Interested in Setting Up a Juniper Lab

spiderjerichospiderjericho Registered Users, Member Posts: 890 ■■■■■□□□□□
I recently got the JNCIA CBT Nuggets. The instructor recommends a J2330, J2350 and EX2200. But each is in the $800+ range, which would mean a lab that costs $2,400 - $3,000.

Would buying the SRX100H (or B) be a better alternative, especially if I plan on moving up the enterprise track? Security would be something maybe later on. But my career goals is to one day have a CCIE R&S and have familiarity with JUNOS from a routing/switching perspective, obtaining the JNCIA, JNCIS-ENT, JNCIP-ENT, JNCIE-ENT. Is there a lab topology to utilize like say Cisco (like for Associate and Professional with three routers and switches, four switches, 6-10 routers for expert).

I tried asking in the SRX thread and didn't get a response.

Comments

  • SettSett Member Posts: 187
    Olive is the way to go. Check the threads in the forum how to build VM running Junos or even a whole appliance. You might throw some EXs' or SRXs' for the switching part, but it's not really a must for the JNCIA/JNCIS tracks.
    Non-native English speaker
  • spiderjerichospiderjericho Registered Users, Member Posts: 890 ■■■■■□□□□□
    I thought about that; however, I have a physical lab of:

    3845 ISR
    3825 ISR
    2801 ISR
    2621XM

    4X 3560
    3750

    And will probably expand it by a few more Cisco routers. I know I could use GNS3 with switches, but I like to get physical hands on. But I'll defi Italy revisit the Olive via VM using Google Fu when I'm fully awoken.
  • AldurAldur Member Posts: 1,460
    I'd recommend going for the srx100b, you can do most things routing and security wise there. Then some ex2200s would be helpful to get your hands dirty in the switching side of things.

    Keep in mind that there's always junosphere, but I understand that it's nice to have real gear locally.
    "Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."

    -Bender
  • spiderjerichospiderjericho Registered Users, Member Posts: 890 ■■■■■□□□□□
    What's the cost for JUNOSPHERE? Is it readily available? The
    last I heard it had to be obtained through an approved Juniper training or education provider.
  • AldurAldur Member Posts: 1,460
    Junosphere is readily available and time in Junosphere can be purchased with a credit card. So any normal person who has a credit card can get Junosphere time.

    Check out the below link for pricing and purchasing with a credit card.

    https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=5898
    "Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."

    -Bender
  • NetworkVeteranNetworkVeteran Member Posts: 2,338 ■■■■■■■■□□
    Aldur wrote: »
    Junosphere is readily available and time in Junosphere can be purchased with a credit card. So any normal person who has a credit card can get Junosphere time.

    For anyone who has used Junosphere, roughly how many machine hours did you end up using for various certifications? For an entry-level certification I could see $50 (240 machine hours / 3 devices = 80 machine hours per device) being plenty if JNCIA is anything like CCNA. I'm more curious about the expenditures for the intermediate level certifications.

    (The CCNP/CCIP requirements sometimes suggest 10+ devices.)
  • AldurAldur Member Posts: 1,460
    Yes, I could see a topology getting larger than 10 devices. You could always slice up some of the VMs into virtual routers to get a larger topology. That or order more VMs. :D
    "Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."

    -Bender
  • spiderjerichospiderjericho Registered Users, Member Posts: 890 ■■■■■□□□□□
    Yeah, I like Network Veteran's question. And initially, this sounds cheaper for JNCIA. Aldur, have you or anyone you know used this for a certification? IF the cost to go to the professional level is cheaper than buying one EX switch or SRX then that's great.
  • AldurAldur Member Posts: 1,460
    I know there are quite a few people who use it for certification studies, however, I don't know them personally. But just looking at the numbers of what I've spent over the years to acquire my certs, it's very eye opening.

    To obtain my two JNCIEs, and hopefully a third one (my JNCIE-SEC attempt is currently being graded) I've spent probably between 10k and 12k on gear. And this has strictly been on the J series routers and then the SRX series devices that I bought out of pocket. I didn't have to buy any expensive EX series switches. Also, I've bought a rack, cables, and not to mention the increased power bill. If I was able to take that money and put it into something like Junosphere, I would have been miles ahead.

