HOWTO: Juniper Olive using VMware

Posted by Ahsan Tasneem | 10:26 PM | , , , , | 6 comments »



I recently joined a new company, I have been asked to start certifying myself for Juniper Networks. My goal for next year is to become JNCIA, JNCIS & possibly JNCIP certified. Because I’ve already got allot of experience with the various protocols out there I don’t see getting the JNCIA & JNCIS certification to be an issue. For the JNCIP however, I need to really get my hands-on up to speed. This is why I decided to install Olives again, but this time by making use of VMware and one really big computer

I hope you’ll find this guide usefull, if it is ever found out there
Because JUNOS software is not freeware, I will not make my virtual Olives available for download. You should be working for a company with a Juniper Networks support-contract so you can download JUNOS from their website.


With this guide I will merely show you guys how you can set one up for yourself when you have the JUNOS software available.


  • VMware
    I’m using VMWare Workstation version 6.0.4 to simulate the Olives. Another alternative is VMware server, but I haven’t used this version yet so I’m not entirely sure that all VMware related things will be the same as explained below. I might try the server version at a later stage when I give my Olives a more permanent location on a dedicated server.
    • Virtual console access
      Furthermore you will need to have a virtual serial port available for console access to the router during the installation procedure. I always used to use ”HW Virtual Serial Port” by 
      HW-Group, but this freeware is unfortunately not supported in Windows Vista x64 (they are currently working on a new version). Another alternative is ”Virtual Serial Port Driver” byEltima software. This is unfortuantely not a freeware product, but you can download a 14-day trial - enough time to get the Olive up and running - and by making use of the ‘’suspend” button in VMware you wont have to use the console access anymore.
    • Multicast For some reason the Olives will not be able to communicate using Multicast traffic. This of course is a big issue because most network protocols make use of multicast. You will need to download this patch to get this fixed. Somewhere down the line I will explain to you how it should be used.
    I’ve created a video of the procedure below in case some of my wording and/or explanation is not clear enough. The video can be found here.
    For the installation I use the following Virtual Machine characteristics:
    Type: Typical
    RAM: 256MB
    HDD: 8GB HDD (not pre-allocated)
    NICs: 6x in bridge mode
    Serial: 1x for your virtual serial port
    OS: Other / FreeBSD
    You should remove any other virtual hardware you wont use, like the USB controller, Sound card & Floppy drive.
    When the Olive is fully installed you can bring down the memory to 128MB. I just allocate 256MB to speed up the installation.
    After the Virtual Machine has been created you need manually modify the VM’s configuration file to allow it to simulate Intel based NICs. By default VMware uses a simulated AMD chipset, but this will not work with JUNOS. You will need to add the following lines to your VM’s .vmx configuration file which is located in the VM’s directory on your hard drive:
    Ethernet1.present = “TRUE”
    Ethernet1.virtualDev = “e1000″
    Ethernet2.present = “TRUE”
    Ethernet2.virtualDev = “e1000″
    Now download FreeBSD version 4.10 from here. After the iso has downloaded you can mount this to your VM’s CD-ROM drive.
    This is what the Virtual Machine should look like when you’re done setting it up:

