juniper ex 教育訓練 tw-t001-01-ex基本設定 義.pdf · pdf file5 copyright ©...
TRANSCRIPT
1 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
Juniper E X 教育訓練教育訓練教育訓練教育訓練TW-T001-01-EX基本設定基本設定基本設定基本設定
Date : 2012-05-18
教育訓練
2 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
Juniper 產品線總覽產品線總覽產品線總覽產品線總覽
3 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
Juniper 產品線產品線產品線產品線
NSMXpress
One OS One Release One Architecture
J Series Tx MatrixFrequent Releases
9.4 9.5 9.6
–AP
I–
Modulex
安全產品安全產品安全產品安全產品 路由器路由器路由器路由器
J Series
M Series
T Series
EX4200
EX8208
EX8216
交換器交換器交換器交換器
EX3200
MX Series
EX2200
SRX3600
SRX5800
SRX210
SRX240
SRX650
SRX100
SRX5600
SRX220
4 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
SRX Branch產品線產品線產品線產品線
公 /區小型分支辦公室
SRX100中小型分支辦公室
SRX210
SRX650
WAN slot, 2 x GigE, PoE
+ More LAN slots, dual processors, dual P/S
SRX240+ 4 WAN slots, 16 x GigE, PoE
SRX220+ 2 WAN slots, 8 x GigE, PoE
NSM
Centrally managedby NSM
5 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
SRX Branch規格總覽規格總覽規格總覽規格總覽
FEATURES SRX100 SRX210 SRX220 SRX240 SRX650
內建網路埠 8 x FE 2 x GE + 6 x FE 8 x GE 16 x GE 4 x GE
Power over Ethernet (802.3af, 802.3at) None 4 ports—50 W
total8 ports GE,
120 W
16 ports GE,
150 W
48 ports GE,
250 W or 500 W
WAN slots None 1 x mini PIM2 x SRX mini
PIM 4 x SRX mini
PIM 8 x GPIM
USB ports (flash) 1 2 2 2 2 per processor
Content Security Acceleration—
ExpressAV and Intrusion Detection and Prevention No YES YES YES YES
JUNOS Software version support JUNOS 10.3 JUNOS 10.3 JUNOS 10.3 JUNOS 10.3 JUNOS 10.3
Routing Performance 75 Kpps 80 Kpps 120 Kpps 200 Kpps 900 Kpps
Firewall performance (Large Packets) 650 Mbps 750 Mbps 950 Mbps 1.5 Gbps 7.0 Gbps
Firewall performance (IMIX) 200 Mbps 250 Mbps 300 Mbps 500 Mbps 2.5 Gbps
VPN Performance—AES256+SHA-1 3DES+SHA 1 65 Mbps 75 Mbps 100 Mbps 250 Mbps 1.5 Gbps
Intrusion Prevention System 60 Mbps 80 Mbps 100 Mbps 250 Mbps 900 Mbps
Connections Per Second (CPS) 2K 2K 2.5K 9K 35K
Maximum Concurrent Sessions (512MB/1GB RAM) 16 K / 32K 32K / 64K 96K 64K / 128K 512 K
Antivirus 25 Mbps 30 Mbps 35 Mbps 85 Mbps 350 Mbps
High Availability A/A or A/P A/A or A/P A/A or A/P A/A or A/P
A/A or A/P,
Hot swap GPIMs,
Dual processors, Dual power
6 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
SRX100
適合用來保護小型的分支企業節點。
內建I/O– 8 10/100 網路埠
完整UTM功能: Firewall, antivirus, anti-spam, anti-spyware, web filtering, IPS (IDP)
UTM 需要高記憶體硬體版本
On-board Ethernet 8 x FE
Mini-PIM slot No
USB ports (flash) 1
Power over Ethernet No
Routing Performance 70 Kpps
Firewall Performance 200 Mbps (IMIX)
VPN Performance 65 Mbps
AppSecure Performance 90 Mbps
IDP Performance 60 Mbps
High Availability A/A or A/P
7 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
SRX110
適合用來保護小型的分支企業節點。
內建I/O– 8 10/100 網路埠、1 VDSL/ADSL2+
完整UTM功能: Firewall, antivirus, anti-spam, anti-spyware, web filtering, IPS (IDP)
UTM 需要高記憶體硬體版本
On-board Ethernet 8 x FE
Mini-PIM slot No
USB ports (flash) 1
Power over Ethernet No
Routing Performance 70 Kpps
Firewall Performance 200 Mbps (IMIX)
VPN Performance 65 Mbps
AppSecure Performance 90 Mbps
IDP Performance 60 Mbps
High Availability A/A or A/P
8 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
SRX210
適合用來保護小型的分支企業節點。
完整UTM功能: Firewall, antivirus, anti-spam, anti-spyware, web filtering, IPS (IDP)
UTM 需要高記憶體硬體版本
1個mini-PIM 模組插槽
另有4埠PoE硬體版本
