Anda di halaman 1dari 22

JUNIPER COMMAND AND CONFIGURATION

aynnakrajagnem nad rajaleb gnay gnaro padahret gnanes hibel numan ,rajaleb gnay gnaro padahret gnanes hallA
naklamaid gnay umli halada umli aynkiab-kiabeS

Hampir sama dengan Cisco, lingkungan untuk baris perintah di Juniper memiliki
privileges yang hirarki. Dalam artikel ini lingkungan yang digunakan adalah
mode konfigurasi. Dan perangkat yang digunakan adalah Olive.
Untuk cara membuat Olive dan menjalakannya serta menambah beberapa interface
di dalam satu perangkat dapat dicari di internet.
Lisensi Dokumen:
Copyright 2011 healinlodge@yahoo.co.id
Seluruh dokumen dalam artikel ini dapat digunakan, dimodifikasi dan disebarkan
secara bebas untuk tujuan bukan komersial (nonprofit), dengan syarat tidak
menghapus atau meubah atribut penulis dan pernyataan copyright yang disertakan
dalam artikel ini. Tidak diperbolehkan melakukan penulisan ulang, kecuali
mendapatkan ijin terlebih dahulu dari penulis

Contoh lingkungan baris perintah di Juniper pada saat proses booting selesai
dan cara masuk ke dalam mode konfigurasi:

Amnesiac <ttyd0>
Login: root
root@%cli
root>edit
root#
mode konfigurasi

healinlodge@yahoo.co.id

Berikut merupakan contoh konfigurasi sederhana dalam Juniper


1. Me-reset konfigurasi

root# load factory default


root# set system root-authentication plain-text-password
root# commit and-quit

atau

root# delete

2. Mengkonfigurasi kata kunci akun root

root# set system root-authentication plain-text-password


root# commit and-quit

3. Menambahkan akun baru

root# set system login user admin class super-user authentication plain-textpassword
root# commit and-quit

4. Mengkonfigurasi layanan Telnet

root# set system services telnet


root# commit and-quit

5. Mengkonfigurasi alamat Internet Protocol

root# set interfaces em0 description "interface 1"


root# set interfaces em0 unit 0 family inet address 192.168.0.16/24
root# commit and-quit

6. Mengkonfigurasi routing statik

root# set routing-options static route 0.0.0.0/0 next-hop 192.168.0.1


root# commit and-quit

healinlodge@yahoo.co.id

7. Mengkonfigurasi hostname

root# set system host-name junos-router


root# commit and-quit

8. Menyimpan konfigurasi dengan nama config1 dan menjalankan konfigurasi yang


disimpan

root#
root#
root#
root#
root#

save config1
load factory default
show
load override config1
commit and-quit

9. Mengaktifkan dan me-disable interface

root#
root#
root#
root#

set interfaces em0 disable


show
delete interfaces em0 disable
commit and-quit

10. Mengkonfigurasi Jweb

root# set system services web-management http port 80 interface em0


root# commit and-quit

Berikut merupakan contoh konfigurasi sederhana dalam Juniper menggunakan


Logical Router.

Logical Router adalah fasilitas yang dimiliki oleh JUNOS (Juniper OS) untuk
mengemulasikan beberapa router di dalam satu perangkat.
Untuk tiap Logical Router jika ingin dapat berkomunikasi dengan Logical Router
lain maka tiap tiap interface yang di-apply di Logical Router harus memiliki
vlan. Pemberian nomor vlan harus didahului dengan penambahan tag vlan-tagging
pada interface fisik.
Berikut contohnya :
interfaces {
fxp0 {
vlan-tagging;

healinlodge@yahoo.co.id

Statik route 1

root# show
## Last changed: 2011-02-14 20:02:46 UTC
version 8.3R2.8;
system {
root-authentication {
encrypted-password "$1$u7TUyI9W$prYTrxvG4QcsmgHzBDcnC0"; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
logical-routers {
R1 {
interfaces {
fxp0 {
unit 1 {
vlan-id 10;
family inet {
address 192.168.1.2/30;
}
}
}
lo0 {
unit 1 {
family inet {
address 10.10.10.1/32;
}
}
}
}
routing-options {
static {
route 192.168.2.0/30 next-hop 192.168.1.1;
route 20.20.20.1/32 next-hop 192.168.1.1;
}
}

