Olive Install Complete Guide - JunOS 12.3R6 V1-1

Author
: Tony Hill
Version : 1-0
Date
: 20th April 2014
1 Introduction
This document is a complete, step-by-step guide for installing and configuring a JunOS Olive on a
Ubuntu 14.04 LTS 64-bit system. The guide starts with setting up and installing a QEMU emulated
FreeBSD virtual machine, progressing onto tailoring the JunOS installation package, followed by
carrying out the JunOS installation itself and finally, setting up GNS3.
1.1 Host Computer Hardware & Software

root@tony:~# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:
Ubuntu 14.04 LTS
Release:
14.04
Codename:
trusty
Figure-1
QEMU emulator version 1.7.91 (Debian 2.0.0~rc1+dfsg-0ubuntu3), Copyright (c) 20032008 Fabrice Bellard
openvpn:amd64/trusty 2.3.2-7ubuntu3 up to date
FreeBSD 4.11-RELEASE-i386-miniinst.iso
http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/ISO-IMAGES/4.11/
GNS3 0.8.6
1
JunOS 12.3.R6.6 (legal copy)
1.2 Pre-Requisites
64-bit Ubuntu in order for the QEMU software to create images that can use more than
2047M of memory. QEMU running under 32-bit Ubuntu is only able to support 2047M of
memory for each emulated machine.
QEMU emulator (apt-get install qemu)
FreeBSD i386 ISO image
Legal copy of JunOS router software (jinstall-12.3R6.6-export-signed.tgz)
GNS3 (apt-get install gns3)
A lot of patience, endless cups of coffee and a plentiful supply of hand-rolling tobacco
Note-1: I have not shown all of the package dependencies for brevity. However, once you have
installed QEMU, issue the apt-get build-dep command to download the associated library and
other files.
Note-2: I am also running KVM on the host machine. However, it is not necessary to run KVM to
complete this installation.
Note-3: Follow these steps to the letter. Download the FreeBSD ISO image from the URL above,
not from other links. There are quite a few ISO files around not all of which are exactly the same.
Note-4: I have carried out some brutal hacks to the JunOS install package scripts to get the
installation to work. The software developers would probably be horrified, but the end justifies the
means and the result is a perfectly formed emulated router that supports most of the core routing
functionality.
1.3 Top-Level Directories

Open a terminal window.
Create the following directories underneath your home folder (in my case the home directory is
/home/tony):
JUNOS
FREEBSD
OLIVE
1.4 File Downloads

Download the 4.11-RELEASE-i386-miniinst.iso from the following URL into the FREEBSD
directory:
http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/ISO-IMAGES/4.11/
Download the jinstall-12.3R6.6-export-signed.tgz file into the JUNOS directory.
Copy the FreeBSD ISO file and the JunOS files to the OLIVE directory. It's a good idea to work on
copies of the original files so that you can always get back to a known position if things go awry.
2 FreeBSD Installation
2.1 Create the Virtual Disk Image
1.
Change directory into the OLIVE directory.
2.
Issue the following command to create a qcow2 format 16G disk image. Please note that the
disk image is initially very small (only about 197K) but it is allowed to grow to the specified
size. The final disk image with both FreeBSD and JunOS installed is around 3.2G.
qemu-img create -f qcow2 freebsd-4.11.img 16384M
The OLIVE directory should now contain the following files:

root@tony:~/OLIVE# ls l
total 239368
-rw------- 1 root root 244912128 Apr 21 03:30 4.11-RELEASE-i386-miniinst.iso
-rw-r--r-- 1 root root
197120 Apr 21 03:30 freebsd-4.11.img
2.2 Boot the Disk Image & Install FreeBSD

1.
Start the virtual machine using the disk image as the hard disk and the FreeBSD ISO file as a
bootable CDROM. The virtual machine has 4096M of memory. The -boot d specifies that the
machine should boot first from the CDROM drive.
qemu-system-x86_64 -m 4096M -hda freebsd-4.11.img -cdrom 4.11-RELEASEi386-miniinst.iso -boot d
2.
QEMU boots the virtual machine in a new window. The 4G of memory allocated is quite
generous as the i386 FreeBSD machine can only see around 3G but the intention is to ensure
that there is no resource bottleneck.
Figure-2
3.
The machine boots from the CDROM and enters the installation dialogue. Press enter to skip
kernel configuration to continue booting the machine.
Figure-3
4.
Select Begin a standard installation.
Figure-4
5.
Select OK to proceed to the initial disk partitioning screen.
Figure-5
6.
The initial partitioning screen is displayed.
Figure-6
7.
Press A to select the entire virtual disk, press Q to finish. The actual partitions will be
created later.
Figure-7
8.
Select Install a standard MBR (no boot manager).
Figure-8
9.
You are now prompted to partition the disk. Hit OK.
Figure-9
10. Create the / partition. Press C, enter 4096M and hit OK.
Figure-10
11. Select A file system and hit OK.
Figure-11
12. Specify / as the mount point and hit OK.
Figure-12
13. Create the swap partition. Press C enter 4096M and hit OK.
Figure-13
14. Select A swap partition and hit OK.
Figure-14
15. Create the /config partition. Press C enter 1024M and hit OK.
Figure-15
10
Figure-16
17. Enter /config and hit OK.
Figure-17
18. Create the /var partition. Press C accept the value 14679873 blocks (7167M) and hit OK.
11
Figure-18
Figure-19
20. Enter /var and hit OK.
12
Figure-20
21. The partition table is now complete. The partitions must align exactly as shown i.e.
ad0s1a
4096M
ad0s1b
swap
4096M
ad0s1e
/config
1024M
ad0s1f
/var
7167M
13
Figure-21
22. Press Q to finish. The next screen is displayed. Scroll down and select Minimal, hit the
space bar to mark it with an X. Hit TAB to move to the OK at the foot of the screen and hit
Enter.
Figure-22
23. Select CD/DVD as the installation media and hit OK.
14
Figure-23
24. Hit Yes when presented with the Last Chance screen.
Figure-24
25. The file systems are created.
15
Figure-25
26. The files are copied to the virtual disk from the installation media.
Figure-26
27. The basic installation is complete. Hit OK.
16
Figure-27
28. Respond No to all of the following questions:
SLIP/PPP network devices
Function as a Network Gateway
Configure inetd
Anonymous FTP to the machine
Configure NFS server
Configure NFS client
Select a default security profile (chose No for moderate security)
17
Figure-28
29. When the Moderate security screen appears hit OK.
Figure-29
30. Select No for customize system console settings.
18
Figure-30
31. Select No for set the time zone.
Figure-31
32. Select No for enable Linux binary compatibility.
19
Figure-32
33. Select No for USB mouse attachment.
Figure-33
34. Select No for the FreeBSD package collection.
20
Figure-34
35. Select No for adding user accounts.
Figure-35
36. Select OK to set the system manager's password. Enter the password, re-type it and
remember it.
21
Figure-36
37. Select No for visit the general configurations menu.
Figure-37
38. The main installation menu screen is re-displayed. Hit the TAB key to select Exit Install and
press Enter.
22
Figure-38
39. Select Yes to exit from the installation. A few seconds after you press Enter, the machine will
start to reboot.
Note: To prevent the machine from rebooting back into the installation, press the CTRL+ALT+2
keys to exit from the machine to the QEMU emulator screen.
Figure-39
40. Enter quit and hit Enter. The window closes and the installation of FreeBSD 4.11 on the
virtual machine is complete. The freebsd-4.11.img virtual disk file has grown to around 349M
with the FreeBSD OS installed.
23
Figure-40
2.3 Start the VM Locate the /usr/bin/true File