On-board Ethernet 2 x GE + 6 x FE
Mini-PIM slot 1
USB ports (flash) 2
Power over Ethernet 4 ports—50 W total
Routing Performance 80 Kpps
Firewall Performance 250 Mbps (IMIX)
VPN Performance 75 Mbps
AppSecure Performance 250 Mbps
IDP Performance 85 Mbps
High Availability A/A or A/P
9 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
SRX220
適合用來保護分散式中小型企業的各個據點。
完整UTM 功能: Firewall, antivirus, anti-spam, anti-spyware, web filtering, IPS (IDP)
2個 Mini-PIM 模組插槽for WAN fail-over
僅有高記憶體版本硬體
另有8埠PoE硬體版本
On-board Ethernet 8 x GE
Mini-PIM slot 2
USB ports (flash) 2
Power over Ethernet 8 ports GE, 120 W
Routing Performance 125 Kpps
Firewall Performance 300 Mbps (IMIX)
VPN Performance 100 Mbps
AppSecure Performance 300 Mbps
IDP Performance 100 Mbps
High Availability A/A or A/P
10 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
SRX240
適合用來保護分散式企業的分支據點。
完整UTM功能: Firewall, antivirus, anti-spam, anti-spyware, web filtering, IPS (IDP)
UTM 需要高記憶體硬體版本
4個mini-PIM 模組插槽
另有16埠PoE硬體版本
On-board Ethernet 16 x GE
Mini-PIM slot 4
USB ports (flash) 2
Power over Ethernet 16 ports GE, 150 W
Routing Performance 200 Kpps
Firewall Performance 500 Mbps (IMIX)
VPN Performance 300 Mbps
AppSecure Performance 750 Mbps
IDP Performance 230 Mbps
High Availability A/A or A/P
11 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
SRX650
適合用來保護分散式企業的區域據點。
模組化機箱
� LAN 交換
� Services Routing Processors with optional redundancy (Future)
� 可選購備援電源供應器達到冗餘。
� 完整UTM功能: Firewall, antivirus, anti-spam, anti-spyware, web filtering, IPS (IDP)
最多52個GE埠(2 x 24 GE PIM + 4 內建ports)
On-board Ethernet 8 x FE
GPIM slot 8
USB ports (flash) 2 per SRE
Power over Ethernet Up to 48 ports GE, 247 W
Routing Performance 900Kpps
Firewall Performance 2.5 Gbps (IMIX)
VPN Performance 1.5 Gbps
AppSecure Performance 1.9 Gbps
IDP Performance 1 Gbps
High Availability A/A or A/P
12 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
JUNIPER AX411 WLAN Access Point
AX411是雙頻、雙射頻的802.11n無線區域網路橋接器,其資料傳輸速率高達300 Mbps。AX411 可與屢獲大獎的 SRX系列搭配運作,並受其管理,以便為分支機構提供整合式管理功能,以及領先同類型產品的安全效能。其創新的叢集複製(cluster cloning)技術* 可讓使用者安心享受絕對安全的無線連結。
特色特色特色特色 優點
易於安裝與擴充易於安裝與擴充易於安裝與擴充易於安裝與擴充 •可自動複製橋接器的配置•一次連線並完成配置
易於操作與管理易於操作與管理易於操作與管理易於操作與管理 •遠端封包擷取•將無線 PHY 安全防護整合入Juniper 支援安全區配置的安全裝置
絕佳的使用者體驗絕佳的使用者體驗絕佳的使用者體驗絕佳的使用者體驗和安全性和安全性和安全性和安全性
•端對端無線 QoS處理,以簡化低延遲應用之支援•多重 SSID 支援,以滿足不同的安全與應用需求
13 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
交換器銷售速查表交換器銷售速查表交換器銷售速查表交換器銷售速查表
EX3300
EX2200
EX2200-C
EX 4200
EX8200
EX6200
EX4500
Virtual Chassis
48+ ports12 to 48 ports 200+ ports 300+ ports
10G
bE10
GbE
模組化機箱式交換器模組化機箱式交換器
Hardware Redundancy硬體冗餘Hardware Redundancy硬體冗餘
14 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX2200 line of Ethernet switches
Designed for branch and low-density wiring closets
Fixed configuration� 24 or 48 ports � PoE / PoE+* model options� 4 SFP uplinks
Junos operating system� L2 and RIP in
base license
固定式電源模組與風扇模組
# Ports Port Type PoEPorts
Fixed Uplinks
Max Power Consumption(PoE Power)
24 10/100/1000B-T 0 4 SFP 100 (0) W
24 10/100/1000B-T 24 4 SFP 550 (450) W
48 10/100/1000B-T 0 4 SFP 100 (0) W
48 10/100/1000B-T 48 4SFP 550 (450) W
*Roadmap
15 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX3200 line of Ethernet switches
Fixed, standalone configuration
彈性化的上連模組插槽� 4-port GbE (SFP)� 2-port 10GbE (XFP)� Dual-mode 4-port GbE/2-port 10GbE (SFP+)