    Now you can power it up!
    Choose the first option:
    Choose ”Express”
    In the FDISK Parition Manager type ‘A’ to use Entire Disk, then type Q” to finish
    Choose the “Standard” to install a standard MBR without a boot manager.
    Now it’s time to partition the hard drive. Follow the steps below exactly and you should get the result show in the screenshot:
    • Type ”c”, then delete the values and insert ”500M” , then choose ”FS” , then type”/”
    • Type ”c”, then delete the values and insert ”500M” , then choose ”Swap”
    • Type ”c”, then delete the values and insert ”100M” , choose ”FS”, type”/config”
    • Type ”c”, accept the values presented with an , choose ”FS”, type ”/var”
    Type ”q” to finish
    Here you can exit this menu as we are not interested in installing any extra software on the system. We are looking for a bare minimum install. Choose ”Exit”
    In this window you should select to install FreeBSD from a CD/DVD. Choose the first option.
    Now press ”yes” The install will format the partitions and will copy the files across.
    Choose ”yes” as we need to do some basic settings first before we start using our fresh installation.
    We need to set a root password. Navigate to ”root password” and press ”enter”.
    Now navigate to ”networking” and press ”enter” so we can set up our management interface.
    Now choose ”interfaces” and hit ”enter”.
    Choose ”em0” and press ”enter”
    We don’t need any IPv6 support, so you should choose ”no” and press ”enter”
    We’ll be making use of a static IP-Address on this interface so you can choose ”no” and press ”enter”
    Fill in the detail you need so the Olive can communicate with your local network. Be sure to fill in the Domain as well, even if you do not have one. Otherwise it will take ages for the system to come up during the boot procedure. After you’ve filled everything in navigate to ”OK” and press ”enter”
    It’s up to you if you want to bring up the interface we just configured. We don’t really need it now, but you can select to bring it up if you want. Press ”enter” on any selection you have choosen.
    We’re ready with our installation you we need to back out of the different menu’s. Navigate to ”Exit” and press ”enter”.
    Navigate to ”Exit” and press ”enter”.
    Navigate to ”Exit install” and press ”enter”.
    Select ”yes” and press ”enter” to let the machine reboot. Be sure you press the ‘’stop” button in VMware straight after that to actually shutdown the machine, as we need to remove the ISO installation file first from the virtual CD-ROM player.
    OK! That’s it! You’ve got your basic FreeBSD installation ready. Before we move on to the actual installation of JUNOS on this system, it might be wise if you make a copy of this Virtual Machine, as we will need to have a second FreeBSD Virtual Machine available as soon as we want to install a JUNOS version greater than version 7.4! This saves you going through the whole previous process again.
    It’s not possible to immediately install a JUNOS version greater than 7.4 in FreeBSD, as it will return with an error during the installation - so we will need to it in steps.
    For my installation, I’m using version JUNOS 7.2R2.4, image jinstall-7.2R2.4-domestic-signed.tgz. Put your image on an FTP server which is reachable from your local network, so that your FreeBSD machine can reach it.
    Boot up the Virtual Machine and login as root.
    Execute the following commands:
    cd /var/tmp
    ftp ”ftp-server ip-address” e.g. ftp 192.168.0.2
    username: ”username”
    password: ”password”
    binary
    get e.g. get jinstall-7.2R2.4-domestic-signed.tgz
    bye
    Now you are back at your FreeBSD-prompt you can check if the file is actually there by doing an ”ls -la”
    Now execute the following commands from the CLI as listed below:
    rm /dev/wd0c
    ln -s /dev/ad0c /dev/wd0c
    mkdir /var/etc
    touch /var/etc
    touch /var/etc/master.passwd
    touch /var/etc/inetd.conf
    touch /var/etc/group
    Now install JUNOS by invoking the following command: pkg_add ”package file” e.q.pkg_add /var/tmp/jinstall-5.7R2.4-domestic-signed.tgz
    After the installation is finished you should reboot the Virtual Machine now by issuing“shutdown -r now”
    You will notice that the machine appears to be stuck now during boot-process (see the screenshot below), but actually it isn’t. It’s just not showing any output to the screen. You will now need to start making use of your Virtual Serial Port in combination with a program like Hyper-terminal or SecureCRT to gain access again to the machine.
    You can login to the Olive with your root-account and after that issue the ”cli” command to get into the JUNOS CLI.
    Another thing you will notice is that the Olive has not recognized any of its network interfaces - it is useless :-D Don’t worry - We will just need to start the upgrade-procedure to a higher version of JUNOS to get them to work. We will upgrade to JUNOS version 8.5R1.14. I recommend that you use this same version as the Multicast fix that we need to use was written based on this version. I haven’t tried upgrading yet, so I’m not sure if the fix will work with other versions of JUNOS.
    As we don’t have any network connectivity anymore we need to use an alternative way to get the new image on our VM. This is where your backup/copy of the original FreeBSD machine comes into play!
    Close the FreeBSD VM which was upgraded to JUNOS 7.2 (it’s maybe wise to rename it to ”Olive” just to to keep things clear) and open/start the FreeBSD-VM we copied to a safe location earlier.
    When the FreeBSD VM has booted, login as root and do the following to copy the new image:
    cd /var/tmp
    ftp ftp-server e.q. ftp 192.168.0.2
    download jinstall-8.5R1.14-export-signed.tgz
    shutdown -h now
    Now shutdown the FreeBSD VM and close it entirely. We will use the FreeBSD hard-drive in the Olive to get the new image across. You can add the FreeBSD hard-disk to the olive-VM by editing the Olive’s configuration. After you’ve added the hard-disk you can boot up the Olive and do the following:
    1. Login as root
    2. mkdir /var2
    3. mount /dev/ad1s1f /var2
    4. cd /var2/tmp
    5. mv jinstall-8.3R2.8-export-signed.tgz /var/tmp
    6. shutdown -h now
    Power-off the Olive-VM and remove the FreeBSD hard-disk you added earlier. After you’ve done that, power-on the Olive-VM again and do the following:
    1. login as root
    2. cd /var/tmp
    3. pkg_add jinstall-8.5R1.14-export-signed.tgz
    You can check the output of my terminal below:
    Amnesiac (ttyd0)
    login: root
    JUNOS 7.2R2.4 built 2005-07-07 00:49:05 UTC
    Terminal type? [vt100]
    root@%
    root@% cd /var/tmp
    root@% ls -l
    total 430518
    drwxrwxrwx 2 root wheel 512 Nov 29 14:16 install
    -rw-r–r– 1 root wheel 64051453 Nov 29 14:15 jbundle-7.2R2.4-domestic.tgz
    -rw-r–r– 1 root wheel 156234136 Dec 1 15:52
    jinstall-8.5R1.14-export-signed.tgz
    -rw-r–r– 1 root wheel 67 Nov 29 14:12 preinstall_boot_loader.conf
    drwxrwxrwt 2 root wheel 512 Nov 29 14:16 vi.recover
    root@%

