In many occasions through this course, I have used the “show” command to check if the things that I was configuring was correct.
In this unit we will dig more about the “show” command.
As we already know, the “show” works from the operational mode. Let’s see what I can have as a completion command with the show:
root@R1> show ?
Possible completions:
accounting Show accounting profiles and records
amt Show AMT Protocol information
ancp Show ancp information
app-engine Show App-engine information
aps Show Automatic Protection Switching information
arp Show system Address Resolution Protocol table entries
as-path Show table of known autonomous system paths
backup-selection Show backup selection policies information
bfd Show Bidirectional Forwarding Detection information
bgp Show Border Gateway Protocol information
bridge Show bridging information
chassis Show chassis information
class-of-service Show class-of-service (CoS) information
cli Show command-line interface settings
configuration Show current configuration
connections Show circuit cross-connect connections
database-replication Show database replication information
ddos-protection Show DDOS information
dhcp Show Dynamic Host Configuration Protocol information
dhcp-security
dhcpv6 Show Dynamic Host Configuration Protocol v6 information
diameter Show diameter information
—(more 23%)—
This is just the 1st page that I am show you, and you can see there are plenty of completion commands that I can use after the show.
In this lesson, I will show you 18 different show commands that you have to be responsible for the associate level in Juniper.
root@R1> show system alarms
No alarms currently active
root@R1>
The 1st command is “show system alarms” in which you can see if the Juniper device has any alarm for you. Also there you can see if there is a rescue configuration file set or not.
root@R1> show system boot-messages
Copyright (c) 1996-2015, Juniper Networks, Inc.
All rights reserved.
Copyright (c) 1992-2007 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
JUNOS 14.1R4.8 #0: 2015-01-28 03:38:12 UTC
builder@greteth.juniper.net:/volume/build/junos/14.1/release/14.1R4.8/obj-i386/junos/bsd/kernels/JUNIPER/kernel
Timecounter “i8254” frequency 1193182 Hz quality 0
CPU: QEMU Virtual CPU version 2.5+ (2112.05-MHz 686-class CPU)
Origin = “GenuineIntel” Id = 0x663 Stepping = 3
Features=0x783fbfd<FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE,SSE2>
Features2=0x80202001<SSE3,CX16,x2APIC,<b31>>
AMD Features=0x20100800<SYSCALL,NX,LM>
AMD Features2=0x1<LAHF>
real memory = 1073741824 (1024 MB)
avail memory = 1034592256 (986 MB)
Security policy loaded: Junos MAC/veriexec (mac_veriexec)
Security policy loaded: JUNOS MAC/runasnonroot (mac_runasnonroot)
Security policy loaded: JUNOS MAC/pcap (mac_pcap)
MAC/veriexec fingerprint module loaded: SHA1
—(more)—
The 2nd command is “show system boot-messages”. In this command, it will show you the messages that you should see when the Juniper device is booting up. You can refer to those messages in case your Juniper device doesn’t book correctly, so you can read them and see what is wrong with it.
root@R1> show system certificate
Certificate identifier: FeatureLicense-v2
Issuer:
Organization: Juniper Networks, Organizational unit: Juniper CA,
Country: US, State: CA, Locality: Sunnyvale, Common name: FeatureCA,
E-mail address: ca@juniper.net
Subject:
Organization: Juniper Networks, Organizational unit: Juniper CA,
Country: US, State: CA, Locality: Sunnyvale, Common name: FeatureLicense-v2,
E-mail address: ca@juniper.net
Signature algorithm: sha1WithRSAEncryption
Public key algorithm: dsaEncryption
Certificate identifier: FeatureLicense-v3
Issuer:
Organization: Juniper Networks, Organizational unit: Juniper CA,
Country: US, State: CA, Locality: Sunnyvale, Common name: FeatureCA,
E-mail address: ca@juniper.net
Subject:
Organization: Juniper Networks, Organizational unit: Juniper CA,
Country: US, State: CA, Locality: Sunnyvale, Common name: FeatureLicense-v3,
E-mail address: ca@juniper.net
Signature algorithm: sha1WithRSAEncryption
Public key algorithm: dsaEncryption
—(more)—
On Juniper, there are pre-installed certificates that are available having the certificate authority Juniper itself, meaning that the certificates are not commercial. With the command “show system certificate” you can see the installed certificate on your Junos device.