模組化電原與風扇模組� 提供AC, DC電源模組� 提供外接RPS 插槽*� 提供風扇模組
� Full Class 3 PoE (15.4 W)
LCD顯示
Runs Junos operating system 基本License包含完整OSPF 與IP multicast 功能
# Ports Port Type PoEPorts
Max Power Consumption
(incl. PoE)
24 10/100/1000B-T 8 112 (320) W
24 10/100/1000B-T 24 138 (600) W
48 10/100/1000B-T 8 167 (320) W
48 10/100/1000B-T 48 207 (930) W
*Roadmap
16 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX3300 line of Ethernet switcheswith Virtual Chassis technology
最多 6 台EX3300交換器,可利用10GE埠串接成為一個虛擬機箱。
• 最後兩個10G埠預設設定為VC埠
• 四個10G埠可設定為非VC埠單獨使用
• 四個10G埠可全部設定為VC埠使用。
• 80 Gbps uplink/VC bandwidth
每個上連埠自動偵測 GE/10 GE
10GE DAC纜線建議使用於VC串接(one per EX3300)
• 預設出貨不含VC纜線
• 不能與EX4200、EX4500 VC功能混合使用
•LCD顯示
*Roadmap
SKU Airflow PoE/+ ports
PSU Total PoE Power
EX3300-24T F-to-B 0 AC 0
EX3300-48T F-to-B 0 AC 0
EX3300-24P F-to-B 24 AC 405W
EX3300-48P F-to-B 48 AC 740W
EX3300-24T-DC F-to-B 0 DC 0
EX3300-48T-BF B-to-F 0 AC 0
17 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX4200 line of Ethernet switcheswith Virtual Chassis technology
虛擬機箱技術 (Virtual Chassis)� 128 Gbps虛擬背板頻寬� 將十台變成一台管理
� 可利用1G或是10G串接虛擬機箱� Master and backup route engines
彈性化的上連模組插槽� 4-port GbE (SFP)� 2-port 10GbE (XFP)� Dual-mode
4-port GbE/2-port 10GbE (SFP+)
模組化電原與風扇模組� 提供雙AC, DC電源模組,可熱插拔
� 提供外接RPS 插槽*
� 提供單一風扇模組多風扇備援
� Full Class 3 PoE (15.4 W)
LCD顯示
Runs Junos operating system,基本License包含完整OSPF與IP multicast功能
# Ports Port Type PoEPorts
Max Power Consumption
(incl. PoE)
24 10/100/1000B-T 8 129 (320) W24 10/100/1000B-T 24 160 (600) W24 100B-FX/1000B-X N/A 108 (N/A) W48 10/100/1000B-T 8 181 (320) W48 10/100/1000B-T 48 224 (930) W
*Roadmap
18 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX8200 系列機箱式交換器系列機箱式交換器系列機箱式交換器系列機箱式交換器
高效能機箱式交換器� EX8208 – 8 line cards, 960Mpps� EX8216 – 16 line cards, 1.92Bpps� 100GbE ready� Fully redundant routing engines
with N+1 redundant switch fabrics� Up to 256 wire-speed, non-blocking
10GbE ports in a rack� 320Gbps capacity per line card
Fully redundant power and cooling� Redundant, load-sharing PSUs
(AC, DC)� Hot-swap fan tray with
redundant fans
Proven Juniper Technology � Switch fabrics, control plane� Packet Forwarding Engine (PFE)� Junos operating system
Module Description Max Ports Interface
48-port 10/100/1000B-T 384 or 768 RJ-45
48-port 100B/FX/1000B-X 384 or 768 SFP
8-port 10GbE 64 or 128 SFP+
19 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
RE 1
RE 0
LAG 1
LAG 2
10 RU
最多最多最多最多10 台台台台 EX4200交換器可虛擬為一個虛擬機箱交換器可虛擬為一個虛擬機箱交換器可虛擬為一個虛擬機箱交換器可虛擬為一個虛擬機箱,,,,管管管管理時就像是管理一台擁有十片卡板的機箱式交換器理時就像是管理一台擁有十片卡板的機箱式交換器理時就像是管理一台擁有十片卡板的機箱式交換器理時就像是管理一台擁有十片卡板的機箱式交換器
� Interconnected via Virtual Chassis backplane cables or extended via GbE or 10GbE uplinks
簡化管理簡化管理簡化管理簡化管理
� Single management interface, single Junos OS version, single configuration file, and chassis-lik e slot/module/port numbering scheme
簡化網路簡化網路簡化網路簡化網路規劃規劃規劃規劃
� Single network entity, single control plane aggregation across Virtual Chassis members
卓越的可靠度卓越的可靠度卓越的可靠度卓越的可靠度
� Redundant master and backup Routing Engines, redundant switch backplane & power/fan modules
彈性化彈性化彈性化彈性化
� Add Virtual Chassis elements as port density grows; add 10GbE uplinks; mix & match switch types
卓越的效能卓越的效能卓越的效能卓越的效能,,,,低的切入點低的切入點低的切入點低的切入點
� Simplified distributed forwarding switch architectu re, low power consumption, compact form factor
甚麼是甚麼是甚麼是甚麼是VIRTUAL CHASSIS?
