Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

header-navigation

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries
Campus and Branch

Welcome to the NOW Way to Wi-Fi

Take your networking performance to new heights with a modern, cloud-native, AI-Native architecture. Only Juniper can help you unleash the full potential of Wi-Fi 7 with our AI-Native platform for innovation.
Prepare for liftoff
Business intelligence analyst dashboard on virtual screen. Big data Graphs Charts.

AI Data Center Networking

Juniper’s AI data center solution is a quick way to deploy high performing AI training and inference networks that are the most flexible to design and easiest to manage with limited IT resources.
Find out more
Enterprise AI-Native Networking

Enterprise AI‑Native Routing

Juniper's Ai-Native routing solution delivers robust 400GbE and 800GbE capabilities for unmatched performance, reliability, and sustainability at scale.
Explore enterprise routing
Zero trust security

Ops4AI Lab

Visit our lab in Sunnyvale, CA and see our AI data center solution for yourself. You can try out your own model’s functionality and performance, too.
Visit the lab
Enterprise AI-Native Networking

Enterprise AI‑Native Routing

Juniper's Ai-Native routing solution delivers robust 400GbE and 800GbE capabilities for unmatched performance, reliability, and sustainability at scale.
Explore enterprise routing
Higher Education

Shaping Student Experiences: The NOW Way to Build Higher Education Networks

Join Juniper Networks CIO Sharon Mandell and a virtual summit of C-level IT leaders from prestigious institutions as they discuss ongoing efforts to support digital transformation.
Register to attend
Hand on tablet with healthcare overlay of graphics

Security in healthcare

In this IDC Spotlight report, discover how AI networking can automate and strengthen a healthcare ecosystem to defeat criminals and prevent loss. 
Gain insights into ecosystem security
Retail

The Future of In-Store Technologies

Join us for an enlightening webinar with Kevin McCartan, Senior IT Service Delivery Engineer at Musgrave; retail guru Jack Stratten of Insider Trends; and Christian Gilby, Director of Product Marketing at Juniper Networks, as they discuss the future of in-store technologies.
Reserve my spot

Products

Wireless access Wired access SD-WAN / SASE Routing and switching Security Mist AI™ Management software Network operating system Blueprint for AI-Native Acceleration Optics
  • Operations
ACX7020 router

Juniper ACX7020 Cloud Metro Access Router

Legacy networks simply cannot meet the demands of today’s rapidly evolving metro landscape. Unlock a new generation of highly scalable architectures and automated operations with the Juniper ACX7020. 
Learn more
EX4000 Ethernet Switch

Next-gen AI-Native EX4000 line of switches

Lack of AI innovation from your current networking vendor slowing you down? Embrace Juniper’s cloud-native, AI-Native access switches that support every level and layer, across nearly every deployment.
Discover how
The Q and AI text with an image of Bob Friday and Kedar Dhuru.

The Q&AI Podcast

Delivering practical solutions and enriching discussions, this podcast series is a vital resource for those seeking an in-depth exploration of AI's transformative potential.
Catch the latest episode

Services

Services
Services AI Care

Juniper AI Care Services Revolutionize Your Service Experience

Our industry-first AI-Native services couple AIOps with our deep expertise across the full network life cycle. You can move from reactive response to proactive insight and action.
Explore AI Care Services
Services AI Data Center

Juniper AI Data Center Deployment Services Optimize Your AI Model Runs

We use our expertise and validated designs to help design, deploy, validate and tune networks, including GPUs and storage, to get the most from your AI infrastructure operation.
Learn about AI Data Center Deployment Services

Partners

Partners

Support and Documentation

Support and Documentation

Learn

About Juniper Training Events The Feed Resources Technology learning topics Thought leadership and insights
Audience raising hands up while businessman is speaking in training at the office.

Juniper certification and training news

See the latest
Ringing of the bell

All global events

See the latest
AI-native-now

AI-Native NOW event series

Register now
Juniper's Christina Hendrix at the head of a conference table. With the text "The NOW Way to Network" overlayed, with "NOW" emphasizing the "O" in green color.

The NOW Way to Network

Watch the video series
AI Native Now

Executive insights

Dive deep with leading experts and thought leaders on all the topics that matter most to your business, from AI to network security to driving rapid, relevant transformation for your business.
Learn more
A keynote speaker giving a presentation at a conference. There are dozens of people sitting around them. The presentation is displayed via projector on all the walls in the room.

Leadership voices

Juniper Networks’ leaders operate on the front lines of creating the network of the future. Take a look around to see what’s on their minds.
Watch now
Bob Friday and Jessica Garrison speaking

Bob Friday Talks

Join Bob as he ventures into all the knowns -- and -- unknowns -- of AI.
Catch the latest episode
Documentation
Menu
License Guide
Quick Starts
Validated Designs
Explore Pathfinder Apps
CLI Explorer
Feature Explorer
Hardware Compatibility Tool
Port Checker
Browse All
Collapse

Pathfinder Apps

All

By Software

By Hardware

Learn More
Pathfinder HomeCLI ExplorerCompliance AdvisorFeature ExplorerHardware Compatibility ToolJunos XML API ExplorerJunos YANG Data Model ExplorerPort CheckerPower CalculatorSNMP MIB ExplorerSystem Log Explorer
CLI ExplorerFeature ExplorerJunos XML API ExplorerJunos YANG Data Model ExplorerSNMP MIB ExplorerSystem Log Explorer
Compliance AdvisorFeature ExplorerHardware Compatibility ToolPort CheckerPower Calculator
Home Documentation Junos® OS Software Installation and Upgrade Guide Install, Upgrade, or Downgrade for Junos OS Software Prepare for Installation and Upgrade

Junos® OS Software Installation and Upgrade Guide

Junos OS Junos OS Evolved
keyboard_arrow_up
close
keyboard_arrow_left
Junos® OS Software Installation and Upgrade Guide
Table of Contents Expand all
list Table of Contents
file_download PDF
{ "lLangCode": "en", "lName": "English", "lCountryCode": "us", "transcode": "en_US" }
English
ON THIS PAGE
keyboard_arrow_right

Preparing for Software Installation and Upgrade (Junos OS)

date_range 09-Dec-23
arrow_backward
arrow_forward

Before you install or upgrade Junos OS, you must ensure some basic checks such as sufficient disk space availability and backing up configurations in place.

Upgrade or Reinstall Junos OS

Checklist for Reinstalling Junos OS

Table 1 provides links and commands for reinstalling Junos OS.