The JunOS installation scripts run a binary programme called checkpic to determine PIC support
for the platform on which the operating system is being installed. We will be using emulated
interfaces so it is necessary to fool the installation process into thinking that it has run the
checkpic programme successfully.
The Linux /usr/bin/true binary always returns success when it exits so we need this file to copy it
over the checkpic binary when we unpack the JunOS installation package later on.
All Linux machines have a copy of the true binary file. However, it is vital that we use the true
binary file obtained from the FreeBSD guest VM otherwise the installation will fail.
1.
Open a terminal window on the host and boot the VM but this time we don't need to mount the
CDROM because the FreeBSD OS is installed.
qemu-system-x86_64 -m 4096M -hda freebsd-4.11.img
2.
Log into the machine with username root and the system manager's password that was
entered during the installation process.
Note: When you click inside the VM window the VM grabs the cursor. If you need to return to the
hosts windowing system, hold the CTRL+ALT keys to release the cursor.
3.
Locate the /usr/bin/true file:

# ls /usr/bin/true
/usr/bin/true
#
24
4.
Shut down the guest VM. When the press any key to reboot message is displayed, exit the
QEMU emulator using CTRL+ALT+2 and type in quit.
Figure-41
2.4 OpenVPN & TUN/TAP Interfaces

OpenVPN is an open source application that allows secure point-to-point tunnels to be created
between hosts at the same or different sites. In this case, we're using OpenVPN to allow the
Ubuntu host computer to talk to the guest FreeBSD VM so that we can retrieve its /usr/bin/true
binary file. The connection between the host and guest VM is bridged.
The connectivity is shown below:
Host
HomeGW <-----> LAN <-----> [eth0][br1][tap0] <-----> [tap0]Guest
.254
192.168.1.0
192.168.1.86
192.168.1.91
1.
From a terminal window on the Ubuntu host, set up the bridge br1, physical eth0 and
OpenVPN tap0 interfaces (on the host computer). Please note that these steps assume that
there are no pre-existing bridge interfaces already running, which there will be if you are
running KVM, for example. If there are pre-existing bridge interfaces, you must shut them
down and delete them first.
2.
Bring down the eth0 interface on the host:

25
root@tony:~# ifconfig eth0 down
3.
Bring the eth0 interface back up with no IP address (please note that you may have to
disable network manager to ensure that it doesn't automatically use DHCP to obtain an IP
address for eth0).
root@tony:~# ifconfig eth0 0.0.0.0 promisc up
root@tony:~# ifconfig
eth0
Link encap:Ethernet HWaddr 00:21:cc:69:71:e1
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:64869 errors:0 dropped:0 overruns:0 frame:0
TX packets:10029 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:17047282 (17.0 MB) TX bytes:1218466 (1.2 MB)
Interrupt:20 Memory:f3900000-f3920000
4.
Create an OpenVPN TAP interface that will be the end point of our tunnel to the guest VM. In
this example I'm using tap0 as the tunnel device name for the Ubuntu host. The --mktun
keyword makes the tunnel interface and sets it to ON:
root@tony:~# openvpn
--mktun
--dev
tap0
Mon Apr 21 05:28:56 2014 TUN/TAP device tap0 opened
Mon Apr 21 05:28:56 2014 Persist state set to: ON
5.
Add a bridge interface (br1 in this example) and associate it with physical interface eth0
and tunnel interface tap0. This association between the bridge, physical and tunnel
interfaces will allow us to bridge traffic between the Ubuntu host and the guest VM:
root@tony:~# brctl
root@tony:~# brctl
root@tony:~# brctl
addbr
addif
addif
br1
br1
br1
eth0
tap0
root@tony:~# brctl stp br1 off (optionalonly one bridge so turn off STP)
root@tony:~# brctl show
bridge name
bridge id
br1
8000.0021cc6971e1
6.
STP enabled
no
interfaces
eth0
tap0
Bring the br1 interface up.
root@tony:~# ifconfig br1 0.0.0.0 promisc up

br1
inet6 addr: fe80::221:ccff:fe69:71e1/64 Scope:Link
26
RX bytes:14773 (14.7 KB)
7.
TX bytes:4203 (4.2 KB)
Bring the tap0 interface up:
root@tony:~# ifconfig tap0 0.0.0.0 promisc up

tap0
Link encap:Ethernet HWaddr ca:b1:16:ca:ec:ca
UP BROADCAST PROMISC MULTICAST MTU:1500 Metric:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
8.
Force a DHCP request on the br1 interface over the physical eth0 interface for br1 to
obtain an IP address, default gateway and DNS information.
root@tony:~# dhclient -v br1