root@R1> show system commit
0 2024-02-07 19:44:42 CET by root via cli
1 2024-02-07 19:36:55 CET by root via cli
2 2024-02-07 19:31:01 CET by root via cli
3 2024-02-07 16:30:22 CET by root via cli
4 2024-02-07 16:13:29 CET by Maher via cli
5 2024-02-07 15:56:58 CET by root via cli
Another command to use is “show system commit” which shows me when a user has done a commit. This is a very handy one to use.
root@R1> show system connections
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 128.0.0.4.9000 128.0.0.4.50300 ESTABLISHED
tcp4 0 0 128.0.0.4.50300 128.0.0.4.9000 ESTABLISHED
tcp4 0 0 128.0.0.4.9000 128.0.0.4.57821 ESTABLISHED
tcp4 0 0 128.0.0.4.57821 128.0.0.4.9000 ESTABLISHED
tcp4 0 0 128.0.0.4.9000 128.0.0.4.53699 ESTABLISHED
“Show system connections” is another command that you should be aware of. It shows you what are the open connections on the Juniper router and what are their states.
root@R1> show system license
License usage:
Licenses Licenses Licenses Expiry
Feature name used installed needed
scale-subscriber 0 1000 0 permanent
scale-l2tp 0 1000 0 permanent
scale-mobile-ip 0 1000 0 permanent
Licenses installed: none
root@R1>
If you want to have information about the licenses that you have on your Juniper router, the command “show system license” is a very handy one to use.
root@R1> show system memory
System memory usage distribution:
Total memory: 1031520 Kbytes (100%)
Reserved memory: 18688 Kbytes ( 1%)
Wired memory: 96492 Kbytes ( 9%)
Active memory: 594952 Kbytes ( 57%)
Inactive memory: 104568 Kbytes ( 10%)
Cache memory: 109592 Kbytes ( 10%)
Free memory: 106228 Kbytes ( 10%)
If you want to see the memory size and how it is being used, you can use the command “show system memory”.
root@R1> show system processes
PID TT STAT TIME COMMAND
0 ?? WLs 0:00.00 [swapper]
1 ?? ILs 0:00.20 /packages/mnt/jbase/sbin/init —
2 ?? DL 0:00.06 [g_event]
3 ?? DL 0:01.30 [g_up]
4 ?? DL 0:04.45 [g_down]
5 ?? DL 0:00.00 [thread taskq]
6 ?? DL 0:00.00 [kqueue taskq]
7 ?? DL 0:00.00 [mastership taskq]
8 ?? DL 0:00.00 [em0 taskq]
9 ?? DL 0:00.00 [em1 taskq]
10 ?? RL 18:52.42 [idle]
With “show system processes” you can see what are the processes that are used on your Juniper router and you can know the process ID, time, command …..
root@R1> show system reboot
No shutdown/reboot scheduled.
root@R1>
Another command is “show system reboot” to see if there is any scheduled shutdown or reboot on the Juniper device.
root@R1> show system rollback 0
## Last changed: 2024-02-08 15:49:42 CET
version 14.1R4.8;
groups {
DESCRIPTION {
interfaces {
<em*> {
description “em interfaces”;
}
}
}
}
system {
host-name R1;
time-zone Europe/Amsterdam;
root-authentication {
encrypted-password “$1$J2Be9GcK$KqcscPTTnpyczdQoLhlAR/”; ## SECRET-DATA
}
login {
message “Welcome. If you are not authorized to login, please leave immediately”;
class Simonclass {
allowed-days [ monday tuesday wednesday thursday friday ];
access-start “08:00:00 +0100”;
—(more)—
If you wish to recall a Rollback and you want to know what that rollback version contains as a configuration, you can apply the command “show system rollback x” where x is the rollback number. This way you can read the configuration before you recall it.
root@R1> show system statistics tcp
Tcp:
61 packets sent
23 data packets (767 bytes)
0 data packets retransmitted (0 bytes)
0 resends initiated by MTU discovery
29 ack only packets (14 packets delayed)
0 URG only packets
0 window probe packets
1 window update packets
10 control packets
62 packets received
36 acks(for 767 bytes)
1 duplicate acks
0 acks for unsent data
23 packets received in-sequence(759 bytes)
0 completely duplicate packets(0 bytes)
0 old duplicate packets
0 packets with some duplicate data(0 bytes duped)
0 out-of-order packets(0 bytes)
0 packets of data after window(0 bytes)
0 window probes
1 window update packets
1 packets received after close
—(more)—
With the command “show system statistics tcp” you can see more information about the tcp packets that were sent and received on the Juniper router.