20 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
1.硬體介紹硬體介紹硬體介紹硬體介紹
2.如何連上設備如何連上設備如何連上設備如何連上設備
3.基本設定基本設定基本設定基本設定
4.基本基本基本基本troubleshooting5.技術支援技術支援技術支援技術支援
21 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
1.硬體介紹硬體介紹硬體介紹硬體介紹
2.如何連上設備如何連上設備如何連上設備如何連上設備
3.基本設定基本設定基本設定基本設定
4.基本基本基本基本troubleshooting5.技術支援技術支援技術支援技術支援
22 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX2200-C switch: Front and rear views
Front View
RJ45/USB Console
RJ45/SFPDual-Purpose
Uplink port
All portsPoE capablein PoE SKUs
GbEMgmt
ExternalUSB
Fixed, standalone configuration� 10.6W x 9.4D x 1.75H inches
� 1 RU height
� Weight: ~5 lbs
Internal power
Fixed uplinks
Consistent management� Junos OS
� Managed by JUNOS Space
� UAC integration
High performance� Wire-rate, non-blocking
Management interfaces� Console (RJ45, USB)
� Out-of-band Ethernet (RJ45)
Rear View
23 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
Fixed, standalone configuration� 17.3W x 10D x 1.75H inches
� 43.9W x 25.4D x 4.4H cm
� 1 RU height
Fixed power, fans and uplinks
Consistent management� Junos operating system
� Managed by NSM
� UAC integration
High Performance� Wire-rate, non-blocking
� 104 Gbps capacity
Management interfaces� Console
� Out-of-band Ethernet
External RPS support*
EX2200 switch: Front and rear views
EX2200 Front View
EX2200 Rear View
GbEMgmt& USB
Console
4xGbEuplink ports
Singlefixed
powersupply
All portsPoE capablein PoE SKUs
RPS Fan Fan
*Roadmap
24 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX3200 switch: Front and rear views
EX3200 Front View
EX3200 Rear View
GbEMgmt
Console
OIR-capableUplink module
Power supplyFRU
At least 8POE ports
USB RPSconnector
cover
Fan
LCD
1 RU
Modular components� Power supply
� Fan
� Uplinks
� Junos operating system
1 GB internal flash� External USB flash
512 MB system memory
Management� Console
� Out of band
Wire-rate performance
25 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
Front View
���� Roadmap (not available at FRS)
Rear View
LCD
Gb/10Gbe SFP+ Uplink Ports
1GbE Management Port
Console Port System Fan
AC Power Supply
USB Fan Exhaust
1GbE Network Ports, PoE+ capable
RPS Connector
Fixed, standalone configuration� 17.4W x 12.0D x 1.75H inches
� 1 RU height
Internal power
Fixed uplinks
Environmental Ranges� Operating Temp: 0 to 45° C*
� Operating Altitude: up to 10K ft*
� Low acoustics: 40-45dB
Management interfaces� LCD – easy bringup
� Console (RJ45)
� Out-of-band Ethernet (RJ45)
EX3300 switch: Front and rear views
26 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX4200 switch: Front and rear views
EX4200 Front View
EX4200 Rear View
VCP(Virtual
Chassis Ports)
USB
OIR-capableuplink module
At least 8POE ports
GbEMgmt
Redundant, hot swappable,load-sharing power supplies FRU
(Special external RPS adapter/panelcan be inserted in the PS slots
for external RPS option)
LCD
Console
1 RUModular components
� Power supplies, fan tray� Optional uplinks� Junos operating system
1 GB internal flash� External USB flash
1 GB system memoryPerformance
� Wire-rate, non-blocking� Local switching
High density� Up to 480GbE and
20 10GbE ports in 10RUVC cable length
� 0.5 meter ships with box� 1, 3, 5 meter options
Management� Console� Out of band
27 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX4500 SWITCH: FRONT AND REAR VIEWSEX4500 Front View
EX4500 Rear View
USB
Optional 4x GbE/10GbEuplink module
40 fixed GbE/10GbE SFP/SFP+ ports
Redundant, hot swappable,load-sharing power supplies
LCD
Fixed form factor � 2RU (3.4in H x 17.5in W x
21in D)Modular components
� Power supplies, fan tray� Optional uplinks� Virtual Chassis Module ����
Junos operating systemPerformance
� Wire-rate, non-blocking� Local switching
� Latency� ~2.7usec: Single PFE� ~4.6usec: Two PFE
Scaling� 24,000 MAC� 10,000 IPv4 routes� 4096 VLANs
