Juniper switch upgrade

From Wikitech
Jump to navigation Jump to search

Download the JTAC Recommended Software

First you need to download the JTAC Recommended Junos Software for the EX4300 at the link below.

Note: You need to have a Juniper account and privilege to download software. If you try to download the software and you get a message saying that you need privilege, just open a SR with Juniper and request access to download software.

https://kb.juniper.net/InfoCenter/index?page=content&id=KB21476

Once you click on the link above in the EX4300 session at the moment of the tutorial the recommended version is Junos 18.1R3-S6. Click on EX4300 and this will open another page on that page, (link below)

https://support.juniper.net/support/downloads/

under version, select 18.1 then download the one with “EX4300 Series 18.1R3” to your laptop.

After accepting the License agreement, select the option “To download the image on your localhost, CLICK HERE”

In the download column, click on "checkSums" the MD5 for the 18.1R3 image at the moment of this tutorial is

 MD5 : d6aef35be1a76d729c134d926c6f327a

Navigate where you saved the image file to do a checksums of the image file.

papaul@papaulpc:~/Downloads$ md5sum jinstall-ex-4300-18.1R3.3-signed.tgz 
d6aef35be1a76d729c134d926c6f327a  jinstall-ex-4300-18.1R3.3-signed.tgz

We can see that the MD5 we have on Juniper web site is the same as the MD5 on our laptop. Copy the the file from your computer /laptop to a USB

Connect the new EX4300

Rack/power the new EX4300 in any rack and connect just the console cable to it (no network cable). Update Netbox with the new switch information. As temporary name we can use msw2-eqiad

login to the new EX4300 using console (default user name root, default password : leave empty)

Note: Once you login, you will see that the EX4300 will be trying to connect to a DHCP server to do upgrade and it will be annoying . To turn this off, you need to set a temporary root password and issue the command “Delete chassis auto-image-upgrade”

set system root-authentication plain-text-password

enter the temporary password twice and "commit"

delete chassis auto-image-upgrade
commit

Copy the file from your USB to the new EX4300

Identify your USB drive

Before you connect the USB to the switch, issue the command

ls /dev/da

You will see an outputt similar or close to below

dev/da0 /dev/da0s1c /dev/da0s2a /dev/da0s3 /dev/da0s3e
/dev/da0s1 /dev/da0s1f /dev/da0s2c /dev/da0s3c
/dev/da0s1a /dev/da0s2 /dev/da0s2f /dev/da0s3d

connect the USB and issue the same command you will see that a new device has been added

root@% ls /dev/da*
/dev/da0 /dev/da0s1c /dev/da0s2a /dev/da0s3 /dev/da0s3e
dev/da0s1 /dev/da0s1f /dev/da0s2c /dev/da0s3c /dev/da2
/dev/da0s1a /dev/da0s2 /dev/da0s2f /dev/da0s3d /dev/da2s1

In my case it is /dev/da2s1 and that is the USB drive

Mount the USB drive

Create a directory for the USB drive to mount to:

   root@% mkdir /var/tmp/usb

Mount the USB drive to the /var/tmp/usb directory:

   root@% mount_msdosfs /dev/da2s1 /var/tmp/usb
   root@% ls /var/tmp/usb
   jinstall-ex-4300-18.1R3.3-signed.tgz

Note: 'ls /var/tmp/usb' will show all the files on the USB drive. ​

Copy the Juniper file from the USB to the /var/tmp/usb directory:

   root@% cp /var/tmp/usb/jinstall-ex-4300-18.1R3.3-signed.tgz /var/tmp
   root@% ls /var/tmp
   jinstall-ex-4300-18.1R3.3-signed.tgz

The jinstall-ex-4300-18.1R3.3-signed.tgz file from the USB is successfully copied to the /var/tmp directory.

Note: At this point, you can do another checksum to make sure that the file copied to the switch was not compromised.

file checksum md5 /var/tmp/jinstall-ex-4300-18.1R3.3-signed.tgz

Now unmount the USB drive

   root@% umount /var/tmp/usb

Start the upgrade

The two commands you need to run the upgrade on the switch are:

request system software add /var/tmp/jinstall-ex-4300-18.1R3.3-signed.tgz 
request system reboot

Verification

After the reboot, you can issue the command "show version" to check the version running on the swith

show version 
Junos: 18.1R3.3

For EX switches, ensure that the primary and backup partitions are running the same version:

show system snapshot media internal

request system snapshot slice alternate (member X)

Copy old switch configuration to new switch

Open 2 terminal windows, in the first terminal window open the old switch and in the second terminal open the new switch.

on the old switch window issue the command

show configuration

copy the configuration and paste it in the new switch terminal.

Important: Do not copy all the users and their SSH keys because over console this will be very very slow. What you need to do is to just copy first all the configuration without the users ssh keys then copy two or 3 users with their SSH keys one by one. You can add the other users and their SSH keys after you login to the switch using ssh and not console.

Note: Do not copy the root password also.

on the new switch issue the command "show configuration" and double check that the configuration on the new switch matches the configuration on the old switch then commit