root@R1> show system storage
Filesystem Size Used Avail Capacity Mounted on
/dev/ad0s1a 3.5G 383M 2.9G 11% /
devfs 1.0K 1.0K 0B 100% /dev
/dev/md0 77M 77M 0B 100% /packages/mnt/jbase
/dev/md1 27M 27M 0B 100% /packages/mnt/jkernel-14.1R4.8
/dev/md2 5.4M 5.4M 0B 100% /packages/mnt/jdocs-14.1R4.8
/dev/md3 117M 117M 0B 100% /packages/mnt/jroute-14.1R4.8
/dev/md4 44M 44M 0B 100% /packages/mnt/jcrypto-14.1R4.8
/dev/md5 508M 508M 0B 100% /packages/mnt/jruntime-14.1R4.8
/dev/md6 152K 152K 0B 100% /packages/mnt/jservices-aacl-pic-14.1R4.8
/dev/md7 1.9M 1.9M 0B 100% /packages/mnt/jservices-alg-pic-14.1R4.8
/dev/md8 1.0M 1.0M 0B 100% /packages/mnt/jservices-alg-xlp64-14.1R4.8
/dev/md9 1.0M 1.0M 0B 100% /packages/mnt/jservices-alg-xlr64-14.1R4.8
If you want to see the Juniper storage size and what files are there, you can use the command “show system storage”.
root@R1> show system uptime
Current time: 2024-02-08 16:20:03 CET
System booted: 2024-02-08 15:49:22 CET (00:30:41 ago)
Protocols started: 2024-02-08 15:50:03 CET (00:30:00 ago)
Last configured: 2024-02-07 19:44:42 CET (20:35:21 ago) by root
4:20PM up 31 mins, 1 user, load averages: 0.00, 0.01, 0.03
Another command to use is “show system uptime”. It will show you how long is there router up and running and when was it booted, when was lastly configured, and so on.
root@R1> show system users
4:21PM up 32 mins, 1 user, load averages: 0.00, 0.00, 0.02
USER TTY FROM LOGIN@ IDLE WHAT
root d0 – 3:54PM – cli
root@R1>
If you want to know what are the users that are on the Juniper router, you can use the command “show system users”.
Those are all the commands that are under the “show system” level. But I am not done yet 😊, we have still to see more show commands before I finish this lesson.
Now we have to focus on the chassis of the Juniper router. Let’s see the 1st command:
root@R1> show chassis alarms
No alarms currently active
With “show chassis alarms” you can see if there is any physical problem on the Juniper device itself (fortunately no alarms 😊).
root@R1> show chassis hardware
Hardware inventory:
Item Version Part number Serial number Description
Chassis VM5543516AC4 VMX
Midplane
Routing Engine RE-VMX
CB 0 VMX SCB
FPC 0 Virtual FPC
CPU Rev. 1.0 RIOT 123XYZ987
MIC 0 Virtual 10x1GE PIC
PIC 0 BUILTIN BUILTIN Virtual 10x1GE PIC
If you want to have more idea about the hardware itself of the Juniper device, you can write the command “show chassis hardware”.
root@R1> show chassis routing-engine
Routing Engine status:
DRAM 1024 MB (1024 MB installed)
Memory utilization 80 percent
CPU utilization:
User 4 percent
Background 0 percent
Kernel 5 percent
Interrupt 33 percent
Idle 58 percent
Model RE-VMX
Serial ID VM5543516AC4
Start time 2024-02-08 15:49:22 CET
Uptime 36 minutes, 58 seconds
Last reboot reason 0x10:misc hardware reason
Load averages: 1 minute 5 minute 15 minute
0.90 1.73 0.90
root@R1>
And finally, “show chassis routing-engine” will show me more details about the routing-engine that you should already know about it now 😊
This is all what I wanted to show you in this lesson, hope it was informative and see you in the upcoming one.
0 Comments