    For instance, let's take the low number that I figured, 10k. At 50 bucks a day that would buy you about 200 days of Junosphere at 10 VMs a day. And, if it were me, I'd want to take full advantage of those days, since they come in 24 hr reservations, and put in at least 10 hrs when ever I had a reserved day (Actually I'd probably get in 12 to 14 hrs, but 10 hrs is probably more feasible for most people). So I'd be looking at doing this on a day that I didn't have to work, or something like that. Then, doing the math, (10 * 200), equals out to be 2,000 hrs of lab time, more if you are willing to put in longer study sessions. And I can guarantee that I haven't put in anything close to 2,000 hrs of lab time in for my studies.

    So, the math makes sense in that I would have saved a lot of money if something like Junosphere was available for me.

    It is important to keep in mind that some features are not currently available in Junosphere, but should be available soon. Most, if not all, routing features are available, some security features, and the switch features are coming soon. Most of it all of the features should be there by next year, if not sooner. My group is pushing this big time, since training and developing training material would be tons cheaper, and much more flexible in a virtualized world.
    "Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."

    -Bender
  • mapletunemapletune Member Posts: 316
    Great thread, very interesting! =D
    Studying: vmware, CompTIA Linux+, Storage+ or EMCISA
    Future: CCNP, CCIE
  • terenteren Member Posts: 30 ■■□□□□□□□□
    +1 for Junosphere, I used it quite a bit on the ENT for routing and currently using it for SP. I have a number of SRX100/210's that I used to use quite a bit but just found Junosphere much easier to whip up different scenarios. With that said, physical hardware is always nice to have but maybe a nice compromise between the two might be ideal, as long as that's economically feasible.
  • spiderjerichospiderjericho Registered Users, Member Posts: 890 ■■■■■□□□□□
    Teren, you used it for ENT expert? Isn't there switching in that track? Is there some kind of recommendation or guidance to the number of devices necessary for each exam? Like JNCIA, ENT associate, ENT professional, etc?
  • varyesvaryes Member Posts: 8 ■□□□□□□□□□
    Teren - do you have any Junosphere topologies for JNCIE-SP practice to share? I builded few topologies to load into Junosphere, but it takes time. Hoping if someone had from Reynolds books or other practice lab. Thanks!
  • terenteren Member Posts: 30 ■■□□□□□□□□
    Sorry for the slow reply here, been busy working on SP - Yes there's a decent amount of non-switching material in the ENT track if you look through the blueprint, so Junosphere is fantastic for those topics. If you utilize virtual-routers inside of Junosphere, you can obviously cut the number of devices down but just makes things a little bit harder to keep track off. I usually practiced with 6-9 vms. The other thing that's nice with Junosphere is getting more efficient & fast which is incredibly important of course.
  • terenteren Member Posts: 30 ■■□□□□□□□□
    varyes wrote: »
    Teren - do you have any Junosphere topologies for JNCIE-SP practice to share? I builded few topologies to load into Junosphere, but it takes time. Hoping if someone had from Reynolds books or other practice lab. Thanks!

    Have you tried the topology wizard in Junosphere? Should make it quite a bit easier than building the files by hand. Let me know if you don't have any luck with that.
  • varyesvaryes Member Posts: 8 ■□□□□□□□□□
    Thanks. Haven't tried topology wizard yet. Is this a new future? Thanks!
  • terenteren Member Posts: 30 ■■□□□□□□□□
    Came out a little while ago, I've just dabbled with it a little bit so can't speak too much to it but seems like a step in the right direction
  • AldurAldur Member Posts: 1,460
    I also played with the topology wizard a bit. In the past I've just always made my own topology files and that worked great. But I have to say that I'm really impressed with the topology wizard. I used it to create a topology and it literally took me less than a minute to create and everything was ready to go. Much quicker and easier than doing it yourself, even if you understand how to create all topology file manually.
    "Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."

    -Bender
  • f0rgiv3nf0rgiv3n Member Posts: 598 ■■■■□□□□□□
    I used just one SRX240 for my JNCIA-Junos and JNCIS-Sec and never ran into anything I couldn't do!
  • wes allenwes allen Member Posts: 540 ■■■■■□□□□□
    Started working with Junosphere today - it is pretty cool for sure. It took a couple days to get everything set up account wise, but spinning up a couple routers to start labbing was pretty easy. The SRX images "cost" 2 VM day credits, so keep that in mind for the Sec tracks. Going to try to do the JNCIA-Junos in the next week or two.
  • effektedeffekted Member Posts: 166
    I am looking into studying for the JNCIA over CCNA since we don't use any Cisco routers/switches in my environment. We use J series routers and SSG firewalls, and we have 2 J2320's that are currently laying around from a site that was shutdown. Can I use these to do majority labbing aside from the switching pieces or am I better off making an Olive?
  • AldurAldur Member Posts: 1,460
    Real routers are always better than olives. It's been a while since I dove into olives, but from what I remember, when I was able to get my hands on real routers for labbing and ditched the olives, it was a beautiful day. With J2320's, you can do most things routing and firewalling, and some things switching. Which should be considerable more than you can do with olives.
    "Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."

