Juniper | Administration & LLD
LLDP CONFIGURE:
vQFX-RE
set interfaces xe-0/0/0 unit 0 family inet address 10.0.1.1/30
set protocols lldp interface xe-0/0/0
vMC-R1
set interfaces ge-0/0/0 unit 0 family inet address 10.0.1.2/30
set protocols lldp interface ge-0/0/0
commit
VERIFKASI:
run show lld
run show lld neighbors
--------------------------------SELESAI------------
DISACARD CONFIGURATION
Cara Mendiscard Configurasi: Artinya ketika melakuka beberapa konfigurasi yang sudah dilakuak, ternayat pengen dibatalkan.
Ex:
root@R-02# edit interfaces ge-0/0/3
[edit interfaces ge-0/0/3]
root@R-02# set unit 0 family inet address 172.16.0.254/24
[edit interfaces ge-0/0/3]
root@R-02#
[edit interfaces ge-0/0/3]
root@R-02# top
root@R-02# set system login user aguna1 class super-user
Lalu Verifrikasi:
root@R-02# show | compare
[edit interfaces]
+ ge-0/0/3 {
+ unit 0 {
+ family inet {
+ address 172.16.0.254/24;
+ }
+ }
+ }
[edit]
root@R-02#
root@R-02# edit interfaces ge-0/0/3
[edit interfaces ge-0/0/3]
root@R-02# set unit 0 family inet address 172.16.0.254/24
[edit interfaces ge-0/0/3]
root@R-02#
[edit interfaces ge-0/0/3]
root@R-02# top
root@R-02# set system login user aguna1 class super-user
Lalu Verifrikasi:
root@R-02# show | compare
[edit interfaces]
+ ge-0/0/3 {
+ unit 0 {
+ family inet {
+ address 172.16.0.254/24;
+ }
+ }
+ }
[edit]
root@R-02#
Dari Verifikasi bahwa ada tanda (+) artinya penambahan konfigurasi sebagai "kandidat configurasi". Maka untuk membatalkan / menghapus cukup dilakukan dengan perintah rollback 0.
root@R-02#rollback 0
----------------SELESAI----------------------------
Active & Deactive
root@R-1# run show interfaces terse
Interface Admin Link Proto Local Remote
ge-0/0/0 up up
ge-0/0/0.0 up up inet 12.12.12.1/30
ge-0/0/1 up up
ge-0/0/1.0 up up inet 192.168.1.254/24
Lalu interface ge-0/0/1 kita mau non-aktifkan. Berikut commandnya.
Noted: pastikan sebelmnya masih bisa ping dari R2 / router tetangga.
root@R-1# deactivate interfaces ge-0/0/1
root@R-1# commit
Jika ingin meng-aktifkan kembali, cukup dengan perintah berikut:
root@R-1# activate interfaces ge-0/0/1
root@R-1# commit
Mk interface ge-0/0/1 sudah aktifi Kembali dan bisa di ping.
Interface Admin Link Proto Local Remote
ge-0/0/0 up up
ge-0/0/0.0 up up inet 12.12.12.1/30
ge-0/0/1 up up
ge-0/0/1.0 up up inet 192.168.1.254/24
Lalu interface ge-0/0/1 kita mau non-aktifkan. Berikut commandnya.
Noted: pastikan sebelmnya masih bisa ping dari R2 / router tetangga.
root@R-1# deactivate interfaces ge-0/0/1
root@R-1# commit
Jika ingin meng-aktifkan kembali, cukup dengan perintah berikut:
root@R-1# activate interfaces ge-0/0/1
root@R-1# commit
Mk interface ge-0/0/1 sudah aktifi Kembali dan bisa di ping.