    root@% pkg_add jinstall-8.5R1.14-export-signed.tgz
    Verified jinstall-8.5R1.14-export.tgz signed by PackageProduction_8_5_0
    ./+INSTALL: /sbin/x509-exts: not found
    Adding jinstall…
    WARNING: This package will load JUNOS 8.5R1.14 software.
    WARNING: It will save JUNOS configuration files, and SSH keys
    WARNING: (if configured), but erase all other files and information
    WARNING: stored on this machine. It will attempt to preserve dumps
    WARNING: and log files, but this can not be guaranteed. This is the
    WARNING: pre-installation stage and all the software is loaded when
    WARNING: you reboot the system.
    Saving the config files …
    Installing the bootstrap installer …
    WARNING: A REBOOT IS REQUIRED TO LOAD THIS SOFTWARE CORRECTLY. Use the
    WARNING: ‘request system reboot’ command when software installation is
    WARNING: complete. To abort the installation, do not reboot your system,
    WARNING: instead use the ‘request system software delete jinstall’
    WARNING: command as soon as this operation completes.
    root@% shutdown -r now
    Shutdown NOW!
    Reboot consistency check bypassed - jinstall 8.5R1.14 will complete installation upon reboot
    shutdown: [pid 3044]
    root@%

    *** FINAL System shutdown message from root@ ***

    System going down IMMEDIATELY
    OK! Your Olive is now upgraded to version 8.5R1.14. You can check if your network interfaces are up and running by following my steps as shown in my terminal-output. What we will further do is put a basic configuration together so we’ve got network connectivity again in order for us to reach the ftp-server. We’ll need to get the Multicast-fix from the ftp-server and run it.
    Amnesiac (ttyd0)
    login: root
    JUNOS 8.5R1.14 built 2007-12-08 07:38:33 UTC
    root@%
    root@% cli
    root>
    root>
    root> show interfaces terse
    Interface Admin Link Proto Local Remote
    dsc up up
    em0 up up
    em1 up up
    em2 up up
    em3 up up
    em4 up up
    em5 up up
    gre up up
    ipip up up
    lo0 up up
    lo0.16384 up up inet 127.0.0.1 –> 0/0
    lo0.16385 up up inet
    lsi up up
    mtun up up
    pimd up up
    pime up up
    tap up up
    root>
    root>
    root> configure
    Entering configuration mode
    [edit]
    root# set system root-authentication plain-text-password
    New password:
    Retype new password:
    [edit]
    root# set system login user joost authentication plain-text-password
    New password:
    Retype new password:
    [edit]
    root# set system login user joost class super-user
    [edit]
    root# set interfaces em0 unit 0 family inet address 192.168.0.200/24
    [edit]
    root# commit and-quit
    commit complete
    Exiting configuration mode
    root> ping 192.168.0.1
    PING 192.168.0.1 (192.168.0.1): 56 data bytes
    64 bytes from 192.168.0.1: icmp_seq=0 ttl=64 time=8.197 ms
    64 bytes from 192.168.0.1: icmp_seq=1 ttl=64 time=1.927 ms
    64 bytes from 192.168.0.1: icmp_seq=2 ttl=64 time=0.648 ms
    64 bytes from 192.168.0.1: icmp_seq=3 ttl=64 time=0.168 ms
    ^C
    — 192.168.0.1 ping statistics —
    4 packets transmitted, 4 packets received, 0% packet loss
    round-trip min/avg/max/stddev = 0.168/2.510/8.197/2.913 ms
    root>
    root> exit
    root@% cd /modules
    root@% ftp 192.168.0.2
    Connected to 192.168.0.2.
    220 Microsoft FTP Service