Internet Systems Consortium DHCP Client 4.2.4
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/br1/00:21:cc:69:71:e1
Sending on
LPF/br1/00:21:cc:69:71:e1
Sending on
Socket/fallback
DHCPREQUEST of 192.168.1.86 on br1 to 255.255.255.255 port
67(xid=0x24bcae5f)
DHCPACK of 192.168.1.86 from 192.168.1.254
bound to 192.168.1.86 -- renewal in 32670 seconds.
br1
inet addr:192.168.1.86 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::221:ccff:fe69:71e1/64 Scope:Link
RX bytes:45322 (45.3 KB) TX bytes:11035 (11.0 KB)
The br1 interface's DHCP request has not only assigned an IP address (192.168.1.86) to br1, it
has also established the default gateway for br1.
root@tony:~# openvpn --show-gateway
Mon Apr 21 06:41:08 2014 ROUTE_GATEWAY 192.168.1.254/255.255.255.0
IFACE=br1 HWADDR=00:21:cc:69:71:e1
9.
Re-start the guest FreeBSD VM telling it to use the tap0 interface as its NIC to communicate.
27
It is possible to use scripts to assign and to start / stop tunnel interfaces but in this example I
am specifying explicitly that no scripts are being used.
root@tony:~# qemu-system-x86_64 -m 4096M -hda freebsd-4.11.img -net nic net tap,ifname=tap0,script=no,downscript=no
Log into the guest VM when it has finished booting. Remember to use CTRL+ALT to escape from
the cursor grab as and when required.
Figure-42
10. Note that the guest VMs em0 interface is active but it does not yet have any IP address
information.
28
Figure-43
11. Issuing a dhclient em0 command on the guest VM brings up the em0 interface.
Figure-44
12. The guest VM em0 interface now also has an IP address (192.168.1.91). The DHCP request
was tunnelled over the tap0 interface to the host computer's bridge interface, which
broadcast the DHCP request to the Home GW on the LAN. The Home GW obliged and
allocated an IP address to the guest VM.
The guest VM can now ping the host IP (192.168.1.86) and the Home GW IP (192.168.1.254).
29
Figure-45
13. In fact, the guest VM can also perform DNS look-ups to access the Internet.
Figure-46
2.5 Copying the True File to the Host Machine

1.
SCP the file /usr/bin/true to the host computer and place it in the OLIVE directory.
30
Figure-47
It is now possible to start unpacking and configuring the JunOS installation package. Shut down
the guest VM and exit the QEMU emulator using CTRL+ALT+2 and typing quit.
2.
If you wish to remove the br1 and tap0 interfaces from the host computer: Bring down the
eth0, br1 and tap0 interfaces.
root@tony:~# ifconfig br1 down
root@tony:~# ifconfig eth0 down
root@tony:~# ifconfig tap0 down
3.
Delete the br1 interface.

root@tony:~# brctl delbr br1
root@tony:~# brctl show
bridge name bridge id
STP enabled
interfaces
--------------------------------------------------------
4.
Remove the tap0 tunnel interface.

root@tony:~# openvpn --rmtun --dev tap0
Mon Apr 21 07:10:15 2014 TUN/TAP device tap0 opened
Mon Apr 21 07:10:15 2014 Persist state set to: OFF
5.
Bring the eth0 interface back up.

root@tony:~# ifconfig eth0 up
31
3 JunOS Installation Process

3.1 Unpacking the Files & Changing Checksums
The OLIVE directory should contain the following files:
root@tony:~/OLLIVE# ls
total 1055672
-rw------- 1 root root
-rw-r--r-- 1 root root
-rw------- 1 root root
-r-xr-xr-x 1 tony tony
-l
244912128
349700096
486446530
2908
Apr
Apr
Apr
Apr
21
21
21
21
03:30
07:05
07:18
06:58
4.11-RELEASE-i386-miniinst.iso
freebsd-4.11.img
jinstall-12.3R6.6-export-signed.tgz
true
Where freebsd-4.11.img is the virtual disk image of the FreeBSD machine onto which we will
install JunOS.
The JunOS package is signed. This means that we must ensure that we modify carefully the
various SHA1 and MD5 checksums as we progress with each change. Invalid hashes will result in
the installation failing.
Create the following directory structure underneath the OLIVE directory.
OLIVE
|
temp1
|
temp2
|
|--------------------|
temp3
temp4
|
temp5
1.
Unpack the jinstall-12.3R6.6-export-signed.tgz archive into subdirectory temp1 where -C

means change to <directory> to unpack the files before returning to the current directory.
root@tony:~/OLIVE# tar -xvf jinstall-12.3R6.6-export-signed.tgz -C temp1
certs.pem
+COMMENT
+CONTENTS
+DESC
+INSTALL
issu-indb.tgz
jinstall-12.3R6.6-export.tgz
jinstall-12.3R6.6-export.tgz.md5
jinstall-12.3R6.6-export.tgz.sha1
jinstall-12.3R6.6-export.tgz.sig
2.
Change to the temp1 directory and unpack the jinstall-12.3R6.6-export.tgz archive into the
32
temp2 directory.
root@tony:~/OLIVE# cd temp1
root@tony:~/OLIVE/temp1# tar -xvf jinstall-12.3R6.6-export.tgz -C temp2

