EX_Switch_series_Quick_Start_Training_Guide _2_

EX Switch Series Quick Start Training Guide

?Juniper Networks, Inc. 1 EX Switch series Quick Start Training Guide

This lab will prepare you on familiarizing yourself with the basic features of EX switch series. This lab will cover the following features:

? EX Basics ? Virtual Chassis ? Redundant Trunk Group (RTG)

? Port Security (DHCP Snooping, MAC

Limiting)

? Link Aggregation Group (LAG) /LACP ? 802.1X (single/multiple supplicants)

? LLDP ? VLAN and Port Modes ? Traffic Analyzer

? J-Web

? Routed VLAN Interfaces (RVI)

? Spanning Tree (STP, RSTP, MSTP)

There are exercises in each section which you will walk you through configuration and interpret basic show commands for each technology/feature.

EX Switch Series Quick Start Training Guide
Setup & Lab Topology
The above diagram is the physical setup of the lab topology. Switches 1 and 2 are standalone switches and Switches 3 and 4 are Virtual Chassis via the stacking cable. All switches will be accessible via the SecureCRT from PC 4 (mgmt PC). Launch SecureCRT and there will be four saved connections to the switches. Switch login credential’s are juniper/juniper1. To get to the other PCs, there is an “Operations” on the toolbar of the applet. Under operation, highlight “Connect to Secondary” and there will be options for the other PCs. “Windows” on the applet toolbar allows you to toggle between PCs. Device DHCP/Radius Server PC 1, 2, 3 PC 5 PC 4 (mgmt PC) Switch 1 ge-0/0/23 Sales Engineering VLAN Name VLAN-ID Sales Engineering Remote 10 20 30 10 20 Subnet/IP Address 10.1.x.0/24 20.1.x.0/24 192.168.100.254/24 DHCP 20.1.x.1/24 30.1.x.5/24 192.168.100.x/24
?Juniper Networks, Inc.
2

EX Switch Series Quick Start Training Guide
Note: x denotes the Kit number. For example, if you reserve Kit 3, then the IP address scheming will be 10.1.3.0/24 for Sales and 20.1.3.0/24 for Engineering. This will be true throughout this lab.
EX BasicsThere are two flavors of EX series. One is a 3200EX series, which is a standalone box, and the 4200EX can either be a standalone or Virtual Chassis system. Within each series, there is a T model (8 POE ports) and the P model (all ports are POE). The EX series switches can operate in both Layer 2 and Layer 3 environment. A new family, ethernet-switching, is introduced for Layer 2 port configuration. Layer 3 still follows the JUNOS family convention, family inet.
Objective:Get familiar with some basic commands on a single switch and assign an IP address on the management port.
Exercise 1: Logging into the switchWhen logging into the switch as root you will be placed into a shell. Step 1: Open SecureCRT and connect to Switch 1. Step 2: At the login prompt, enter “juniper”. At the password prompt enter “juniper1” Amnesiac (ttyu0) login: juniper Password: --- JUNOS 9.0R2.10 built 2008-03-06 10:31:45 UTC juniper>
Exercise 2: show commandsStep 1: From the operational mode, enter ‘show chassis hardware’ juniper> show chassis hardware Hardware inventory: Item Version Part number Chassis REV X3 750-021254 FPC 0 REV 02A 711-021263 CPU BUILTIN PIC 0 BUILTIN Power Supply 0 REV 01 740-020957 Fan Tray
Serial number BP020******* AJ020******* BUILTIN BUILTIN AT0507430371
Description EX4200-48T EX4200-48T, 8 POE FPC CPU 48x 10/100/1000 Base-T PS 320W AC Fan Tray
The above is a sample output of ‘show chassis hardware’ command. The output provides hardware information such as hardware components, serial number, and description. Although the output lists multiple components, only the power supply and fan tray are FRUABLE (replaceable). Step 2: Additional show commands to try are:?Juniper Networks, Inc. 3