Table 1: Checklist for Reinstalling Junos OS

Tasks

Command or Action
Before You Reinstall Junos OS

Log the Software Version Information (Junos OS)

show version | save filename

Log the Hardware Version Information (Junos OS)

show chassis hardware | save filename

Log the Chassis Environment Information (Junos OS)

show chassis environment | save filename

Log the System Boot-Message Information (Junos OS)

show system boot-messages | save filename

Log the Active Configuration (Junos OS)

show configuration | save filename

Log the Interfaces on the Router (Junos OS)

show interface terse | save filename

Log the BGP, IS-IS, and OSPF Adjacency Information (Junos OS)

show bgp summary | save filename show isis adjacency brief | save filename show ospf neighbor brief | save filename

Log the System Storage Information (Junos OS)

show system storage | save filename

Back Up the Currently Running and Active File System

request system snapshot

Reinstall Junos OS

Insert your removable medium and reboot the system.

Reconfigure Junos OS

Configure Host Names, Domain Names, and IP Addresses

Log in as root.Start the CLI.Enter configuration mode: configure set system host-name host-name set system domain-name domain-name set interfaces fxp0 unit 0 family inet address address/prefix-length set system backup-router address set system name-server address

Protect Network Security by Configuring the Root Password

set system root-authentication plain-text-password set system root-authentication encrypted-password password set system root-authentication ssh-rsa key commit exit

Check Network Connectivity

ping address

Copy Backup Configurations and Restore Saved Configurations

file copy var/tmp configure

[edit] load merge /config/filename or load replace /config/filename

[edit] commit

After You Reinstall Junos OS

Compare Information Logged Before and After the Reinstall

show version | save filename show chassis hardware | save filename show chassis environment | save filename show system boot-messages | save filename show configuration | save filename show interfaces terse | save filename show bgp summary show isis adjacency brief show ospf neighbor brief | save filename show system storage | save filename

Back Up the New Software

request system snapshot

Log the Software Version Information (Junos OS)

Purpose

The purpose of this action is to log the Junos OS version information.

Action

Use the following Junos OS CLI operational mode command:

content_copy zoom_out_map
user@host> show version | save filename

Sample Output

content_copy zoom_out_map
user@host> show version | save test
Wrote 39 lines of output to ‘test’

user@host> show version
Hostname:  my-router.net
Model: m10
JUNOS Base OS boot [5.0R5]
JUNOS Base OS Software Suite [5.0R5]
JUNOS Kernel Software Suite [5.0R5]
JUNOS Routing Software Suite [5.0R5]
JUNOS Packet Forwarding Engine Support [5.0R5]
JUNOS Crypto Software Suite [5.0R5]
JUNOS Online Documentation [5.0R5]
KERNEL 5.0R5 #0 built by builder on 2002-03-02 05:10:28 UTC
MGD release 5.0R5 built by builder on 2002-03-02 04:45:32 UTC
CLI release 5.0R5 built by builder on 2002-03-02 04:44:22 UTC
CHASSISD release 5.0R5 built by builder on 2002-03-02 04:43:37 UTC
DCD release 5.0R5 built by builder on 2002-03-02 04:42:47 UTC
RPD release 5.0R5 built by builder on 2002-03-02 04:46:17 UTC
SNMPD release 5.0R5 built by builder on 2002-03-02 04:52:26 UTC
MIB2D release 5.0R5 built by builder on 2002-03-02 04:45:37 UTC
APSD release 5.0R5 built by builder on 2002-03-02 04:43:31 UTC
VRRPD release 5.0R5 built by builder on 2002-03-02 04:52:34 UTC
ALARMD release 5.0R5 built by builder on 2002-03-02 04:43:24 UTC
PFED release 5.0R5 built by builder on 2002-03-02 04:46:06 UTC
CRAFTD release 5.0R5 built by builder on 2002-03-02 04:44:30 UTC
SAMPLED release 5.0R5 built by builder on 2002-03-02 04:52:20 UTC
ILMID release 5.0R5 built by builder on 2002-03-02 04:45:21 UTC
BPRELAYD release 5.0R5 built by builder on 2002-03-02 04:42:41 UTC
RMOPD release 5.0R5 built by builder on 2002-03-02 04:46:11 UTC
jkernel-dd release 5.0R5 built by builder on 2002-03-02 04:41:07 UTC
jroute-dd release 5.0R5 built by builder on 2002-03-02 04:41:21 UTC
jdocs-dd release 5.0R5 built by builder on 2002-03-02 04:39:11 UTC

Meaning

The sample output shows the hostname, router model, and the different Junos OS packages, processes, and documents.

Log the Hardware Version Information (Junos OS)

Purpose

You should log hardware version information in the rare event that a router cannot successfully reboot and you cannot obtain the Routing Engine serial number. The Routing Engine serial number is necessary for Juniper Networks Technical Assistance Center (JTAC) to issue a return to manufacturing authorization (RMA). Without the Routing Engine serial number, an onsite technician must be dispatched to issue the RMA.

Action

To log the router chassis hardware version information, use the following Junos OS CLI operational mode command:

content_copy zoom_out_map
user@host> show chassis hardware | save filename

Sample Output

The output for the M-series routers varies depending on the chassis components of each router. All routers have a chassis, midplanes or backplanes, power supplies, and Flexible PIC Concentrators (FPCs). Refer to the hardware guides for information about the different chassis components.

content_copy zoom_out_map
user@host> show chassis hardware | save test
Wrote 43 lines of output to ‘test’

user@host> show chassis hardware
Item             Version  Part number  Serial number     Description
Chassis                                101               M160
Midplane         REV 02   710-001245   S/N AB4107
FPM CMB          REV 01   710-001642   S/N AA2911
FPM Display      REV 01   710-001647   S/N AA2999
CIP              REV 02   710-001593   S/N AA9563
PEM 0            Rev 01   740-001243   S/N KJ35769       DC
PEM 1            Rev 01   740-001243   S/N KJ35765       DC
PCG 0            REV 01   710-001568   S/N AA9794
PCG 1            REV 01   710-001568   S/N AA9804
Host 1                                 da000004f8d57001  teknor
MCS 1            REV 03   710-001226   S/N AA9777
SFM 0 SPP        REV 04   710-001228   S/N AA2975
SFM 0 SPR        REV 02   710-001224   S/N AA9838        Internet Processor I
SFM 1 SPP        REV 04   710-001228   S/N AA2860
SFM 1 SPR        REV 01   710-001224   S/N AB0139        Internet Processor I
FPC 0            REV 03   710-001255   S/N AA9806        FPC Type 1
  CPU            REV 02   710-001217   S/N AA9590
  PIC 1          REV 05   750-000616   S/N AA1527        1x OC-12 ATM, MM
  PIC 2          REV 05   750-000616   S/N AA1535        1x OC-12 ATM, MM
  PIC 3          REV 01   750-000616   S/N AA1519        1x OC-12 ATM, MM
FPC 1            REV 02   710-001611   S/N AA9523        FPC Type 2
  CPU            REV 02   710-001217   S/N AA9571
  PIC 0          REV 03   750-001900   S/N AA9626        1x STM-16 SDH, SMIR
  PIC 1          REV 01   710-002381   S/N AD3633        2x G/E, 1000 BASE-SX
FPC 2                                                    FPC Type OC192
  CPU            REV 03   710-001217   S/N AB3329
  PIC 0          REV 01                                  1x OC-192 SM SR-2

Meaning

The sample output shows the hardware inventory for an M160 router with a chassis serial number of 101. For each component, the output shows the version number, part number, serial number, and description.