Environmental� 100-240V AC power, DC ����� <8W/port
Management� Console� Out-of-band
Optional 4x GbE/10GbEuplink module
GbEMgmt and
Console ports
Field-replaceable fan tray with redundant blowers
Intra-connect Module and future Virtual Chassis ports ����
���� Roadmap (not available at FRS)
28 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX8208 switch: Front view
Fan tray (side-side
airflow)
6 PSU bays for N+1 or
N+N AC redundancy(6kW max)
LCD display
8 dedicatedline cards
1+1 redundantrouting engines2+1 redundantswitch fabrics
14 RU, 21″ deep� Passive backplane
Modular components� Junos operating system� Routing engines� Switching fabrics� Multiple power supplies� Fan tray
High performance� Wire-rate on all ports for
all packet sizes� Distributed forwarding� Juniper switch fabric
High density� Up to 384 GbE or
64 10GbE ports in 14RUManagement
� Console� Out of band� J-Web
29 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX8216 switch:Front and rear views
Fan tray (side-side
airflow)
LCD display
16 dedicatedline card slots
1+1 redundantRoute Engines
8 activeswitch fabrics
(rear of chassis)
6 PSU bays for N+1 ACor N+N DC
redundancy(12000W max)
Fan tray
21 RU (1/2 rack), 25″ deep� Midplane architecture
Modular components� Junos operating system� 16 line cards� 1+1 routing engines� 8 switch fabrics� 6 3kW power supplies� Two fan trays
High performance� Wire-rate on all ports� Wire-rate any packet size� Juniper switch fabric
High density� Up to 768GbE, 128 wire-
speed 10GbE portsLarge buffers, tables
� 512MB buffer per 10GbE, 42MB buffer per 1GbE
� 512K route, 128K MAC, 64K firewall filter
30 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
1.硬體介紹硬體介紹硬體介紹硬體介紹
2.如何連上設備如何連上設備如何連上設備如何連上設備
3.基本設定基本設定基本設定基本設定
4.基本基本基本基本troubleshooting5.技術支援技術支援技術支援技術支援
31 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
Fixed, standalone configuration� 17.3W x 10D x 1.75H inches
� 43.9W x 25.4D x 4.4H cm
� 1 RU height
Fixed power, fans and uplinks
Consistent management� Junos operating system
� Managed by NSM
� UAC integration
High Performance� Wire-rate, non-blocking
� 104 Gbps capacity
Management interfaces� Console
� Out-of-band Ethernet
External RPS support*
EX2200 switch: Front and rear views
EX2200 Front View
EX2200 Rear View
GbEMgmt& USB
Console
4xGbEuplink ports
Singlefixed
powersupply
All portsPoE capablein PoE SKUs
RPS Fan Fan
32 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 網路埠命名原則網路埠命名原則網路埠命名原則網路埠命名原則
常見介面範例:� Ge-0/0/0
� Xe-0/0/0
33 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 網路埠命名原則網路埠命名原則網路埠命名原則網路埠命名原則---範例一範例一範例一範例一
Ge-0/0/0 Ge-0/1/3
PIC 0 PIC 1
34 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 網路埠命名原則網路埠命名原則網路埠命名原則網路埠命名原則---範例二範例二範例二範例二
Member 0
Member 1
Member 2
Member 3
Ge-1/0/1 Ge-?/?/?
35 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
網路埠命名原則網路埠命名原則網路埠命名原則網路埠命名原則
GE-0/0/1
GE-0/0/0
GE-0/1/0
GE-0/1/3
GE-0/0/46
GE-0/0/47
36 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
1.硬體介紹硬體介紹硬體介紹硬體介紹
2.如何連上設備如何連上設備如何連上設備如何連上設備
3.基本設定基本設定基本設定基本設定
4.基本基本基本基本troubleshooting5.技術支援技術支援技術支援技術支援
37 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
LAB環境環境環境環境
192.168.X.1255.255.255.0
192.168.X.2255.255.255.0
192.168.X.1255.255.255.0
192.168.X.2255.255.255.0
192.168.X.1255.255.255.0
192.168.X.2255.255.255.0
Link aggregation/Trunk port
X=VlanXX=組別
38 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
章節介紹章節介紹章節介紹章節介紹
� Junos設定檔結構
� EX Switch 基本指令介紹
� EX Switch 初始設定 (指令)
� EX Switch Web 介面介紹
� EX Switch 設定 VLAN
� EX Switch 設定 Trunk port
� EX Switch 設定 Link aggregation
� EX Switch 設定預設閘道
39 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
Junos 設定檔結構設定檔結構設定檔結構設定檔結構
[edit]user@host# set protocols ospf area 51 stub
chassis interfaces protocols services systems etc.