healinlodge@yahoo.co.id

}
R2 {
interfaces {
fxp1 {
unit 1 {
vlan-id 10;
family inet {
address 192.168.1.1/30;
}
}
}
fxp2 {
unit 1 {
vlan-id 20;
family inet {
address 192.168.2.1/30;
}
}
}
}
routing-options {
static {
route 10.10.10.1/32 next-hop 192.168.1.2;
route 20.20.20.1/32 next-hop 192.168.2.2;
}
}
}
R3 {
interfaces {
fxp3 {
unit 1 {
vlan-id 20;
family inet {
address 192.168.2.2/30;
}
}
}
lo0 {
unit 2 {
family inet {
address 20.20.20.1/32;
}
}
}
}
routing-options {
static {
route 192.168.1.0/30 next-hop 192.168.2.1;
route 10.10.10.1/32 next-hop 192.168.2.1;
}
}
}
}
interfaces {
fxp0 {
vlan-tagging;
}
fxp1 {
vlan-tagging;
}
fxp2 {
vlan-tagging;
}
fxp3 {
vlan-tagging;
}
fxp4 {
vlan-tagging;
}

healinlodge@yahoo.co.id

Tunnel IPIP

root# show
## Last changed: 2011-02-14 20:17:09 UTC
version 8.3R2.8;
system {
root-authentication {
encrypted-password "$1$u7TUyI9W$prYTrxvG4QcsmgHzBDcnC0"; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
logical-routers {
R1 {
interfaces {
fxp0 {
unit 1 {
vlan-id 10;
family inet {
address 192.168.1.2/30;
}
}
}
ipip {
unit 1 {
tunnel {
source 192.168.1.2;
destination 192.168.2.2;
}
family inet {
address 100.100.100.1/30;
}
}
}
lo0 {
unit 1 {
family inet {

healinlodge@yahoo.co.id

address 10.10.10.1/32;
}
}
}
}
routing-options {
static {
route 192.168.2.0/30 next-hop 192.168.1.1;
route 20.20.20.1/32 next-hop 192.168.1.1;
}
}
}
R2 {
interfaces {
fxp1 {
unit 1 {
vlan-id 10;
family inet {
address 192.168.1.1/30;
}
}
}
fxp2 {
unit 1 {
vlan-id 20;
family inet {
address 192.168.2.1/30;
}
}
}
}
routing-options {
static {
route 10.10.10.1/32 next-hop 192.168.1.2;
route 20.20.20.1/32 next-hop 192.168.2.2;
}
}
}
R3 {
interfaces {
fxp3 {
unit 1 {
vlan-id 20;
family inet {
address 192.168.2.2/30;
}
}
}
ipip {
unit 2 {
tunnel {
source 192.168.2.2;
destination 192.168.1.2;
}
family inet {
address 100.100.100.2/30;
}
}
}
lo0 {
unit 2 {
family inet {
address 20.20.20.1/32;
}
}
}
}
routing-options {
static {
route 192.168.1.0/30 next-hop 192.168.2.1;
route 10.10.10.1/32 next-hop 192.168.2.1;

healinlodge@yahoo.co.id

}
}
}
}
interfaces {
fxp0 {
vlan-tagging;
}
fxp1 {
vlan-tagging;
}
fxp2 {
vlan-tagging;
}
fxp3 {
vlan-tagging;
}
fxp4 {
vlan-tagging;
}
}

healinlodge@yahoo.co.id

Static route 2 (dengan default gateway)

root# show
## Last changed: 2011-02-16 19:21:22 UTC
version 8.3R2.8;
system {
root-authentication {
encrypted-password "$1$BWl90tZm$.WjtUyk1uWapLfntjU3tv1"; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
logical-routers {
R1 {
interfaces {
fxp0 {
unit 1 {
vlan-id 10;
family inet {
address 192.168.1.2/30;
}
}
unit 10 {
vlan-id 100;
family inet {
address 10.10.10.1/24;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 192.168.1.1;
}
}
}
R2 {