bootstrap-install-12.3R6.6.tar
+COMMENT
+CONTENTS
+DEINSTALL
+DESC
+INSTALL
jbundle-12.3R6.6-export.tgz
pkgtools.tgz
+REQUIRE
3.
Change to the temp2 directory and unpack the jbundle-12.3R6.6-export.tgz archive to the
temp3 directory and unpack the pkgtools.tgz archive to the temp4 directory. Note that
there are 2 x pkgtools.tgz files in the installation packages. One is unpacked now to temp4,
the other is unpacked to temp5 in the next step.
root@tony:~/OLIVE/temp1# cd temp2
root@tony:~/OLIVE/temp1/temp2# tar -xvf jbundle-12.3R6.6-export.tgz -C temp3
+clean.jboot
+COMMENT
+CONTENTS
+DEINSTALL
+DESC
+INSTALL
+install.jboot
jbase-12.3R6.6.tgz
jbase-12.3R6.6.tgz.sha1
jboot-12.3R6.6.tgz
jboot-12.3R6.6.tgz.sha1
jdocs-12.3R6.6.tgz
jdocs-12.3R6.6.tgz.sha1
jkernel-12.3R6.6.tgz
jkernel-12.3R6.6.tgz.sha1
jpfe-12.3R6.6.tgz
jpfe-12.3R6.6.tgz.sha1
jplatform-12.3R6.6.tgz
jplatform-12.3R6.6.tgz.sha1
jroute-12.3R6.6.tgz
jroute-12.3R6.6.tgz.sha1
jruntime-12.3R6.6.tgz
jruntime-12.3R6.6.tgz.sha1
jservices-12.3R6.6.tgz
jservices-12.3R6.6.tgz.sha1
pkgtools.tgz
pkgtools.tgz.sha1
+REQUIRE
+require.jboot
root@tony:~/OLIVE/temp1/temp2# tar -xvf pkgtools.tgz -C temp4
bin/
bin/checkpic
pkg/
33
pkg/manifest.sig
pkg/manifest.sha1
pkg/manifest.certs
pkg/manifest
4.
Change to the temp3 directory and unpack the pkgtools.tgz archive to the temp5 directory.
root@tony:~/OLIVE/temp1/temp2# cd temp3
root@tony:~/OLIVE/temp1/temp2/temp3# tar -xvf pkgtools.tgz -C temp5/
bin/
bin/checkpic
pkg/
pkg/manifest.sig
pkg/manifest.sha1
pkg/manifest.certs
pkg/manifest
5.
Change to the temp5 directory. Copy the ~/OLIVE/true file that we obtained from the
FreeBSD guest VM to the bin subdirectory such that it overwrites the bin/checkpic file.
Obtain the checksum of the new checkpic file:
root@tony:~/OLIVE/temp1/temp2/temp3# cd temp5
root@tony:~/OLIVE/temp1/temp2/temp3/temp5# cp ~/OLIVE/true bin/checkpic
root@tony:~/OLIVE/temp1/temp2/temp3/temp5# shasum bin/checkpic
21f98b3edcef39bfb0d7989664998c264a9a0cc8 bin/checkpic
6.
Edit the pkg/manifest file, delete the old checksum and replace it with the new checkpic
files checksum obtained above.
root@tony:~/OLIVE/temp1/temp2/temp3/temp5# more pkg/manifest
pkg/manifest uid=0 gid=0 mode=444
pkg/manifest.sha1 uid=0 gid=0 mode=444
pkg/manifest.sig uid=0 gid=0 mode=444
pkg/manifest.certs uid=0 gid=0 mode=444
bin/checkpic sha1=21f98b3edcef39bfb0d7989664998c264a9a0cc8 uid=0 gid=0 mode=555
7.
Because weve changed the manifest file, we need to obtain its new checksum and edit the
the pkg/manifest.sha1 file to replace the old checksum.
root@tony:~/OLIVE/temp1/temp2/temp3/temp5# shasum pkg/manifest
f4ac6c369d8d261f1e3dc61f361cb28f1678c1d0 pkg/manifest
root@tony:~/OLIVE/temp1/temp2/temp3/temp5# more pkg/manifest.sha1
f4ac6c369d8d261f1e3dc61f361cb28f1678c1d0
8.
Our work in temp5 is done. Package everything back up into the pkgtools.tgz archive in
directory temp3 above. Note use of the flags zcfv and the fact that unlike the unpack
command they are not preceded with a - sign.
34
When done, change up to the temp3 directory and delete the temp5 directory.
root@tony:~/OLIVE/temp1/temp2/temp3/temp5# tar zcfv ../pkgtools.tgz *
bin/
bin/checkpic
pkg/
pkg/manifest.sig
pkg/manifest.sha1
pkg/manifest.certs
pkg/manifest
root@tony:~/OLIVE/temp1/temp2/temp3/temp5# cd ..
root@tony:~/OLIVE/temp1/temp2/temp3# rm -r temp5/
9.
Now that we're back in the temp3 directory with the new pkgtools.tgz archive, we need to
re-generate the pkgtools.tgz.sha1 file to hold a new checksum. We also need to edit the new
pkgtools.tgz.sha1 file to remove some of the header information leaving only the checksum
itself.
root@tony:~/OLIVE/temp1/temp2/temp3# openssl sha1 pkgtools.tgz >
pkgtools.tgz.sha1
root@tony:~/OLIVE/temp1/temp2/temp3# more pkgtools.tgz.sha1
SHA1(pkgtools.tgz)= ef546536e4ff859d54e85a21df31b9ae5092b39b
After editing:
root@tony:~/OLIVE/temp1/temp2/temp3# more pkgtools.tgz.sha1
ef546536e4ff859d54e85a21df31b9ae5092b39b
10. Change up to the temp2 directory but do not delete the temp3 directory. We need to come
back here later on to edit some of the installation scripts. When in the temp2 directory,
change down to the temp4 directory. We need to repeat the process of replacing the
checkpic file with the true file and re-generating new checksums.
root@tony:~/OLIVE/temp1/temp2/temp3# cd ..
root@tony:~/OLIVE/temp1/temp2# cd temp4
root@tony:~/OLIVE/temp1/temp2/temp4# ls
bin pkg
root@tony:~/OLIVE/temp1/temp2/temp4# cp ~/OLIVE/true /bin/checkpic
root@tony:~/OLIVE/temp1/temp2/temp4# shasum bin/checkpic

