Using the Management Interface

Problem

You want to enable out-of-band management access to the router.

Solution

Configure the router's management interface:

[edit interfaces] aviva@router1# set fxp0 unit 0 family inet address 192.168.70.246/24

Use the following command to configure the J-series management interface:

[edit interfaces] aviva@RouterA> set fe-0/0/0 unit 0 family inet address 10.0.15.1/24

 

Discussion

JUNOS routers provide a separate out-of-band management interface for monitoring the router independently of the network links. This interface is named fxp0 and is an internal Ethernet interface that is permanently installed in the router. The router does not route traffic from network and services interfaces over fxp0, and traffic arriving on this interface is never directed to network interfaces, so you cannot use it to route traffic.

You can connect to the management interface over the network using SSH and Telnet, and SNMP NMS systems can connect to the router using this interface to query for router status and statistics.

This recipe shows how to configure an address for the fxp0 interface. Because it is an Ethernet interface, you can configure a subnet address. You cannot configure a host (/32) address.

Use the show interfaces command to get status about the management interface:

aviva@router1> show interfaces fxp0 Physical interface: fxp0, Enabled, Physical link is Up Interface index: 1, SNMP ifIndex: 1 Type: Ethernet, Link-level type: Ethernet, MTU: 1514, Speed: 100mbps Device flags : Present Running Interface flags: SNMP-Traps Link type : Half-Duplex Link flags : 4 Current address: 00:a0:a5:12:2f:04, Hardware address: 00:a0:a5:12:2f:04 Last flapped : Never Input packets : 217004 Output packets: 2808 Logical interface fxp0.0 (Index 2) (SNMP ifIndex 13) Flags: SNMP-Traps Encapsulation: ENET2 Protocol inet, MTU: 1500 Flags: Is-Primary Addresses, Flags: Is-Default Is-Preferred Is-Primary Destination: 192.168.64/21, Local: 192.168.71.246, Broadcast: 192.168.71.255

The output shows that this is a 100-Mbps Ethernet interface running in half-duplex mode.

The hardware architecture of the J-series routers differs from the M-series and T-series routers, so instead of fxp0 being the management interface, it is one of the nonremovable Fast Ethernet interfaces, fe-0/0/0. The interface status shows the same basic information as on the M- and T-series routers:

aviva@RouterA> show interfaces fe-0/0/0 Physical interface: fe-0/0/0, Enabled, Physical link is Up Interface index: 137, SNMP ifIndex: 29 Link-level type: Ethernet, MTU: 1514, Speed: 100mbps, Loopback: Disabled, Source filtering: Disabled, Flow control: Enabled Device flags : Present Running Interface flags: SNMP-Traps 16384 Link flags : 4 CoS queues : 8 supported Current address: 00:05:85:ca:ca:70, Hardware address: 00:05:85:ca:ca:70 Last flapped : 2005-05-04 23:37:59 PDT (1w0d 18:17 ago) Input rate : 0 bps (0 pps) Output rate : 304 bps (0 pps) Active alarms : None Active defects : None Logical interface fe-0/0/0.0 (Index 66) (SNMP ifIndex 39) Flags: SNMP-Traps Encapsulation: ENET2 Protocol inet, MTU: 1500 Flags: Is-Primary Addresses, Flags: Is-Preferred Is-Primary Destination: 10.0.16/24, Local: 10.0.15.1, Broadcast: 10.0.15.255

While you can actually configure the fxp0 interface on a J-series router, the values are applied to the fe-0/0/0 interface and show up under fe-0/0/0 in the show interfaces output. The recommended procedure is to place all management interface configuration at the [edit interfaces fe-0/0/0] hierarchy level.

The process for configuring many of the JUNOS protocols is to associate one or more interfaces with the protocol to make the interfaces aware that they will be receiving packets for that protocol, and vice versa. You can do this by calling out specific interfaces in the configuration, such as here:

[edit protocols] aviva@RouterA# set pim interface fe-0/0/1

It's often faster and easier just to configure all the interfaces at once:

[edit protocols] aviva@RouterA# set pim interface all

When you do this, you end up configuring the protocol on the out-of-band interface also. It's not considered good practice to do this, so in these cases, you should turn off the protocol on that interface with a disable command.

On an M-series or a T-series router, the command looks like this:

[edit protocols] aviva@router1# set pim interface fxp0 disable

On a J-series router, use a command like this:

[edit protocols] aviva@RouterA# set pim interface fe-0/0/0 disable

The primary reason you want to turn off the protocol is because this is the management interface, and you most likely are not using any routing protocols on it. Disabling the protocol leaves you with a "clean" configuration, because you are configuring only the functionality that you actually want the router to use. If you choose not to disable the protocol on the management interface, routing protocols may establish adjacencies to the fxp0 or fe-0/0/0 interface, but there is no negative impact on the performance of the Routing Engine.

Категории