    Name (192.168.0.2:root): joost
    331 Password required for joost.
    Password:
    230 User joost logged in.
    Remote system type is Windows_NT.

    ftp> cd software/router_images/juniper/multicast_fix
    250 CWD command successful.
    ftp> dir
    200 PORT command successful.
    150 Opening ASCII mode data connection for /bin/ls.
    10-11-08 09:27AM 6148 .DS_Store
    10-11-08 09:34AM 1533 license.txt
    11-07-08 01:08PM 6445 multicast_fix.zip
    10-11-08 09:34AM 2768 readme.txt
    10-11-08 09:18AM 7709
    syscall.ko
    226 Transfer complete.

    ftp> bin
    200 Type set to I.
    ftp> get syscall.ko
    local: syscall.ko remote: syscall.ko
    200 PORT command successful.
    150 Opening BINARY mode data connection for syscall.ko(7709 bytes).
    100% ************************************************** 7709 00:00 ETA
    226 Transfer complete.
    7709 bytes received in 0.10 seconds (76.14 KB/s)
    ftp> bye
    221
    root@%

    root@% ls -la
    total 24
    drwxr-xr-x 2 root wheel 512 Dec 5 12:04 .
    drwxr-xr-x 22 root wheel 512 Dec 5 11:21 ..
    lrwxr-xr-x 1 root wheel 39 Dec 5 11:21 bcmsdk.ko
    lrwxr-xr-x 1 root wheel 42 Dec 5 11:21 microcode.ko
    lrwxr-xr-x 1 root wheel 44 Dec 5 11:21 pmap_helper.ko
    -rw-r–r– 1 root wheel 7709 Oct 11 08:18
    syscall.ko
    root@%
    To be able to run the Multicast-patch, we will need to reboot the Olive-VM into Single-user mode. Before the kernel is loaded you will need to press the space-bar. See the ouput of my terminal below to get an idea of when you need to do it. You’ll see everything else you need to do as well if you follow the output:
    root@% shutdown -r now
    Shutdown NOW!
    shutdown: [pid 4899]
    root@%

    *** FINAL System shutdown message from root@ ***

    System going down IMMEDIATELY
    Dec 5 12:13:46 Waiting (max 60 seconds) for system process `vnlru’ to stop…done
    Waiting (max 60 seconds) for system process `bufdaemon’ to stop…done
    Waiting (max 60 seconds) for system process `syncer’ to stop…
    Syncing disks, vnodes remaining…2 2 2 2 0 0 done
    syncing disks… All buffers synced.
    Uptime: 52m3s
    recorded reboot as normal shutdown
    Rebooting…
    /kernel text=0×8c2af4 data=0×4e628+0×733fc syms=[0x4+0x8eb70+0x4+0x9139c]
    Hit [Enter] to boot immediately, or space bar for command prompt.
    Booting [/kernel] in 1 second…
    Type ‘?’ for a list of commands, ‘help’ for more detailed help.
    OK boot -s
    ACPI autoload failed - no such file or directory
    Olive CPU
    GDB: debug ports: sio
    GDB: current port: sio
    KDB: debugger backends: ddb gdb
    KDB: current backend: ddb
    Copyright (c) 1996-2007, Juniper Networks, Inc.
    All rights reserved.
    Copyright (c) 1992-2006 The FreeBSD Project.
    Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
    The Regents of the University of California. All rights reserved.
    JUNOS 8.5R1.14 #0: 2007-12-08 07:38:33 UTC builder@rahu.juniper.net:/volume/build/junos/8.5/release/8.5R1.14/obj-i386/sys/compile/JUNIPER
    Timecounter “i8254″ frequency 1193182 Hz quality 0
    CPU: Intel(R) Core(TM)2 Quad CPU @ 2.66GHz (2665.67-MHz 686-class CPU)

    if_pfe_open: listener socket opened, listening on …
    Trying to mount root from ufs:/dev/ad0s1a
    Attaching /packages/jbase via /dev/mdctl…
    Mounted jbase package on /dev/md0…
    System watchdog timer disabled
    Enter full pathname of shell or ‘recovery’ for root password recovery or RETURN for /bin/sh:

    NOTE: to go to multi-user operation, exit the single-user shell (with ^D)
    #
    #
    cd /modules
    # kldload ./syscall.ko
    syscall loaded at 210
    max em unit is 8
    Error At unit 6 Get Em softc
    Error At unit 7 Get Em softc
    #
    #
    ^D (control-d)
    Verified manifest signed by PackageProduction_8_5_0
    Verified jboot signed by PackageProduction_8_5_0
    Mounted jkernel package on /dev/md1…
    Verified manifest signed by PackageProduction_8_5_0
    Mounted jpfe package on /dev/md2…
    Mounted jdocs package on /dev/md3..

