0.0.255.255 area 0
network 10.100.100.0 0.0.0.255 area 0
network 169.254.10.0 0.0.0.255 area 0
default-information originate
router bgp 40404
bgp log-neighbor-changes
redistribute connected
redistribute static
neighbor 10.100.100.100 remote-as 40404In the end I managed to simulate both Cisco and Juniper Routers. So between Cisco, Linux, Juniper I used BGP (EGP) and for the IGP I used OSPF.
Tests
Some examples of tests:
Traceroute from a Cisco router to the Juniper part of the network:871W#traceroute 10.2.2.2
Type escape sequence to abort.
Tracing the route to 10.2.2.21 10.1.11.1 16 msec 8 msec 20 msec (Cisco)
2 10.1.5.1 32 msec 48 msec 20 msec (Cisco)
3 10.100.100.100 36 msec 52 msec 24 msec (Linux)
4 10.2.2.2 40 msec 52 msec 24 msec (Junos)
871W#From the Juniper router to Cisco:
root@olive% traceroute 10.1.11.2
traceroute to 10.1.11.2 (10.1.11.2), 30 hops max, 40 byte packets
1 10.2.2.1 (10.2.2.1) 2.106 ms 1.126 ms 2.122 ms
2 10.100.100.1 (10.100.100.1) 6.405 ms 5.192 ms 14.639 ms
3 10.1.5.2 (10.1.5.2) 22.178 ms 21.380 ms 11.288 ms
4 10.1.11.2 (10.1.11.2) 35.508 ms * 47.718 msProblems
1.When trying to run qemu I recieved these error:
Could not initialize SDL – exiting
Solution: Check if SDL is installed (yum install SDL SDL-devel). Don`t try to run qemu from console check -vnc param from qemu.
2. When trying to compile qemu from CVS on FC 9 you recieve a error because FC 9 has gcc 4.x and qemu is built with gcc 3.x.
[root@box qemu]# ./configure
WARNING: “gcc” looks like gcc 4.x
Looking for gcc 3.x
gcc 3.x not found!
QEMU is known to have problems when compiled with gcc 4.x
It is recommended that you use gcc 3.x to build QEMU
To use this compiler anyway, configure with –disable-gcc-check
Solution : I downloaded gcc-3.4.6.tar.gz from ftp.gnu.org and installed it in /opt. (./configure –prefix=/opt/gcc/). And then when I tried to install qemu I used the binary from /opt
./configure –prefix=/root/Test/qemu –target-list=i386-softmmu –enable-net-pcap –enable-net-lcap –enable-net-udp –enable-pemu-i82559 –cc=/opt/gcc/bin/gcc
That should fix this problem.3. After a fresh install of FC9 a default configuration of firewall will drop some packets in FORWARD chain. If traceroute fails from Cisco to Juniper delete that rule. Try to use tcpdump on the tap interfaces and you will see whats wrong.
4. Problem :
“ERROR: discover_install_drive: Could not find a disk to do an install You are now in a debugging subshell (you may not see a prompt)…
Solution : Something went very wrong when trying to pkg_add jinstall.X.X. You may need to reinstall the system again.