NETWORK ENGINEER BLOG

Tips and Reviews for Engineers

Juniper SRX の基本操作について

IP アドレスの設定

root# set interfaces ge-0/0/1 unit 0 family inet address 10.1.1.1/24

インターフェースに対して Ping を許可*1

root# set security zones security-zone untrust interfaces ge-0/0/1 host-inbound-traffic system-services ping

OSPF の設定

root# set security zones security-zone untrust interfaces ge-0/0/1 host-inbound-traffic protocols all
root# set protocols ospf area 0 interface ge-0/0/1
root# set protocols ospf area 0 interface lo0

OSPF Neighbor の確認

root# run show ospf neighbor
Address          Interface              State     ID               Pri  Dead
10.1.1.1         ge-0/0/1.0             Full      1.1.1.1          128    34

OSPF Interface の確認

root# run show ospf interface
Interface           State   Area            DR ID           BDR ID          Nbrs
ge-0/0/1.0          DR      0.0.0.0         2.2.2.2         1.1.1.1            1
lo0.0               DR      0.0.0.0         2.2.2.2         0.0.0.0            0

OSPF Database の確認

root# run show ospf database

    OSPF database, Area 0.0.0.0
 Type       ID               Adv Rtr           Seq      Age  Opt  Cksum  Len
Router   1.1.1.1          1.1.1.1          0x80000004   123  0x22 0x5095  60
Router  *2.2.2.2          2.2.2.2          0x80000005   117  0x22 0xc212  60
Network *10.1.1.2         2.2.2.2          0x80000001   122  0x22 0x2ceb  32

OSPF 経由で学習したルート情報の確認

root# run show route protocol ospf

inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

1.1.1.0/24         *[OSPF/10] 00:02:02, metric 1
                    > to 10.1.1.1 via ge-0/0/1.0
1.1.1.1/32         *[OSPF/10] 00:02:02, metric 1
                    > to 10.1.1.1 via ge-0/0/1.0
224.0.0.5/32       *[OSPF/10] 00:05:46, metric 1
                      MultiRecv

初期化(工場出荷状態)

root# load factory-default
warning: activating factory configuration

root# set system root-authentication plain-text-password
New password:
Retype new password:

シャットダウン

root# run request system halt
Halt the system ? [yes,no] (no) yes	

*1:デフォルトは拒否となっています。