EX Switch Series Quick Start Training Guide
? ? ?
‘show chassis lcd’ this will give you the readout of the LCD front panel. ‘show version’ for software version ‘show system uptime’ for system uptime, current date and time.
Step 3: To view MAC address table, then enter the following command ‘show ethernet-switching table’ juniper> show ethernet-switching table Ethernet-switching table: 4 entries, 3 learned VLAN MAC address Type default * Flood default 00:0c:29:7b:5e:97 Learn default 00:50:56:10:00:01 Learn default 00:50:56:30:00:02 Learn NOTE: Your output will be different from the above output. The ‘show ethernet-switching table’ output lists all the mac address and their associating VLAN and interface which the mac address was last learned on.
Age 0 0 0
Interfaces All-members ge-0/0/23.0 ge-0/0/23.0 ge-0/0/23.0
Exercise 3: Configuring host-name, user, and management interface (me0), enable telnetIn JUNOS, there are two different modes: ? Operational Mode – In this mode, you can retrieve systems information such as version, statistics, forwarding table via show commands or execute operational command such as reboot, clear statistics via request. juniper> Configuration Mode – All configurations for the system are done in this mode via set or delete. juniper#
?
The prompt tells you which mode you are in. In operational mode, the prompt is “>”. If you are in the configuration mode, then the prompt will be “#”. “?” is your friend. At any given time (in either mode), you can type “?” to list possible command completion or available commands. juniper> show con? Possible completions: configuration connections juniper# set chassis ? Possible completions: > aggregated-devices > alarm + apply-groups + apply-groups-except
Show current configuration Show circuit cross-connect connections
Aggregated devices configuration Global alarm settings Groups from which to inherit configuration data Don't inherit configuration data from these groups
?Juniper Networks, Inc.
4

EX Switch Series Quick Start Training Guide
Step 1: Configuration Mode Type ‘configure’ at the operational command to enter into the configurational mode. juniper> configure Entering configuration mode [edit] juniper# Step 2: Configure host-name for Switch 1 and 2 The command to configure the hostname for the system is ‘set system host-name ’. For my lab, I’m going to name my Switch 1 “ONE” as shown below. juniper# set system host-name ONE Step 3: Configure users for Switch 1 and 2 There is an option to manually configure user, user’s privilege, and passwords on the EX series switches. The command to configure a user is ‘set system login user class authentication ’. In the example below, I created a user name “user1” with a read-only privilege using plain-text-password as the authentication method. “user1” will only be able execute limited show commands. juniper# set system login user user1 class read-only authentication plain-textpassword New password: <-- Enter password for “user1” Retype new password: <-- Re-enter password for “user1” What is the privilege level for user juniper? Step 4: Configure management interface for Switch 1 and 2. The EX series switches management port is me0. me0 is similar to fxp0 on M/MX/T series. The table below is the IP address assignment for Switch 1 and 2. Switch Switch 1 Switch 2 me0 IP Address 30.1.x.1/24 30.1.x.2/24
The command to configure the me0 interface is ‘set interface me0 unit 0 family inet address ’. The configuration below was configured on Switch 1 management interface with 30.1.1.1/24. juniper# set interfaces me0 unit 0 family inet address 30.1.1.1/24?Juniper Networks, Inc. 5

EX Switch Series Quick Start Training Guide
The same command will need to be done on Switch 2 but with Switch 2 IP address (see Table above). Step 5: Enable telnet To enable telnet services, enter the following command ‘set system services telnet’ juniper# set system services telnet Step 6: To apply the configuration, type ‘commit’. This will apply all configurational changes to the system. juniper# commit To exit out of configuration mode, then type ‘exit’. If you want to commit and exit in a single command, then type ‘commit and-quit’. Step 7: From the PC 4 telnet to Switch 1 me0 IP address and use the user credentials you just created.
Virtual ChassisThe EX 4200 series switches can either be a standalone or interconnect to form a Virtual Chassis system. A Virtual Chassis is comprised of multiple of EX 4200 series switches connected to each other to form a logical single chassis system. The Virtual Chassis is formed either through the dedicated Virtual Chassis Ports (VCP) located in the back of the chassis or through the 10 GbE uplink ports. If the dedicated VCPs are connected, then VC will form automatically. If you want to form the Virtual Chassis from the 10 GbE uplink port, then an operational command is required, ‘request virtual-chassis vc-port set interface ’. In a Virtual Chassis there is always a master and backup Routing Engine (RE). The master RE is responsible for managing the virtual chassis and the backup is on standby in case of a master failure. For the other switch that is not a master or backup, then it takes on the role of a linecard. A switch that is acting as a linecard, can still be eligible to be a master/backup if the current ones failed. The master and backup runs the full fledge JUNOS operating system while the linecard runs the lightweight of JUNOS. The Virtual Chassis can be managed through a single IP via the Virtual Management Ethernet (vme). Also, all console connections through the non-master switches are redirected to the master RE. Objective: In this exercise, the Virtual Chassis is Switch 3 and 4; they are already connected via the dedicated VCP. Through show commands, you will be able to determine who is master and backup. You will learn how to change the mastership priority in the virtual-chassis stanza, configure vme interface, and change member-ids
?Juniper Networks, Inc.
6

EX Switch Series Quick Start Training Guide
Exercise 1: Accessing the Virtual Chassis via the consoleWhen accessing the Virtual Chassis via the console port through a non-master switch. The connection will always get redirected to the master console. Step 1: From SecureCRT console to Switch 4. The login is juniper and password is juniper1. You should see the below output. Amnesiac (ttyu0) login: juniper Logging to master

本文来源：https://www.bwwdw.com/article/0agq.html