bgp isis mpls ospf pim rip rsvp vrrp etc.
area area-id graceful-restart overload traffic engineering etc.
area-range area_range interface nssa stub etc.
top
40 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
Junos 設定檔結構設定檔結構設定檔結構設定檔結構
root# show ## Last changed: 2012-01-23 20:07:52 UTCversion 11.4R1.6;system {
root-authentication {encrypted-password "$1$2Mf2cG2z$v61qmYG5mWdwNYY3QjkJr."; ## SECRET-DATA
}services {
ssh {root-login allow;
}web-management {
http;https {
system-generated-certificate;}
}}
:::
41 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 基本指令介紹基本指令介紹基本指令介紹基本指令介紹
Amnesiac (ttyu0)
login: root
--- JUNOS 11.2R2.4 built 2011-09-01 08:36:41 UTCroot@% cliroot> configureEntering configuration mode
[edit]root#
預設帳號為’root’預設是沒有設定密碼
進入操作模式
進入設定模式
42 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 基本指令介紹基本指令介紹基本指令介紹基本指令介紹
root# exitExiting configuration mode
root> exit
root@% exitlogout
Amnesiac (ttyu0)
login:
跳出設定模式回到操作模式
跳出操作模式
登出使用者
43 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
•設定參數
root# set system host-name EX2200-24P-4G
•刪除參數
root# delete system host-name EX2200-24P-4G
EX Switch 基本指令介紹基本指令介紹基本指令介紹基本指令介紹
44 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 初始設定初始設定初始設定初始設定 (指令指令指令指令)
login: root
--- JUNOS 11.4R1.6 built 2011-11-15 10:11:59 UTC
root@:RE:0%
root@:RE:0% cli
root> configure
Entering configuration mode
[edit]
root# set system host-name EX2200-24P-4G
[edit]
root# set interfaces vlan.1 family inet address 192.168.1.x/24
root# set vlans vlan1 vlan-id 1 l3-interface vlan.1
root# set vlans vlan1 interface ge-0/0/1
設定hostname
設定 vlan.1 interface IP
輸入 cli進入 JUNOS
輸入 configure 進入設定模式
設定 vlan1 VLAN 使用vlan.1 interface
45 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 初始設定初始設定初始設定初始設定 (指令指令指令指令)
root# set system services web-management http
[edit]
root# set system services web-management https system-generated-certificate
[edit]
root# set system services telnet
[edit]
root# set system services ssh root-login allow
[edit]
root# set system root-authentication plain-text-password
New password :
Retype new password :
root# commit
commit complete
[edit]
root@EX2200-24P-4G#
開啟ssh service並允許root從遠端登入
開啟telnet service(不建議)
開啟http或https service
設定生效,hostname已改變
設定root密碼
存檔
46 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch Web 介面介紹介面介紹介面介紹介面介紹
47 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch Web 介面介紹介面介紹介面介紹介面介紹
48 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch Web 介面介紹介面介紹介面介紹介面介紹
Configure負責所有設定功能
49 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch Web 介面介紹介面介紹介面介紹介面介紹
Monitor負責顯示各種狀態
50 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch Web 介面介紹介面介紹介面介紹介面介紹
Maintain負責系統維護
51 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch Web 介面介紹介面介紹介面介紹介面介紹
Troubleshoot可執行各種基本除錯工具(ping, trace route)
52 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 VLAN
Configure > Switching > VLAN
53 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 VLAN
填入VLAN Name 及VLAN ID
Configure > Switching > VLAN
54 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 VLAN
Configure > Switching > VLAN
點選那個介面要加入這個 VLAN
55 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 VLAN
Configure > Switching > VLAN
56 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
最後別忘了最後別忘了最後別忘了最後別忘了Commit, 使設定生效使設定生效使設定生效使設定生效
Configure > Commit Options > Commit
57 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
LAB Time ---- VLAN
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
Y代表組別,例如第一組:192.168.2.1/24192.168.3.1/24
請試著將0/0/2設為vlan2,將0/0/3設為vlan3,完成後通知授課人員
58 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 Trunk port
Configure > Interfaces > Ports
1
2
3
選擇那個介面要設定 Trunk Port
59 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 Trunk port
Configure > Interfaces > Ports
4
5
60 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 Trunk port
Configure > Interfaces > Ports
6
選擇 Trunk Port 要包含那個 VLAN
61 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
LAB Time ---- Trunk Port
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
例如第一組:192.168.2.1/24192.168.3.1/24
請試著將 X/X/X 設定為Trunk port, 裡面包含 vlan1 、vlan2及vlan3 ,完成後通知授課人員
62 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 Link aggregation
� Link aggregation 定義在 IEEE 802.3ad, 可以將多條實體介面, 綁成一個虛擬介面