Log the Chassis Environment Information (Junos OS)

Action

To log the router chassis environment information, use the following Junos OS CLI operational mode command:

content_copy zoom_out_map
user@host> show chassis environment | save filename

Sample Output

The following example shows output from the show chassis environment command for an M5 router:

content_copy zoom_out_map
user@m5-host> show chassis environment | save test
Wrote 14 lines of output to ‘test’

user@m5-host> show chassis environment 
Class Item                   Status     Measurement
Power Power Supply A         OK
      Power Supply B         OK
Temp  FPC Slot 0             OK         32 degrees C / 89 degrees F
      FEB                    OK         31 degrees C / 87 degrees F
      PS Intake              OK         26 degrees C / 78 degrees F
      PS Exhaust             OK         31 degrees C / 87 degrees F
Fans  Left Fan 1             OK         Spinning at normal speed
      Left Fan 2             OK         Spinning at normal speed
      Left Fan 3             OK         Spinning at normal speed
      Left Fan 4             OK         Spinning at normal speed

Meaning

The sample output shows the environmental information about the router chassis, including the temperature and information about the fans, power supplies, and Routing Engine.

Log the System Boot-Message Information (Junos OS)

Action

To log the system boot-message information, use the following Junos OS CLI operational mode command:

content_copy zoom_out_map
user@host> show system boot-messages | save filename

Sample Output

content_copy zoom_out_map
user@host> show system boot-messages | save test
Wrote 80 lines of output to ‘test’

user@host> show system boot-messages
Copyright (c) 1992-1998 FreeBSD Inc.
Copyright (c) 1996-2000 Juniper Networks, Inc.
All rights reserved.
Copyright (c) 1982, 1986, 1989, 1991, 1993
        The Regents of the University of California.  All rights reserved.

JUNOS 4.1-20000216-Zf8469 #0: 2000-02-16 12:57:28 UTC
    tlim@device1.example.com:/p/build/20000216-0905/4.1/release_kernel/sys/compile/GENERIC
CPU: Pentium Pro (332.55-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0x66a  Stepping=10
  Features=0x183f9ff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,<b16>,<b17>,MMX,<b24>>
Teknor CPU Card Recognized
real memory  = 805306368 (786432K bytes)
avail memory = 786280448 (767852K bytes)
Probing for devices on PCI bus 0:
chip0 <generic PCI bridge (vendor=8086 device=7192 subclass=0)> rev 3 class 60000 on pci0:0:0
chip1 <Intel 82371AB PCI-ISA bridge> rev 1 class 60100 on pci0:7:0
chip2 <Intel 82371AB IDE interface> rev 1 class 10180 on pci0:7:1
chip3 <Intel 82371AB USB interface> rev 1 class c0300 int d irq 11 on pci0:7:2
smb0 <Intel 82371AB SMB controller> rev 1 class 68000 on pci0:7:3
pcic0 <TI PCI-1131 PCI-CardBus Bridge> rev 1 class 60700 int a irq 15 on pci0:13:0
TI1131 PCI Config Reg: [pci only][FUNC0 pci int]
pcic1 <TI PCI-1131 PCI-CardBus Bridge> rev 1 class 60700 int b irq 12 on pci0:13:1
TI1131 PCI Config Reg: [pci only][FUNC1 pci int]
fxp0 <Intel EtherExpress Pro 10/100B Ethernet> rev 8 class 20000 int a irq 12 on pci0:16:0
chip4 <generic PCI bridge (vendor=1011 device=0022 subclass=4)> rev 4 class 60400 on pci0:17:0
fxp1 <Intel EtherExpress Pro 10/100B Ethernet> rev 8 class 20000 int a irq 10 on pci0:19:0
Probing for devices on PCI bus 1:mcs0 <Miscellaneous Control Subsystem> rev 12 class ff0000 int a irq 12 on pci1:13:0
fxp2 <Intel EtherExpress Pro 10/100B Ethernet> rev 8 class 20000 int a irq 10 on pci1:14:0
Probing for devices on the ISA bus:
sc0 at 0x60-0x6f irq 1 on motherboard
sc0: EGA color <16 virtual consoles, flags=0x0>
ed0 not found at 0x300
ed1 not found at 0x280
ed2 not found at 0x340
psm0 not found at 0x60
sio0 at 0x3f8-0x3ff irq 4 flags 0x20010 on isa
sio0: type 16550A, console
sio1 at 0x3e8-0x3ef irq 5 flags 0x20000 on isa
sio1: type 16550A
sio2 at 0x2f8-0x2ff irq 3 flags 0x20000 on isa
sio2: type 16550A
pcic0 at 0x3e0-0x3e1 on isa
PC-Card ctlr(0) TI PCI-1131 [CardBus bridge mode] (5 mem & 2 I/O windows)
pcic0: slot 0 controller I/O address 0x3e0
npx0 flags 0x1 on motherboard
npx0: INT 16 interface
fdc0: direction bit not set
fdc0: cmd 3 failed at out byte 1 of 3
fdc0 not found at 0x3f0
wdc0 at 0x1f0-0x1f7 irq 14 on isa
wdc0: unit 0 (wd0): <SunDisk SDCFB-80>, single-sector-i/o
wd0: 76MB (156672 sectors), 612 cyls, 8 heads, 32 S/T, 512 B/S
wdc0: unit 1 (wd1): <IBM-DCXA-210000>
wd1: 8063MB (16514064 sectors), 16383 cyls, 16 heads, 63 S/T, 512 B/S
wdc1 not found at 0x170
wdc2 not found at 0x180
ep0 not found at 0x300
fxp0: Ethernet address 00:a0:a5:12:05:5a
fxp1: Ethernet address 00:a0:a5:12:05:59
fxp2: Ethernet address 02:00:00:00:00:01
swapon: adding /dev/wd1s1b as swap device
Automatic reboot in progress...
/dev/rwd0s1a: clean, 16599 free (95 frags, 2063 blocks, 0.1% fragmentation)
/dev/rwd0s1e: clean, 9233 free (9 frags, 1153 blocks, 0.1% fragmentation)
/dev/rwd0s1a: clean, 16599 free (95 frags, 2063 blocks, 0.1% fragmentation)
/dev/rwd1s1f: clean, 4301055 free (335 frags, 537590 blocks, 0.0% fragmentation)

Meaning

The sample output shows the initial messages generated by the system kernel upon boot. This is the content of the /var/run/dmesg.boot file.

