Building a Juniper "Olive" running latest JUNOS in VMWare
Two of my work objectives for FY07/08 are passing two Juniper "Enterprise Routing track" exams:
Juniper Networks Certified Internet Associate (JNCIA-ER exam JN0-341) [update: passed 6th Aug 07]
Juniper Networks Certified Internet Specialist (JNCIS-ER exam JN0-350)
As my networking background is traditionally based upon Cisco routing and switching, I thought it would be sensible to get some half-decent CLI time on JUNOS, as opposed to just reading books and PDFs etc. One such way of getting CLI time is to build an "Olive" box which effectively runs JUNOS software on a FreeBSD Unix-like free operating system.
For details of what an Olive box is, please visit here.
If you did not know, Olive requires managing through the serial port (e.g. COM1) of a PC, similar to a console port of a router. Only the earlier versions such as JUNOS 5 allow you to access the CLI through the PC keyboard and VGA output directly (although this view was still not identical to a serial connection). The recent versions of code after JUNOS 7.4 which stand any chance of detecting your NIC card, can only be accessed through the serial port. I customised a cable to allow me to do this below, but later use some clever free software to create multiple virtual serial ports which I can telnet in to, making physical cables unnecessary.
This long page, only concentrates on running Olive in a VMWare virtual environment - I have no interest in building a real Olive by dedicating a whole PC to the task - not even using dual-boot. The primary reason for this is a single Olive is of little use to me - I aim to use a minimum of three so I can get to grips with the routing protocols and filtering techniques where a single Olive would be next to useless.
For anybody who has not seen them before, I found the following two URLs helpful resources:
JUNOS as a second language (for anyone familiar with Cisco IOS, this shows a clean migration path for the CLI skills you have already mastered)
IOS to JUNOS config translator (juniper.net login required)
Page Index - jump to a section... 1. Free Sybex Juniper PDF certification books 2. Credit where it's due 3. On to the Olive branch
4. VMWare specifics 5. Installing FreeBSD 6. Installing JUNOS 7. Gaining access via the serial port 8. Running multiple Olives on one box using VMWare, and creating virtual serial ports for
telnet access 9. Upgrading from a < 7.4 version to a > 7.4 version so the NICs can be detected 10. Installing J-Web (allowing web based administration of the Olive) 11. Screenshots of 3 VMWare Olives 12. Sample VMWare .VMX file
Free Sybex Juniper PDF certification books... Juniper provide these Sybex books free of charge (to download) as they are now out of print:
JNCIA: Juniper Networks Certified Internet Associate Study Guide (Published Feb 03)
JNCIS-M: Juniper Networks Certified Internet Specialist Study Guide (Published Feb 03)
JNCIP-M: Juniper Networks Certified Internet Professional Study Guide (Published Feb 03)
JNCIE-M: Juniper Networks Certified Internet Expert Study Guide (Published Nov 03)
Credit where it's due... Firstly - none of the below would be possible if it hadn't been for the excellent pages published at the following URLs (in no particular order), of which some of the below is a direct copy and paste:
Sid Smokes JuniperClue Packetmischief
Please do not contact me for any JUNOS images - I will not provide them.
"Olive" is not supported by J-TAC and they should never be contacted about it.
Throughout this document, I never pretend to be a Juniper, JUNOS, VMWare or FreeBSD expert. I know a little, and its good to share knowledge.
On to the Olive branch... I decided I wanted to run my Olive box in a VMWare virtual session/environment, as I use the box extensively for other functions and did not want to make the device dual boot. I appreciate
this creates a performance trade-off but from an education, flexibility and learning point of view, VMWare is fantastic.
My "cupboard server" (which I use for many things including a home web server running Apache, hosting tools to assist with my CCIE revision and running Dynamips/Dynagen) is a second-hand HP-Compaq Evo Small Form Factor (SFF) d530 P4 2.8Ghz, 1.5GB RAM and several hundred GB of disk space over two HDDs, running XP Pro SP2.
The box has 9 NICs - 1 on board which is a Broadcom NetXtreme GigE and 2 x PCI 4 port D-Link DFE-570TX NICs (see the card below - bought second-hand from Ebay which uses the DEC tulip (now Intel) 21143 chipset) - these NIC ports can either be "teamed" for load balancing/fault tolerance features, or as I do, use each NIC port as a seperate interface with its own MAC and IP address. I primarily need the 9 NICs to support a Dynamips configuration nearly identical to this for my CCIE revision.
