Tag Archives: juniper

JunOS: Finding SNMP object identifiers for your Juniper device

Leave a reply

Step 1: Download the approriate MIBs from Juniper at this link.

Step 2: grep through the MIB .txt files for the string that you’re looking for, e.g. grep -i prefixes *.txt. This will give you some clues like:

mib-jnx-bgpmib2.txt: jnxBgpM2PrefixInPrefixes
mib-jnx-bgpmib2.txt: jnxBgpM2PrefixInPrefixesAccepted
mib-jnx-bgpmib2.txt: jnxBgpM2PrefixInPrefixesRejected
mib-jnx-bgpmib2.txt: jnxBgpM2PrefixOutPrefixes

Step 3: On your Juniper, walk through the SNMP object names until you found what you’re looking for:

admin@router> show snmp mib walk jnxBgpM2
[…]
jnxBgpM2PrefixOutPrefixes.0.1.1 = 10
jnxBgpM2PrefixOutPrefixes.1.1.1 = 10
jnxBgpM2PrefixOutPrefixes.2.2.1 = 1

(jnxBgpM2PrefixCountersTable instead of jnxBgpM2 works too and saves you some time – check e.g. http://www.oidview.com/mibs/2636/BGP4-V2-MIB-JUNIPER.html)

Step 4: Now, if you want to monitor two of these objects, for example 0.1.1 and 2.2.1 with e.g. MRTG, you cannot simply specify

Target[router_prefixout]: jnxBgpM2PrefixOutPrefixes.0.1.1&jnxBgpM2PrefixOutPrefixes.2.2.1:yourcommunity@router-ip-address:::::2

because that just won’t work. Don’t ask me why, I’m an SNMP n00b and I couldn’t care less about SNMP. :-) Instead you will need the object identifier, which for BGP you could find here: http://www.oidview.com/mibs/2636/BGP4-V2-MIB-JUNIPER.html respectively here at oidview.com for all Juniper MIBs: http://www.oidview.com/mibs/2636/md-2636-1.html. In that document you would search for object name jnxBgpM2PrefixOutPrefixes and you would find that 1.3.6.1.4.1.2636.5.1.1.2.6.2.1.10 is the corresponding object identifier. So, your final config will look like this:

Target[router_prefixout]: 1.3.6.1.4.1.2636.5.1.1.2.6.2.1.10.0.1.1&1.3.6.1.4.1.2636.5.1.1.2.6.2.1.10.2.2.1:yourcommunity@router-ip-address:::::2

JunOS: Make sshd listen on another port than 22

Leave a reply

There’s no setting in JunOS (M series) that makes it possible to move sshd to another port than 22 by default. Here’s a dirty workaround:

We want sshd to listen on port 450.

% grep 450 /etc/services
tserver         450/tcp
tserver         450/udp

Comment the lines starting with ssh in /etc/inetd.conf and add tserver instead with the same parameters:

# ssh stream tcp/rt=shared nowait/75/2 root /usr/sbin/sshd sshd -i -f /var/etc/sshd_conf
# ssh stream tcp6/rt=shared nowait/75/2 root /usr/sbin/sshd sshd -i -f /var/etc/sshd_conf
tserver stream tcp/rt=shared nowait/75/2 root /usr/sbin/sshd sshd -i -f /var/etc/sshd_conf
tserver stream tcp6/rt=shared nowait/75/2 root /usr/sbin/sshd sshd -i -f /var/etc/sshd_conf

Add your desired port to /var/etc/sshd_conf:

PermitRootLogin no
Protocol 2
Port 450

Then restart inetd:

kill -HUP PID_OF_INETD

Done. Changes will be lost on reboot or software upgrade. You could set up a cronjob to check and add the lines to inetd.conf / sshd_conf automatically if needed.

Upgrading Juniper RE-5.0 (RE-400) to SSD

1 Reply

There’s a recommendation at Juniper clue on which SSD to use when replacing the traditional notebook-grade 2,5″ PATA HDD in your routing engine. The recommended Transcend 8 GB SSD is a bit outdated and was hard to find, so I gave the following Transcend 32 GB (model TS32GPSD320) a try: Amazon link.

Well, the most important thing is: the drive works fine! However, due to some tiny design flaw in the range of millimeters the result looks like this:

230320131686

That means you can’t tighten the SSD to the RE and it will be sitting there half in the air. Anyways, it does work. :-)

 

Juniper RE-5.0 (RE-400) CompactFlash upgrade

Leave a reply

UPDATE 17th April 2013: Transcend 2 GB MLC works fine as well. Amazon link.

Juniper clue tells us the following:

“The RE5 can be easily upgraded. The CF is in a hotswap socket on top of the board and can be changed easily. SanDisk SDCJF-2048 (Standard CF) are confirmed to work with RE5.0. Transcend Industrial CF Ultra TS1GCF100I (1GB) are confirmed to work with RE5.0. The CF card may need to be zeroed out before use.”

Since a 2 GB CF was kinda hard to find these days I purchased a SanDisk Ultra 4 GB CF instead (model no. SDCFH-004G-U46) – Amazon link. The CF will get detected fine by JunOS and copying everything over from the harddrive via ‘request system snapshot partition’ works as well. The only problem is that the router will remove the CF from the boot list every time you boot up, effectively making it pointless to have a CF card installed. :-)  The reason is:

ad0: FAILURE – READ status=51<READY,DSC,ERROR> error=10<NID_NOT_FOUND> LBA=7813119

Basically this is just a cosmetic error, but the router doesn’t recognize it as such and thinks your CF is broken, which it isn’t. You will probably also see:

ad0: FAILURE – SETFEATURES 0x85 status=41<READY,ERROR> error=4

Which is ok and doesn’t cause the CF to get removed from the boot list. You can find a good explanation of both errors here. Anyway, I ended up using a SanDisk Ultra 2 GB as recommended: Amazon link. Not sure if 4 GB CFs won’t work at all in the RE-5.0 or just this particular SanDisk model. An indication that only the SanDisk 4 GB causes trouble could be that when you google for the above NID_NOT_FOUND error only the SanDisk 4 GB model is being mentioned in several mailing lists posts etc.