Log the Active Configuration (Junos OS)

Action

To log the active configuration on the router, use the following Junos OS CLI operational mode command:

content_copy zoom_out_map
user@host> show configuration | save filename

Sample Output

content_copy zoom_out_map
user@host> show configuration | save test
Wrote 4076 lines of output to ‘test’

user@host> show configuration
system {
host-name lab8;
domain-name device1.example.com;
backup-router 10.1.1.254;
    time-zone America/Los_Angeles;
default-address-selection;
    dump-on-panic;
name-server {
[...Output truncated...]

Meaning

The sample output shows the configuration currently running on the router, which is the last committed configuration.

Log the Interfaces on the Router (Junos OS)

Action

To log the interfaces on the router, use the following Junos OS CLI operational mode command:

content_copy zoom_out_map
user@host> show interface terse | save filename

Sample Output

content_copy zoom_out_map
user@host> show interfaces terse | save test
Wrote 81 lines of output to ‘test’

user@host> show interfaces terse
Interface       Admin Link Proto Local             Remote
at-1/3/0        up    up
at-1/3/0.0      up    up   inet  203.0.113.1           --> 203.0.113.2
                           iso
fxp0            up    up
fxp0.0          up    up   inet  10.168.5.59/24
gre             down  up
ipip            down  up
lo0             up    up
lo0.0           up    up   inet  127.0.0.1         --> 0/0
                           iso 47.0005.80ff.f800.0000.0108.0001.1921.6800.5059.00
so-1/2/0        up    down
so-1/2/1        down  down
so-1/2/2        down  down
so-1/2/3        down  down
so-2/0/0        up    up
so-2/0/0.0      up    up   inet  192.2.3.4           --> 192.2.3.5
                           iso
[...Output truncated...]

Meaning

The sample output displays summary information about the physical and logical interfaces on the router.

Log the BGP, IS-IS, and OSPF Adjacency Information (Junos OS)

Purpose

The following commands log useful information about Border Gateway Protocol (BGP), Intermediate System-to-Intermediate System (IS-IS), and Open Shortest Path First (OSPF) protocols. If you have other protocols installed, such as Multiprotocol Label Switching (MPLS), Resource Reservation Protocol (RSVP), or Protocol Independent Multicast (PIM), you also might log summary information for them.

Action

To log the protocol peer information, use the following Junos OS CLI operational mode commands:

content_copy zoom_out_map
user@host> show bgp summary | save filename                         
user@host> show isis adjacency brief | save filename                         
user@host>  show ospf neighbor brief | save filename

Sample Output 1

content_copy zoom_out_map
user@host> show bgp summary | save test
Wrote 45 lines of output to ‘test’

user@host> show bgp summary
Groups: 1 Peers: 1 Down peers: 0
Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
inet.0                 4          4          0          0          0          0
Peer               AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Damped..
9.9.3.1             2       2627       2628       0       0    21:50:12 4/4/0                0/0/0

Sample Output 2

content_copy zoom_out_map
user@host> show isis adjacency brief | save test
Wrote 7 lines of output to ‘test’

user@host> show isis adjacency brief
IS-IS adjacency database:
Interface  System         L State        Hold (secs) SNPA
so-1/0/0.0 1921.6800.5067 2 Up                    13
so-1/1/0.0 1921.6800.5067 2 Up                    25
so-1/2/0.0 1921.6800.5067 2 Up                    20
so-1/3/0.0 1921.6800.5067 2 Up                    19
so-2/0/0.0 1921.6800.5066 2 Up                    19
so-2/1/0.0 1921.6800.5066 2 Up                    17
so-2/2/0.0 1921.6800.5066 2 Up                    20
so-2/3/0.0 1921.6800.5066 2 Up                    20
so-5/0/0.0 ranier         2 Up                    17

Sample Output 3

content_copy zoom_out_map
user@host> show ospf neighbor brief | save test
Wrote 10 lines of output to ‘test’

user@host> show ospf neighbor brief
  Address         Intf               State      ID              Pri  Dead
10.168.254.225   fxp3.0              2Way      10.250.240.32    128   36
10.168.254.230   fxp3.0              Full      10.250.240.8     128   38
10.168.254.229   fxp3.0              Full      10.250.240.35    128   33
10.1.1.129       fxp2.0              Full      10.250.240.12    128   37
10.1.1.131       fxp2.0              Full      10.250.240.11    128   38
10.1.2.1         fxp1.0              Full      10.250.240.9     128   32
10.1.2.81        fxp0.0              Full      10.250.240.10    128   33

Meaning

Sample output 1 displays summary information about BGP and its neighbors. Sample output 2 displays information about IS-IS neighbors. Sample output 3 displays information about all OSPF neighbors.

Log the System Storage Information (Junos OS)

Action

To log the system storage statistics for the amount of free disk space in the router’s file system, use the following Junos OS CLI operational mode command:

content_copy zoom_out_map
user@host> show system storage | save filename

Sample Output

content_copy zoom_out_map
user@host> show system storage | save test           
Wrote 14 lines of output to ‘test’

user@host> show system storage 
Filesystem  1K-blocks     Used    Avail Capacity  Mounted on
/dev/ad0s1a     65687    26700    33733    44%    /
devfs              16       16        0   100%    /dev/
/dev/vn1         9310     9310        0   100%    /packages/mnt/jbase
/dev/vn2         8442     8442        0   100%    /packages/mnt/jkernel-5.0R5.1
/dev/vn3        11486    11486        0   100%    /packages/mnt/jpfe-5.0R5.1
/dev/vn4         5742     5742        0   100%    /packages/mnt/jroute-5.0R5.1
/dev/vn5         1488     1488        0   100%    /packages/mnt/jcrypto-5.0R5.1
/dev/vn6          792      792        0   100%    /packages/mnt/jdocs-5.0R5.1
mfs:2373      1015815        3   934547     0%    /tmp
/dev/ad0s1e     25263       11    23231     0%    /config
procfs              4        4        0   100%    /proc
/dev/ad1s1f   9825963  1811085  7228801    20%    /var

Meaning

The sample output displays statistics about the amount of free disk space in the router’s file system. Values are displayed in 1024-byte (1-KB) blocks.

Validating the Configuration Image Before Upgrading or Downgrading the Software (Junos OS)

Here are some validation guidelines to keep in mind:

  • Validation is set to on by default. You do not need to configure it or issue any command to start it on a switch that supports image validation. You can disable validation (the procedure is given below) and then re-enable it.

  • Validation slows down the upgrade or downgrade process by as much as 7 minutes.

  • Image validation is supported only on the jinstall package.

  • If you invoke validation from an image that does not support validation, the new image is loaded but validation does not occur.

  • Validation does not work in a downgrade to an image that does not support validation if your system is configured for graceful routing switchover (GRES) or if you run image loading without nonstop software upgrade (NSSU). See the procedure below for steps to use validation in this type of scenario.