�優點: 可將多條實體介面頻寛加總起來, 並提供線路備援功能
�例如 Switch A 與 Switch B 之間, 用二條 1Gbps 介面對接, 1Gbps*2 = 2Gbps , 所以可以提供 2Gbps 頻寛, 假設中間斷了一條線路, 只會讓頻寛降為 1Gbps,並不會造成網路斷線
1Gbps*2 = 2Gbps
�在 EX Switch 上這個虛擬介面叫做 Aggregate Ethernet, 簡稱 ae
�當您要把多條線路綁起來形成 ae, 這些線路的頻寛及雙工模式要全部一樣
�在一個 ae介面裡, 最多可以綁八條實體介面
63 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 Link aggregation
Configure > Interfaces > Link Aggregation
64 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 Link aggregation
Configure > Interfaces > Link Aggregation
設定 EX Switch 要用到幾個 ae介面
65 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 Link aggregation
Configure > Interfaces > Link Aggregation
66 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 Link aggregation
Configure > Interfaces > Link Aggregation
67 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 Link aggregation
Configure > Interfaces > Link Aggregation
68 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 Link aggregation
Configure > Interfaces > Link Aggregation
69 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 Link aggregation
Configure > Interfaces > Link Aggregation
70 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 Link aggregation
Configure > Interfaces > Link Aggregation
71 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定 Link aggregation
Configure > Interfaces > Link Aggregation
72 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
LAB Time ---- Link aggregation
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
192.168.X.Y255.255.255.0
例如第一組:192.168.2.1/24192.168.3.1/24
請試著將X/X/X及 X/X/X 綁成同一個 link aggregation 以trunk介面,完成後通知授課人員
73 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定預設閘道預設閘道預設閘道預設閘道
Configure > Routing > Static Routing
74 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定預設閘道預設閘道預設閘道預設閘道
輸入0.0.0.0
選取Add
Configure > Routing > Static Routing
75 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 設定設定設定設定預設閘道預設閘道預設閘道預設閘道
輸入Gateway IP
Configure > Routing > Static Routing
76 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
最後別忘了最後別忘了最後別忘了最後別忘了Commit, 使設定生效使設定生效使設定生效使設定生效
Configure > Commit Options > Commit
77 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 備份設定檔備份設定檔備份設定檔備份設定檔
可依需要選擇要回復的版本
Maintain > Config Management > History
78 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
1.硬體介紹硬體介紹硬體介紹硬體介紹
2.如何連上設備如何連上設備如何連上設備如何連上設備
3.基本設定基本設定基本設定基本設定
4.基本基本基本基本troubleshooting5.技術支援技術支援技術支援技術支援
79 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX2200 LED 燈號介紹燈號介紹燈號介紹燈號介紹
EX2200 狀態 LEDs
LED 名稱名稱名稱名稱 描述描述描述描述
SYS •綠燈恆亮代表正常•綠燈閃爍代表開機中•沒有亮代表 Switch 沒有開機
ALM •沒有亮代表沒有任何問題•橘色代表有較不嚴重問題發生•紅色代表有嚴重問題發生,需要立即處理
80 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX2200 Status LED 燈號介紹燈號介紹燈號介紹燈號介紹
Status LED名稱名稱名稱名稱
描述描述描述描述
SPD(Speed)
•每秒閃一下,代表這個介面連線速度是 10Mbps•每秒閃二下,代表這個介面連線速度是 100Mbps•每秒閃三下,代表這個介面連線速度是 1000Mbps
DX(Duplex)
•有亮代表這個介面是 “全雙工”•沒有亮代表這個介面是 “半雙工”
EN(Enable)
•有亮代表這個介面有啓用•沒有亮代表這個介面停用
POE(Power over Ethernet)
•恆亮代表這個介面有提供 PoE電源,且有接 PoE設備•閃爍代表這個介面有提供 PoE電源,但沒有接 PoE設備•沒有亮代表這個沒有提供 PoE電源
Status LED
切換 Status
81 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX3200 LED 燈號介紹燈號介紹燈號介紹燈號介紹
LED 名稱名稱名稱名稱 描述描述描述描述
ALM •沒有亮代表沒有任何問題•橘色代表有較不嚴重問題發生•紅色代表有嚴重問題發生, 需要立即處理
SYS •綠燈恆亮代表正常•綠燈閃爍代表開機中•沒有亮代表 Switch 沒有開機
MST •有亮代表這台 Switch 是 VC裡的master
EX3200 狀態 LEDsALM
SYS
MST
82 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX3200 Status LED 燈號介紹燈號介紹燈號介紹燈號介紹
切換 Status
ALM
SYS
MST
Status LED名稱名稱名稱名稱
描述描述描述描述
SPD(Speed)
•每秒閃一下,代表這個介面連線速度是 10Mbps•每秒閃二下,代表這個介面連線速度是 100Mbps•每秒閃三下,代表這個介面連線速度是 1000Mbps
DPX(Duplex)
•有亮代表這個介面是 “全雙工”•沒有亮代表這個介面是 “半雙工”
ADM(Administrati)
•有亮代表這個介面有啓用•沒有亮代表這個介面停用
POE(Power over Ethernet)
•恆亮代表這個介面有提供 PoE電源,且有接 PoE設備•閃爍代表這個介面有提供 PoE電源,但沒有接 PoE設備•沒有亮代表這個沒有提供 PoE電源
LED: SPD ALARM
Status LED
83 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 網路埠網路埠網路埠網路埠燈號介紹燈號介紹燈號介紹燈號介紹
LED 描述描述描述描述
Link/Activity •閃爍代表 link up, 並且有流量在傳•恆亮代表 link up, 但無流量•沒有亮代表 link down
84 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 管理者密碼重置管理者密碼重置管理者密碼重置管理者密碼重置U-Boot 1.1.6 (Mar 26 2011 - 04:38:23)
Board: EX2200-24P-4G 4.11
EPLD: Version 04.091222 (0x02)
DRAM: Initializing (512MB)
Flash: 8 MB
:
new boot device = disk0s1:
Loading /boot/defaults/loader.conf
/kernel data=0x7dc7f4+0xa5afc syms=[0x4+0xdcef0+0x4+0xb4432]
Hit [Enter] to boot immediately, or space bar for command prompt.
