Juniper offers us a help to know how to write the commands correctly. For example, let’s say that I want to change the root password and I don’t know how to do it. I can use the help from Juniper and it will guide me how I can change the root password on Juniper router.
I am going to do a LAB to go through the help and see how it works.
I am still connected to the Juniper router via console. Let’s log in to the root and write just a question mark “?” :
root# ?
Possible completions:
<[Enter]> Execute this command
activate Remove the inactive tag from a statement
annotate Annotate the statement with a comment
commit Commit current set of changes
copy Copy a statement
deactivate Add the inactive tag to a statement
delete Delete a data element
edit Edit a sub-element
exit Exit from this level
extension Extension operations
help Provide help information
insert Insert a new ordered data element
load Load configuration from ASCII file
prompt Prompt for an input
protect Protect the statement
quit Quit from this level
rename Rename a statement
I have highlighted the help command which is the command that I will be using to discover the commands that I need to use to perform a task on the router.
Let’s use the “help” command and see what it offers me as a 2nd command after it:
root# help ?
Possible completions:
<[Enter]> Execute this command
apropos Find help information about a topic
reference Reference material
syslog System log error messages
tip Tip for the day
topic Help for high level topics
| Pipe through a command
As you see, you can use different commands after the help command and each has a function. I will go through all of them and explain them one by one.
Let’s start first with “help topic” :
root# help topic system root-authentication
Configuring the Root Password
The JUNOS software is preinstalled on the router. When the router is
powered on, it is ready to be configured. Initially, you log in to the
router as the user “root” with no password.
+———————————————————+
|| Note: If you configure a blank password using the |
|| encrypted-password statement at the [edit system |
|| root-authentication] hierarchy level for root |
|| authentication, you will be able to commit a |
|| configuration, but you will not be able to login as |
|| superuser and get root level access to the router. |
+———————————————————+
After you log in, you should configure the root (superuser) password by
including the root-authentication statement at the [edit system] hierarchy
level:
[edit system]
root-authentication {
(encrypted-password “password”| plain-text-password);
—(more)—
I have copied only the 1st page after issuing the command. It is clear that when you choose “topic” after the help command then it will give you deep details of the topic that you want to know (in our case it is the root-authentication), so it is more like a guide for that.
The 2nd command that I want to use after the help is the “reference”:
root# help reference interfaces family
family
Syntax
family family {
accounting {
destination-class-usage;
source-class-usage {
direction;
}
}
address address {
destination address;
}
bundle interface-name;
—(more)—
With “reference” it shows more the syntax of how you can write the command.
Let’s check the 3rd command after help which is “apropos”:
root# help apropos DHCP
set dynamic-profiles <profile-name> interfaces auto-configure stacked-vlan-ranges dynamic-profile <name> accept dhcp-v4
DHCP v4 Discover only
set dynamic-profiles <profile-name> interfaces auto-configure stacked-vlan-ranges dynamic-profile <name> accept dhcp-v6
DHCP v6 Packets only
set dynamic-profiles <profile-name> interfaces auto-configure stacked-vlan-ranges authentication packet-types dhcp-v4
DHCP v4 Discover only
set dynamic-profiles <profile-name> interfaces auto-configure stacked-vlan-ranges authentication packet-types dhcp-v6
DHCP v6 Packets only
set dynamic-profiles <profile-name> interfaces auto-configure stacked-vlan-ranges authentication username-include option-18
Include option 18 for dhcp-v6
set dynamic-profiles <profile-name> interfaces auto-configure stacked-vlan-ranges authentication username-include option-37
Include option 37 for dhcp-v6
set dynamic-profiles <profile-name> interfaces auto-configure vlan-ranges dynamic-profile <name> accept dhcp-v4
DHCP v4 Discover only
set dynamic-profiles <profile-name> interfaces auto-configure vlan-ranges dynamic-profile <name> accept dhcp-v6
—(more)—
With “apropos” and you put the topic that we want to know about, it will show you all possible commands that you can use in that topic. In our example, I said “help apropos DHCP” so it will show me all possible commands that you can use with DHCP. I personally like “apropos” command and I use it a lot.
The other help command that I want to use is the “syslog”. You know on every router as on Juniper, you may get system logs when the router sees that something wrong has happened. This is the only way that the router can notify you (as an administrator) about a specific error.
On Juniper, there are many system logs that you may get and sometimes you don’t understand them when you see them. Using the help syslog command, then you understand what this syslog message has as a meaning then you can take an action to fix the problem.
I will go to the Juniper router and run the following command:
root# help syslog ?
Syslog tag Help
AAA_RADIUS_SERVER_STATE_CHANGE State of the radius server has changed
ACCT_ACCOUNTING_FERROR Error occurred during file processing
ACCT_ACCOUNTING_FOPEN_ERROR Open operation failed on file
ACCT_ACCOUNTING_SMALL_FILE_SIZE Maximum file size is smaller than record size
ACCT_BAD_RECORD_FORMAT Record format does not match accounting profile
ACCT_CU_RTSLIB_ERROR Error occurred obtaining current class usage
statistics
ACCT_FORK_ERR Could not create child process
ACCT_FORK_LIMIT_EXCEEDED Could not create child process because of limit
ACCT_GETHOSTNAME_ERROR gethostname function failed
ACCT_MALLOC_FAILURE Memory allocation failed
ACCT_THREAD_CREATE_FAILURE Unable to create file transfer watch
Say that you have gotten a log about AAA_RADIUS_SERVER_STATE_CHANGE and you do not understand what is about, then you can use the help syslog to understand about it as the following:
root# help syslog AAA_RADIUS_SERVER_STATE_CHANGE
Name: AAA_RADIUS_SERVER_STATE_CHANGE
Message: Radius server <radius-server-name> state changed to
<new-radius-server-state> on <interface-name>
Help: State of the radius server has changed
Description: This notification signifies that the specified radius server has
changed state from active to dead or vice-versa
Type: Event: This message reports an event, not an error
Severity: info
Facility: LOG_DAEMON
When checking about that log, you can get more detailed information such as a description of the log, the type, the severity and so on, which help to allow you to know what this log message means exactly.
The last command after help that I want to try is “tip”. With the “tip” the Juniper router will give you a random information to help you to configure better the Juniper router. Let’s apply it and see:
root# help tip cli
JUNOS tip:
Use the ‘request system logout’ command to forcibly log a user out of
the router.
The Juniper router has giving me a tip how to log a user out of the router.
I will try to redo the command again and see if I get another tip different than this one:
root# help tip cli
JUNOS tip:
Use configuration groups to represent common pieces of configuration
and reduce the size of your configuration file.
Indeed I have received another tip as well 😊
That’s all what I wanted to show about the help command, hope you enjoyed it and see you in the upcoming lesson.
0 Comments