If you upgrade or downgrade the Junos OS image on a switch that supports configuration image validation (see Feature Explorer for feature support per EX Series switch), the system validates that the existing configuration is compatible with the new image before the actual upgrade or downgrade commences.

Benefits of image validation—If validation fails, the new image is not loaded, and an error message provides information about the failure. If you upgrade or downgrade the software on a system that does not support validation, configuration incompatibilities between the existing and new image or insufficient memory to load the new image might cause the system to lose its current configuration or go offline.

To disable validation, re-enable or invoke validation manually, or use validation when downgrading to an image that does not support it:

  • To disable validation, issue request system software add image-name reboot no-validate command.
  • To re-enable or invoke validation manually, choose one of the following methods:
  • To use validation when downgrading to an image that does not support it, choose one of the following methods:

    • Remove the graceful-switchover configuration and then issue the request system software add image-name reboot command.

    • Use NSSU by issuing the request system software nonstop-upgrade image-name command.

Ensuring Sufficient Disk Space for Junos OS Upgrades on SRX Series Firewalls

Before you begin upgrading Junos OS on an SRX Series Firewall, perform the following tasks:

Verifying Available Disk Space on SRX Series Devices

The amount of free disk space necessary to upgrade a device with a new version of Junos OS can vary from one release to another. Check the Junos OS software version you are installing to determine the free disk space requirements.

If the amount of free disk space on a device is insufficient for installing Junos OS, you might receive a warning similar to the following messages, that the /var filesystem is low on free disk space:

WARNING: The /var filesystem is low on free disk space.

WARNING: This package requires 1075136k free, but there is only 666502k available.

To determine the amount of free disk space on the device, issue the show system storage detail command. The command output displays statistics about the amount of free disk space in the device file systems.

A sample of the show system storage detail command output is shown below:

content_copy zoom_out_map
user@host> show system storage detail

Filesystem       	1024-blocks       Used      Avail   Capacity   Mounted on
/dev/da0s2a      	300196          154410     121772        56%  /
devfs                        1               1          0       100%  /dev
/dev/md0         	409000          409000          0       100%  /junos
/cf              	300196          154410     121772        56%  /junos/cf
devfs                        1               1          0       100%  /junos/dev/
procfs                       4               4          0       100%  /proc
/dev/bo0s3e              25004              52      22952         0%  /config
/dev/bo0s3f      	350628          178450     144128        55%  /cf/var
/dev/md1         	171860           16804     141308        11%  /mfs
/cf/var/jail     	350628          178450     144128        55%  /jail/var
/cf/var/log      	350628          178450     144128        55%  /jail/var/log
devfs                        1               1          0       100%  /jail/dev
/dev/md2          	40172               4      36956         0%  /mfs/var/run/utm
/dev/md3                  1884             138       1596         8%  /jail/mfs

Cleaning Up the System File Storage Space

When the system file storage space on the device is full, rebooting the device does not solve the problem. The following error message is displayed during a typical operation on the device after the file storage space is full.

content_copy zoom_out_map
user@host% cli 
user@host> configure/var: write failed, filesystem is full

You can clean up the file storage on the device by deleting system files using the request system storage cleanup command as shown in following procedure:

  1. Request to delete system files on the device.
    content_copy zoom_out_map
    user@host> request system storage cleanup

    The list of files to be deleted is displayed.

    content_copy zoom_out_map
    List of files to delete:

         Size Date         Name
    11B Oct 28 23:40 /var/jail/tmp/alarmd.ts
  92.4K Jan 11 17:12 /var/log/chassisd.0.gz
  92.4K Jan 11 06:06 /var/log/chassisd.1.gz
  92.5K Jan 10 19:00 /var/log/chassisd.2.gz
  92.5K Jan 10 07:53 /var/log/chassisd.3.gz
  92.2K Jan 10 15:00 /var/log/hostlogs/auth.log.1.gz
  92.2K Jan  1 18:45 /var/log/hostlogs/auth.log.2.gz
  92.1K Jan  4 17:30 /var/log/hostlogs/auth.log.3.gz
  92.2K Jan  1 18:45 /var/log/hostlogs/auth.log.4.gz
  79.0K Jan 12 01:59 /var/log/hostlogs/daemon.log.1.gz
  78.8K Jan 11 23:15 /var/log/hostlogs/daemon.log.2.gz
  78.7K Jan 11 20:30 /var/log/hostlogs/daemon.log.3.gz
  79.1K Jan 11 17:44 /var/log/hostlogs/daemon.log.4.gz
  59.1K Jan 11 21:59 /var/log/hostlogs/debug.1.gz
  59.2K Jan 11 17:44 /var/log/hostlogs/debug.2.gz
  59.2K Jan 11 13:29 /var/log/hostlogs/debug.3.gz
  59.3K Jan 11 09:14 /var/log/hostlogs/debug.4.gz
 186.6K Oct 20 16:31 /var/log/hostlogs/kern.log.1.gz
 238.3K Jan 11 23:15 /var/log/hostlogs/lcmd.log.1.gz
 238.4K Jan 11 17:30 /var/log/hostlogs/lcmd.log.2.gz
 238.6K Jan 11 11:45 /var/log/hostlogs/lcmd.log.3.gz
 238.5K Jan 11 06:00 /var/log/hostlogs/lcmd.log.4.gz
 372.5K Jan 11 17:00 /var/log/hostlogs/syslog.1.gz
 372.5K Jan 11 04:45 /var/log/hostlogs/syslog.2.gz
 371.9K Jan 10 16:30 /var/log/hostlogs/syslog.3.gz
 372.7K Jan 10 04:15 /var/log/hostlogs/syslog.4.gz
  10.1K Jan 12 02:03 /var/log/messages.0.gz
  55.1K Jan  6 21:25 /var/log/messages.1.gz
  81.5K Dec  1 21:30 /var/log/messages.2.gz

Delete these files ? [yes,no] (no)
  2. Enter the option yes to proceed with deleting of the files.

Verifying Junos OS and Boot Loader Software Versions on an EX Series Switch

Before or after upgrading or downgrading Junos OS, you might need to verify the Junos OS version. You might also need to verify the boot loader software version if you are upgrading to or downgrading from a release that supports resilient dual-root partitions (Junos OS Release 10.4R3 and later).

This topic includes:

Verifying the Number of Partitions and File System Mountings

Purpose

Between Junos OS Release 10.4R2 and Release 10.4R3, upgrades were made to further increase resiliency of root partitions, which required reformatting the disk from three partitions to four partitions. If your switch is running Release 10.4R2 or earlier, it has three partitions, and if it is running Release 10.4R3 or later, it has four partitions.