    session_db initialized
    Local package initialization:.
    kern.securelevel: -1 -> 1
    starting local daemons:.
    Fri Dec 5 12:24:43 UTC 2008
    Dec 5 12:24:43 Dec 5 12:24:43 Dec 5 12:24:43 init: event-processing (PID 4249) started
    Dec 5 12:24:43 Dec 5 12:24:43 Dec 5 12:24:43 Dec 5 12:24:43 init: product mask 0×200201180, Dec 5 12:24:43 Dec 5 12:24:43 Dec 5 12:24:43 Dec 5 12:24:43
    Amnesiac (ttyd0)
    login: root
    Password:
    — JUNOS 8.5R1.14 built 2007-12-08 07:38:33 UTC
    root@%
    root@%
    sysctl dev.em.0.fix_em_multicast=1
    dev.em.0.fix_em_tmulticast: h-1e input para is :
    adapter->hw address is 0xc1dfb310
    mta is 0xc229e0c0
    mcnt is 14
    em unit updated mc address
    em vlan tagging enableed!
    -> -1
    root@%
    sysctl dev.em.1.fix_em_multicast=1
    dev.em.1.fix_em_tmulticast: h-1e input para is :
    adapter->hw address is 0xc1e07310
    mta is 0xc229e0c0
    mcnt is 14
    em unit updated mc address
    em vlan tagging enableed!
    -> -1
    root@%
    sysctl dev.em.2.fix_em_multicast=1
    dev.em.2.fix_em_tmulticast: h-1e input para is :
    adapter->hw address is 0xc1e09310
    mta is 0xc229e0c0
    mcnt is 14
    em unit updated mc address
    em vlan tagging enableed!
    -> -1
    root@%
    sysctl dev.em.3.fix_em_multicast=1
    dev.em.3.fix_em_tmulticast: h-1e input para is :
    adapter->hw address is 0xc1e0d310
    mta is 0xc229e0c0
    mcnt is 14
    em unit updated mc address
    em vlan tagging enableed!
    -> -1
    root@%
    sysctl dev.em.4.fix_em_multicast=1
    dev.em.4.fix_em_tmulticast: h-1e input para is :
    adapter->hw address is 0xc1e10310
    mta is 0xc229e0c0
    mcnt is 14
    em unit updated mc address
    em vlan tagging enableed!
    -> -1
    root@%
    sysctl dev.em.5.fix_em_multicast=1
    dev.em.5.fix_em_tmulticast: h-1e input para is :
    adapter->hw address is 0xc1e1b310
    mta is 0xc229e0c0
    mcnt is 14
    em unit updated mc address
    em vlan tagging enableed!
    -> -1
    root@%
    root@%
    cli root>
    OK, you’re done and the Olive is ready to go! Now just copy the Olive a couple of times so you can start building your own virtual network
    Unfortunately you will need to run the Multicast-patch everytime you (re)boot the Olive. Whenever I need to close VMware, I just suspend the Olives so I can press ”play” the next time I need to do some work - this saves you allot of time. I’ll see if I can automate the process at a later stage and will let you guys know on here how to do it.
    Have fun!
Related Articles

6 comments

  1. Raghunath Dandavate // July 3, 2012 at 1:44 AM  

    Hey,

    Could you please provide me the steps to create J series or Ex series Olive. As i know how to create a M or T series olive...


    Regards,
    Raghu
    Raghu.dandavate@aol.in

  2. Raghunath Dandavate // July 3, 2012 at 1:45 AM  

    Hi,

    Please provide olive installation instructions for creating J Series routers...

    Regards,
    Raghu

  3. Ahsan Tasneem // July 3, 2012 at 4:33 AM  

    @Raghu .. Thanks for your comment, I was busy compiling some important post these days, will surely post the information you mentioned in few days.

  4. adeel // July 13, 2012 at 9:45 AM  

    Dear Every one Greetings,

    I need multicast patch for olive i got tired find it on the internet this patch "syscall.ko" but i did not get yet please if any one has this patch please please send me on my email address which is microsoft_creative@yahoo.com

  5. Anonymous // July 13, 2012 at 5:09 PM  

    Hey could you please upload the syscall.rar multicast fix file somewhere? the URL to the joost blog is broken.

  6. Anonymous // July 13, 2012 at 5:10 PM  

    Hey could you please upload the syscall multicast fix file somewhere, as the URL you provided is broken.

Related Posts Plugin for WordPress, Blogger...