21f98b3edcef39bfb0d7989664998c264a9a0cc8 bin/checkpic
35
root@tony:~/OLIVE/temp1/temp2/temp4# more pkg/manifest

pkg/manifest uid=0 gid=0 mode=444
pkg/manifest.sha1 uid=0 gid=0 mode=444
pkg/manifest.sig uid=0 gid=0 mode=444
pkg/manifest.certs uid=0 gid=0 mode=444
bin/checkpic sha1=21f98b3edcef39bfb0d7989664998c264a9a0cc8 uid=0
gid=0 mode=555
root@tony:~/OLIVE/temp1/temp2/temp4# shasum pkg/manifest

f4ac6c369d8d261f1e3dc61f361cb28f1678c1d0 pkg/manifest
root@tony:~/OLIVE/temp1/temp2/temp4# more pkg/manifest.sha1
f4ac6c369d8d261f1e3dc61f361cb28f1678c1d0
11. Package up the files into the pkgtools.tgz archive in the temp2 directory above. Change up
to the temp2 directory and delete the temp4 directory.
root@tony:~/OLIVE/temp1/temp2/temp4# tar zcfv ../pkgtools.tgz *
bin/
bin/checkpic
pkg/
pkg/manifest.sig
pkg/manifest.sha1
pkg/manifest.certs
pkg/manifest
root@tony:~/OLIVE/temp1/temp2# rm -r temp4
12. We are now left with the following directories. The next step is to edit the installation scripts.
OLIVE
|
temp1
|
temp2
|
temp3
3.2 Edit the Installation Scripts

3.2.1
temp1 Directory Files
+INSTALL
Change directory to OLIVE/temp1. Issue the following sed command to change all
36
occurrences of olive to Olive i.e. anything that begins with a lower-case o must be
changed to an upper-case O. Note that the names of the script files begin with + so it is
only these that we are interested in.
sed -i "s|olive|Olive|g" +*
Edit the +INSTALL file and carry out the following changes. Note that some commands (such
as more) on files beginning with special characters (such as +) don't work. However, you
can edit the file using a built-in text editor or use vi. You can also cat the file to examine its
contents. If you have any problems, move the file to a different name, edit it and move it back
again.
Change the existing +INSTALL script using the following in blue, exactly as shown. It is
necessary to extract the jinstall files to the jinstall_pkg directory and comment out the rm
line to leave the jinstall-12.3R6.6-export.tgz archive in place. Later on, we will install the
packages using the jinstall-12.3R6.6-export.tgz archive rather than installing from the
directory. Some versions of BSD will not install from a directory preferring instead to install
from an archive file.
inner=jinstall_pkg
extractInner() {
DebugOn extractInner
if [ -s jinstall-12.3R6.6-export.tgz ]; then
mkdir -p $inner
tar -zxf jinstall-12.3R6.6-export.tgz -C $inner
#
save space now...
#
rm jinstall-12.3R6.6-export.tgz
fi
DebugOff extractInner
}
Force the installation by referencing the archive. Comment out the pkg_add line that
references $inner and add the line that contains the full jinstall archive file name.
extractInner
if [ -d $etc_pkgdir/$pkgname ] ; then
# see if the package will be happy before we de-install
RunREQUIRE || exit 1
echo "Auto-deleting old $pkgname..."
PKG_UPGRADE=: pkg_delete $pkgname
fi
echo "Adding jinstall..."
# pkg_add $PKG_FORCE $inner || fail=1
pkg_add $PKG_FORCE jinstall-12.3R6.6-export.tgz
Change the re_model and re_name to Olive rather than allowing the script to use
the FreeBSD sysctl kernel parameters. The installation scripts frequently reference the
sysctl parameters hw.product.model, hw.re.name and he.re.model.
The goofy thing is that these parameters simply don't exist on the various versions of FreeBSD
that I experimented with.
It isn't necessary to change all occurrences of product_model. Some oid unknown error
messages are displayed during installation but this does not prevent the installation from
37
succeeding.
However, it is essential to replace the occurrences below, particularly for the re_name and
re_model variables otherwise the installation fails. I experimented replacing these unknown
FreeBSD sysctl OIDs with known ones, such as kern.hostname but the installation failed at
the back-end of the jinstall process. The installation succeeds if you make the following
changes in blue.
platform_check() {
DebugOn platform_check
#
#
product_model=`sysctl -n hw.product.model`
product_model="Olive"
re_model=`sysctl -n hw.re.model`-i
re_model="Olive"
case "$1:$product_model:$re_model" in
*:Olive) ;;
# ok
jseries:j[1-9][0-9][0-9][0-9]:*) ;; # ok
check_arch_compatibility()
{
#
re_name=`/sbin/sysctl -n hw.re.name 2>/dev/null`
re_name="Olive"
if [ -z "$re_name" ]; then
Error "hw.re.name sysctl not supported."
fi
3.2.2
+INSTALL
Change directory to temp2. Issue the following sed command to change all occurrences of
olive to Olive.
This section of the +INSTALL file in the temp2 directory is shafted. It tries to compute
the available disk space in the root partition. Different versions of FreeBSD return different
formatted output when the disklabel (a.k.a. bsdlabel) command is used within the script.
Other script items are broken. For example, the disklabel command issued on disk partition
ad0s1a fails. It must be issued using the disk name ad0s1 without the partition letter. The
script attempts to remove the partition letter using ${rootdev%a} but this statement doesn't
work for the version of FreeBSD we are using.
Also, the output of the disklabel command is piped to sed. Unfortunately, the sed search
and replacement command doesn't work either. Rather than trying to fix something that is so
badly broken for this version of FreeBSD, I decided to just hard-code the number of root
partition blocks in the script. I obtained this figure from logging into the guest and issuing the
disklabel command manually. Also, I don't care that I'm specifying one parameter in blocks
when the comparison is done with megabytes. The important thing is that the difference is
greater than 256M.
rootdev_min=256
# allow 10% slop to account for different manufacturers.
38
rootdev_minsz=`expr $ $rootdev_min \* 90 / 100 $ \* 2048`

echo "ROOT DEV MIN SIZE = "$rootdev_minsz
# rootdev_size=`disklabel ${rootdev%a} | sed -n '/sectors.unit:/s,.*:,,p'`
rootdev_size=8388608
echo "ROOT DEV SIZE = "$rootdev_size
if [ $rootdev_size -lt $rootdev_minsz ]; then
warn
warn "This installation will not succeed."
warn "The boot device is less than ${rootdev_min}M."
warn "A hardware upgrade is required."
warn
exit 1
fi
Change re_name and re_model.

