Juniper CLI modes: Shell, Operational & Configuration

The 1st mode that I would like to discuss about it is the Shell mode. This is represented by the percentage sign (%) by end of the prompt command. On this mode, the root (and only the root) will always go to it when he logs in to the Juniper router.

In this mode, the root user can do the file system commands and manage them. What does it mean by file system commands? This means that you can create a file, delete a file, see what is in the file, copy a file and so on.

The 2nd mode that you should know on Juniper is the Operational mode. This is represented by the greater sign (>) by end of the prompt command. When you create a non-root user, and he logs in to the Juniper router, he will always go to the operational mode.

For the root user, to go from the shell modem to the operational mode he should use the command “CLI”.

In this mode, you can view the configuration. Meaning that any configuration on the router you can just check it from this mode using the “show” command most of the time. Also on this mode, you can do the troubleshooting using some application tools such as ping, traceroute. Also, you can connect remotely to other devices using SSH and Telnet. You can also reboot and shutdown the device from this mode.

So, in a summary, from the operational modem you can view the configuration on the router and using some utilities such as ping, traceroute to do the troubleshooting as well as some other utilities for some other tasks.

The last mode that we have on Juniper is the Configuration mode. This is represented by the hash sign (#) by end of the prompt command. To reach to this mode, you should be on the operational modem then write “edit” or “configure” then you can reach to this mode.

This mode is used to configure the router and to make changes on the router.

Those are the 3 different types of modes we have on the Juniper devices, let’s now apply a LAB to play with those 3 modes.

My PC is still connected via console to the router. I have just rebooted the router. Let’s connect to the root using the root username and password:

R1 (ttyu0)

login: root


— JUNOS 12.1X44-D15.5 built 2013-06-06 18:07:29 UTC


You can see that once I logged in to the root account, it took me to the shell modem which is represented by the (%) sign.

I have already mentioned that on the shell modem we can do everything related to the file management things. Let’s list what are the files that are available on the router:

root@R1% ls

.cshrc          .login          .ssh            config2

.history        .profile        1


Using the command “ls” I can list the files that are available.

Let’s see what the “.profile” file has as a content:

root@R1% cat .profile

# $FreeBSD: src/etc/root/dot.profile,v 1.20 1999/08/27 23:24:09 peter Exp $



export PATH


export HOME


export TERM


I used the command “cat” to see what is on this file. As you have already experienced, we are using command that normally we use on Linux environments, that’s because Juniper is based on FreeBSD as I have previously explained, meaning if you have some knowledge with Linux you may find Juniper very easy to be configured.

Now let’s do more things on this mode. I will copy the file “.profile” to another file called “.profile2” then I will delete it.

Let’s 1st copy the file to “.profile2”:

root@R1% cp .profile .profile2

root@R1% ls

.cshrc          .login          .profile2       1

.history        .profile        .ssh            config2


I have successfully copied it and it is showing when I list the files again (the command to copy is “cp”).

Let me now delete “.profile2” using the remove command “rm”:

root@R1% rm .profile2

root@R1% ls

.cshrc          .login          .ssh            config2

.history        .profile        1


The file has been deleted successfully 😊

So now we understood more about the shell mode, let’s check the things that the operational mode can do.

To go to the operational mode from the shell mode, you need to write the command “CLI”:

root@R1% cli


Now we are on the operational mode.

Let’s make a question mark and see what commands I can use here:

root@R1> ?

Possible completions:

clear                Clear information in the system

configure        Manipulate software configuration information

file                  Perform file operations

help                 Provide help information

load                 Load information from file

monitor           Show real-time debugging information

mtrace             Trace multicast path from source to receiver

op                    Invoke an operation script

ping                 Ping remote target

quit                  Exit the management session

request             Make system-level requests

restart              Restart software process

save                 Save information to file

set                    Set CLI properties, date/time, craft interface message

show                Show system information

ssh                   Start secure shell on another host

start                 Start shell

telnet               Telnet to another host

test                  Perform diagnostic debugging

traceroute        Trace route to remote host


As I have explained, you can use this mode to see things on the router using the “show” command, and to use utilities from troubleshooting such as ping and traceroute as well as to be able to connect remotely using Telnet and SSH.

Let’s for example see what the interfaces on the router are:

root@R1> show interfaces terse

Interface               Admin Link Proto    Local                 Remote

ge-0/0/0                up    down

ge-0/0/0.0             up    down

gr-0/0/0                up    up

ip-0/0/0                up    up

lsq-0/0/0              up    up

lt-0/0/0                up    up

mt-0/0/0              up    up

sp-0/0/0               up    up

sp-0/0/0.0            up    up   inet

sp-0/0/0.16383    up    up   inet            –>            –> 0/0           –>           –> 0/0

ge-0/0/1                up    down

ge-0/0/1.0             up    down inet

fe-0/0/2                up    down

fe-0/0/2.0             up    down eth-switch

fe-0/0/3                up    down

fe-0/0/3.0             up    down eth-switch

fe-0/0/4                up    down

fe-0/0/4.0             up    down eth-switch

fe-0/0/5                up    down

fe-0/0/5.0             up    down eth-switch

fe-0/0/6                up    down

fe-0/0/6.0             up    down eth-switch

fe-0/0/7                up    down

fe-0/0/7.0            up    down eth-switch

fxp2                    up    up

With the command “show interfaces terse” I can see a list of the available interfaces on my Juniper router.

Let me show you how you can restart your Juniper router as well.

root@R1> request system ?

Possible completions:

autorecovery      Manage autorecovery information

certificate          Manage X509 certificates

commit              Perform commit related operations

configuration     Request operation on system configuration

download           Manage downloads

firmware            Upgrade or downgrade firmware

halt                     Halt the system

health                 Online diagnostic request

license                Manage feature licenses

logout                 Forcibly end user’s CLI login session

power-off           Power off the system

reboot                 Reboot the system

scripts                Manage scripts (commit, op, event)

services              Request service applications information

set-encryption-key   Set EEPROM stored encryption key

snapshot             Archive data and executable areas

software             Perform system software extension or upgrade

storage              Request operation on system storage

zeroize              Erase all data, including configuration and log files

root@R1> request system reboot

Using this command, you can simply reboot your Juniper router and this is done from the Operational mode.

The last thing that I want to show you in this topic is the configuration mode. As I said, on this mode you can do the configuration on the Juniper router. To go from the operational mode to the configuration mode, you need to write any of the following 2 commands:

  • Edit
  • Configure

I will write “edit” and see if I can go to the configuration mode:

root@R1> edit

Entering configuration mode



I am in the configuration mode 😊

Let’s do a simple task by just changing the name of the router from R1 to R2 and see if it works.

root@R1# set system host-name R2


root@R1# commit

commit complete



Don’t forget to save your configuration after you make the changes so it is applied. I can see clearly that the router name has been changed successfully to R2.

That’s all what I wanted to explain about the different modes on Juniper. I have showed you also different LABs on each mode so you can understand it better 😊.

Course Content


Submit a Comment

Your email address will not be published. Required fields are marked *

The reCAPTCHA verification period has expired. Please reload the page.