"olive" is the codename given to a virtualized junos router/switches/firewall operating system.
But, right now, just the router version can be virtualized, in a vmware image or in a qemu or in a virtualbox image.
Then you can hace the choice between the M/T series junos version (ie: without flow module) or a J-series junos version, with the flow module. Flow module can track the sessions, so you can have a statefull Firewall.
The easiest way to create one olive.
I tried different method, the last exposed i my prefered.
Somes people try to first install a freebsd base system version 4.4, then they install the junos version 7, then install the version 8, and then the version 9. For me this is not the cleanest way nor the easiest way to do it.
I prefer to download the install media image package, which is a raw image of the Card Flash, and copying it on a virtual disk, with the dd tool.
The goal is to extract/copy the content of disk image to a virtual disk, i'll use a LiveCD of freebsd, named frenzy.
So you have to access somes files from your VirtualImage, first is the disk image, second is a copy of the new fstab.mr, here you have many choice:
- using a usb stick,
- using a pre-formatted virtualdisk with FAT,
- using network transfert with ssh/scp
- using network transfert with ftp
- .....
Personally i prefer using a pre-formatted vdisk with FAT, so i can map the disk with the windows host, and copy whatever file i need, and doing so remotely.
HINT: with VM-Workstation, you can't attach a usb stick to the guest when accsesing to the host remotely (ie: with RDP).
Preparing the Virtual Images
For the JUNOS:
- Memory: 512 Mo
- Processors: 1
- HardDisk 1: Type=IDE, Size=1Go, Option=Independent,Persistent
- HardDisk 2: Type=IDE, Size=1Go, Option=Independent,Persistent
- Network Adapter 1: Bridged (as u want)
- Network Adapter 2: Bridged (as u want)
- Network Adapter 3: Bridged (as u want)
- Network Adapter 4: Bridged (as u want)
- USB Controler: Present
- Display: Auto Detect
For the Frenzy:
- Memory: 256 Mo
- Processors: 1
- HardDisk 1: Type=IDE, Size=20Go, Option=Independent,Persistent, Formated FAT with a WINXP vm
- HardDisk 2: Type=IDE, Existent, HDD 1 from JUNOS VM
- HardDisk 3: Type=IDE, Existent, HDD 1 from JUNOS VM
- CD/DVD: Type=IDE, Using file: link to the frenzy.iso
- Network Adapter 1: Bridged (as u want)
- USB Controler: Present (or not)
- Display: Auto Destec
For the VDISK:
using a Windows vm, don't forget to first create the disk, IDE, 20Go, boot the windows, with the disk manager create a primary partition and format it with FAT. Then you have to stop the windows vm.
Preparing the Files:
Map the VDISK:
using VM-Workstation, map the vdisk using:
File>Map or Disconnect Virtual Disk
don't forget to map it with read/write rights !
Install Media:
you need to download the disk image from the Juniper.net website.
As a reminder, those files are named like this:
junos-jsr-9.3R4.4-export-cf1024 # JUNOS for JSERIES with flow support, 1Go CardFlash image
junos-jseries-9.3R4.4-export-cf1024 # JUNOS for JSERIES without flow support, 256Mo CardFlash image
Seleect the one you need, and copy it to the vdisk.
fstab.mr file:
You need to modify the fstab file, it should be something like:
# Device Mountpoint FStype Options Dump Pass#
/dev/md0 / cd9660 ro 0 0
proc /proc procfs rw 0 0
/dev/ad1s1d /config ufs rw 2 2
/dev/ad1s1b none swap sw 0 0
Copy the files, junos and fstab to the fat partition. Then umount the partiton from windows.
Preparing the Disks:
For the rest of the preparation steps, we will run on the frenzy vm / frenzy booted.
First DISK
This one is easy, you just have to dd the junos file:
First, mount / as read/write:
mount -o rw /
normally the fat partion should be automatically mounted, if not:
mkdir /mnt/ad0s1.fat
mount -t msdosfs /dev/ad0s1 /mnt/ad0s1.fat
copy the content of the disk image to the virtual disk:
dd if=/mnt/ad0s1.fat/junos-jseries-9.3R4.4-export-cf1024 of=/dev/ad1
When it is done, you can copy the fstab:
mount -t ufs /dev/ad0s1a /mnt/tmp
cp /mnt/ad0s1.fat/fstab.mr /mnt/tmp/cf/etc/
Then create a /config dir:
mkdir /config
Now launch sysintall,
go to Configure > Disk then choose the ad2 disk,
then create a partition of 1000M,
press C then enter 1000M,
partition type will be 165,
type W
you can install standard MBR, clic ok,
type Q to quit,
Then in the sysinstall go to Label, and add 2 label:
one of 500M for filesystem,
another one for swap,
Quit, that should be sufficent.
NETWORK Interface: E1000
be sure to use a network interface of E1000 type, for this, edit the .vmx file from your virtual machine,
add
do the same for the other interfaces.
Reminder: All the Steps
- Have the frenzy livecd
- Have a junos system media file
- Create the virtual machine
- Add a hard-drive of 1Go
- Add another hard-rive of 1Go
- boot on the frenzy livecd
- copy the content of system media file to the hard-drive, via dd
- mount the first slice of this HDD and copy the fstab.mr file to /mnt/tmp/cf/etc
- mount / with read-write option
- create the /config dir
- launch sysinstall
- create a partition with type 165, with Fdisk
- create a standard boot manager
- create a slice of 100M with label, type is FS, mountpoint is /config
- create a slice for the swap
- halt the virtual machine
- add network interface to the virtual machine
- verify that the type is e1000
- Boot the vm.
Tune frenzy
at the boot loader you can set your language:
lang=fr
when booted, sometimes you need to modify the disks after mounting/demounting it, so you need to tune the system:
sysctl kern.geom.debugflags=16
TODO
this post is draft, i need to reread it, to find mistakes, but, if you understand what you are doing, you should have an olive, working:
philippe@jseries1> show version
Hostname: jseries1
Model: olive
JUNOS Software Release [9.3R4.4] (Export edition)
No comments:
Post a Comment