    -Bender
  • JDMurrayJDMurray Admin Posts: 13,023 Admin
    Are there instruction for getting a physical or VM olive to run with JunOS 11 or 12? All I can find is instructions for (the very old) JunOS 8 on a IP330. If I could discover what release of FreeBSD JunOS 11 or 12 is running on I'd try putting together a JunOS 11 VM olive myself.
  • ccnxjrccnxjr Member Posts: 304 ■■■□□□□□□□
    This is certainly not for the faint of heart :)
    I'd like to create a document with more detail, screen shots etc, however that will take some time, maybe in the future.

    First, create a Qemu image like so :
    qemu-img create -f qcow2 olive-12a.img 8G
    

    Download FreeBSD 7.4 install ISO and store it in the same directory as your image.
    For this example I'm using :
    FreeBSD-7.4-RELEASE-i386-dvd1.iso

    Now boot and install FreeBSD 7.4 using this command:
    qemu -m 1024 -hda olive-12a.img -cdrom FreeBSD-7.4-RELEASE-i386-dvd1.iso -boot d -localtime
    

    Once the install splash screen shows up install FreeBSD 7.4 and partition as described here (I will cover the JunOS install!):
    Installing Olive 12.1R1.9 under Qemu « Brezular's Technical Blog

    Or a Standard install
    At the boot partition screen, allocate the entire disc.
    Use the Standard boot loader.
    At the boot label editor create the following
    1024 M File System ----> mount point /
    1024 M Swap
    16 M File System ----> mount point /dummy
    1024 M File System ----> mount point /config
    everything else File System ----> mount point /var

    Select User type distribution, and install as little as possible

    K

    Now that you have a FreeBSD 7.4 qemu image download your JunOS image, in this case
    Download software for the MX960 platform:


    Install Package
    M-series, MX high end series & T-series Install Package
    MD5 SHA1 12.1R1.9 tgz 447,625,224 28 Mar 2012

    The file should be named
    jinstall-12.1R1.9-domestic-signed.tgz

    I've then stuck this image into an ISO called junos_12-1.iso, which is how I'll pass this along to the qemu image like so :
    qemu -m 1024 -net nic,model=e1000 -hda olive-12a.img -cdrom junos_12-1.iso -net user
    

    K, now log in to your FreeBSD 7.4 machine and let's get to work :D

    #First, mount the CDROM with your JunOS image
    mount /cdrom
    

    #let's navigate to /var/tmp
    cd /var/tmp
    

    #now let's create a directory to work in
    mkdir junos
    

    #get there :)
    cd junos
    

    #extract our install media into our working directory
    #I've packed the install media into an ISO and passed this along to qemu
    #or you can unpack it from wherever/however you've decieded to store the junos image

    tar zxvf /cdrom/jinstall-12.1R1.9-domestic-signed.tgz
    



    #The contents are :
    +CONTENTS
    +COMMENT
    +DESC
    +INSTALL
    jinstall-12.1R1.9-domestic.tgz
    jinstall-12.1R1.9-domestic.tgz.md5
    jinstall-12.1R1.9-domestic.tgz.sha1
    jinstall-12.1R1.9-domestic.tgz.sig
    issu-indb.tgz
    certs.pem


    #However the only one we're interested in is :
    #jinstall-12.1R1.9-domestic.tgz


    #Let's create a working directory for this package
    mkdir jinstall
    
    #get there :)
    cd jinstall
    

    #Now let's extract the install package in here to start working on it
    tar zxvf ../jinstall-12.1R1.9-domestic.tgz
    

    #the contents should look like


    +CONTENTS
    +COMMENT
    +DESC
    +INSTALL
    +DEINSTALL
    +REQUIRE
    bootstrap-install-12.1R1.9.tar
    jbundle-12.1R1.9-domestic.tgz
    pkgtools.tgz


    #We'll be modifying these two files:
    +REQUIRE
    +INSTALL


    #In both files comment out
    re_name=`/sbin/sysctl -n hw.re.name 2>/dev/null`

    #and under that line insert:
    re_name="olive"


