Introduction
In Part 1 of this series, you created and configured a vSRX, and then were able to SSH into it. In this part, you'll clone the vSRX you've created and then virtually cable the two SRXs together. To further validate our connection, we'll establish OSPF between the two vSRXs. Let's get started.
Pre-requisites
- Part 1 of this series
Cloning our vSRX
Because we're using VMware Player (which doesn't have a "clone" option, or even the proper ability to run two VMs at once), we'll need to manually copy the directory that holds our vSRX's VM files. For simplicity's sake, I'm just going to append "-1" to the name. I didn't change the auto-generated name that VMware gave the VM (which is just the OVA filename), so my clone will be named "junos-vsrx-12.1X47-D20.7-domestic-1".
When I imported the VM, it was saved in "C:\Users\Lamoni\Documents\Virtual Machines\junos-vsrx-12.1X47-D20.7-domestic". This may differ for you (and will definitely differ in the username), so hunt down where VMware Player saved your VM files.
Once you've found the directory:
- Copy and paste the "junos-vsrx-12.1X47-D20.7-domestic" directory.
- Rename the directory to "junos-vsrx-12.1X47-D20.7-domestic-1".
- In VMware Player, go to "Open a Virtual Machine", browse to the "junos-vsrx-12.1X47-D20.7-domestic-1" directory and open the "junos-vsrx-12.1X47-D20.7-domestic.vmx" file.
- Right click on the newly imported VM -> Settings -> Options tab, and then append -1 to the Virtual machine name.
- Click OK
Starting both of our VMs
This part gets a little hacky since we're sticking with VMware Player. VMware Player doesn't really support running multiple VMs at once (it seems like more of a GUI issue than an actual technical limitation). You will see some pop-ups regarding "Take Ownership" in this section. You can just hit "Cancel" and ignore them.
What you shouldn't ignore is the message asking you to select "I Moved it" or "I Copied it". It is of the utmost importance you select "I Copied It". By selecting "I Copied it", VMware Player will auto-change the MAC addresses of the network adapters to new random MAC addresses. This is important because if we don't do it, our cloned VM and the original VM will have the same MAC addresses on ge-0/0/0 and ge-0/0/1, which is, of course, problematic.
- In the current VMware Player window, Power on our CLONE VM.
- You should see a popup asking if you "Moved" the VM or "Copied" it. Click "I Copied It".
Once the boot process has been initiated for our CLONE VM:
- In the upper left corner of VMware Player, click the "Player" dropdown menu
- Select "Manage" -> "Virtual Machine Settings"
- Click the "LAN Segments" button -> Click "Add" (for simplicity's sake, for now, we won't rename it; leave it at "LAN Segment 1") -> Click OK
- Open another VMware Player instance (as in, double-click on the desktop icon)
- You may or may not see a popup asking you to "Take Ownership". You can ignore this by hitting cancel.
- Power on the original VM
If you're wondering why we didn't do anything with "LAN Segment 1" other than create it, don't worry, we will. We had to create that LAN Segment before we opened another instance of VMware Player, or else that LAN Segment wouldn't show up in the other instance's LAN Segment list.
You should have both VMs running now. Let's ensure they were both assigned IP addresses through DHCP.
You should be able to ping from one vSRX to the other through our "management" network (which is really just your home network).
Change the hostname of our CLONE vSRX
(NOTE: please keep in mind that both vSRXs have the hostname "R1". The following commands are to ONLY BE EXECUTED ON THE CLONE VM)
lamoni@R1> edit
lamoni@R1# set system host-name R2
lamoni@R1# commit and-quit
So the original vSRX we created should have a hostname of R1, and the cloned VM should have a hostname of R2.
Cabling our ge-0/0/1 interfaces together
On the original VM
- In the upper left corner of VMware Player, click the "Player" dropdown menu
- Select "Manage" -> "Virtual Machine Settings"
- Select the SECOND Network Adapter
- Change its "Network connection" to "LAN Segment"
- In the dropdown menu for LAN segment, select "LAN Segment 1"
On the clone VM
- In the upper left corner of VMware Player, click the "Player" dropdown menu
- Select "Manage" -> "Virtual Machine Settings"
- Select the SECOND Network Adapter
- Change its "Network connection" to "LAN Segment"
- In the dropdown menu for LAN segment, select "LAN Segment 1"
All we've done is virtually cabled these two vSRX interfaces to the same virtual bridge. It's as simple as that!
Configure IP addresses on both ge-0/0/1 interfaces
I'll use 100.0.0.0/30 as our subnet for the ge-0/0/1 interfaces, but feel free to get creative.
On the original VM
lamoni@R1> edit
lamoni@R1# set interfaces ge-0/0/1 unit 0 family inet address 100.0.0.1/30
lamoni@R1# commit and-quit
On the clone VM
lamoni@R2> edit
lamoni@R2# set interfaces ge-0/0/1 unit 0 family inet address 100.0.0.2/30
lamoni@R2# commit and-quit
Pinging through our newly configured ge-0/0/1 interfaces
Configuring OSPF for fun
To drive the point home, let's configure OSPF on the ge-0/0/1 interfaces
On the original VM
lamoni@R1# set protocols ospf area 0 interface ge-0/0/1.0
lamoni@R1# commit and-quit
On the clone VM
lamoni@R2# set protocols ospf area 0 interface ge-0/0/1.0
lamoni@R2# commit and-quit
You can now run "show ospf neighbors" and see the neighborship at a Full state
Conclusion
We've now proven that we can get two vSRXs speaking to each other and running routing protocols. This alone is enough to study and ace the JNCIA, and possibly the JNCIS-SP. From here on, this series will be extrapolated on in different series pertaining to Automation (Python, Ansible, possibly others), Network Management Systems (Junos Space), and any other ideas I get.