Junosの基本コマンドをまとめ。代替上からざーっと設定していく。
■基本設定
set system host-name HOSTNAMEset system domain-name DOMAINAME
set system services telnet
■認証設定
set system radius-server **** port 1645set system radius-server **** secret "PASSWORD"
set system radius-server **** timeout *
set system radius-server **** retry *
set system radius-server **** source-address *****
■Interface
Loopback設定:(subif unit 0~1に分割) set interfaces lo0 description loopback-0set interfaces lo0 unit 0 family inet filter input FILTER_NAME
set interfaces lo0 unit 0 family inet address *.*.*.*/32
set interfaces lo0 unit 1 family inet filter FILTER_NAME
set interfaces lo0 unit 1 family inet address *.*.*.*/32
物理設定:
set interfaces ge-*** description DESCRIPTION
set interfaces ge-*** mtu MTUVALUE
set interfaces ge-*** unit 0 family mpls mtu 4478
set interfaces ge-*** unit 0 family inet mtu 4470
set interfaces ge-*** unit 0 family inet address *.*.*.*/30
set interfaces ge-*** mtu MTUVALUE
set interfaces ge-*** unit 0 family mpls mtu 4478
set interfaces ge-*** unit 0 family inet mtu 4470
set interfaces ge-*** unit 0 family inet address *.*.*.*/30
■Filter(ACL)
set firewall family inet filter JUNOSFILTER term SNMP from source-address *.*.*.*/32set firewall family inet filter JUNOSFILTER term SNMP from protocol udp
set firewall family inet filter JUNOSFILTER term SNMP from destination-port snmp
set firewall family inet filter JUNOSFILTER term SNMP then accept
■OSPF
set protocols ospf spf-options delay 1000set protocols ospf lsa-refresh-interval 30
set protocols ospf area 0.0.0.** interface lo0.0
set protocols ospf area 0.0.0.** interface ge-**/0.0 interface-type p2p
set protocols ospf area 0.0.0.** interface ge-**/0.0 metric 999
set protocols ospf area 0.0.0.** interface ge-**/0.0 ldp-synchronization
set protocols ospf area 0.0.0.** interface ge-**/0.0 authentication simple-password "PASSWORD"
set protocols ospf area 0.0.0.** interface ge-**/0.0 bfd-liveness-detection minimum-interval **
set protocols ospf area 0.0.0.** interface ge-**/0.0 bfd-liveness-detection multiplier **
■LDP
set protocols ldp track-igp-metricset protocols ldp keepalive-interval 60
set protocols ldp keepalive-timeout 180
set protocols ldp interface ge-**
■BGP
set protocols bgp hold-time 90set protocols bgp advertise-inactive
set protocols bgp log-updown
set protocols bgp group PEERGROUP type internal
set protocols bgp group PEERGROUP local-address *.*.*.*
set protocols bgp group PEERGROUP family inet unicast
set protocols bgp group PEERGROUP family inet-vpn unicast
set protocols bgp group PEERGROUP neighbor *.*.*.* description DECR
■VRF
set routing-instances VRFNAME instance-type vrfset routing-instances VRFNAME interface lo0.**
set routing-instances VRFNAME route-distinguisher 111:1111
set routing-instances VRFNAME vrf-import IMPORT_MAP
set routing-instances VRFNAME vrf-export EXPORT_MPA
set routing-instances shared-vr routing-options static route ** Next-hop **
No comments:
Post a Comment