[ Note: you do NOT need one of these 4 port cards for this project - a single on-board NIC will suffice ]
VMWare Server is running v1.03 (which I find much faster than MS Virtual PC), and as discussed above, towards the end of my installing Olive, I had to move to VMWare Workstation v6 as VMWare Server would not properly activate the JUNOS NICs (I still do not know why as FreeBSD which sits under JUNOS used the NICs perfectly under VMWare Server).
VMWare specifics... For nearly all of my efforts getting JUNOS to work in VMWare, I did so using VMWare Server 1.03 (which is Free). I created the virtual machines, installed FreeBSD, installed JUNOS, added a second hard disk image to a 7.4 JUNOS jinstall image on the box to allow the detection of my NIC cards, etc. In VMWare Server, JUNOS will run, and it will detect the NIC cards, BUT it will not USE the NIC cards - it absolutely refuses to do anything with them.
As soon as you load the image created in VMWare Server into VMWare Workstation, without making any config changes, the NICs suddenly spring into life. I also tried running the self-same identical images on the free VMWare Player but they do not work. I guess what i'm trying to say is if you only have VMWare Server (even though you can get Workstation on a 30 day trial for free), then you will not be hindered until the very end of setting up one of these boxes - FreeBSD will still use the NICs perfectly, it's only JUNOS which appears to have a problem, but you can get all the way up to the final stage of having a working Olive box using VMWare Server (as this is how I did it). If in doubt, and you have Workstation, use it from the start. From a Google, it appears that v5.5 of Workstation will support the latest JUNOS, you do not necessarily need v6.
When it came to using the Olive box however, VMWare Server was no longer useful and only VMWare Workstation was able to work with the virtual NICs.
For info I used VMWare Workstation 6.0.0 build 45731.
VMWare profile I used: 256MB RAM (I may lower this later once Olive is built); 1 x CDROM (linked to an ISO, not a physical drive); 3 x Ethernet NICs configured as 'bridged' (you would be fine with one NIC); 1 x serial port (output to a text file at first, as opposed to COM1 unless you have an appropriate serial cable); 8 GB hard disk (untick 'allocate all disk space now'); for Operating System profile choose 'Other' then 'FreeBSD'.
Installing FreeBSD... To allow FreeBSD (and more importantly, JUNOS later) to detect the virtual network cards, you need to add a line to the VMWare machine ".vmx "configuration file, to add a statement that overrides the default NIC behaviour to allow the NICs to be detected as "Intel(R) PRO/1000" which FreeBSD (and then JUNOS) can detect and use - add the blue text below, as appropriate:
Ethernet0.present = "TRUE" Ethernet0.virtualDev = "e1000"
If you have multiple virtual NICs configured, do the same for the rest:
Ethernet1.present = "TRUE" Ethernet1.virtualDev = "e1000" Ethernet2.present = "TRUE" Ethernet2.virtualDev = "e1000" etc etc.
Once you run the machine, the .vmx file will allocate MAC addresses to the virtual interfaces - if you are running multiple machines, and want them to work together at some stage, you need to ensure all virtual NICs have unique MAC addresses (they only need to vary by one hexadecimal character).
Once complete, to guarentee these changes are picked up, it may be best to right click on the machine, click "remove from inventory", then re-add it by file, open, browse and navigating to the directory containing the .vmx file you edited.
I downlaoded FreeBSD 4.10-RELEASE-i386-miniinst.iso (~220MB) and when bound to a VMWare CDROM, this will boot.
Start VMWare machine, and at the "Kernel Configuration Menu" choose the top option of "Skip kernel config"
At the "SysInstall Main Menu" choose "Express - Begin a quick installation (for the impatient)"
At the FDISK Parition Editor type A to use Entire Disk, then type Q to finish
For the "Boot Manager" choose "Standard - Install a standard MBR (no boot manager)"
For the "Disklabel Editor":
Step 1 of 4: Type C to create, then delete the values and insert 500M , then choose FS (File System), then type /
Step 2 of 4: Type C, delete values, insert 500M , then choose Swap space
Step 3 of 4: Type C, delete values, insert 100M , choose FS, type /config
Step 4 of 4: Type C, accept the values presented with an , choose FS, type /var
Type Q to finish
For "Choose Distributions" choose "Exit this menu - returning to previous" (i.e. no need to install any extras)
For "Choose installation media" choose "CD/DVD"
At the "User Confirmation Requested" whe