    #once modified create a pkgtools directory:
    mkdir pkgtools
    

    #now enter the directory
    cd pkgtools
    

    #extract pkgtools.tgz like this
    tar zxvf ../pkgtools.tgz
    
    #the contents are :
    pkg/manifest
    pkg/manifest.certs
    pkg/manifest.sha1
    pkg/manifest.sig
    bin/checkpic


    #We'll need to replace bin/checkpic with /usr/bin/true
    #you can do it like this :


    #first enter /bin
    cd /bin
    

    #now replace "checkpic" with "true"
    cp /usr/bin/true ./checkpic
    

    #let's pack it all up again
    #navigate to the next higher level directory from /bin
    cd ..
    
    #Your working directory should have the following contents
    pkg
    bin


    #tar it back up
    tar zcvf  ../pkgtools.tgz  *
    

    #let's go back up the directory with the jinstall-12.1R1.9-domestic.tgz
    cd ..
    
    # our directory contents should look liks this:
    +CONTENTS
    +COMMENT
    +DESC
    +INSTALL
    +DEINSTALL
    +REQUIRE
    bootstrap-install-12.1R1.9.tar
    jbundle-12.1R1.9-domestic.tgz
    pkgtools
    pkgtools.tgz

    #Remove the working directory we created for pkgtools
    #I'd advise against tabbing this sequence out in case you accidentally delete the .tgz archive instead of the directory
    rm -rf pkgtools
    

    #tar this stuff up into our Olive installation package :)
    tar zcvf ../junos-olive-12_1.tgz *
    

    #now lest navigate to the directory that we place our olive install package in
    cd ..
    

    #Optionally remove the jinstall working directory
    #I'd advise against tabbing this sequence out in case you accidentally delete the .tgz archive instead of the directory
    rm -rf jinstall
    

    #Install our Olive :)
    pkg_add -f junos-olive-12_1.tgz
    

    *see below

    This should install our Olive, sit back, chillax and wait for further instructions such as :
    WARNING:     A REBOOT IS REQUIRED TO LOAD THIS SOFTWARE CORRECTLY. Use the
    WARNING:     'request system reboot' command when software installation is
    WARNING:     complete. To abort the installation, do not reboot your system,
    WARNING:     instead use the 'request system software delete jinstall'
    WARNING:     command as soon as this operation completes.
    

    Reboot and watch a CBT Nuggets vid or something , it will take some time for the rest to complete, JunOS is gonna do its thing and reboot a couple times.
    You'll know when it's done when you see the following line and command prompt:
    --- JUNOS 12.1R1.9 built 2012-03-24 12:52:33 UTC
    
    
    
    
    root@%
    

    Type "cli" to enter the "user mode" environment
    root@% cli

    You'll be ready to start tinkering once you see this prompt
    root>
    

    *this is below :)

    If you were following along you may have noticed we did not re-pack the contents of jinstall-12.1R1.9-domestic-signed.tgz
    Right now we're in /var/tmp/junos directory with a bunch of other stuff laying around.
    There are many a blog and tales for why I opted for this route as opposed to others.
    For the time being you may refer to discussions here :
    Installing Olive 10.4R1 under VMware | packetmischief.ca
  • AldurAldur Member Posts: 1,460
    Wow, ccnxjr, you are the man, that's some seriously good info on creating an olive. This post just officially deserved a sticky! icon_thumright.gif
    "Bribe is such an ugly word. I prefer extortion. The X makes it sound cool."

    -Bender
  • ajmatsonajmatson Member Posts: 289
    ccnxjr, thank you for your time on that. This really helped me out getting not only multiple olives up in GNS3, saving me money on having to buy hardware but also I was able to get them running JWeb :) Kudos to you sir.
    Working on currently:
    Masters Degree Information Security and Assurance (WGU) / Estimated 06/01/2016
    Next Up: CCNP Routing Exam | Certified Ethical Hacker Exam
    Cisco Lab: ASA 5506-X, GNS3, 1x 2801 Router, 1x 2650XM, 1x 3750-48TS-E switch, 2x 3550 EMI Switches and 1x 2950T swtich.
    Juniper Lab: 1x SRX100H2, 1x J2320 (1GB Flash/1GB RAM, JunOS 11.4R7.5), and 4 JunOS Firefly vSRX Routers in VMWare ESXi 5.1
Sign In or Register to comment.