Action

Verify how many partitions the disk has, as well as where each file system is mounted, by using the following command:

content_copy zoom_out_map
user@switch> show system storage 
fpc0:
-----------------------------------------------------------------------
Filesystem  Size  Used  Avail  Capacity Mounted on
/dev/da0s1a 184M  124M    45M     73%    /
devfs       1.0K  1.0K    0B      100%  /dev
/dev/md0     37M   37M    0B      100%  /packages/mnt/jbase
/dev/md1     18M   18M    0B      100%  /packages/mnt/jcrypto-ex-10.4I20110121_0509_hbRPSRLI15184421081
/dev/md2    6.1M  6.1M    0B      100%  /packages/mnt/jdocs-ex-10.4I20110121_0509_hbRPSRLI15184421081
/dev/md3    154M  154M    0B      100%  /packages/mnt/jkernel-ex-10.4I20110121_0509_hbRPSRLI15184421081
/dev/md4     23M   23M    0B      100%  /packages/mnt/jpfe-ex42x-10.4I20110121_0509_hbRPSRLI15184421081
/dev/md5     46M   46M    0B      100%  /packages/mnt/jroute-ex-10.4I20110121_0509_hbRPSRLI15184421081
/dev/md6     28M   28M    0B      100% /packages/mnt/jswitch-ex-10.4I20110121_0509_hbRPSRLI15184421081
/dev/md7     22M   22M    0B      100%  /packages/mnt/jweb-ex-10.4I20110121_0509_hbRPSRLI15184421081
/dev/md8     126M  10.0K 116M       0%  /tmp
/dev/da0s3e  123M   632K  112M     1%  /var
/dev/da0s3d  369M    20K  339M     0%  /var/tmp
/dev/da0s4d   62M    62K   57M     0%  /config
/dev/md9     118M   12M   96M     11%  /var/rundb
procfs       4.0K  4.0K    0B    100%  /proc
/var/jail/etc 123M  632K 112M      1%  /packages/mnt/jweb-ex-10.4I20110121_0509_hbRPSRLI15184421081/jail/var/etc
/var/jail/run 123M   632K 112M    1%  /packages/mnt/jweb-ex-10.4I20110121_0509_hbRPSRLI15184421081/jail/var/run
/var/jail/tmp 123M   632K 112M    1%  /packages/mnt/jweb-ex-10.4I20110121_0509_hbRPSRLI15184421081/jail/var/tmp
/var/tmp      369M    20K 339M    0%  /packages/mnt/jweb-ex-10.4I20110121_0509_hbRPSRLI15184421081/jail/var/tmp/uploads
devfs         1.0K   1.0K   0B  100%  /packages/mnt/jweb-ex-10.4I20110121_0509_hbRPSRLI15184421081/jail/dev

Meaning

The presence of the partition name containing s4d indicates that there is a fourth slice. If this were a three-slice partition scheme, in place of s1a, s3e, s3d, and s4d, you would see s1a, s1f, s2a, s2f, s3d, and s3e, and you would not see s4d.

Verifying the Loader Software Version

Purpose

For the special case of upgrading from Junos OS Release 10.4R2 or earlier to Release 10.4R3 or later, you must upgrade the loader software.

Action

For EX Series switches except EX8200 switches:

content_copy zoom_out_map
user@switch> show chassis firmware 
Part                     Type       Version
FPC 0                    uboot      U-Boot 1.1.6 (Jan  3 2011 - 16:14:58) 1.0.0    
                         loader     FreeBSD/PowerPC U-Boot bootstrap loader 2.4

For EX8200 switches:

content_copy zoom_out_map
user@switch> show chassis firmware 
Part                     Type       Version
FPC 0                    uboot      U-Boot 1.1.6 (Jan  3 2011 - 16:14:58) 3.5.0    
                         loader     FreeBSD/PowerPC U-Boot bootstrap loader 2.4

Meaning

For EX Series switches other than EX8200 switches, with Junos OS Release 10.4R3 or later installed:

  • If there is version information following the timestamp for U-Boot (1.0.0 in the preceding example), then the loader software does not require upgrading.

  • If there is no version number following the timestamp for U-boot, then the loader software requires upgrading.

Note:

If the software version is Release 10.4R2 or earlier, no version number is displayed following the timestamp for U-boot, regardless of the loader software version installed. If you do not know whether you have installed the new loader software, we recommend that you upgrade the loader software when you upgrade the software version.

For EX8200 switches, if the version number following the timestamp for U-Boot is earlier than 3.5.0, you must upgrade the loader software when you upgrade the software version.

Verifying Which Root Partition Is Active

Purpose

Switches running Release 10.4R3 or later have resilient dual-root partition functionality, which includes the ability to boot transparently from the inactive partition if the system fails to boot from the primary root partition.

You can verify which root partition is active using the following command:

Action

content_copy zoom_out_map
user@switch> show system storage partitions
fpc0:
--------------------------------------------------------------------------
Boot Media: internal (da0)
Active Partition: da0s1a
Backup Partition: da0s2a
Currently booted from: active (da0s1a)
Partitions information:
  Partition  Size   Mountpoint
  s1a        184M   /         
  s2a        184M   altroot   
  s3d        369M   /var/tmp  
  s3e        123M   /var      
  s4d        62M    /config   
  s4e               unused (backup config)

Meaning

The Currently booted from: field shows which root partition is active.

Verifying the Junos OS Version in Each Root Partition

Purpose

Each switch contains two root partitions. We recommend that you copy the same Junos OS version in each partition when you upgrade. In Junos OS Release 10.4R2 and earlier, you might choose to have different Junos OS release versions in each partition. You might have different versions during a software upgrade and before you have finished verifying the new software installation. To enable a smooth reboot if corruption is found in the primary root file system, ensure that the identical Junos OS images are in each root partition. For Release 10.4R2 and earlier, you must manually reboot the switch from the backup root partition. However, for Release 10.4R3 and later, the switch reboots automatically from the backup root partition if it fails to reboot from the active root partition.

Action

Verify whether both root partitions contain the same image by using the following command:

content_copy zoom_out_map
user@switch> show system snapshot media internal
Information for snapshot on       internal (/dev/da0s1a) (backup)
Creation date: Jan 11 03:02:59 2012
JUNOS version on snapshot:
  jbase  : ex-12.2I20120305_2240_user
  jcrypto-ex: 12.2I20120305_2240_user
  jdocs-ex: 12.2I20120305_2240_user
  jroute-ex: 12.2I20120305_2240_user
  jswitch-ex: 12.2I20120305_2240_user
  jweb-ex: 12.2I20120305_2240_user
Information for snapshot on       internal (/dev/da0s2a) (primary)
Creation date: Mar 6 02:24:08 2012
JUNOS version on snapshot:
  jbase  : ex-12.2I20120305_2240_user
  jcrypto-ex: 12.2I20120305_2240_user
  jdocs-ex: 12.2I20120305_2240_user
  jroute-ex: 12.2I20120305_2240_user
  jswitch-ex: 12.2I20120305_2240_user
  jweb-ex: 12.2I20120305_2240_user

Meaning

The command shows which Junos OS version is installed on each media partition. Verify that the same version is installed on both partitions.