healinlodge@yahoo.co.id

interfaces {
fxp1 {
unit 1 {
vlan-id 10;
family inet {
address 192.168.1.1/30;
}
}
}
fxp2 {
unit 1 {
vlan-id 30;
family inet {
address 192.168.3.1/30;
}
}
}
}
routing-options {
static {
route 10.10.10.0/24 next-hop 192.168.1.2;
route 30.30.30.0/24 next-hop 192.168.3.2;
}
}
}
R3 {
interfaces {
fxp3 {
unit 1 {
vlan-id 30;
family inet {
address 192.168.3.2/30;
}
}
unit 10 {
vlan-id 300;
family inet {
address 30.30.30.1/24;
}
}
}
}
routing-options {
static {
route 192.168.1.0/30 next-hop 192.168.3.1;
route 10.10.10.0/24 next-hop 192.168.3.1;
}
}
}
}
interfaces {
fxp0 {
vlan-tagging;
}
fxp1 {
vlan-tagging;
}
fxp2 {
vlan-tagging;
}
fxp3 {
vlan-tagging;
}
fxp4 {
vlan-tagging;
}
fxp5 {
vlan-tagging;
}

healinlodge@yahoo.co.id

Simple OSPF

root# show
## Last changed: 2011-02-17 11:55:20 UTC
version 8.3R2.8;
system {
root-authentication {
encrypted-password "$1$0Wn8rZ.f$DCb3wO9c4fehiVW7.VsqM1"; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
logical-routers {
R1 {
interfaces {
fxp0 {
unit 0 {
vlan-id 10;
family inet {
address 192.168.1.2/30;
}
}
unit 1 {
vlan-id 100;
family inet {
address 10.10.10.1/24;
}
}
unit 2 {
vlan-id 110;
family inet {
address 100.100.100.1/24; --> Not advertised and not running OSPF
}
}
}
}

healinlodge@yahoo.co.id

protocols {
ospf {
area 0.0.0.1 {
interface fxp0.0;
interface fxp0.1 {
passive; --> Do not running OSPF on this interface, but advertise it
}
}
}
}
}
R2 {
interfaces {
fxp1 {
unit 0 {
vlan-id 10;
family inet {
address 192.168.1.1/30;
}
}
}
fxp2 {
unit 0 {
vlan-id 30;
family inet {
address 192.168.3.1/30;
}
}
}
}
protocols {
ospf {
area 0.0.0.1 {
interface fxp1.0;
interface fxp2.0;
}
}
}
}
R3 {
interfaces {
fxp3 {
unit 0 {
vlan-id 30;
family inet {
address 192.168.3.2/30;
}
}
unit 1 {
vlan-id 300;
family inet {
address 30.30.30.1/24;
}
}
}
}
protocols {
ospf {
area 0.0.0.1 {
interface fxp3.0;
interface fxp3.1 {
passive; --> Do not running OSPF on this interface, but advertise it
}
}
}
}
}
}
interfaces {
fxp0 {
vlan-tagging;

healinlodge@yahoo.co.id

}
fxp1 {
vlan-tagging;
}
fxp2 {
vlan-tagging;
}
fxp3 {
vlan-tagging;
}
fxp4 {
vlan-tagging;
}

healinlodge@yahoo.co.id

Simple BGP 1

root@olive# show
## Last changed: 2011-02-19 12:00:38 UTC
version 8.3R2.8;
system {
root-authentication {
encrypted-password "$1$NHeQ88Kl$u87tWj628HH88uYBLGzc71"; ## SECRET-DATA
}
}
logical-routers {
R1 {
interfaces {
fxp0 {
unit 0 {
vlan-id 10;
family inet {
address 192.168.1.2/30;
}
}
unit 1 {
vlan-id 100;
family inet {
address 10.10.10.1/24;
}
}
unit 2 {
vlan-id 101;
family inet {
address 100.100.100.1/24;
}
}
unit 3 {
vlan-id 102;
family inet {
address 88.88.88.1/24;
}
}
}
}
protocols {
bgp {
group group1 {