platform_check() {
#
#
re_model="Olive"
*:Olive) ;;
# ok
jseries:j[1-9][0-9][0-9][0-9]:*) ;; # ok
{
#
re_name="Olive"
Error "kern.hostname sysctl not supported."
fi
+REQUIRE
rootdev_min=256
# rootdev_size=`disklabel ${rootdev%a} | sed n '/sectors.unit:/s,.*:,,p'`
warn
warn
exit 1
fi
platform_check() {
39
re_model="Olive"
*:Olive) ;;
# ok
jseries:j[1-9][0-9][0-9][0-9]:*) ;; # ok
{
#
re_name="Olive"
fi
+DEINSTALL
rootdev_min=256
# rootdev_size=`disklabel ${rootdev%a} | sed -n '/sectors.unit:/s,.*:,,p'`
warn
warn
exit 1
fi
platform_check() {
#
#
re_model="Olive"
*:Olive) ;;
# ok
jseries:j[1-9][0-9][0-9][0-9]:*) ;; # ok
{
#
re_name="Olive"
fi
3.2.3
Change directory to temp3. Issue the following sed command to change all occurrences of
olive to Olive.
40
+INSTALL
platform_check() {
#
#
re_model="Olive"
*:Olive) ;;
# ok
jseries:j[1-9][0-9][0-9][0-9]:*) ;; # ok
{
#
re_name="Olive"
fi
+REQUIRE
platform_check() {
#
#
re_model="Olive"
*:Olive) ;;
# ok
jseries:j[1-9][0-9][0-9][0-9]:*) ;; # ok
{
#
re_name="Olive"
fi
+DEINSTALL FILE
platform_check() {
#
#
re_model="Olive"
41
*:Olive) ;;
# ok
jseries:j[1-9][0-9][0-9][0-9]:*) ;; # ok
{
#
re_name="Olive"
fi
3.3 Re-Package the Script Files

1.
Change to the temp3 directory. Re-pack all the files into the jbundle-12.3R6.6-export.tgz
archive in the temp2 directory above. Recall that we have already re-generated the SHA1
checksum for the pkgtools.tgz file in this directory so no further tinkering with checksums is
needed. When complete, change up to the temp2 directory and delete the temp3 directory.
root@tony:~/OLIVE/temp1/temp2/temp3#
root@tony:~/OLIVE/temp1/temp2/temp3# tar zcfv ../jbundle-12.3R6.6-export.tgz *
+clean.jboot
+COMMENT
+CONTENTS
+DEINSTALL
+DESC
+INSTALL
+install.jboot
jbase-12.3R6.6.tgz
jbase-12.3R6.6.tgz.sha1
jboot-12.3R6.6.tgz
jboot-12.3R6.6.tgz.sha1
jdocs-12.3R6.6.tgz
jdocs-12.3R6.6.tgz.sha1
jkernel-12.3R6.6.tgz
jkernel-12.3R6.6.tgz.sha1
jpfe-12.3R6.6.tgz
jpfe-12.3R6.6.tgz.sha1
jplatform-12.3R6.6.tgz
jplatform-12.3R6.6.tgz.sha1
jroute-12.3R6.6.tgz
jroute-12.3R6.6.tgz.sha1
jruntime-12.3R6.6.tgz
jruntime-12.3R6.6.tgz.sha1
jservices-12.3R6.6.tgz
jservices-12.3R6.6.tgz.sha1
pkgtools.tgz
pkgtools.tgz.sha1
+REQUIRE
+require.jboot
root@tony:~/OLIVE/temp1/temp2# rm -r temp3/
2.
From the temp2 directory, re-pack all the files to the jinstall-12.3R6.6-export.tgz archive in
the temp1 directory above. Once complete, change up to the temp1 directory and delete
the temp2 directory.
42
root@tony:~/OLIVE/temp1/temp2# tar zcvf ../jinstall-12.3R6.6-export.tgz *

bootstrap-install-12.3R6.6.tar
+COMMENT
+CONTENTS
+DEINSTALL
+DESC
+INSTALL
jbundle-12.3R6.6-export.tgz
pkgtools.tgz
+REQUIRE
root@tony:~/OLIVE/temp1/temp2# cd ..
root@tony:~/OLIVE/temp1# rm -r temp2/
3.
This next operation requires a bit more care. In the temp1 directory the jinstall-12.3R6.6export.tgz file has both SHA1 and MD5 checksum files associated with it. Re-generate the
checksum files, edit them to remove the header information and re-package everything up to
the main jinstall-12.3R6.6-export-signed.tgz archive in the OLIVE directory above.
root@tony:~/OLIVE/temp1# openssl sha1 jinstall-12.3R6.6-export.tgz >
root@tony:~/OLIVE/temp1# openssl md5 jinstall-12.3R6.6-export.tgz >
Before editing:
root@tony:~/OLIVE/temp1# more jinstall-12.3R6.6-export.tgz.sha1
SHA1(jinstall-12.3R6.6-export.tgz)= f8b32bd90f200f70b4336f41e37eefe1be545ee6
root@tony:~/OLIVE/temp1# more jinstall-12.3R6.6-export.tgz.md5
MD5(jinstall-12.3R6.6-export.tgz)= 52399a9f7774b9a92f139ad898bd7e03
After editing:
root@tony:~/OLIVE/temp1# more jinstall-12.3R6.6-export.tgz.sha1
f8b32bd90f200f70b4336f41e37eefe1be545ee6
root@tony:~/OLIVE/temp1# more jinstall-12.3R6.6-export.tgz.md5
52399a9f7774b9a92f139ad898bd7e03
root@tony:~/OLIVE/temp1# tar zcfv ../jinstall-12.3R6.6-export-signed.tgz *
certs.pem
+COMMENT
+CONTENTS
+DESC
+INSTALL
issu-indb.tgz
jinstall-12.3R6.6-export.tgz
jinstall-12.3R6.6-export.tgz.sig
root@tony:~/OLIVE/temp1# cd ..
root@tony:~/OLIVE# rm -r temp1
43
root@tony:~/OLIVE# ls -l
total 1055672
-rw------- 1 root root 244912128
-rw-r--r-- 1 root root 349700096
-rw------- 1 root root 486446535
signed.tgz
-r-xr-xr-x 1 tony tony
2908
Apr 21 03:30 4.11-RELEASE-i386-miniinst.iso