See Also

Access Juniper Support

This topic provides an overview on how you can access the software package downloads and support tools.

Existing Users—How to Log In

If you are an existing user with an active Juniper Networks® profile, contact Global support. The global support team sends an access token to your registered e-mail ID.

New Users—How to Create an Account

To register as a new user, click the User Registration link and perform the following steps to create a new account:
  1. Create a user account by providing your e-mail address on the Create User Account page.
    After you submit your e-mail ID, you will receive a confirmation e-mail with a link to proceed with the account setup process.
  2. Click the link to open the Account Setup page and complete all the required account setup activities.
    The Email Address field already contains the e-mail address you provided in Step 1. This e-mail ID also acts as your user ID for this account.
    Note:

    You cannot create an account by using a public domain e-mail address such as @gmail.com or @yahoo.com. If you use a public domain address, you will receive an alert declining your account status. Change your e-mail address before you click Next to proceed.

  3. If you are not an existing Juniper customer or partner and the system does not recognize your email domain, you can select one of the following options:

    • Individual Email

    • Group Email

    Hover over the question mark icons next to each option for a brief description.

  4. Click Next to proceed.
    Your account creation is successful.
  5. After your account is active, contact Global support. The global support team sends an access token to your registered e-mail ID.

See Also

Downloading Software (Junos OS)

Downloading Software Using a Browser (Junos OS)

You download the software package you need from the Juniper Networks Downloads page at https://support.juniper.net/support/downloads/.

Note:

To access the download section, you must have a service contract and an access account. If you require assistance in acquiring an account, refer to the instructions on how to Access Juniper Support and fill out the registration form found on the Juniper Networks website: https://userregistration.juniper.net/entitlement/setupAccountInfo.do.

To download the software image:

  1. Using a Web browser, navigate to https://support.juniper.net/support/downloads/.

    The Download Results page appears.

  2. Find the software package that you want to download and click the item in the Downloads column.

    A login screen appears.

  3. Log in with your username and password.

  4. On the Download Software page that appears, the following options are available:

    • If you want to download the software on your local host, click the CLICK HERE link and save the file to your system. If you want to place the file on a remote system, you must make sure that the file can be accessible by the router, switch, or services gateway by using HTTP, FTP, or SCP. Proceed with the installation. See Downloading Software (Junos OS) for more details.

    • If you want to download the software on your device, use the following procedure to download and install the software on the device.

      1. Click Copy to copy the generated URL to the clipboard.

        Note:

        The URL string generated remains active only for 15 minutes.

      2. Log in to your device.

      3. In operational mode, enter the file copy “URLdestination command.

        In the command, paste the copied URL string (for URL) and then enter /var/tmp (as the destination on your hard disk).

        Example:

        content_copy zoom_out_map
        user@host> file copy "URL" /var/tmp
        Note:

        Ensure that the URL string is enclosed within quotation marks. Also ensure that there is sufficient free space available on the device.

        The software image is downloaded on your device.

      4. (Optional) Validate the software image by using the request system software validate package-name command.

        Example:

        content_copy zoom_out_map
        user@host> request system software validate /var/tmp/junos-install-mx-x86-32-17.3R1.10.tgz

        For more details, see request system software validate.

      5. Install the software by using the request system software add package-name command.

        Example:

        content_copy zoom_out_map
        user@host> request system software add /var/tmp/junos-install-mx-x86-32-17.3R1.10.tgz

        Your software is installed on the device.

Downloading Software Using the Command-Line Interface (Junos OS)

Download the software package you need from the Juniper Networks Downloads page athttps://support.juniper.net/support/downloads/, and place the package on a local system. You can then transfer the downloaded package to the device using either the router or switch command-line interface, or the local system command-line interface.

Note:

To access the download section, you must have a service contract and an access account. If you need help obtaining an account, complete the registration form at the Juniper Networks website: https://userregistration.juniper.net/entitlement/setupAccountInfo.do.

Before you transfer the software package, ensure that the FTP service is enabled on the device.Enable the FTP service using the set system services ftp command:

content_copy zoom_out_map
user@host# set system services ftp

To transfer the software package using the device command-line interface:

  1. From the router or switch command line, initiate an FTP session with the local system (host) where the package is located by using the ftp command:
    content_copy zoom_out_map
    user@host> ftp host

    host is the hostname or address of the local system.

  2. Log in with your customer support–supplied username and password:
    content_copy zoom_out_map
    User Name: username
331 Password required for username.
Password: password

    After your credentials are validated, the FTP session opens.

  3. Navigate to the software package location on the local system, and transfer the package by using the get command:
    content_copy zoom_out_map
    user@host> get installation-package

    Following is an example of an installation-package name: junos-install-mx-x86-32-17.3R1.10.tgz

  4. Close the FTP session by using the bye command:
    content_copy zoom_out_map
    user@host> bye
Goodbye

To transfer the package by using the local system command-line interface:

  1. From the local system command line, initiate an FTP session with the device using the ftp command:

    content_copy zoom_out_map
    user@host> ftp host

    host is the hostname or address of the router or switch.

  2. Log in with your customer support–supplied username and password:

    content_copy zoom_out_map
    User Name: username
331 Password required for username.
Password: password

    After your credentials are validated, the FTP session opens.

  3. Navigate to the software package location on the local system, and transfer the package by using the put command:

    content_copy zoom_out_map
    user@host> put installation-package

    Following is an example of an installation-package name: junos-install-mx-x86-32-17.3R1.10.tgz

  4. Close the FTP session by using the bye command:

    content_copy zoom_out_map
    user@host> bye
Goodbye

Downloading Software Using Download Manager (SRX Series Only)

This download manager feature facilitates download of large files over low-bandwidth links. It enables you to download large Junos OS packages over low-bandwidth/flaky links so that the system can be upgraded. This feature allows you to download multiple files while monitoring their status and progress individually. It takes automatic action when required and displays status information when requested.

The download manager is supported on SRX300, SRX320, SRX340, SRX345, and SRX380 devices.

Be aware of the following considerations when using the download manager:

  • When no download limit is specified for a specific download or for all downloads, a download uses all available network bandwidth.

  • Because the download limit that you set indicates an average bandwidth limit, it is possible that certain bursts might exceed the specified limit.

  • When a download from an HTTP server fails, the server returns an HTML page. Occasionally, the error page is not recognized as an error page and is downloaded in place of the Junos image file.

  • Remote server logins and passwords are stored by the download manager for the duration of a download. To encrypt these credentials provided along with the login keyword, define an encryption key with the request system set-encryption-key command. Any changes to encryption settings while download is in progress can cause the download to fail.

  • A download command issued on a particular node in a chassis cluster takes place only on that node and is not propagated to the other nodes in the cluster. Downloads on different nodes are completely independent of each other. In the event of a failover, a download continues only if the server remains reachable from the node from which the command was issued. If the server is no longer reachable on that node, the download stops and returns an error.