healinlodge@yahoo.co.id

type external;
import prefix-masuk;
export prefix-keluar;
peer-as 200;
neighbor 192.168.1.1;
}
}
}
policy-options {
prefix-list subnet1 {
10.10.10.0/24;
}
prefix-list subnet2 {
100.100.100.0/24;
}
prefix-list subnet3 {
88.88.88.0/24;
}
policy-statement prefix-keluar {
term 1 {
from {
prefix-list subnet1;
}
then accept;
}
term 2 {
from {
prefix-list subnet2;
}
then accept;
}
term 3 {
from {
prefix-list subnet3;
}
then accept;
}
term 4 {
then reject;
}
}
policy-statement prefix-masuk {
term 1 {
from as-path ALL;
then accept;
}
}
as-path ALL .*;
}
routing-options {
autonomous-system 100;
}
}
R2 {
interfaces {
fxp1 {
unit 0 {
vlan-id 10;
family inet {
address 192.168.1.1/30;
}
}
unit 1 {
vlan-id 20;
family inet {
address 20.20.20.1/24;
}
}
unit 2 {
vlan-id 201;
family inet {

healinlodge@yahoo.co.id

address 200.200.200.1/24;
}
}
}
}
protocols {
bgp {
group group1 {
type external;
import prefix-masuk;
export prefix-keluar;
peer-as 100;
neighbor 192.168.1.2;
}
}
}
policy-options {
prefix-list subnet1 {
20.20.20.0/24;
}
prefix-list subnet2 {
200.200.200.0/24;
}
policy-statement prefix-keluar {
term 1 {
from {
prefix-list subnet1;
}
then accept;
}
term 2 {
from {
prefix-list subnet2;
}
then accept;
}
term 3 {
then reject;
}
}
policy-statement prefix-masuk {
term 1 {
from as-path peer1;
then reject;
}
}
as-path peer1 100;
}
routing-options {
autonomous-system 200;
}
}
}
interfaces {
fxp0 {
vlan-tagging;
}
fxp1 {
vlan-tagging;
}
fxp2 {
vlan-tagging;
}
fxp3 {
vlan-tagging;
}
fxp4 {
vlan-tagging;
}

healinlodge@yahoo.co.id

Simple BGP 2 (dengan statik route)

root# show
## Last changed: 2011-02-22 16:30:51 UTC
version 8.3R2.8;
system {
root-authentication {
encrypted-password "$1$jiSoPIwl$5aV1FrrD9/yYGTheeQVtn1"; ## SECRET-DATA
}
}
logical-routers {
R0 {
interfaces {
fxp0 {
unit 0 {
vlan-id 10;
family inet {
address 192.168.0.2/30;
}
}
unit 1 {
vlan-id 88;
family inet {
address 88.88.88.1/24;
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-hop 192.168.0.1;
}
}
}
R1 {
interfaces {
fxp1 {
unit 0 {
vlan-id 10;
family inet {
address 192.168.0.1/30;
}
}
unit 1 {
vlan-id 100;
family inet {
address 100.100.100.1/24;
}
}
}
fxp2 {

healinlodge@yahoo.co.id

unit 0 {
vlan-id 20;
family inet {
address 192.168.1.2/30;
}
}
unit 1 {
vlan-id 101;
family inet {
address 101.101.101.1/24;
}
}
}
}
protocols {
bgp {
group group1 {
type external;
import prefix-masuk;
export prefix-keluar;
peer-as 200;
neighbor 192.168.1.1;
}
}
}
policy-options {
prefix-list subnet1 {
100.100.100.0/24;
}
prefix-list subnet2 {
101.101.101.0/24;
}
prefix-list subnet3 {
192.168.0.0/30;
}
policy-statement prefix-keluar {
term 1 {
from {
prefix-list subnet1;
}
then accept;
}
term 2 {
from {
prefix-list subnet2;
}
then accept;
}
term 3 {
from {
prefix-list subnet3;
}
then accept;
}
term 4 {
from protocol static;
then accept;
}
term 5 {
then reject;
}
}
policy-statement prefix-masuk {
term 1 {
from as-path ALL;
then accept;
}
}
as-path ALL .*;
}
routing-options {

