I have been attempting to work through the kindle book, Day One: MPLS for enterprise engineers by Darren O’Connor to get some more experience with mpls and Junos. I went ahead and setup some vSRX VMs on my lab server and had a mess around, which was cool, however I have a long commute and so I thought it would be a nice to set these up in virtualbox on my macbook pro.
The first attempt was not successful as there are a few setting that need to be changed after creating the VMs, but then I happened across a tweet (I’m sorry I don’t remember who it was) for a link to a Juniper Learning byte on youtube showing how to install and configure vSRX in virtualbox.
This was great, but I found as I started to lab up the examples from the Day One guide, I was running into all sorts of weird issues that turned out to be caused by the firewall filter on the vSRX (it is a firewall after all!). I spent a lot of time researching how to get lots of protocols up and working as expected without adding a million firewall rules eg: ping/ssh/traceroute, ldp, ospf etc which in turn was taking time away from working through the day one guide.
Then I stumbled across this link on the Juniper Forums.
If you run the following commands from the top of your config and then reboot the device, you will set the vSRX into packet mode which basically turns off all the firewalling and makes the box act just like a router:
set security forwarding-options family mpls mode packet-based
set security forwarding-options family iso mode packet-based
set security forwarding-options family inet6 mode packet-based
I am not sure if this introduce any other oddities but now I can correctly see the ldp and mpls tables so i think I have found the solution here. I thought I would post this as it took much longer than expected to sort this issue out.
Inspired by the ICT Networks Junos start program training I went to a couple of weeks back I decided to take a look into the Juniper certification tracks and as part of this I sat and passed the JNCIA-Junos exam yesterday. For those not familiar with the Juniper certification paths the JNCIA is the prerequisite for all certification tracks , similar to what the CCNA used to be on the Cisco side of the house. For study materials I used the free PDF from the Juniper Fast track program and as I worked through these I realised that the free ICT Network Junos start program was a pretty good introduction course for this exam too.
Another bonus of the fast track program is the ability to get a 50% discount voucher for the JNCIA exam just by getting a score of 70% or more on the pre assessment exam, which is available once you log into the fast track website. This brought the exam cost down to only $50US , which after sitting many reassuringly expensive Cisco exams was a nice little bonus.
My goal is the Cisco service provider track but I like what I see from Juniper and I am starting to think it will be beneficial to go down the service provider road with Juniper as well, It also doesn’t hurt that Juniper are quite big in the carrier routing space so I can only see experience on both Cisco and Juniper platforms as a plus. Even with SDN gaining more traction in the industry I think there will always be a need for skilled engineers with a deep understanding of how protocols work, which in my mind is the biggest benefit of vendor certification…plus its also nice sometimes to get a little recognition in the form of a certificate/industry credential to show for it too.
The testing centre was average as usual, the machine took around 10 mins to finally start up the exam and once I finished no score report was printed, even the staff were pretty clueless why this was. I was a little concerned that I might have wasted 50 bucks as it seemed (according to the Pearson Vue website) like I had not attended the appointment, but later on that night the website updated showing the exam had been passed as well as the score report.
The JNCIA exam itself is not too challenging and should be pretty easy if you have some networking knowledge already (CCNA for example) and have read through the fast track PDFs. I wouldn’t say that hands on experience with Juniper gear is a necessity however the vSRX Firefly trial VM is freely available for download and it is very easy to spin up a few VMware instances (or even just one) to explore the cli commands. In terms of difficulty I have read that the Cisco comparison exam is around the CCENT level of but its been so long since I sat that it’s hard for me to gauge so I can’t really compare the two.
While working thorough the training materials I found that there are quite a few nice features in the Junos cli that I liked and thought were pretty interesting. I am putting together a list of useful commands as I find them so that might become a blog post one day.
Overall this was a nice little intro to Junos and I am looking forward to firing up my virtual server and getting into the JNCIS-SP track. For anyone looking for some more info on Juniper certification or training check out the links below: