First time login
When you login with “root” you will be in “shell mode” which is similar to linux.
You can switch to “operational mode” with the “cli” command.
It is not necessary to repeat these steps when you already have a user.
To switch to the last mode use the “configure” command:
root@hostname>configure Entering configuration mode  root@hostname#
% – shell mode
> – operational mode
# – configuration mode
Similarly to Cisco there are multiple options to gather information regarding the interfaces:
show interface terse
show interface brief
In addition you get more information using the “detailed” or “extensive” keywords.
When you are in configuration mode, the “show” command displays a specific part of the configuration.
Example: #show interfaces ge-0/0
This command is equal with Cisco’s “show run int gi0/0”
You can put a comment into any part of the configuration with the “annotate” command.
Modifying the configuration
To modify any part of the configuration use the “edit” command and the name of the structure you that you would like to modify.
Example: #edit interfaces
 root# edit interfaces [edit interfaces] root#
Notice that the “edit” part in the brackets has been extended with “interfaces”.
If you want to do same real changes you must use the “set” command.
Example: #edit interfaces em0 unit 0 family inet
In case you would like to go back to another section you can use the “up” command which will take you one level back. You can also add a number to specify how many levels would you like to go back: up 2
Or you can use “top” to go back to the top of the configuration.
Unlike Cisco, Juniper has quite advanced help system. You have multiple options to get more information regarding JunOS or a simple protocol:
help topic – Gives some detailed descriptions in context of a particular topic.
help reference – Gives more information regarding the command structure.
help apropos – Helps to find a command that relates to a topic.
>help topic interfaces address >help reference interfaces address #This command will list all of the commands that have some relevance with "snooping" >help apropos snooping
show interfaces terse | match “lo0”
lo0 up up
lo0.16384 up up inet 127.0.0.1 –> 0/0
lo0.16385 up up inet 22.214.171.124 –> 0/0
>show interfaces terse | match “lo0” | count
Count: 3 lines
The pipe plus match command is similar to Cisco’s “show run | include”
However we can use additional filtering for this like “count“. This way the JunOS will count the number of lines that match to “lo0”.
Some useful filters:
- find – similar to Cisco’s “show run | begin “
- match – similar to Cisco’s “show run | include “
- count – counts the lines of an output
- last – shows the last 20 lines of the output (You can specify the number ie.: last 40)
By default a chained filtering is using AND. If you would like to use OR relation you can do it this way:
# AND root> show log messages | find "Aug 17" | find "CPU" | count Count: 191 lines # OR root> show log messages | find "Aug 17 | CPU" | count Count: 3471 lines
There are 2 type of configurations in JunOS:
Active and Candidate
When you are in edit mode you are modifying a copy of the live configuration (Candidate) but not the live configuration itself.
You can compare your Candidate config with the Active one using the “show | compare” command:
You can activate the candidate config using the “commit” command. In addition the command have multiple options:
- and-quit – Quits configuration mode if commit succeeds.
- at – You can specify a time when the JunOS should commit
- check – Check correctness of syntax. Do NOT apply changes
- comment – Puts a comment into the commit log and ACTIVATES the candidate config.
- confirmed – First it applies the config. JunOS will automatically roll back if not confirmed in time. (You can confirm simply using “commit“)
 root# commit check configuration check succeeds  root# commit comment "First commit" commit complete  root#
You have the opportunity to rollback at any time:
root# rollback ? Possible completions: <[Enter]> Execute this command 0 2017-08-18 10:56:15 UTC by root via cli 1 2017-08-18 10:56:09 UTC by root via cli commit confirmed, rollback in 10mins 2 2017-08-18 10:55:11 UTC by root via cli commit confirmed, rollback in 10mins 3 2017-08-18 10:54:07 UTC by root via cli commit confirmed, rollback in 10mins 4 2017-08-17 11:31:48 UTC by root via cli 5 2012-05-11 11:54:23 UTC by root via other 6 2012-05-09 13:28:27 UTC by root via cli 7 2012-05-09 11:53:15 UTC by root via cli 8 2012-05-09 11:52:47 UTC by root via cli 9 2012-05-09 11:28:28 UTC by root via other 10 2012-05-09 09:54:05 UTC by root via cli 11 2011-04-12 13:11:13 UTC by root via other 12 2011-04-12 12:43:39 UTC by root via other | Pipe through a command 
You can also check the differences between the active configuration and one of the rollbacks:
root# show | compare rollback 4 [edit interfaces em0 unit 0 family inet] - address 192.168.88.1/30; 
Loading config files
You can load the configuration from files using the “load” global config command:
- factory-default – Override existing config with factory default
- merge – Merge contents with existing configuration
- replace – Replaces existing config
You can save one of your configuration as a special “rescue” config. This is helpful in case you have multiple saved configs (rollbacks) but none of them is correct anymore. In such case you can load a fix rescue config.
#Saving actual config as rescue configuration root> request system configuration rescue save root> configure Entering configuration mode #Loading rescue config  root# rollback rescue load complete  root#
You can verify the actual rescue configuration this way: file show /config/rescue.conf.gz
By default there is no password configured for the “root” user.