Intro to Juniper CLI – Static Routes

Reading time: 4 – 7 minutes

  One type of router I have not talked about much is Juniper; we use them a lot at work.  I should talk about them a lot, besides being JNCIA-EX and JNCIA-ER certified (The fisher-price, my first certifications of Juniper), they also gave me a free PS3 and a free SRX 210 PoE router;  CDW now sells these for $1200, but when I got it it was $1600.  And it was brand new, with warranty and all.  Hence, gotta love Juniper.

  If you’re working on Junipers, you need to know their routers are not programmed like mos other routers, there’s no Cisco-esque CLI, it’s if anything more like C\C++.  A good example of that would be the routing configs, so that’s what I’ll kick off with.  If you had a single static route on your juniper, it would look like this:

routing-options {
    static {
        route next-hop;

  Yeppers, that’s right.  Juniper uses curly brackets.  The command to add a route, when you’re at the top of the config mode is this:

set routing-options static route next-hop

  On a juniper, you use the set command to add anything to the config.  However, you can also do it this way:

edit routing-options static
set route next-hop

  Or, you could do it this way:

edit routing-options
edit static
set route next-hop

  On the Juniper, to move from each section in the config, you use edit.  If you noticed above in the show config, the levels were routing-options, then static, and then the route statement.  So you could use an edit to move from the top of the config to routing-options, then to static, or both in one line with the edit routing-options static.

  If you were in routing-options static, and needed to get back to the top level of the config, you type “top”.  If you were in routing-options static, and wanted to be in routing-options, you could just type up, to move up one level.

[edit routing-options static]
Lab@Olive-1# up
[edit routing-options]
Lab@Olive-1# edit static
[edit routing-options static]
Lab@Olive-1# top

  If you’ve used a Cisco, you know about our old friend config t, but you may need some help getting into the edit mode of a Juniper.  To get in there, type edit, or, edit private.  I’d always use edit private, since it prevents anyone else working on the router from committing your changes.  You see, when you edit the config on a juniper, it doesn’t take effect right away, you first have to commit it, via the commit command, or commit and-quitcommand.  Say you were working on the config, and changing the IP address on the interface you used to telnet into the router, and change it’s default route.  You could change the IP address, and the default route in one fell swoop, then commit it just fine, while a Cisco\Adtran the changes take effect soon as you hit enter.  The problem with edit vs edit private, say someone else was in the router, changed a description of an interface, and committed their change, right when you deleted the IP of the interface, but before you put in the new one.  Guess what, he committed your changes.  Example, you get in, and add a route:

Lab@Olive-1> edit
Entering configuration mode
Lab@Olive-1# set routing-options static route discard
  While you do this, a coworker logs in:
Lab@Olive-1> edit Entering configuration mode Users currently editing the configuration:   Lab terminal v0 (pid 1300) on since 2009-12-13 21:00:44 UTC       [edit] The configuration has been changed but not committed
Lab@Olive-1# show | compare
[edit routing-options static]
     route { ... }
+    route discard;
Lab@Olive-1# commit
commit complete
Lab@Olive-1# show routing-options static
route next-hop;
route next-hop;
route discard;

  This may not seem to bad, but I’ve seen it kill routers before.  To disable an interface, a lot of time people will do a deactivate of the interface.  Note this does not disable the interface, rather it removes the portion of the config from being active.  For example:

[edit interfaces]
Lab@Olive-1# deactivate t1-0/0/0

  The config for t1-0/0/0 is now gone, and the interface can be up, at least physically, since it has the “default” config in place.  If you need to add the config back, you just do an activate t1-0/0/0.

  So what’s the harm in edit vs edit private?  Say you’re copying the interface name of the T1 you need to activate, t1-4/2/1:0, and when you copy it, there’s an extra carriage return in front, so when you paste it, you get this:

[edit interfaces]
Lab@Olive-1# deactivate

  Now on the Juniper I’m using now, 9.6, you can’t deactivate, but from what happened before, I guess on older ones you can; it deactivates all interfaces at that level.  Not good, but you can just quit, and nothing saved, right?

  Before the tech knew what happened, and was asking someone else what he should do, someone else, also in edit and not edit private, committed their changes, blowing away every interface on the router, including the loopback used for remote access. 

  And that is why you always use edit private.

This entry was posted in Computers and networking, Juniper, Networking. Bookmark the permalink.

2 Responses to Intro to Juniper CLI – Static Routes

  1. Pingback: Intro to Juniper CLI – BGP | Arcade Cabs, Networking, and Life in General

  2. Pingback: Intro to Juniper CLI – Edit modes and movment | Arcade Cabs, Networking, and Life in General

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>