healinlodge@yahoo.co.id

static {
route 88.88.88.0/24 next-hop 192.168.0.2;
}
autonomous-system 100;
}
}
R2 {
interfaces {
fxp3 {
unit 0 {
vlan-id 20;
family inet {
address 192.168.1.1/30;
}
}
unit 1 {
vlan-id 200;
family inet {
address 200.200.200.1/24;
}
}
}
fxp4 {
unit 0 {
vlan-id 30;
family inet {
address 192.168.2.1/30;
}
}
unit 1 {
vlan-id 201;
family inet {
address 201.201.201.1/24;
}
}
}
}
protocols {
bgp {
group group1 {
type external;
import prefix-masuk-peer1;
export prefix-keluar-peer1;
peer-as 100;
neighbor 192.168.1.2;
}
group group2 {
type external;
import prefix-masuk-peer2;
export prefix-keluar-peer2;
peer-as 300;
neighbor 192.168.2.2;
}
}
}
policy-options {
prefix-list subnet1 {
200.200.200.0/24;
}
prefix-list subnet2 {
201.201.201.0/24;
}
prefix-list subnet3 {
192.168.1.0/30;
}
prefix-list subnet4 {
192.168.2.0/30;
}
policy-statement prefix-keluar-peer1 {
term 1 {
from {

healinlodge@yahoo.co.id

prefix-list subnet1;
}
then accept;
}
term 2 {
from {
prefix-list subnet2;
}
then accept;
}
term 3 {
from {
prefix-list subnet4;
}
then accept;
}
term 4 {
from as-path FROM-R3;
then accept;
}
term 5 {
then reject;
}
}
policy-statement prefix-keluar-peer2 {
term 1 {
from {
prefix-list subnet1;
}
then accept;
}
term 2 {
from {
prefix-list subnet2;
}
then accept;
}
term 3 {
from {
prefix-list subnet3;
}
then accept;
}
term 4 {
from as-path FROM-R1;
then accept;
}
term 5 {
then reject;
}
}
policy-statement prefix-masuk-peer1 {
term 1 {
from as-path ALL;
then accept;
}
}
policy-statement prefix-masuk-peer2 {
term 1 {
from as-path ALL;
then accept;
}
}
as-path ALL .*;
as-path FROM-R1 100;
as-path FROM-R3 300;
}
routing-options {
autonomous-system 200;
}
}

healinlodge@yahoo.co.id

R3 {
interfaces {
fxp5 {
unit 0 {
vlan-id 30;
family inet {
address 192.168.2.2/30;
}
}
unit 1 {
vlan-id 55;
family inet {
address 55.55.55.1/24;
}
}
}
}
protocols {
bgp {
group group1 {
type external;
import prefix-masuk;
export prefix-keluar;
peer-as 200;
neighbor 192.168.2.1;
}
}
}
policy-options {
prefix-list subnet1 {
55.55.55.0/24;
}
policy-statement prefix-keluar {
term 1 {
from {
prefix-list subnet1;
}
then accept;
}
term 2 {
then reject;
}
}
policy-statement prefix-masuk {
from as-path ALL;
then accept;
}
as-path ALL .*;
}
routing-options {
autonomous-system 300;
}
}
}
interfaces {
fxp0 {
vlan-tagging;
}
fxp1 {
vlan-tagging;
}
fxp2 {
vlan-tagging;
}
fxp3 {
vlan-tagging;
}
fxp4 {
vlan-tagging;
}
fxp5 {

healinlodge@yahoo.co.id

vlan-tagging;
}
fxp6 {
vlan-tagging;
}
fxp7 {
vlan-tagging;
}
}

Mohon maaf bila ada kesalahan. Kritik, saran dan masukkan sangat diharapkan.
Terima Kasih.

Maret 2011

healinlodge@yahoo.co.id