Note:

The download manager supports only the FTP and HTTP protocols.

The download manager acts as a substitute for the FTP utility. You can use the download manager CLI commands for all the functions where you previously used the FTP utility.

Before you begin, you must have the following:

  • An FTP or HTTP server with a Junos OS image

  • A server that is reachable from the device being upgraded

To download the Junos OS image to your device:

  1. Use the request system download start command (set a bandwidth limit, if required). The file is saved to the /var/tmp directory on your device.

    You can continue to use the device while the download runs in the background.

  2. To verify that the file has been downloaded, use the show system download command. The command displays the state as "completed" when the downloaded file is ready to be installed.
  3. To install the downloaded image file from the /var/tmp directory, use the request system software add command.
  4. If you encounter any problem with a download, use the show system download id command to obtain details about the download.

Table 2 lists the output fields for the show system download command. Use this information to diagnose problems. Output fields are listed in the approximate order in which they appear.

Table 2: show system download Output Fields

Output Field

Description

Status

State of the download.

Creation Time

Time the start command was issued.

Scheduled Time

Time the download was scheduled to start.

Start Time

Time the download actually started (if it has already started).

Retry Time

Time for next retry (if the download is in the error state).

Error Count

Number of times an error was encountered by this download.

Retries Left

Number of times the system will retry the download automatically before stopping.

Most Recent Error

Message indicating the cause of the most recent error.

Reinstall Junos OS

Action

To reinstall Junos OS, follow these steps:

  1. Insert the removable medium (boot floppy) into the router.

  2. Reboot the router, either by power-cycling it or by issuing the request system reboot command from the CLI.

  3. At the following prompt, type y:

    content_copy zoom_out_map
    WARNING: The installation will erase the contents of your disk. Do you wish to continue (y/n)?

    The router copies the software from the removable medium onto your system, occasionally displaying status messages. This can take up to 10 minutes.

  4. Remove the removable medium when prompted.

    The router reboots from the primary boot device on which the software is installed. When the reboot is complete, the router displays the login prompt.

Reconfigure Junos OS

After you have reinstalled the software, you must copy the router’s configuration files back to the router. (You also can configure the router from scratch, as described in Junos System Basics Configuration Guide) However, before you can copy the configuration files, you must establish network connectivity.

To reconfigure the software, follow these steps:

Configure Host Names, Domain Names, and IP Addresses (Junos OS)

To configure the machine name, domain name, and various addresses, follow these steps:

  1. Log in as root. There is no password.

  2. Start the CLI:

    content_copy zoom_out_map
    root# cli               
root@>

  3. Enter configuration mode:

    content_copy zoom_out_map
    root@> configure               
[edit]
root@#

  4. Configure the name of the machine. If the name includes spaces, enclose the entire name in quotation marks (" "):

    content_copy zoom_out_map
    [edit]
root@# set system host-name host-name

  5. Configure the machine’s domain name:

    content_copy zoom_out_map
    [edit]
root@# set system domain-name domain-name

  6. Configure the IP address and prefix length for the router’s management Ethernet interface:

    content_copy zoom_out_map
    [edit]
root@# set interfaces fxp0 unit 0 family inet address address | prefix-length

  7. Configure the IP address of a default router. This system is called the backup router because it is used only while the routing protocol process is not running.

    content_copy zoom_out_map
    [edit]
root@# set system backup-router address

  8. Configure the IP address of a Domain Name Server (DNS) server:

    content_copy zoom_out_map
    [edit]
root@# set system name-server address

Protect Network Security by Configuring the Root Password

Configure the root password on your Juniper Networks device to help prevent unauthorized users from making changes to your network. The root user (also referred to as superuser) has unrestricted access and full permissions within the system, so it is crucial that you protect this account by setting a strong password when setting up a new device.

After you initially power on a new device, you log in as the user root with no password. The software requires you to configure the root password before it accepts a commit operation.

To set the root password, you have three options:

  • Enter a plain-text password that the software encrypts.

  • Enter a password that is already encrypted.

  • Enter a Secure Shell (SSH) public key string.

Among these options, using a pre-encrypted password or an SSH public key string is the most secure. If you use one of these methods, then the plain-text version of your password will never be transferred over the Internet, protecting it from being intercepted by a man-in-the-middle attack.

Best Practice:

Optionally, instead of configuring the root password at the [edit system] hierarchy level, you can use a configuration group to strengthen security.

To set the root password:

  1. Use one of these methods to configure the root password:

    • To enter a plain-text password that the system encrypts for you:

      content_copy zoom_out_map
      [edit groups global system]
root@# set root-authentication plain-text-password 
New Password: type password here
Retype new password: retype password here

      As you enter a plain-text password into the CLI, the device software hides it from view and encrypts it immediately. You don't have to configure the software to encrypt the password. In the resulting configuration, the encrypted password is marked as ## SECRET-DATA so that it cannot be seen.

    • To enter a password that is already encrypted:

      CAUTION:

      Do not use the encrypted-password option unless the password is already encrypted and you are entering that encrypted password.

      If you accidentally configure the encrypted-password option with a plain-text password or with blank quotation marks (" "), you will not be able to log in to the device as the root user. You will then need to complete the root password recovery process.

      content_copy zoom_out_map
      [edit groups global system]
root@# set root-authentication encrypted-password password

    • To enter an SSH public key string:

      content_copy zoom_out_map
      [edit groups global system]
root@# set root-authentication (ssh-ecdsa | ssh-rsa key)
  2. If you used a configuration group, replace the group-name variable with the configuration group's name.
    content_copy zoom_out_map
    [edit]
root@# set apply-groups group-name
  3. Commit the changes.
    content_copy zoom_out_map
    root@# commit

Check Network Connectivity (Junos OS)

Purpose

Establish that the router has network connectivity.

Action

To check that the router has network connectivity, issue a ping command to a system on the network:

content_copy zoom_out_map
root@> ping address

If there is no response, verify that there is a route to the address using the show route command. If the address is outside your fxp0 subnet, add a static route. Once the backup configuration is loaded and committed, the static route is no longer needed and should be deleted.

Related Documentation

Change History Table

Feature support is determined by the platform and release you are using. Use Feature Explorer to determine if a feature is supported on your platform.

Release
Description
18.3R1
Starting in Junos OS Release 18.3R1, the ssh-dss and ssh-dsa hostkey algorithms are deprecated—rather than immediately removed—to provide backward compatibility and a chance to bring your configuration into compliance with the new configuration.
arrow_backward PREVIOUS Storage Media and Routing Engines (Junos OS)
NEXT arrow_forward Managing Disk Space for Junos OS Installation
footer-navigation

© 1999 - 2025 Juniper Networks, Inc. All rights reserved.

Scroll to top