Apr 21 07:05 freebsd-4.11.img
Apr 21 09:49 jinstall-12.3R6.6-exportApr 21 06:58 true
3.4 Installing JunOS on the FreeBSD Guest VM

1.
In the OLIVE directory, create a JunOS ISO file from the jinstall-12.3R6.6-export.tgz file. The
JunOS ISO file is mounted as a CDROM on the FreeBSD VM to install JunOS. Use the -R
Rock Ridge extension parameter.
root@tony:~/OLIVE# mkisofs -R -o junos-12.3R6.6.iso jinstall-12.3R6.6-exportsigned.tgz

I: -input-charset not specified, using utf-8 (detected in locale settings)
2.10% done, estimate finish Mon Apr 21 09:57:10 2014
44
86.24% done, estimate finish Mon

Total translation table size: 0
Total rockridge attributes bytes:
Total directory bytes: 0
Path table size(bytes): 10
Max brk space used 0
237698 extents written (464 MB)
2.
Apr
Apr
Apr
Apr
Apr
Apr
Apr
21
21
21
21
21
21
21
09:57:11
09:57:11
09:57:11
09:57:11
09:57:11
09:57:11
09:57:11
2014
2014
2014
2014
2014
2014
2014
276
Boot the FreeBSD guest VM specifying the JunOS ISO image on the CDROM drive.
root@tony:~/OLIVE# qemu-system-x86_64 -m 4096M -hda freebsd-4.11.img cdrom junos-12.3R6.6.iso
Figure-48
3.
Log in as root and mount the CDROM drive. Once again, remember the CTRL+ALT keys to
exit the cursor grab mode of the guest VM if needed.
45
Figure 4-9
4.
Start the installation using the -f force flag. The overall installation takes quite a long time
approximately 30 to 40 minutes. Stay close to the screen if you can to observe any errors.
Press CTRL-T to see how the installation is progressing.
Figure-50
5.
As expected, some sysctl: unknown oid messages are displayed for hw.product.model.
46
Figure-51
6.
The jinstall package checksum is fine. Our hard work has paid off.
Figure-52
7.
The installation now starts the jinstall installation Adding jinstall.
47
Figure-53
8.
Note the ROOT DEV MIN SIZE and ROOT DEV SIZE values that are displayed. These are
the strings and values that we added to the +INSTALL script earlier.
Figure-54
9.
The first part of the installation completes and a reboot required message is displayed. We are
not out of the woods yet as most of the main installation and post-installation checks still need
to be carried out.
48
Figure-55
10. IMPORTANT. Shut down the FreeBSD guest VM in an orderly fashion using the halt
command.
Figure-56
11. Press the CTRL+ALT+2 keys and quit to exit the QEMU emulator completely.
49
Figure-57
12. Re-boot the FreeBSD guest VM with console access on port 3001. When you issue the
following command the guest VM will start to boot but will hang until you Telnet to it using
PUTTY.
root@tony:~/OLIVE#qemu-system-x86_64 -m 4096M
4.11.img -serial telnet:0.0.0.0:3001,server
-hda
freebsd-
QEMU waiting for connection on: telnet:0.0.0.0:3001,server

13. Open PUTTY and Telnet to 127.0.0.1 port 3001.
50
Figure-58
14. A QEMU emulator window opens together with a PUTTY console window.
51
Figure-59
Figure-60
15. The installation proceeds. It takes a while longer. The jbase package is being added in this
phase.
52
Figure-61
16. Individual package checksums are verified. If any of these is wrong the installation fails.
53
Figure-62
17. A message is displayed stating that the router needs to reboot. It will reboot itself after
completing further installation steps.
54
Figure-63
18. Loads of services are installed.
55
Figure-64
19. Finally, the router reboots of its own accord.
56
Figure-65
20. The reboot completes, ready for login with username root no password.
57
Figure-66
21. Log in and carry out a few basic checks processes, file system, interfaces, access to the CLI
etc.
58
Figure-67
22. File system looks rosy.
59
Figure-68
23. We're not done yet. We need to shut down the router and configure GNS3. In the meantime,
take a look at how it's affecting host computer resources. A few spikes but not too bad overall
CPU and memory wise. Although this reasonably low resource usage changes when we run
more than one JunOS router in GNS3.
60
Figure-69
24. Halt the router. Exit the QEMU emulator before it has a chance to reboot using the usual
CTRL+ALT+2 to quit the emulator.
61
Figure-70
25. The file freebsd-4.11.img is the router's operating system file. You can rename this to
whatever you wish. I have renamed it to junos-12.3R6.6.img for use in GNS3.
4 Setting up GNS3
1.
Open a terminal window on the host computer. Find the file qemuwrapper.py and copy it to
keep a backup copy just in case.
root@tony:~/OLIVE# ls /usr/share/gns3/qemuwrapper.py
/usr/share/gns3/qemuwrapper.py
root@tony:~/OLIVE# cp /usr/share/gns3/qemuwrapper.py
/usr/share/gns3/qemuwrapper.py.original
2.
Edit the file /usr/share/gns3/qemuwrapper.py and change the variables shown in blue to the
following values (these apply to the Linux implementation of GNS3):
if platform.system() == 'Windows':
if os.path.exists('Qemu\qemu-system-i386w.exe'):
62
QEMU_PATH = "Qemu\qemu-system-i386w.exe"
QEMU_IMG_PATH = "Qemu\qemu-img.exe"
else:
# For now we ship Qemu 0.11.0 in the all-in-one
QEMU_PATH = "qemu.exe"
QEMU_IMG_PATH = "qemu-img.exe"
else:
QEMU_PATH = "qemu-system-x86_64"
QEMU_IMG_PATH = "/usr/bin/qemu-img"
3.
Start GNS3.
Figure-71
4.
Select Edit --> Preferences --> Qemu Settings. Set the following:
Path to qemu:
qemu-system-x86_64
Path to qemu-img:
qemu-img
The rest are default values that should be OK.

