A New Device

A New Device




Like most good networking equipment, we can connect a console cable to any Juniper device.

This can be a traditional serial console cable or a USB console cable.

Sometimes the root password is lost, and needs to be recovered. To do this:

  1. Reboot the switch
  2. Interrupt boot to enter the interactive bootloader menu
  3. Enter single-user mode with ‘boot -s’
  4. Run the ‘recovery’ script
  5. Set the root password

There are two different ways to factory reset a device. One is to load the factory config, which erases configuration but leaves everything else intact.

The other is to ‘zeroize’ the system, which erases everything. This is very destructive.

If the hostname is amnesiac, then the device has started up with the default configuration. In this case, you’re probably logged into the shell. You can start the Junos CLI with the cli command.

The first thing you should do is set a root password. In fact, Junos will not allow you to commit any config unless the root account has a password.

If you’re updating Junos, consider using a version recommended by JTAC. These versions are known to be very stable. The recommended version will vary according to the platform.

To download an update you need a valid support contract and a login to Juniper’s site.

The versioning convention is m.nZb.s:

  • m – major release
  • n – minor release
  • Z – Release type
  • b – Major build
  • s – Minor build (spin)

The release type follows this convention (generally R and S are the only ones you need to worry about:

  • R – First Revenue Ship (FRS) or maintenance release
  • F – Feature velocity release
  • B – Beta release
  • I – Internal release
  • S – Service release
  • X – Exception release

Most Junos devices will have recovery partitions. These are used if the primary partition is corrupt for any reason (unexpected power outages can cause this).

So, when we update Junos on a device, we should also update the recovery partition as well.

In a case when the primary partition is corrupt, the device will boot from the recovery partition. We can then use that to rebuild the primary partition.

Once a device has been configured, we can access it with the console port, SSH, Telnet, jWeb console, or some type of automation (through REST or NETCONF).

By default, only the console port is enabled. If you want to use these other methods, you will need to configure them.

In addition to rolling back, there’s also a rescue config. This is a known good config that’s used if the main config can’t be loaded. The rescue config is named rescue.conf.gz.

Optionally, you can export your configuration, so you can use it as a template for other devices.

This can be in the form of the native config hierarchy, or we can export a series of set commands.

Set commands are simple to use, as we can simply take them and paste them into the CLI.

Config hierarchy needs to be loaded in with the load command:

  • Update – Like override, but more gentle; Can be anywhere in the hierarchy, Junos notified only the processes that are affected by the config change
  • Override – overwrites the current config with the one you provide (top of the hierarchy only)
  • Patch – adds/deletes variables in the configuration
  • Replace – looks for replace tags in the config, and replaces sections in the current config with the same name

Set – lets us load using set commands

By default, a password needs to be six characters or more long, and either have a mix of upper and lower case characters, or use regular and special characters.

Command Summary

Command Mode Description
boot -s Boot loader Enter single-user mode from the boot loader
recovery Single User mode From single-user mode, enter recovery mode
set system root-authentication plain-text-password Configuration Set the root password
load factory-default Configuration Loads the default config; requires a commit
request system zeroize Operational Begins a full factory reset
cli Shell Enter the Junos CLI
show system information Operational Get the model number
show chassis hardware Operational Get the model number
show version Operational See the current version of Junos
request system storage clean-up Operational Clear space
file copy Operational Copy a file
request system software add Operational Install an update
request system reboot Operational Reboot the device
request system software rollback Operational Rollback an update
show system snapshot media internal Operational See the recovery snapshot (old command)
show system snapshot Operational See the recovery snapshot (new command)
request system recover Operational Roll back to a snapshot
request system snapshot media internal slice alternate Operational Create a new recovery snapshot (old command)
request system snapshot recovery Operational Create a new recovery snapshot (new command)
set system auto-snapshot Configuration Automatically recover the primary partition if it is corrupt
set system name-server Configuration Configure a DNS server
set date YYYYMMDDHHMM.ss Operational Set the date
set system ntp server Configuration Set the NTP server
set snmp community Configuration Set an SNMP community
set snmp trap-group Configuration Configure SNMP traps
set system services ssh Configuration Enable SSH
set system services web-management https system-generated-certificate Configuration Enable JWeb over HTTPS, using a self-signed certificate
request system configuration rescue Operational Create or delete a rescue configuration
show system configuration rescue Operational Show the rescue config
rollback rescue Configuration Rollback to the rescue config; Needs to be committed
show chassis alarms Operational See if there are any alarms raise by Junos
load merge terminal Configuration Load some structured (hierarchical) config
show configuration | display set Operational Display the config as set commands
show configuration | display set | save Operational Export the config as set commands to a file

Additional References

Recovering the root password on EX Series switches


Junos Software Versions – Suggested Releases to Consider and Evaluate


Software Installation and Upgrade Overview


Switch boots from backup root partition after file system corruption occurred on the primary root partition


Leave a Reply