----------------SELESAI----------------------------
RENAME Configuration
root@R-1# show system login
user aguna2 {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$dnKAYQMY$6WNCkNlOwVFAabx/Q0GoE/"; ## SECRET-DATA
}
}
-----
Lalu re-name user aguna2 menjadi user aguna1
root@R-1# edit system login
root@R-1# rename user aguna2 to user aguna1
-----
root@R-1# show | compare
[edit system login]
+ user aguna1 {
+ uid 2000;
+ class super-user;
+ authentication {
+ encrypted-password "$1$dnKAYQMY$6WNCkNlOwVFAabx/Q0GoE/"; ## SECRET-DATA
+ }
+ }
- user aguna2 {
- uid 2000;
- class super-user;
- authentication {
- encrypted-password "$1$dnKAYQMY$6WNCkNlOwVFAabx/Q0GoE/"; ## SECRET-DATA
- }
- }
user aguna2 {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$dnKAYQMY$6WNCkNlOwVFAabx/Q0GoE/"; ## SECRET-DATA
}
}
-----
Lalu re-name user aguna2 menjadi user aguna1
root@R-1# edit system login
root@R-1# rename user aguna2 to user aguna1
-----
root@R-1# show | compare
[edit system login]
+ user aguna1 {
+ uid 2000;
+ class super-user;
+ authentication {
+ encrypted-password "$1$dnKAYQMY$6WNCkNlOwVFAabx/Q0GoE/"; ## SECRET-DATA
+ }
+ }
- user aguna2 {
- uid 2000;
- class super-user;
- authentication {
- encrypted-password "$1$dnKAYQMY$6WNCkNlOwVFAabx/Q0GoE/"; ## SECRET-DATA
- }
- }
----------------SELESAI----------------------------
Replace Pattern : Tujuannya mengganti kata aguna ke login
root@R-1# show
user aguna1 {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$dnKAYQMY$6WNCkNlOwVFAabx/Q0GoE/"; ## SECRET-DATA
}
}
user aguna2 {
uid 2001;
class super-user;
authentication {
encrypted-password "$1$fqAqqIFw$nwp2SMMdAFynzLTbukJAd."; ## SECRET-DATA
}
}
-------------BERIKUT COMMANDNYA----------
root@R-1# edit system login
root@R-1# replace pattern aguna1 with login1
root@R-1# commit
--------------------END---------------------
VERIFIKASI:
root@R-1# show system login
user login1 {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$dnKAYQMY$6WNCkNlOwVFAabx/Q0GoE/"; ## SECRET-DATA
}
}
user login2 {
uid 2001;
class super-user;
authentication {
encrypted-password "$1$fqAqqIFw$nwp2SMMdAFynzLTbukJAd."; ## SECRET-DATA
}
}
[edit]
root@R-1# show
user aguna1 {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$dnKAYQMY$6WNCkNlOwVFAabx/Q0GoE/"; ## SECRET-DATA
}
}
user aguna2 {
uid 2001;
class super-user;
authentication {
encrypted-password "$1$fqAqqIFw$nwp2SMMdAFynzLTbukJAd."; ## SECRET-DATA
}
}
-------------BERIKUT COMMANDNYA----------
root@R-1# edit system login
root@R-1# replace pattern aguna1 with login1
root@R-1# commit
--------------------END---------------------
VERIFIKASI:
root@R-1# show system login
user login1 {
uid 2000;
class super-user;
authentication {
encrypted-password "$1$dnKAYQMY$6WNCkNlOwVFAabx/Q0GoE/"; ## SECRET-DATA
}
}
user login2 {
uid 2001;
class super-user;
authentication {
encrypted-password "$1$fqAqqIFw$nwp2SMMdAFynzLTbukJAd."; ## SECRET-DATA
}
}
[edit]
----------------SELESAI----------------------------
REPLACE & RENAME
RENAME user : misalnya username aguna3 diganti aguna 4
aguna@R-Juniper-01# edit system login
aguna@R-Juniper-01# rename user aguna3 to user aguna4
aguna@R-Juniper-01# edit system login
aguna@R-Juniper-01# rename user aguna3 to user aguna4
REPLACE Username ( replace)
aguna@R-Juniper-01# edit system log
aguna@R-Juniper-01# replace pattern aguna2 with aguna22
aguna@R-Juniper-01# edit system log
aguna@R-Juniper-01# replace pattern aguna2 with aguna22
!
aguna@R-Juniper-01# replace pattern 192.168.1.254/24 with 192.168.2.254/24
----------------SELESAI----------------------------
RESCUE
root> request system configuration rescue save
conf t
delete
[yes]
#show system configuration rescue
!
#commit
Noted: maka hasilnya adalah tidak bisa deleted, karna mode rescue sdh diaktifkan
#rollback rescue
#commit
noted: stelh rollback baru bisa di rollback
conf t
delete
[yes]
#show system configuration rescue
!