Click the Test Settings button. The tests pass. Ignore the pemu message in red, this relates
to emulated PIX firewall software, which we haven't installed.
Click Apply.
63
Figure-72
5.
Select the JunOS tab. Enter a device description and the location of where the JunOS image
will reside. In this example I renamed the file freebsd-4.11.img to junos-12.3R6.6.img and
copied it to the /home/tony/GNS3/Images directory, the default location for GNS3 images.
You can set the path to your Images and Projects directories in the General --> General
Settings tab.
Allocate the RAM to the device. You will probably find that 2048M is sufficient.
Allocate the number of interfaces. These are configured on the router as em0 to em5.
Leave the NIC model as e1000 and click Save, then click Apply.
64
Figure-73
6.
Navigate to the General --> Terminal Settings tab. Select Putty (Linux/BSD) as the
terminal type and click Use. In the Terminal command: field, enter putty -telnet %h %p.
Note that you can add other PUTTY parameters to this line if you wish.
Always click Apply after any changes otherwise they will be lost.
65
Figure-74
7.
Create a couple of routers by dragging them from the left-hand pane and dropping them in the
work area.
66
Figure-75
8.
Connect the routers together by clicking on the connection icon in the the left-most pane.
Move the cursor over the first router and click. A drop down box showing interfaces em0 to
em5 is displayed. Click the interface you want, drag the line to the second router and repeat
the process.
The interfaces stay red until the routers are started.
Un-click the connector icon when the connection(s) have been added.
67
Figure-76
9.
Right click each router and select Start. Two guest VM windows appear. Minimise these.
68
Figure-77
10. Console to the router(s). Right click on a router and select Console from the drop-down
menu, or click the terminal icon in the top menu bar.
The PUTTY terminal opens and the routers continue their boot process.
69
Figure-78
11. Start configuring. Remember to shut down the routers in an orderly fashion when you have
finished, much as you would with real devices. Also, once the routers have halted, exit from
the QEMU emulators using CTRL+ALT+2 and remember to right-click and stop the routers in
GNS3.
You can save topologies with the associated configurations as well as being able to create
labelled topologies and network diagrams in the GNS3 work space.
70
Figure-79
5 VERDICT
The FreeBSD VM could have been configured with less memory and disk space. The memory can
be tweaked in the GNS3 settings.
However, the JunOS 12.3R6.6 image (JTAC recommended) is not lightweight and 2 x routers is
probably all that the host could handle in anger.
The main advantage of using a larger Olive in GNS3 is that you can verify syntax as well as basic
functionality.
I have yet to mix this Olive with smaller Cisco devices to gauge performance, although I have
configured up to 4 x JunOS 10.1R1.8 devices in a topology and up to 6 x Cisco 2600 devices in a
separate topology. Performance was not great, but acceptable.
71

Olive Install Complete Guide - JunOS 12.3R6 V1-1

Uploaded by

Copyright:

Available Formats

Olive Install Complete Guide - JunOS 12.3R6 V1-1

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Olive Install Complete Guide - JunOS 12.3R6 V1-1

Uploaded by

Copyright:

Available Formats

Author

: 20th April 2014

1.1 Host Computer Hardware & Software

Ubuntu 14.04 LTS

openvpn:amd64/trusty 2.3.2-7ubuntu3 up to date

JunOS 12.3.R6.6 (legal copy)

QEMU emulator (apt-get install qemu)

FreeBSD i386 ISO image

Legal copy of JunOS router software (jinstall-12.3R6.6-export-signed.tgz)

GNS3 (apt-get install gns3)

1.3 Top-Level Directories

1.4 File Downloads

Change directory into the OLIVE directory.

The OLIVE directory should now contain the following files:

2.2 Boot the Disk Image & Install FreeBSD

qemu-system-x86_64 -m 4096M -hda freebsd-4.11.img -cdrom 4.11-RELEASEi386-miniinst.iso -boot d

Select Begin a standard installation.

Select OK to proceed to the initial disk partitioning screen.

The initial partitioning screen is displayed.

Select Install a standard MBR (no boot manager).

You are now prompted to partition the disk. Hit OK.

SLIP/PPP network devices

Function as a Network Gateway

Anonymous FTP to the machine

Configure NFS server

Configure NFS client

Select a default security profile (chose No for moderate security)

2.3 Start the VM Locate the /usr/bin/true File

Locate the /usr/bin/true file:

2.4 OpenVPN & TUN/TAP Interfaces

Bring down the eth0 interface on the host:

root@tony:~# ifconfig eth0 down

Bring the br1 interface up.

root@tony:~# ifconfig br1 0.0.0.0 promisc up

RX bytes:14773 (14.7 KB)

TX bytes:4203 (4.2 KB)

Bring the tap0 interface up:

root@tony:~# ifconfig tap0 0.0.0.0 promisc up

root@tony:~# dhclient -v br1

2.5 Copying the True File to the Host Machine

Delete the br1 interface.

Remove the tap0 tunnel interface.

Bring the eth0 interface back up.

3 JunOS Installation Process

Unpack the jinstall-12.3R6.6-export-signed.tgz archive into subdirectory temp1 where -C

root@tony:~/OLIVE/temp1# tar -xvf jinstall-12.3R6.6-export.tgz -C temp2

root@tony:~/OLIVE/temp1/temp2/temp4# shasum bin/checkpic

root@tony:~/OLIVE/temp1/temp2/temp4# more pkg/manifest

root@tony:~/OLIVE/temp1/temp2/temp4# shasum pkg/manifest

3.2 Edit the Installation Scripts

temp1 Directory Files

temp2 Directory Files

rootdev_minsz=`expr \( $rootdev_min \* 90 / 100 \) \* 2048`

Change re_name and re_model.

temp3 Directory Files

3.3 Re-Package the Script Files

root@tony:~/OLIVE/temp1/temp2# tar zcvf ../jinstall-12.3R6.6-export.tgz *

Apr 21 03:30 4.11-RELEASE-i386-miniinst.iso

3.4 Installing JunOS on the FreeBSD Guest VM

root@tony:~/OLIVE# mkisofs -R -o junos-12.3R6.6.iso jinstall-12.3R6.6-exportsigned.tgz