Booting [/kernel] in 1 second...
Type '?' for a list of commands, 'help' for more detailed help.
loader> boot -s
開機至此時按“空白鍵”將開機程序中斷
輸入boot -s
85 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 管理者密碼重置管理者密碼重置管理者密碼重置管理者密碼重置
:
:
bme0:Virtual BME driver initializing
Timecounter "CPU Timer" frequency 200000000 Hz quality 1000
da0 at umass-sim0 bus 0 target 0 lun 0
da0: <ST ST72682 2.10> Removable Direct Access SCSI-2 device
da0: 40.000MB/s transfers
da0: 1000MB (2048000 512 byte sectors: 64H 32S/T 1000C)
Trying to mount root from ufs:/dev/da0s1a
Invalid time in real time clock.
Check and reset the date immediately!
Attaching /packages/jbase via /dev/mdctl...
Mounted jbase package on /dev/md0...
System watchdog timer disabled
Enter full pathname of shell or ‘recovery’ for root password recovery or RETURN for /bin/sh: recovery
輸入 “recovery”
86 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
EX Switch 管理者密碼重置管理者密碼重置管理者密碼重置管理者密碼重置
:
Starting CLI ...
root> configure
Entering configuration mode
root# set system root-authentication plain-text-password
New password:
Retype new password:
[edit]
root# commit
commit complete
root# exit
Exiting configuration mode
root> request system reboot
Reboot the system ? [yes,no] (no) yes
重開機之後即完成
重新設定 root帳號的密碼
輸入二次 root帳號的密碼
87 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
1.硬體介紹硬體介紹硬體介紹硬體介紹
2.如何連上設備如何連上設備如何連上設備如何連上設備
3.基本設定基本設定基本設定基本設定
4.基本基本基本基本troubleshooting5.技術支援技術支援技術支援技術支援
88 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
如何向如何向如何向如何向Dawning開開開開Case
電話:(02)8797-2636#6168聯絡人:林承潔小姐
e-mail:[email protected]
需要資訊:
I.*故障設備型號 *設備序號 RSI檔案
II.概略描述問題與原因:*燈號 *問題與原因
III.客戶連絡人資訊: *聯絡人 *電話 *e-mail
89 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
產生產生產生產生Tech support (RSI) 內容內容內容內容
該步驟所產出的資訊,用於開Case時供原廠Tech判讀的重要資訊
可加速判斷問題,並縮短問題處理的時程,增加處理問題的效率
取得方式:如92頁
90 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
型型型型號號號號
1
2
91 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
序序序序號號號號
1
2
3 4
92 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
產生產生產生產生Tech support 內容內容內容內容
1
2
93 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
產生產生產生產生Tech support 內容內容內容內容
3
94 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
產生產生產生產生Tech support 內容內容內容內容
4
5
95 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
Q&A
96 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
2012 Training Schedule
Jan Feb Mar Apr May Jun
Jul Aug Sep Oct Nov Dec
� EX switch 1/13 3/20 5/18
� EX switch 7/12 9/20 11/15
� SRX 2/10 4/19 6/14
� SRX 8/21 10/18 12/20
Jan Feb Mar Apr May Jun
Jul Aug Sep Oct Nov Dec
報名網址:http://www.dawningtech.com.tw/training/index.aspx?sub=tech
97 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
2012 Training Schedule
21
教育訓練資訊教育訓練資訊教育訓練資訊教育訓練資訊
98 Copyright © 2012 Juniper Networks, Inc. www.juniper.net
Thank you !!!