#commit
Noted: maka hasilnya adalah tidak bisa deleted, karna mode rescue sdh diaktifkan
#rollback rescue
#commit
noted: stelh rollback baru bisa di rollback
----------------SELESAI----------------------------
Lakukan Save Konfig
root@R-01# save config-01-11-2025
Tambah satu konfigurasi di interface ge-0/0/01
root@R-01# set interfaces ge-0/0/01 unit 0 family inet address 192.168.1.254/24
Lalu Verifikasi, ada tanda + artinya bahwa ada tambahn konfigurasi yg blum di commit.
root@R-01# show | compare config-01-11-2025
[edit interfaces]
+ ge-0/0/1 {
+ unit 0 {
+ family inet {
+ address 192.168.1.254/24;
+ }
+ }
+ }
[edit]
root@R-01#
----------------SELESAI----------------------------
Config Syslog Juniper
[edit interfaces]
+ ge-0/0/1 {
+ unit 0 {
+ family inet {
+ address 192.168.1.254/24;
+ }
+ }
+ }
[edit]
root@R-01#
----------------SELESAI----------------------------
Config Syslog Juniper
set system syslog host 172.16.10.241 any notice
set system syslog host 172.16.10.241 authorization notice
set system syslog host 172.16.10.241 interactive-commands any
set system syslog host 172.16.10.241 port 514
set system syslog host 172.16.10.241 structured-data
deactivate system syslog host 172.16.10.241
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
set system syslog host 172.16.10.241 authorization notice
set system syslog host 172.16.10.241 interactive-commands any
set system syslog host 172.16.10.241 port 514
set system syslog host 172.16.10.241 structured-data
deactivate system syslog host 172.16.10.241
set system syslog file messages any notice
set system syslog file messages authorization info
set system syslog file interactive-commands interactive-commands any
----------------SELESAI----------------------------
Config SNMP Juniper
set snmp location "Gedung Serba Guna, 2nd floor"
set snmp contact "IT Support"
set snmp community "4n6k45apuR41!rw" authorization read-write
set snmp community 4P1_r3ad0nlY authorization read-only
set snmp trap-options
set snmp trap-group AP1 version v2
set snmp trap-group AP1 categories authentication
set snmp trap-group AP1 categories chassis
set snmp trap-group AP1 categories link
set snmp trap-group AP1 categories routing
set snmp trap-group AP1 categories startup
set snmp trap-group AP1 categories services
set snmp trap-group AP1 targets 172.16.10.241
set snmp contact "IT Support"
set snmp community "4n6k45apuR41!rw" authorization read-write
set snmp community 4P1_r3ad0nlY authorization read-only
set snmp trap-options
set snmp trap-group AP1 version v2
set snmp trap-group AP1 categories authentication
set snmp trap-group AP1 categories chassis
set snmp trap-group AP1 categories link
set snmp trap-group AP1 categories routing
set snmp trap-group AP1 categories startup
set snmp trap-group AP1 categories services
set snmp trap-group AP1 targets 172.16.10.241
----------------SELESAI----------------------------
COMMAND VERIFIKASI:
root@R-01> show | compare rollback 1
root@R-01> show interfaces terse
root@R-01> show interfaces terse ge-0/0/*
root@R-01> show interfaces ge-0/0/* terse
root@R-01> show interfaces brief
root@R-01> show interfaces ge-0/0/*
root@R-01> show interfaces ge-0/0/* brief
root@R-01> show interfaces ge-0/0/* detail
root@R-01# run show interfaces ge-0/0/* statistics
root@R-01> show interfaces terse ge-0/0/*
root@R-01> show interfaces ge-0/0/* terse
root@R-01> show interfaces brief
root@R-01> show interfaces ge-0/0/*
root@R-01> show interfaces ge-0/0/* brief
root@R-01> show interfaces ge-0/0/* detail
root@R-01# run show interfaces ge-0/0/* statistics
root@R-01# show | count
root@R1> show configuration | find "routing"
root@R-01# show | display set
root@R-01# show | display set | match lo0
root@R-01# show | save ?
ARTINYA, TAMPILAKN KECUALI ge-0/0/1
root@R-01# show | display set | except ge-0/0/1
root@R-01# show | display set | except ge-0/0/*
root@R1> show configuration | find "routing"
root@R-01# show | display set
root@R-01# show | display set | match lo0
root@R-01# show | save ?
ARTINYA, TAMPILAKN KECUALI ge-0/0/1
root@R-01# show | display set | except ge-0/0/1
root@R-01# show | display set | except ge-0/0/*
root@R-01# commit | display detail
---------------------------------------------------------------------------
#tag
Juniper
---------------------------------------------------------------------------
#tag
Juniper
Posting Komentar untuk "Juniper | Administration & LLD"