Juniper

New switch setup

Update device

First, download the latest supported version of JunOS for your device. For me it was 25.2R1.9.

Copy the file over to your device

scp /var/tmp/junos-arm-32-25.2R1.9.tgz switch:/var/tmp

Start the device upgrade

request system software add /var/tmp/junos-arm-32-25.2R1.9.tgz

Disable auto-chassis-upgrade to clear the spam on the console

configure
delete chassis auto-image-upgrade
commit

Set root password

set system root-authentication plain-text-password

DNS settings

set system domain-name lab.pwned.com
set system domain-search lab.pwned.com
set system name-server 192.168.0.1

Date & Timezone

set system time-zone America/Chicago
set system ntp server us.pool.ntp.org

Disable management interface

Gets rid of a chassis alert if it’s not plugged in

set interfaces me0 disable

Create rescue config

This will clear a warning on the chassis also

request system configuration rescue save

Delete vme interface

This interface is only used when you have a virtual chassis environment.

delete interfaces vme

Enable SSH

set system services ssh protocol-version v2
set system services ssh root-login allow

Default vlan config

delete interfaces irb unit 0 family inet
delete interfaces irb unit 0 family inet6
set interfaces irb unit 0 family inet address 192.168.0.2/30
set interfaces irb unit 0 family inet6 address 2001:470:8050::2/64
set routing-options static route 0.0.0.0/0 next-hop 192.168.0.1
set routing-options rib inet6.0 static route ::/0 next-hop 2001:470:8050::1

Create VLANs

set vlans LAB vlan-id 10 l3-interface irb.10
set interfaces irb unit 10 family inet address 192.168.1.1/24
set interfaces irb unit 10 family inet6 address 2001:470:8050:1::1/64
set vlans LAB vlan-id 10 l3-interface irb.20
set interfaces irb unit 20 family inet address 192.168.2.1/24
set interfaces irb unit 20 family inet6 address 2001:470:8050:2::1/64

Configure interfaces

set interfaces ge-0/0/0 unit 0 family ethernet-switching interface-mode access vlan members LAB
set interfaces ge-0/0/1 unit 0 family ethernet-switching interface-mode access vlan members LAB
set interfaces ge-0/0/2 unit 0 family ethernet-switching interface-mode access vlan members LAB
set interfaces ge-0/0/3 unit 0 family ethernet-switching interface-mode access vlan members LAB
set interfaces ge-0/0/4 unit 0 family ethernet-switching interface-mode access vlan members LAB
set interfaces ge-0/0/5 unit 0 family ethernet-switching interface-mode access vlan members LAB
set interfaces ge-0/0/6 unit 0 family ethernet-switching interface-mode access vlan members WIFI
set interfaces ge-0/0/7 unit 0 family ethernet-switching interface-mode access vlan members LAB
set interfaces ge-0/0/8 unit 0 family ethernet-switching interface-mode access vlan members LAB
set interfaces ge-0/0/9 unit 0 family ethernet-switching interface-mode access vlan members LAB
set interfaces ge-0/0/10 unit 0 family ethernet-switching interface-mode access vlan members LAB
set interfaces ge-0/0/11 unit 0 family ethernet-switching interface-mode access vlan members default

DHVPv4 Relaying

set forwarding-options dhcp-relay server-group OPNSENSE_DHCP 192.168.0.1
set forwarding-options dhcp-relay active-server-group OPNSENSE_DHCP
set forwarding-options dhcp-relay group DHCP_CLIENT_VLANS irb.10
set forwarding-options dhcp-relay group DHCP_CLIENT_VLANS irb.20

Router Advertisements

set protocols router-advertisement interface irb.10 managed-configuration
set protocols router-advertisement interface irb.10 other-stateful-configuration
set protocols router-advertisement interface irb.10 prefix 2001:470:8050:1::/64 no-autonomous

set protocols router-advertisement interface irb.20 managed-configuration
set protocols router-advertisement interface irb.20 other-stateful-configuration
set protocols router-advertisement interface irb.20 prefix 2001:470:8050:2::/64 no-autonomous

DHCPv6 Relaying

set forwarding-options dhcp-relay dhcpv6 server-group OPNSENSE_DHCPv6 2001:470:8050::1
set forwarding-options dhcp-relay dhcpv6 active-server-group OPNSENSE_DHCPv6
set forwarding-options dhcp-relay dhcpv6 relay-agent-interface-id
set forwarding-options dhcp-relay dhcpv6 relay-agent-remote-id
set forwarding-options dhcp-relay dhcpv6 group DHCPv6_CLIENT_VLANS interface irb.10
set forwarding-options dhcp-relay dhcpv6 group DHCPv6_CLIENT_VLANS interface irb.20
set forwarding-options dhcp-relay dhcpv6 group DHCPv6_CLIENT_VLANS overrides rapid-commit

Analyzer (Port Mirroring)

set forwarding-options analyzer SHOWEQ input ingress interface ge-0/0/10.0
set forwarding-options analyzer SHOWEQ input egress interface ge-0/0/10.0
set forwarding-options analyzer SHOWEQ output interface ge-0/0/7.0

OSPF

set routing-options router-id 192.168.0.2

set protocols ospf area 0.0.0.0 interface irb.0 interface-type p2p
set protocols ospf area 0.0.0.0 interface irb.10 passive
set protocols ospf area 0.0.0.0 interface irb.20 passive

set protocols ospf3 area 0.0.0.0 interface irb.0 interface-type p2p
set protocols ospf3 area 0.0.0.0 interface irb.10 passive
set protocols ospf3 area 0.0.0.0 interface irb.20 passive